Do you need antivirus?
Should you take steps to protect your computer from malware, or are Macs still inherently safe?
Macs are UNIX-based, which makes them much harder to hack
Last year something happened that sent tech writers reeling the world over. No, Steve Jobs hadn’t returned from the dead; people had found the first Mac ransomware. Every Mac user is familiar with the adage that ‘Macs don’t get malware’, but is that still true? Do you need anti-malware apps for your Mac?
Naturally immune
Traditionally, there have always been two main reasons why Mac antivirus software has been seen as superfluous: macOS’ low market share, and its UNIX base.
Windows enjoys an operating system market share of almost 90%. That makes it a highly attractive target to malware authors: the larger the market share, the greater the chance you’ll find someone to exploit. And unlike Windows (based on MS-DOS), Macs are UNIX-based, which makes them much more complicated to hack. For instance, an app’s executable code and its data are stored in separate, predictable folders on a Mac. On Windows, installed programs could have files placed in a wide variety of different places, so uninstalling every lingering piece of code can be tricky – and potentially dangerous if that app can cause harm to your computer.
Malware could be installed on your Mac, but would be unable to spread to the heart of the machine. Of course, you don’t need to attack the core of a Mac to cause damage. One could simply run a keylogger that steals sensitive data, or run a Trojan embedded in compromised text documents. Still, macOS has built-in security walls like XProtect. Opening a .dmg file that Apple thinks is suspicious will prompt a dialog box warning you that it “will damage your computer”, and you will be advised to move the file to the Trash. XProtect only checks files against a list of malicious apps defined by Apple (so it features no file heuristics), and it can’t clean up infections, but it’s still a good precaution.
It’s also very difficult for malware to get onto the Mac App Store (but not impossible). Apple gives developers a unique Developer ID to digitally sign their apps. Gatekeeper can check that apps have not been tampered with since they were signed, and block apps from malware developers. It can also block apps from developers with no Developer ID.
So with all these safety features built in to macOS, is there any need to get a third party app? MacFormat’s Love Your Mac expert Luis Villazon doesn’t think so, telling us such Mac apps are unnecessary. “Sensationalist news stories about a new vulnerability or exploit appear now and again (such as Fruitfly) and anti-malware vendors see a spike in sales as everyone panics,” he says. “But if you bother to read the original research, you always find that the threat is some combination of: theoretical, very specific, or already patched.”
Genius Tips guru Howard Oakley has a
different take on the issue. “Anti-malware software is essential for those who browse the more dodgy parts of the internet, or for many Facebook users given the frequency of its spreading bad links, or for those who have to deal with files sent to them,” he argues.
Mac maladies
Still, he says that it’s not totally necessary for everyone – common sense is key. “The single most important thing is awareness and vigilance, Howard says. “It’s like driving: you don’t take your eyes off the road or you know that something will happen. You have to watch every email, every link, always conscious of the risks.”
That’s the case with a lot of Mac malware. In 2016, security firm Malwarebytes noted a new ‘social engineering’ malware specifically targeted at Macs. Simply visiting the infected website would either cause Mail to create a vast number of draft messages, or would open iTunes multiple times (depending on your macOS version). This would cause the system’s memory to overload and the Mac to freeze. Regardless of whether Mail or iTunes is launched, the website displayed a message claiming a virus had been detected and that the user should call a (fake) Apple support number shown on the page. Presumably, this charged you for fake advice, or pointed you to more malware, as similar attacks have done. This was patched in macOS 10.12.2, emphasising why updating your Mac is always a good idea.
Paul Ducklin, senior technologist at security company Sophos, told us that virtualisation apps carry risks too. “Why risk having Windows malware lying around undetected on your Mac where you could pass it on?”, he asks. For him, it’s a case of better safe than sorry.
Ultimately, the main risk to you is human error. The idea that, as a Mac user, you don’t need malware protection could be the very thing that makes you vulnerable. Being sensible on the web, checking your app installations for unwanted adware, and not opening Mail attachments from strangers – plus making sure that Gatekeeper is carefully scrutinising your Mac apps – should keep you safe. Use your common sense and, hopefully, you’ll never need the services of an anti-malware app.
Use your common sense and you’ll never need an antimalware app