The misery caused by anti-virus software often seems to outweigh any marginal benefit. It's not even like the software is more than 70-80% effective.
Even the Vista built-in AV software rendered it impossible to install Flight Simulator X. This is AV software from a major vendor. If it jacks up the install of their own software, then something is very wrong with the approach.
Personally, I believe in regular backups by imaging my HD every week or so, and being careful about what I run on my computer.
Exactly what I always say. I suspect the damage done by AV software is greater than the damage done by viri.
It get's really funny when the AV software comes with security holes. Better to just reduce the number of unnecessary software installed on the computers. No software == no security holes.
I've meaning to ask HN this. I remember an article a while ago where somebody recommended not using anti-virus software. His recommendations was to have a separate administrative user that you only use when you install something. That is the standard practice in Unix. I recently asked my friends and they told me that you wouldn't be able to run a lot of software without the administrative privileges.
It does make a lot of sense, we are basically running our PC and everything is run as root. What do you guys think?
I haven't run an AV on the computers I use the most in a couple of years, and have had no infections. I don't download warez, surf "questionable" sites, and don't open email attachments unless I'm expecting them (and these days most attachments can be viewed in google docs first). I only use IE to view my employer's Exchange based webmail and to test HTML I'm writing. I do run Vista with UAC on.
If I do encounter a file that I need to open that may be questionable, I fire up a VM with AVG and test it out.
For me, the performance penalty for an always on Anti Virus is too much for what it provides. For my parents, I make sure they have the latest updates to their AV software 24/7.
"I recently asked my friends and they told me that you wouldn't be able to run a lot of software without the administrative privileges."
(on a mac) that's not true. I've been using this approach for years now (both on Tiger and Leopard) and most mac software recognize this (ones that don't eventually come around very quickly - it's been 3 years since I've seen one that didn't)
The only thing you'll run into is the minor inconvenience of having to login seamingly all the time (though eventually you'll get used to it)
I'd question just how much of a problem this is, even on Windows XP. I've worked with lots of firms where end users don't have admin rights and still use dozens of apps without any issue. It's really inexcusable for a Windows app to require admin rights in 2008 (unless it's actually doing system-level stuff), but even if you've got one that does, there are still options for a reasonably savvy user to work around it.
What about ClamXAV set to scan periodically (late at night) and watch your "downloads" directory? This won't use an inordinate amount of resources while you are working.
Quote from 9to5mac:
"Apple has always recommended anti-virus software - especially to enterprise customers. They do it because they want Apple users to be safe and for Virus makers to know that their user base is protected.
Do a quick search on Apple Docs and you'll find a number of them. Here's one from 2002 (http://docs.info.apple.com/article.html?artnum=50569). Here's one from earlier this year (http://support.apple.com/kb/HT1147). There are plenty more. This isn't at all new."
While Apple may recommend anti-virus programs to enterprise customers, they still use the Mac's relative lack of viruses as a selling point in their ads, and an Apple employee told the column writer that anti-virus was unnecessary. Walt Mossberg says the same thing: http://www.technologyreview.com/blog/garfinkel/17586/
There is a bit of a disconnect between the Mac's public image and these quietly posted technical articles.
It is just a slight disconnect: On the one hand, the Mac OS is effectively free of viruses. On the other, Apple recommends installing antivirus anyway.
The Register, of course, is blowing the whole thing way out of proportion. (...a sentence I originally put in my comment, and probably shouldn't have taken out.)
I read it and your last sentence between the () is the reason why I posted the quote.
Those kb articles on the apple site are meant for all customers, not only the enterprise ones. And regarding the lack of viruses as a selling point;
last get a mac ad regarding viruses is from 2006, and in that they don't explicitly say mac systems are virus-free: http://movies.apple.com/movies/us/apple/getamac_ads1/viruses...
Windows would be just more vulnerable. And that is still true.
I've been thinking of picking up an anti-virus app for a while, but I really hated mcafee / norton etc when I used a PC. What's the best "mac-like" antivirus application? Something with a good interface and doesn't feel too bloated, but is also powerful?
Yup, for most people, the thing that most needs protecting is the data, not the apps. But the important thing to note is that if the malware can't install itself/access hardware (esp. the network interface), then your platform is not very interesting for malware writers.
Of course, I should point out that the person you were replying to was exactly back-to-front. It's much easier to wrangle a privileges escalation than it is to get onto the system in the first place.
Yes but you have backups of that stuff. The real threat/pain is your machine becoming a spam/etc zombie without your knowledge. This is highly unlikely on any Unix-like OS.
This may be only tangentially related, but something about AV has never sat well with me. For the record, I fall into the: "don't really use AV software, read mail in Mutt, never use IE under any circumstances, etc."-category so many of my attack vectors may be closed; I've never lost data from any sort of malware.
Going back to what I was saying before, something about the approach of AV seems inelegant. This article[1] (point #2) sums up my sense of AV. With it, you're always playing catch-up and that seems weird. I just wanted to get others to weigh in on that idea.
I've never ran anti-virus, even when I was using Windows. I've always been very careful about what I downloaded, what I allow to get root permissions, backing up, etc.
People always want to know why I haven't looked at their email attachments, and the response is always the same: no attachments, no exceptions! (Ok, I'm cool with images attachments.)
While that looks to be a blatant troll, I really have to ask if you seriously see MS Windows and Apple OS X as being equally closed? Where are MS's versions of Darwin, Webkit, etc...?
While Apple isn't 100% open source, they are the closest among commercial end-user targeted OSes. Apple obviously feels, and honestly I think they're probably right, that fully open sourcing their OS would negatively impact their ability to run a profitable hardware/software business. That's absolutely their right.
I'd also argue that for mass consumer end users, there is no open source revolution. While I love and use Linux all the time, I'd never put my mother or my sister or my wife on it. Likewise with software, it needs to come with a nice printed or online manual that's easy to use, and a 1-800 number for the support department. Fixing an issue needs to not involve steps like "use vi to edit giant.xml which depending on your distro could be in one of these 10 long path locations".
1. Most of the Internet runs on open platforms. The Internet is a tremendous revolution by all measures. I strongly believe that your mother, your sister and wife are all been into it already.
2. Have you tried to develop and deliver an Iphone app? Don't you think Apple could have make the iPhone SDK some how more open and flexible. Wouldn't you as a Java guy be happy to have Java there in addition to the Objective C?
I switched to Ubuntu from OS X 10.5 and don't think will ever go back.
1. Yes, there is a huge open source revolution on the server side, but not on the consumer desktop. My mom doesn't know or care if the web servers serving up pages are Linux or Windows. As a server-side developer, I've seen and been a part of the big shift to open source OSes, software, tools, etc... However, if you're talking about consumer desktop OSes and apps, there isn't one yet.
2. I haven't worked on an iPhone app. Not really my area. Sure Apple could be more open, although they obviously see reasons not to be, and that their right. However, I'd argue that they're generally more open than most of the widely used competition. You might wish the iPhone SDK supported multiple languages, but compare that to developing for the Motorola Razr, or the Blackberry? I think Apple is doing pretty well. Obviously not as well as some folks would like, but they're running a business and trying to ensure profits, quality, low support calls, all that stuff, and I respect that.
while I agree that the prevailing attitude is "if you're not a hacker/programmer, use Windows, not Linux" I guess I don't really get why.
Your comment on the fact that software needs to come with a nice printed manual highlights why: of my mother, my sister and my wife, I'm the only one that reads the damn things.
You have a point with the manuals, however my mother calls Dell support regularly, and uses the Microsoft online help stuff a lot. My sister has used AppleCare support a few times as well. My wife uses the iWork help application and tutorial app.
--edit--
My prevailing attitude is to tell folks to use OS X on the desktop and linux on the server, regardless if they are a hacker or my mom:)
Open Source is a revolution like Ron Paul was a revolution. Yes, it's got some nice features, and it's good to have a viable third alternative, but at the same time there's too much wrong with it to rely on it entirely.
Apple needs a closed environment. They need to make money from selling their computers. They do so because they need to pay their programmers, who are among the best in the world. They have to pay their designers, who are quite possibly the best in the world. (Apple's won more Red Dot design awards than any other company or single designer, and they've won with a ridiculous margin.) Speaking as a consumer, I'm willing to pay money for good service. That's how the economy has worked for centuries, and I think it's a proven workable model.
Apple's open enough for me. I can tweak everything I want, to my heart's content, because it runs on top of perfect Unix. I'm not a hardcore programmer, I don't yet see the point for emacs (though part of me feels that day is coming), but Terminal is enough to give me a keyboard-only environment when I need to do coding. Apple's got an excellent set of universal shortcuts, actually, which I don't recall Ubuntu having when I tried it.
The set-up on a Mac requires me to actively approve any virus on my computer before it launches. That's pretty close to foolproof if I'm cautious about it. Apple recommends it, sure, because that's responsible of them. That doesn't make it absolutely necessary.
On the other hand, when I installed Ubuntu, the graphics and sound cards on my perfectly-normal Dell box wouldn't show things right or play sound, installing third-party applications melted the entire thing, and eventually I had to reinstall Windows as well. The fact that Open Source makes it possible for me to accidentally destroy something (and I wasn't even messing with terminal) makes me think I'll stick with Apple, thanks.
Even the Vista built-in AV software rendered it impossible to install Flight Simulator X. This is AV software from a major vendor. If it jacks up the install of their own software, then something is very wrong with the approach.
Personally, I believe in regular backups by imaging my HD every week or so, and being careful about what I run on my computer.