Speculation mounts over AVG plans for OS X client

<TITLE>

It's good to see that they are not leaving stupidly late, perhaps OS X anti viral education can be up before the virus poo slinging begins in too much earnest.

Tombo

>cost benefit analysis = no brainer.

Yes but if you don't account for the probability of catastrophe, you're spending billions and billions of dollars incase our Sun explodes and rains down cheeseburgers topped with mustard gas.

But corny point aside, I run ProtectMac AV on my Mac just because I'm paranoid. (I switched to Mac after getting Keylogged without even knowing it and it never getting caught by AV/Spyware proggies). I could probably get away for years without it though.

Re: computers

I don't have macs, however my computers run software written by people, too. The costs of running an AV (on *my* personal machines) are far from negligible (My CPU use barely gets south of 70-80%, on any machine, ever, and I have trouble avoiding excessive swapping already. Not to mention the monetary cost). I keep backups and know my systems quite well (I built them, after all), so the costs of a rebuild would be almost negligible. Not to mention that the way my systems are built, even the worst of malware problem is very unliquely to compromise anything but user data (I typically have *two* backups of these). Oh, and I don't run untrusted code. Especially not with any kind of privilege.

Now ask me what antivirus I have... a no-brainer, really.

The machines I take care of at work -especially the luser-exposed ones- are a different problem entirely.

Cost benefit analysis

You may want to recalculate including the number of times AV signature updates have wrongly identified Windows system files or third party software as malware and crippled PCs all over the world. Or the hours of productivity lost as your AV software gobbles up CPU time. Or the regular uninstalling, reinstalling and babysitting Norton needs just to allow your computer to work without it randomly crapping out and blocking all your email or preventing VPN connections.

And how much time would be lost reimaging a Mac using NetRestore or Deploy Studio or even a Time Machine backup?

Not saying don't run AV software, but be aware it has real costs. And they don't work - you can bet the vxers test their viruses against the latest AV software so there is a guaranteed window between release and signature updates when that virus will spread and infect computers.

wide open

After watching a fully patched Mac pawned in 2 seconds this year I no longer trust Apple for my security.

Cue the Mactards...

"We don't need no anti-virus," they will smugly cry "ALL virususes are written for Micro$haft boxes."

Well, sorry guys you're all becoming victims of your own success. Your only protection thus far has been scale and now you can no longer rely on that. The ONLY reason PCs have more malicious software written for them is NOT <can of worms>because they are inherently less secure</can of worms> its simply because there's more of them. If the percentage of PC/Mac ownership were suddenly reversed then, with current Mac owner attitudes, the volume of malicious software targeting Macs would be far, far greater than that currently of PCs. Every Mac owner I've ever met seems to have the unshakeable belief that their pride and joys are somehow protected by an in-built, by design superiority! As far as I can see nothing is going to change the Mac owners superiority complex any time soon.

Software companies and Mac owners should be investing in anti-virus software for the Mac NOW otherwise problems created due to malicious software will be far, far greater than that of the PC. Whether or not that Mac owning superiority complex will allow owners to believe that their machines are not infallible is another matter entirely.

@ElReg!comments!Pierre, Re:Re: Computers

"The costs of running an AV (on *my* personal machines) are far from negligible (My CPU use barely gets south of 70-80%, on any machine, ever, and I have trouble avoiding excessive swapping already. Not to mention the monetary cost)."

I'd uninstall Norton then if I were you! ;-)

As I gaze into my crystal balls...

The fog is lifting! Here are my predictions:

1) Histrionics about viruses on OS X will steadily increase and be amplified over the next few years.

2) The fearmongering will be unwittingly bolstered by hapless bloggers and the mainstream press, being manipulated by press releases and the sinister industry rumour mill.

3) All this will happen as the Windows antivirus vendors start seeing their profits eroded by Microsoft's free antivirus software and become desperate to flog their shoddy wares in new markets.

Cross my palm with silver to continue, or alternatively perhaps someone could hire me as yet another fraudulent tech futurologist.

Conspiracy theory

What's the betting the number of viruses for OS X increases exponentially as soon as the first AV software hits the market?

@ Shades

re: Cue the Mactards...

Curiously, as near as I can tell, every Mac user (myself included) posting here is saying that they're smart enough to be using AV software even though the risk at the moment is quite low. The only people who aren't are apparently Windows users who are too smart to ever be caught out by the VXers.

You might want to rethink your post, or at least turn around -- the smug-bank appears to be rolling in from the opposite direction.

Meh.

In 27 years of building, administering and even programming computers, I've only ever had one virus. It was the "Ghost" virus and came free with a cover-mounted disk from ST Format. Circa 1990-ish, I think.

I've never been stupid enough to let untrusted code run on my computers since.

Education is the best medicine. AV software is just sticking plasters for the ignorant.

@Shades

"I'd uninstall Norton then if I were you! ;-)"

I see what you did there. Well done sir.

However, the 70-80% charge I was mentioning was *without* antivirus... as, you see, I don't run any on *my* *personal* machines...

@Mike Moyle

Mactards are generally the most smug people on the planet. They believe OSX is made by some superior being and has no security holes what so ever and love to flame people who disagree.

About a year back mactards flamed me to high hell when I said it is only a matter of time before malware pops up for the mac they were saying something similar to that there will never going to be a virus on OSX or any malware. And that the reason was not due to OSX being a niche market at the time, it was due to it being the most secure OS ever made and will never need a AV.

Overhead

I recently became concerned about the amount of internet traffic that went through our home network gateway computer even when no user was actively using the net. Eventually I uninstalled the anti-virus programs on all the user machines, and the traffic dropped back to what was expected. This is the sort of behaviour one supposes one would experience on getting recruited by a botnet, and I see no reason to put up with it from a "legitimate" program.

These knobbly hand grenades haven't been used since WWII, or maybe Korea. Forty years ago the US army was using fragmentation grenades that employed a coil of heavy piano wire, indented every quarter inch, wrapped around the high explosive core to get a much more lethal fragmentation effect. These components were enclosed in a smooth ovoid tin can. I don't know what they are using now, but it surely doesn't look like this antique.

Bring it on...

I am sorry, but you Mu$tards out there just don't understand.

We are protected from on high by our good shepherd Steve; yes he of the preloved liver, and he will bestow upon us system upgrades at a time of his choosing which will smite all the ungodly keyloggers right up their back orifices and drive them back, back and back again, unto the very gates of Redmond itself. Once he's done all today's patents anyway.

They forgot a key job role...

...Develop virii for the OSX platform.

You gotta develop your own market. Just look at what the makers of tamiflu did when they developed swine flu.

/yes, I know I'm paranoid. Still doesn't meant they aren't out to get me.

AVG vs Norton

It's at time like this that I prefer to be a Windows user instead of a Maccer. I know the world (wide web) is a dark and dangerous place so I take adequate precautions and run AV and all because if I didn't I would expect it would be dead within an hour of surfing the internet. Poor unsuspecting mac users waiting for a killer virus to come along before bothering to do anything. Like building defenses and castles and such after you have been invaded and destroyed.

Norton is paranoid that every thing is out to get it so ends up killing itself and what it's trying to protect by working too hard. AVG sits there reasonably until a threat comes along. I currently have Firefox, AVG, iPlayer and Spotify open and using an average of 2% CPU which goes to 20% during a scan. Np.

Helicopter because I will be in my (metaphorical) one laughing at the Mac fan boys when they realise that they have lived a lie and wake up and find their hard drive's been wiped.

Will it sell?

Mac users are a self righteous bunch who think nothing can trouble them, so it's the Devil's own job to convince them that AV is a good and necessary thing on all platforms.

I say that as Mac owner, I don't run MS anymore but I brought a lot of lessons learned from that platform. I run a free AV on my OSX, not perfect but suitable for the threat level as it stands on OSX right now. N=My data is too precious to let some piece of scum virus writer mess up my stuff, 'cos Lord and saviour of computing Mr Jobs thinks his OSX platform is unbreakable!

Better safe than sorry.

hahah you funny bunch!

Listen, numbskulls.

OS X 8 years - NO viruses.

(Go look up Trojan. It is NOT a virus numbnuts)

There are 120000+ Windows viruses and not ONE Mac OS X virus.

Do the maths.

OS X is secure against viruses (so far)

There is NO point in AV software on a Mac - you are looking for something that does't exist.

AVG are jumping on the bandwagon and taking advantage of IGNORANT PC to Mac switchers.

You sorry Windows zealots are jumping at this little glimmer of hope for a Mac virus! Sorry - you have a long wait.

I think there's a market here

I don't run AV software on any of my net-connected machines at home (Windows XP SP3 x 2, Nintendo Wii, Nintendo DS and an Elonex OneT). The Windows machines rely on Limited User Accounts for safety and this configuration has served me well for over 2 years.

I was having a look through an Elonex forum and a question that pops up quite regularly is whether you can download or purchase AV software for the OneT. It runs a weird flavour of Linux on a non-x86 CPU ! So if people think that AV software is required for a fringe machine such as this, and you combine this with the fact that trojans DO already exist for the Mac, I reckon there's a ready market which can be exploited with judicious paranoid advertising.

AVG Outlook mail for Mac viruses?

First of all, WHO CARES?!?!?! There are tons of companies out there who consider making Mac software at some point. The real shock should be "You mean they don't have one already"... or "I'm a Mac user, who the heck is AVG and why does it matter, I have a Mac they don't have viruses.... I think"

I would sincerely hope that AVG has dozens of Mac developers doing nothing more than dissecting all Mac virus threats that are out there so that AVG would block Mac viruses from getting past their windows product. Just because your computer is protected from Windows viruses doesn't mean you should be forwarding mail with Mac viruses to other people.

In my experience, the false security Mac users feel as opposed to the general paranoia Windows users experience makes Mac OS X one of the least secure operating systems ever since all a virus needs to do in order to install on a Mac and do damage is to ask the user for permission and 99 out of 100 times, they'll get it.

It's the responsibility of paranoid Windows users to protect the innocent and unsuspecting Mac users who actually believe their "Hi, I'm a Mac" commercials from themselves. I hope AVG takes that seriously

I'm not with Sean and Robert

In theory Windows has UAC on vista, and 7, and XP is ancient. And on top of that, have you ever tried gaming without admin rights? Have fun with that. Installation, writing log files, failing to do so, crashing or not loading.

I'd guess that macs and windows aren't that different in security terms. At the end of the day the weak point is the end user. I've had 2 or 3 viruses breach my browsing habits, one was from another PC on the network which I thought I wasn't on (whoops) which *is* utterly compromised, one was from a legitimate site that got hacked, all of them get cleaned up by my AVG free. I use a few security add ons in firefox but mostly I avoid really dodgy sites and I suspect I'm a hard target to social engineer (though to say I'm impossible would be the same level of hubris the less educated mac owner experiences). Ther biggest weakness of any OS is the user. Not having admin rights is great in theory but in principle it's a lot of hassle to do anything. The biggest hole to close up is the user either way, and as such, mac users security is compromised by their propaganda. The standard (non reg reading sort,) lusers are cocky by and large, but they are getting viruses. And it will become more and more important to secure their system, ideally before it's an epidemic.

Virus software isn't perfect, but it's a damn site better than nothing and for a careful user usually *will* stop everything.

Zzzzzz

Yawn. Yawn. Yawn.

Market share blah more users blah been saying same thing for 8 years blah.

Getting boring guys. This thread is just full of the self rightous who like nothing more than to proclaim the end is nigh.

Blah, blah, blah

Predictable self-justifying output from the Windoze crowd.

I understand that you've bought the system, installed the antivirus, upgraded the antivirus, paid for the upgraded antivirus, installed some more antivirus because "my system's running slowly, it must be a virus", paid geeks-on-wheels to "remove the virus", watched your expensive multiple antivirus and firewall solutions be deinstalled, paid for geeks-on-wheels, paid for their recommended antivirus, and on, and on, ad nauseum, BUT, you know, that's your choice, don't try and blame us or attempt to justify your actions (and expenditure) to us, we just don't care.

My thoughts

I first came across anti virus software in the early 90's and was surprised when I read Norton's list of virus types. There where so many that they listed as not being seen in the wild yet? So how did they know about them? I came to the conclusion that perhaps they where writing code for infection, what better way to create a market than to create a threat.

Ultimately it comes down to the user and how they use the machine they are sitting in front of. I think that in the past, a lot of irresponsible people could not afford or want a Mac, because you can't play games on it (their cry). And a PC is cheaper. (Look mom I'm a computer expert as I've bought and plugged in some components...designed to be plugged in) . These same people are also unwilling to pay for authentic software, so off they go to get cracked copies, which they circulate to all the other freetards, together with its payload, and together with a flawed OS like Windows you have the scene set for mass infection.

I've seen so many people in the corporate environment try to open every type of attachment regardless of where it came from, failing (but not failing to install the virus or Trojan), and then sending it on to other people to see if they can open it?

I firmly believe that the user is the weakest link. Its not helped by an operating system that allows easy installation of any software. In this respect I think that the user base of OS X is more responsible, as if they can afford the kit, they can afford the authentic software. A recent case was of the appearance of either Iworks or Ilife on the torrents, It had a Trojan embedded in it. Since both of the programs only cost £69 each, the freetards got what they deserved. Russian proverb "only free cheese is in mousetrap"

I moved from windows to OS X about 3 years ago and would never go back. Even Norton, Zone Alarm and others failed to protect the machine, when Laurel and Hardy are your castle guards what chance do you have? At least with OS X the castle has a few less open doors.

It always makes me laugh when they have these so called contests to break into a machine. Oh look he cracked it in less than two minutes! (by using the carefully scripted strategy that he worked on for months in advance?). Funny how they always target the Mac? nothing to do with the fact that they get to keep the machine they cracked? After all who'd want a machine running MS? resale value next to nowt.

So as a happy OS X user I use ClamXav occasionally, and for my Parallels & Windows partition (must have my fix of DoD), AVG, as it's just not good form to forward on Windows virus's and Trojans.

People are stupid and too trusting these days. In the past, the Bear, Lion, Wolf, or Local murderer, would have got the trusting idiot, hence keeping the idiot gene reduced in the overall gene pool. These days you see them every where, idiots breeding out of control, covered in tattoos and piercing, baseball caps on back to front (the original IQ minimiser) and they all look like Gregory McCalium

For those concerned about PC resources being swallowed by AV...

Consider the Yoggie GateKeeper products which are hardware solutions and I believe available for WIn and Mac, possibly *nix to? Not the cheapest granted but a viable alternative I think...

AV software is snake oil

AV software has always caused more trouble for me than actual viruses. I've had to deal with major virus damage exactly once, back in 1992 when I was hit by the Tequila virus. I've had to clean up OS damage from broken AV software at least ten times, and the countless other little annoyances and the constant performance hit was never popular either. To me this is simply not worth the bother any more. And then there's the confidence inspiring experience (not) of all the virus-infested PC's I've seen which do have AV software running, sometimes even up to date! I've been AV software free for 5 years now and somehow the world has failed to end :)

Properly securing your box and network and paying attention while you work is by far the best protection, no matter what OS you run. Tis free, too.

@Mike Moyle

No, no, no. When did I mention Mac owning Reg commentators? I said people *I* know, not people I don't. I even qualified this with the statement "Every Mac owner I've ever met,". However, contrary to your comment there still appears to be quite a few Mac owners, even here on ElReg no less, that have the belief that the Mac is imbued with some miraculous god-given power of impenetrable self preservation. It's not these (Reg reading, knowledgeable?) users we have to be particularly worried about its the common-or-garden users being allured by the shiny "cool" factor of the Apple brand. Users that are being handed down the invulnerable attitude, users that will refuse to give AV a second thought... until its too late.

Still, the lure of writing malicious software for Macs will not solely be the machines themselves, it will be the attitudes of those machines owners. Even having AV software will only get you so far, how exactly does it prevent social engineering based attacks when (certainly many) owners have been led to believe they can click on anything with impunity? Without proper preventative measures AND early education it is these users that will find themselves in a far worse situation than their PC owning counterparts. Apple themselves are even permeating the air of invulnerable superiority... Compare how many Apple geniuses will extol the virtues of AV software with those in the PC world? (not *the* "PC World", they'll just try to flog you Norton... then try to sell you more RAM or a bigger HDD because your PC has just suddenly ground to a halt!) Well, if they do I've never met one.

Personally, I don't actually see any smug-ness coming from the other direction, I see, having learnt the hard way, words of caution. Instead of listening to the voices of experience Mac owners, being highly disdainful of anything a PC owner has to say (about their chosen religion), see this as some kind of personal attack upon their machines.

Where's the "Failed Fail" icon?

@Ty

"There are 120000+ Windows viruses"

...and how many represent any kind of threat against a fully-patched Windows computer running XP-onwards ?

"(Go look up Trojan. It is NOT a virus numbnuts)"

I know that, you know that, and 99.9% of we Reg commentards know that. The important thing is that it's a nice scary word to use when advertising your AV product to mainstream computer users.

Re: Mac/av

James O'Shea sums things up nicely.

You've got three view points:

1) Knowledgeable about the reality of the situation and lack of threat

2) Ignorant of reality, and scared of what might happen

3) Vested interests in making sure that viewpoint 2) is encouraged as much as possible in order to profit from it.

Sounds a bit like Al-Qaeda and the threat from muslim, extremists.

@ Shades

Re: @Mike Moyle #

"By Shades Posted Friday 3rd July 2009 10:38 GMT

No, no, no. When did I mention Mac owning Reg commentators?"

...My bad -- When you started your post with:

"Cue the Mactards...

We don't need no anti-virus," they will smugly cry "ALL virususes are written for Micro$haft boxes."

Well, sorry guys --> you're <-- all becoming victims of --> your <-- own success. --> Your <-- only protection thus far has been scale and now --> you <-- can no longer rely on that. "

I (apparently foolishly) thought that when you said "you", you were using the second-person plural and referring to the people to whom you were speaking, rather than to the people that you don't mention until better than half-way through your post.

Silly me...

As to your second point, that "contrary to your comment there still appears to be quite a few Mac owners, even here on ElReg no less, that have the belief that the Mac is imbued with some miraculous god-given power of impenetrable self preservation"; you will, I trust, grant that AT THE TIME THAT I POSTED, the only people IN THIS THREAD who were claiming that they didn't use AV software WERE non-Mac users and that -- as I stated -- the mac-users posting to that point WERE using AV software despite the currently low threat level.

If you're going to go outside of the article and thread that you're commenting on for ammunition (and I will acknowledge that, in other threads, there have been people who HAVE made the claims that you say), then I'll mock your prescience in all things Mac by referring to all of the posters here since the Reg began who have claimed that "Apple will be dead in a year".

...It's as least as logical...

Where's the "Failed Failed fail" icon?

@ Shades and Mike Moyle

I think you'll both find that there a considerable amount of difference between "my OS is inherently secure and I don't need AV" and "my _systems_ are inherently secure and I don't need AV". Mac OSX, Windows, and even many Linux distros are _not_ secure "out of the box". But they can be made somewhat secure. Maybe not completely bullet-proof but secure enough to make any half-arsed signature-based AV software a bloody security _hazard_ (not to mention the strain on resources).

That is all.

Where's the "Failing bucket of failed fail" icon? :-P

@shades et al

There is, simply, no significant threat for Macs. There are trojans... most of which hang out on porn sites pretending to be codecs. There ain't nothing, on _any_ site, that I want to see badly enough that I'd download a codec from j-random-site; I've got Perian, Apple's MPG-2, and Flip4Mac installed, if something needs a codec that's not in there I don't need to see it. There are other trojans which pretend to be installers for such things as various Adobe and Microsoft products; I either already have those products, installed from disc, or I don't want them, I'm not about to steal them. There are phishers; I don't click on 'click here' lines in email sent from places I don't have accounts with (Paypal, Bank of America, Barclays...) and if I do have an account there (MobileMe) I check the headers; I suspect, for example, that Apple is unlikely to be sending me something stating that my account is about to expire, in June, when I _know_ that it expires in December, and that Apple is _extremely_ unlikely to be sending out such notices using MSOE 6 from a server in St. Petersburg, Russia. And I have my accounts set up in bookmarks in a browser which does not use ActiveX and has scripting turned off except for the scripts _I_ want to run. If I want to go and check an account, I launch the browser, select the bookmark, do what I need to do, and then shut it down. I do _not_ 'just click' There aren't any exploits where a browser on a Mac (or on Ubuntu) can be hijacked merely by going to the wrong site; there are several where some guys try... and I get to see an .EXE file attempt to download in plain sight and utterly fail to install 'cause .EXEs can't run on OS X and I don't have WINE turned on in Ubuntu. And I have a proper firewall, including Little Snitch on Macs, which checks each and every outgoing TCP/IP connection and squeals if it's not approved. (Hiya, Adobe and Microsoft products, no you _CAN'T_ phone home, I won't let you except where, when, and how _I_ specify.) And I'm running as a standard account, not as admin, or, heaven forbid, root. The only way stuff gets installed is if it pops up a dialog and asks for my admin username and password... and I'm not entering that stuff unless _I_ started the install. Please note that all of this, except Little Snitch, is free, and Little Snitch is shareware and cheap. And I could use the free version if I was cheap, and willing to restart Little Snitch every three hours.

I haven't had a Mac virus on any system I'm responsible for in well over a decade (not difficult, the last serious Mac malware was the autostart worm from 1998 and that thing never got onto any of my machines 'cause I was running with proper security even in the days of OS 9...) and have not had a Windows virus beyond items emailed to me and detected and destroyed as soon as they arrived for almost as long.

But Mac users don't have a/v antibodies... Yeah. Right. A/v systems ain't coming onto _my_ Macs unless and until there is a real-world threat out in the wild which poses greater danger than the known drawbacks of a/v software. Little Snitch, for example, has used a whole 0.91 seconds of CPU time since I last rebooted this particular Mac, at around 12:35 Eastern time on Friday; it's now Monday, 15:50 Eastern. It currently is eating a whole 4.25 MB of RAM out of the 4 GB of RAM on this machine. And it doesn't do things like delete system files (or my email!) while it does do exactly what I want it to do, no more, no less. The day that a/v software can do that is the day I install it short of a real, verifiable, real-world threat. Which does not exist. Meanwhile, a/v software is even as I type eating people's system files...

If anyone wants to waste CPU cycles and RAM 'protecting' themselves against a non-existent threat, well, I can't stop them. (Hey, guys... if a real threat ever does appear for Macs, why do you think that current a/v systems will be able to detect it, and if detected, actually do anything about it? Wouldn't the a/v systems be completely clueless until someone gets hold of an example of that threat and can devise a fix for it?) I personally will not waste time, or especially money installing a/v on systems which are not threatened. If this makes me smug, so be it. I've been smug for well over a decade now and see no reason to change.