Filed under: Software, Security, Beta Beat
PC Tools iAntiVirus aims to be Mac specific
With the recent trojan scare PC Tools' timing for the beta release of iAntiVirus for Mac could hardly be better. While there are a variety of anti-virus applications for the Mac, iAntiVirus seems to be especially designed to reduce resource usage by simply ignoring virus signatures for Windows. The idea is that your Mac is immune to Windows viruses so why waste memory, etc. scanning for them? Otherwise iAntiVirus is pretty conventional with a menubar interface and real-time scanning.In some ways I'm of two minds about this approach. It's true that I don't allow any Windows boxes on my home network so having a Mac-only solution makes sense. However, by not scanning for non-Mac viruses it's possible that your Mac might unwittingly pass along a virus or trojan by email, etc. I run an Enterprise version of Sophos provided by my University and I've been surprised by how many Windows virus signatures it has picked up on my machine from various downloads.
iAntiVirus is a free download, but virus definitions and updates are $29.95 for one year.
[via Macworld]
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
EMoShunz said 12:13PM on 7-02-2008
interesting concept, but i agree, it's nice to know you are not just a "carrier" passing along viruses you are immune to. coming from apple to windows (by necessity) to linux to bsd and back to apple over the last 15-20 years i've seen a lot of stuff, but i am satisfied with ClamAV as a *nix/bsd solution.
Reply
Lerxst said 12:46PM on 7-02-2008
So, it has the smallest virus database in history of anti-virus software?
Reply
ekinnee said 12:56PM on 7-02-2008
I've always been skeptical of AV companies. I have a feeling they have a hand in creating some of the FUD surrounding viruses and other malware. It seems rather suspicious that there's a "big scare" and all of a sudden we have a shiny new product for us to buy, and in such a short time frame. Sounds like it was waiting in the wings for a reason to be released or a market to be created for it.
Reply
silverfruit said 1:17PM on 7-02-2008
So this would search for like, two trojans. Why would I pay for that. You shouldn't be opening files or emails that aren't from trusted sources anyway. And as for Windows users, they're all using anti-virus software. I've used anti-virus software on my mac before and it never picked up anything... ever. You should be aware of the threats and use common sense. The threat is being blown completely out of proportion. Please stop this fear mongering.
Reply
Nicki Brøchner said 1:20PM on 7-02-2008
I was wondering if you guys could make a list of the best Antivirus software for MAC ? ... preferable free of course ;D
Reply
thinktwice said 1:26PM on 7-02-2008
But does it work on Trojans?
Otherwise, what's the point?
Reply
sal said 1:56PM on 7-02-2008
@Nicki-
ClamXav is the best one out there: www.clamxav.com
Reply
Clark Goble said 8:38PM on 7-02-2008
+++
I don't know why anyone would put the more intrusive stuff from McAffery or Norton on their systems. I run it occasionally at night on my Mac. I've never found anything.
Graham Lee said 1:59PM on 7-02-2008
I'm with you that there's currently a much bigger chance of a Mac user accidentally playing "Typhoid Mary" and passing on a Windows virus than there is of contracting Mac malware. On the other hand I don't agree with the common position that Mac users can be completely complacent with regard to security, and that we're spouting FUD; with that attitude when (or if, if you like) some significant Mac attack comes along, we Mac users won't be in a good position to confront it.
By the way, I wrote a paper for Sophos describing a few simple steps Mac users can take (and I should point out right now that buying things from us isn't one of those steps ;-) to have a more secure experience; it's here: http://www.sophos.com/security/technical-papers/mac-data-theft.html
I'd gladly welcome all feedback that readers have!
Reply
ekinnee said 2:17PM on 7-02-2008
I'm not saying it's all FUD. I guess you need to make your own decision as to when the level/number of threats reaches a point that you need to invest in such a product. As was mentioned in a comment above, "So this would search for like, two trojans", realistically what is our risk exposure? Is your increased because you willy-nilly click on any old thing downloaded from the Internet? If so, that's not a problem to be solved in software necessarily, but it's an issue with the user. Maybe I'm a bit more paranoid, but then again I'm the one writing security policy and procedures for a living.
I'll read your paper, and post back.
Chris said 2:51PM on 7-02-2008
I think you made most of you point with #1 "Does it need to come with you?"
As for the rest I have mixed feelings about them. Having physical access to a *any machine allows for near complete compromise outside of encrypted volumes (every time).
Quite frankly finding a Mac with File Vault turned on would surprise me (it causes more problems than it fixes, just read the Mac support articles related to it on any user group). The issue is similar to that of a hydra, there are more heads than one can honestly deal with. Very few users understand basic security and the ones that do often just become annoyed with it. Notebooks like Wireless are one of those evils in the world you're just stuck with. Wireless is impossible to secure as are their wirelessly equipped notebook companions.
If this wasn't bad enough with the recent display of "ram freezing" to recover passwords on PC's we have to contend with. There are "forensic" solutions available for Macs that make nearly any security null and void. Just check out some of the offerings at SubRosaSoft's store for a better explanation. It's so easy on a Mac all you need is a free USB port (MacLockPick). And if you think the law enforcement label on the box will stop your average thief just check out the availability on a Torrent Tracker.
I don't want to turn this into a diatribe, but in the end physical security will always be the best defense against stolen or compromised data.
Graham Lee said 1:51PM on 7-03-2008
@ekinnee: yes, each user (or company, or whatever) needs to weigh the balance and decide whether the outlay justifies the results. And yes a lot of responsibility rests with the user, but while one way to deal with that responsibility is to carefully consider security while surfing, another way is to setup some software which can improve their confidence that mistakes won't cost as much. That can all factor into the decision described above. I don't like the idea that security problems can be addressed simply by educating the users, I believe that everyone is intelligent enough to understand the issues but also that they've mainly got better things to be thinking about :-)
@Chris: point 1 is indeed the strongest, but with respect to the above paragraph does fall into the "you can't do what you want because of unexpected side-effects" problem. With regard to FileVault though, it's been my experience that 10.5's switch to sparse bundle format has made backing up the encrypted store much easier, and that 10.5.4 finally addressed the (edge-case) stability problems I'd seen. I don't think there's any need to be worried about filevault by default, though I do still have an unencrypted backup of my data. Isn't that defeating the point? Not really, because the backup doesn't do all the travelling and roaming that the encrypted original needs to ;-)
samrolken said 3:19PM on 7-02-2008
A Mac-specific antivirus tool? I have a number of ideas of more necessary things:
- headphones for the totally deaf
- rosaries for protestants
- a hammer specialized for use by lawyers
...you get the idea.
Reply
LoudonLaw said 11:19PM on 7-02-2008
"-a hammer specialized for use by lawyers"
Now that's a great idea. I'll take two. If I can use it on clients who don't want to pay their bills.
Also, I'd be wary of anything PC Tools puts out. Back when I was using my PC (before the glorious Mac Revelation), I tried out their Anti-virus/spyware product.
It was a great big system resource hog that didn't perform any better than less dense and free products. I demanded a refund after about a month of use, which they reluctantly provided.
Reply
williamlane said 11:33PM on 7-02-2008
Maclockpick - uh huh...
http://blog.cocoia.com/2007/04/28/debunking-maclockpick/
Which states in part "When clicking further than the all too speculative headlines from news websites, you quickly discover some facts about MacLockPick; 1.) It’s entire working is apparently based, according to their site, to the default setting of the OS X keychain to be ‘opened’ to use. This means anyone serious enough about computer security will be able to harden themselves against it. To quote SubRosaSoft" and "If you have the keychain open, and an application tries to fetch passwords, the Keychain Agent will ask you if you want to allow access. " Which would seem to me to make Maclockpick a non pick
Reply