In 1982, the Elk Cloner virus spread among Apple IIs by copying itself to floppy disks’ boot sectors. Elk Cloner didn’t do any actual damage (the 50th time an infected machine was booted, a poem would appear on its screen), but it certainly perplexed many 1982 computer users, who had never experienced a computer virus before.
Twenty-four years after Elk Cloner, Leap-A emerged. Disguised as an image file, Leap-A modified files on an infected Mac and, when iChat was opened, would send infected files to the victim’s iChat buddies.
Many people thought at the time that Leap-A signaled the end of OS X’s bug-free idyll. But Leap-A managed to infect a grand total of 49 Macs, and in the two years since, the Mac virus floodgates have yet to open: A few proof-of-concept viruses have cropped up, but almost none have been observed in the wild. Question is, why?
Security expert Bruce Schneier credits the Mac’s small market share: “If you’re looking for the masses of naive users, Windows is where to go,” he says. Adam O’Donnell, director of emerging technologies at Cloudmark, agrees. He’s applied game theory to the question and concluded that producing Mac malware won’t be economically viable until the Mac’s market share hits 16 percent (it’s now under 9 percent). O’Donnell says, “There is no economic benefit to investing the time in compromising a Mac when you can compromise 10 to 20 times more systems for the same level of effort by going after PCs.”
But that doesn’t mean you should keep your guard down entirely. Running Windows on an Intel-based Mac—in either Boot Camp or with virtualization software such as Parallels Desktop or VMware Fusion—exposes you to the same security risks as if you were running it on a Dell. And while your Mac might not suffer any ill effects from virus-laden e-mail attachments, you could pass those dangerous files to your Windows-using friends.
Finally, some malicious hackers have turned their talents from writing viruses to setting up phishing sites on the Web, where they hope to dupe you into handing over your credit card information, Social Security numbers, and so on.
By buying a Mac, you’ve already taken the first and best step toward keeping malware off your computer. (It’s striking how many of the security experts interviewed for this article are Mac users.)
Both Symantec and Intego sell Mac antivirus programs: Norton AntiVirus 11 ($50; ) and VirusBarrier X5 ($70; ), respectively. But if you don’t run Windows and you don’t mind passing along virus-laden e-mail attachments to your Windows friends, you don’t need either one.
If you do run Windows on your Mac, you should install a Windows antivirus program on your virtual PC. Our con- federates at PC World recommend Symantec’s $70 Norton Internet Security 2008, the $80 Kaspersky Internet Security 7.0, McAfee Internet Security Suite (three-seat license $70), and BitDefender Internet Security 2008, which costs $50 for three PCs. Each of these general-purpose security suites can protect your virtual Windows machine against all sorts of threats.
Symantec and Intego both offer dual-protection products for users who run both Windows and OS X on their Macs. These bundles give you Windows and Mac antivirus apps. Norton’s package costs $70 and includes Norton AntiVirus 11 for Mac and Norton AntiVirus 2008 for Windows, while Intego’s package costs $80 and includes VirusBarrier X5 for Mac and BitDefender Antivirus 2008 for Windows. Each of these packages costs far less than its two programs bought separately; you have to install the Mac program and the Windows program on their respective operating systems.
If you’re worried about passing along infected e-mails to friends, these bundles or one of the stand-alone Mac apps can also scan your inbox for malware attachments. The free, open-source ClamXav ( ) will do so, too, but it’s slow.
Some Web browsers—notably Firefox and Opera—notify you when you visit a potentially dangerous site. Safari doesn’t, which is why Consumer Reports and some e-commerce companies (including PayPal) recommend using something else. Studies have shown that most users ignore these warnings; they shouldn’t.
Safari users can stay safer by using Agile Web Solutions’ $30 password manager 1Password ( ). It automatically fills in Web forms, but you can define how much information it’ll give out in specific circumstances. It also compares URLs with the database at PhishTank.com (a community-based phish-tracking site) and alerts you when you visit a suspicious one. Norton Confidential ($50) includes phishing-protection plug-ins for both Safari and Firefox. It compares URLs you visit with Symantec’s database of phishing sites and alerts you if you attempt to visit one. Norton Confidential also protects against e-mail-based phishing attempts.
Third-Party Antivirus Applications
(A) Version 1.03 reviewed.
No matter which operating system you use, there will always be people out there trying to make a fast buck by exploiting known bugs, system vulnerabilities, or lax users. I advise spending your money not on Mac antivirus software but on a good phishing-protection application; at the very least, consider using a browser that offers built-in phishing protection. Your Mac’s file system is probably safe from malicious hackers, but your identity may not be.
[Scott McNulty is a senior contributor for MacUser and blogs at blankbaby.]