So Mac invulnerability to malware is a myth, at least according to security researchers from Kaspersky Lab. And although such a blunt statement may be a blow to the ego of some Mac users, it remains true. Security researchers from all walks have long argued that it was only a matter of time before the Mac became popular enough that virus, malware, and spyware makers would come calling, and the recent Flashback scare has only served as a reminder that overconfidence precedes carelessness. Especially when it comes to technology.
The Flashback flare-up happened less than a year after another malware spike, which came in the form of fake antivirus app Mac Defender. Though neither incident ended up infecting every single Mac, they both showed that malware on the Mac is ever-so-slowly inching its way into our public consciousness. "Market share brings attacker motivation," Kaspersky Lab told the press last month, and Mac market share is definitely on the rise.
Is it time to begin installing antivirus software on our Macs? We leave that up to you to decide for yourself, but given the spike in questions we've been receiving about which antivirus software is the best, we thought we'd take a look at a handful of the most well-known apps out there for Mac users. Your mileage may vary, but here are our impressions of five different antivirus packages after installing and using each one. In no particular order:
Kaspersky Anti-Virus for Mac
Cost: $39.95 per year
Free trial: 30 days
Kaspersky's antivirus software was easy to install and pretty robust. The main interface (pictured above) is simple enough to use: push the big green button to begin scanning your stuff. The green button doesn't always stay green though—when I began using the software, it started out orange with a note saying "Databases are obsolete":
I didn't find this to be particularly welcoming, and it might alarm a less experienced user upon first launching the program, as there are no instructions about what that means or how to fix it. (This was remedied by updating to the latest definitions from within the app.)
Aside from this, though, the software is relatively straightforward. Like most antivirus programs, you can change your security level depending on how strict you want the scans to be, tweak notification settings for when suspicious files are found, and can even change the skin of the software (thank goodness). You can also have the software scan for a particular type of malware, so if you only want to look for trojans instead of adware or auto-dialers, you can do so. And of course, users can create a whitelist of exclusions. Kaspersky's offering comes with an uninstaller on the disk image when you download it from the website, which is also easy to use if you should choose to get rid of it. Everything worked as expected when we used this one, though depending on your personal needs, you may not want to pay $39.95 per year for it.
Intego VirusBarrier X6
Cost: $49.95 per year
Free trial: 30 days
Intego's VirusBarrier definitely wins the award for "The Most Buttons." There's just a lot going on when you launch this software, and for the average user, it might be a bit overwhelming. You may notice in the screenshot above that it says my filters are 166 days old, but clicking on it just displays a new message saying I can't download new ones—this is confusing and perhaps somewhat alarming to someone trying to stay protected from malware, and left me dinging Intego for usability points.
Aside from this, Intego's software scans new files in real time and puts a traffic indicator in your menubar if you're the type who likes to monitor incoming and outgoing network traffic. VirusBarrier also has a "fraudulent website protection" option for cookies, and even offers a way to hide your browser info and last site visited from other sites trying to track your browsing behavior. Like Kaspersky's software, Intego's also comes with an easy-to-find uninstaller. Overall, we felt fine about Intego, though the sheer number of available options left us feeling a bit overwhelmed. For $49.95 per year, it could be worth your while if you're looking for a very complete solution that lets you lock down on everything but the kitchen sink, but if all you want is simplicity, you aren't likely to find it here.
F-Secure Antivirus for Mac
Cost: $39.99 per year
Free trial: 30 days with campaign code AVMAGL
F-Secure wins the award for requiring the "Most Hoops For Users" to jump through in order to download the trial—not only do you have to enter a campaign code to obtain the trial in the first place, you then have to wait for e-mail confirmation (the first one, that is). Then you have to click a link to confirm, which then sends you a second e-mail confirmation that requires to you to click another link to download. Annoying, F-Secure. Just plain annoying.
Regardless, we found F-Secure's antivirus product to be very straightforward and fairly simplistic—but in a good way. This is no Intego—there aren't 94 buttons on the main screen for you to choose from. F-Secure's software allows you to do basic tasks like scan for viruses, block and unblock network traffic, and look at your virus/spyware history. It also turns on your OS X firewall by default (though you can turn it off again in your settings if you'd like) and… well, that's pretty much it.
After using Kaspersky's and Intego's solutions, F-Secure's seemed promising when it came to being straightforward and simple. The offering doesn't overwhelm the user and it's not hard to figure out how to use it. But I can't in good faith endorse F-Secure's offering given my experiences when installing and running it. I installed this software twice on two separate computers and had nonstop bad experiences—it completely debilitated my machine one time to the point where trying to open a Finder window was an hour-long task with nonstop beachballs. (One Mac Genius I spoke to even believed the SSD in my Mac had been corrupted because the performance was suddenly so poor.)
The second time wasn't much better; on a completely clean machine, installing F-Secure slowed things down noticeably and beachballs were frequent. Luckily, uninstalling the software appeared to restore my computers back to their actual, usable states. (The uninstaller can be found in Applications > F-Secure after you install it initially.) You may have different experiences with this one, but I plan to stay far away.
Sophos Antivirus for Mac Home Edition
Cost: Free!
Sophos' antivirus software was the most simple of all the packages we tried. It really just does one thing: scan for viruses and malware, and it automatically downloads new virus definitions. You can customize your scans and manage the files that have been set aside in quarantine, but if you want network traffic scanners or skinning capabilities, this is not the right place to look.
This software is completely free—there's no yearly fee or registration required—so there's not much to complain about when it comes to its functionality (or lack thereof, depending on what you're looking for). It's basically the polar opposite of Intego and Kaspersky's software, and is priced as such. If you're looking for the simplest antivirus software from a trusted company, this is probably it.
Avast! Free Antivirus for Mac
Cost: Free!
Avast was the only antivirus software we tested that didn't involve using a "real" installer (it just requires drag-and-drop installation). We would categorize Avast's antivirus software as more feature-rich than Sophos, but still less complex than the first two (Kaspersky and Intego)—it might be roughly on par with F-Secure when it comes to breadth of functionality.
Avast can scan your full system, local volumes, network volumes, just your home directory, or a custom mix of folders. (As usual, it also auto-downloads new virus definitions.) It automatically displays pop-ups whenever it decides to warn you about something (below) or when there are new virus definitions and important messages:
Luckily you can turn this off if you want—and I did, because I received the above message just about every time my mail client tried to retrieve e-mail—but it can be handy if you want to be alerted for unauthorized connections.
Aside from this, the software is very straightforward. Again, it's free, so there's not much room to complain if Avast's solution strikes you as a little light. Still, for "regular" users or people who simply don't need/want a ton of options, we liked Avast—it offers slightly more than Sophos for the same price, but we must note that even though it's free, you still have to register your version of Avast within 30 days of installation. Uninstallation can be done through the software itself (under the "avast!" menu) or by just deleting the app from your Applications folder, which should also remove the daemon and supporting scripts (check out this forum thread for more information). I really liked Avast when it came to simple-to-use bad-guy protection, and it's hard to beat free.
Conclusion
We're not arguing that Mac users have to install antivirus software if they want to avoid the zombie malware apocalypse. Infection numbers—even for Flashback—are still relatively low when compared against the global number of Mac users. However, we also don't think it's wise to pretend that OS X is completely immune to attacks. It's not—we know it, you (hopefully) know it, and security researchers know it. Even if you feel comfortable navigating the scary old Internet yourself, you may want to consider setting up your less-experienced friends and family members who just can't help themselves when it comes to playing Java games online or opening random e-mail attachments from China.
Keep in mind, though, that malware attacks are becoming more and more sophisticated. In the case of Flashback, the infection was spread via hijacked WordPress sites thanks to a vulnerability in the blog software. This means that trusted blogs visited by Mac users could have been used to spread the infection, reinforcing the disturbing truth that infections don't only happen by visiting shady websites or opening unidentified files. If you worry about the possibility that your own favorite sites could transmit something questionable to your machine through an unpatched vulnerability, adding an extra layer of protection between you and the Internet is worth considering.
We're sure there are other antivirus packages that you like, too. Let us know in the comments what your favorites are, or if you have additional tips to add for Mac users trying to stay safe.
Update: This article originally said Symantec didn't offer a trial for its Norton Antivirus software. That is inaccurate and we will update this article with our thoughts on Norton as soon as we can.
reader comments
126