This is an important distinction. If the malware doesn’t self-propagate, then you can avoid it by simply being careful to not install/run software from untrusted sources and make sure your software (especially anything that accesses the Internet) is up to date with the latest security patches.
If the malware does self-propagate, then you need to worry about other computers on your LAN, used by other people, getting infected and the infection spreading throughout the network. Which requires a much more robust security solution to protect against.
That’s an incredibly strong statement.
“Superior job of detecting malware” implies that VirusBarrier has caught an infection that Malwarebytes failed to catch, and that this isn’t just a theoretical statement based on comparing each company’s respective “marketing BS”.
Especially when you previously stated that your preferred package is pointless:
Very good point. All viruses are malware but not all malware are viruses.
The marketing BS on for the AV vendors is very real - none of the major AV programs does a “superior job” of detecting malware over their competitive products. They’re all about the same. Some may use more resources than others, but none of them from an effectiveness perspective are significantly different.
I personally will not depend on AV utilities that only scan when you ask them to or are scheduled. A lot can happen between the time that malware is first deposited on a system and the next “scan” regardless of how fast it is. My preference is to know as soon as something is deposited, and you don’t need full disk scanning to do that.
The issue I have with “scanning” in any signature based AV product is that novel malware (or zero-day exploits) isn’t in the database. No signature - no detection - until someone finds the malware and builds the AV signature.
IMO only executing “approved” applications (am I allowed to say “whitelisting”?) tempers the need for active AV scanning. It works for servers very well, Desktop users would be up in arms. So there’s a tradeoff.
The weak link in the whole security ecosystem is the loose nut holding the wheel - the user.
I’ve tried several times now to make the point that “just about no one needs AV software.” The threats in the wild just don’t exist, and to some extent (depending on the version of the Mac OS that you are running) the Mac OS has its own protection. Mac users aren’t reporting being infected by anything.
That’s an entirely separate issue than the efficacy of your AV software. If you decide that you want AV software, I’d have to assume that you want the most efficacious AV software.
However, even the very best AV software is going to find nothing, if there is nothing to find.
As you say, there have been 2 proof of concept, but there are no viruses on MacOSX and there have never been any (‘in the wild’).
The point of language is communication. If you (or windows users) decide that a word has a new meaning, it becomes hard to communicate, because no one is quite sure what the word actually means. You correctly define the term then go on to say that it should be ignored, because some people aren’t sure what it is.
However, if you (incorrectly) use the term “virus” to refer to all malware (as most Windows users do), then saying that there “are no viruses for the Macintosh” is really far from being correct.
(I added the missing ‘incorrectly’).
Your last paragraph ( beginning ‘Which isn’t to say’… ) explains what I said earlier and to a large degree why I don’t install any anti-malware software.
Oh! I thought of another one … ‘CleanMyMac’.
Aside:
The >2,000,000 vs 2(ish) viruses is really just amazing. As I understand, it comes down to unix having been created for inter-university communications prior to the existence of what we now call the internet. Permissions were obviously necessary (presumably because in education, students don’t always get to see what teachers get to see) and so were written into the kernel from day 1. This is probably a simplistic understanding, or perhaps just folklore. I’d love to hear if anyone has any comments on this.
I haven’t found any particular reason to go beyond XProtect. In the olden days it used to be a choice between running commercial antivirus and being exposed to whatever might be out there that would affect a Mac. Now, it’s a question of whether the built-in tools are sufficient, and I haven’t felt motivated to doubt them. I know that XProtect is considered enough for me to be allowed to connect to my employer’s VPN.
Correct. And so the statement “there are no viruses for OS X” is objectively false and incredibly misleading.
There are viruses that have been created for the Macintosh (it is not impossible to create a virus for the Macintosh, as some overly zealous Macintosh users have asserted), and, for those who believe that “virus” means the same thing as “malware,” the statement is extremely far from the truth.
I leave it that IMHO your arguments are flawed and also point out that your new one re: MacOS is talking about a totally different operating system. Ironically, the first virus ever produced was for MacOS and with even greater irony, it was made as a ‘bit of fun’.
And yet you haven’t been able to refute them or offer anything better…
No, it’s all been the same Macintosh operating system that’s been around since Apple eschewed the classic Mac OS. Maybe YOU are confused?
But I do have to apologize, as I was mistaken. There haven’t been two viruses written for the Mac OS (not the older classic Mac OS)…there have been three: Macarena, OSX.Exploit.Launchd, and Inqtana.
If there’s nothing to find, then there’s no way to judge which product is “the most efficacious”.
You could have a program loaded up with virus signatures for every virus known to exist for all platforms and have it constantly scanning every file all the time. But is that actually better?
I would argue a flat-out “no”. If there’s nothing to find, then it’s just wasting system resources for no good reason.
The only valid way to compare products like this is to run them on systems that actually get infected (with real malware, not with test viruses created for the purpose of running the test), in order to compare which ones can and can not detect/remove the infection.
If there’s no infection, then there is no way to run the test and nothing to compare other than theoretical statements that don’t mean anything.