Security for Mac? Need it or no?

I have an apple macbook and i was wondering if any security software or anything of that nature is needed with a mac? If there is what is the best kind. Thanks for any help.

 

I heard the only security you need is the firewall that comes with the operating system.

 

As Homer said, the built-in firewall is sufficient to keep you secure on Mac OS X. But of course most importantly you should surf the web safely (go on websites that you know are secure, don't randomly open unknown email attachments, etc. Other than that you should have a safe web surfing experience .

 

Also use Common Sense.

 

What would you use if you knowinly go to websites because it's the only place you can find the info you need but you know there are viruses and spyware there?

 

I would ask you to consider the wisdom of that decision first.

Second, chances are nothing will happen since there are not really any viruses meant for OSX.

Third, if you're using Safari, Firefox, or Camino, the browser is secure enough to catch most things that will try to get through.

 

Set up a virtual machine in parallels or vmware, install some version of Linux on it: you can find pre-made linux images of Ubuntu, for example, or make your own. After you browse/download, simply set the VM to the previous, knowingly clean state. You can - and SHOULD - do this in Windows too.
You can of course do this with Windows inside a VM too; you might get some malware, but since you will be resetting everything at the end of the session you may not worry much. BUT, some worm might be installed and compromise your network, this is why I don't recommend using Windows unless you know what you're doing - case you wouldn't be asking here. That said, never heard of anyone who got any malware browsing suspect sites using OSX. People simply don't write malware for OS X, at the time being. But they could, and while it wouldn't spread as fast or as well as in Windows, you should be aware of the possibility. If you should browse known malicious sites, do a light-version of the virtual machine approach: set up an restricted account exclusively for that, and wipe down the files in that account after using it. That is probably being paranoid, I know.

 

Most legit sites won't have malware. And if you are visiting a shady site, you may want think about what you are doing. Maybe you get what you deserve.

As for security software, the built-in firewall is enough for now. But practice good habits, because eventually there will likely be an exploit and you want to be prepared.

 

I am not so sure. There are lots of legit sites with malware; adult sites for instance. Anyways, I hardly judge people based on what I assume their motivations are. Hope what I posted before doesn't break any NBR rules.

 

Except if they have been hacked.

The way most attacks via websites work is that websites are hacked and viruses are installed to attack users of the website. That's the way 99% of web based attacks are carried out these days.

Hackers will hardly use their own homepages to host viruses - they have to hide. So the safest way is hack somebody elses and post your malware there.

Properly run websites are hard to hack of course. Like, you won't see Google.com getting hacked. But anything that's not of enterprise caliber is at risk, and sometimes even enterprise sites. You can purchase zero day attacks on IIS on the internet...

 

No you don't.

Monitor the news - unless you see a headline that says "New virus/trojan for Mac OS X out in the wild!" - you are safe. There are no known active attacks against macs out in the wild.

There are some demo exploits, there are vulnerabilities that usually get fixed pretty quickly. But there are no actual hackers out there trying to attack Macs. They all stay on the windows side and as long as that remains the case, Macs are safe.

It's pretty clear why, too: Macs are much harder to attack, and much less wide spread at the same time. They just don't make an attractive target for hackers and malware authors.

Use the firewall anyway, just to be on the safe side.

But the anti virus companies would love nothing more than a few malware outbreaks on the Mac, and they also keep spinning news to scare people into buying their products. Never mind that, it's not personal, it's just their business model.

Between my PC and my Mac, I do a lot more for security on the PC side - I have latest AV programs, I closed all ports that could cause trouble, closed other attack vectors using Secure-IT, use Firefox and don't visit any fishy web pages. On the Mac, I do none of that, have only the firewall.

Guess which of the two systems I use exclusively for online banking? The Mac.

 

While I agree a legit site could get hacked and be a host for malware, I think the odds of it happening are rather low. As for adult sites, I agree they are fairly legit, but I would not surprised to get malware from one. I think it would be hard to argue that the vast majority of legit sites would be pretty safe.

 

http://it.slashdot.org/article.pl?sid=07/04/07/2031248
While Kapersky is completely wrong as to the nature of the exploit ( I wouldn't trust them, they are the guys who called that... stuff an "iPod virus" ) there was surely a breach in Asus site. Go see how many people only here in NBR forums own Asus notebooks, not to mention motherboards. Few webmasters know their way about security measures (few even know their way about IIS). The threat is very real.