antivirus
Latest
Daily Mac App: ClamXav
Antivirus on a Mac might be a touchy subject, but if you'd like the reassurance of a virus scanner that's not intrusive and can be called on-demand, then the free ClamXav is a great choice. While you may or may not need a virus scanner on a Mac, there's no harm in having one that you can run as and when, perhaps if you're sending a file to a Windows using colleague for instance. Just because a potentially infected file goes totally unnoticed on your Mac, doesn't mean it's not going to wreak havoc on your poor unsuspecting friend's Windows box. ClamXav is the Mac GUI variant of the open source ClamAV project, and has recently entered the Mac App Store, making it even easier to get on-demand protection. Thanks to the ClamAV antivirus engine, ClamXav will detect both Mac and Windows threats and remove them quickly and easily. You get a Services menu option, which allows you to scan files as and when, be it that PDF you just downloaded or your entire disc. You can define file exclusions and even save your favorite scan locations for frequent scanning tasks. Virus definition updates are of course free, and you can get ClamXav to update when you first start the program or on a set schedule. While ClamXav may not be the fastest scanner on the block, it's free, gets the job done, and most importantly, won't bog your system down. If you ever share files with Windows users, or just want to make sure you're not going to fall foul of a Mac malware uprising if it ever comes into being, then ClamXav is a great occasional use scanner.
Avast! Free Antivirus for Mac beta now available
Apple released Security Update 2011-003 yesterday with protection from the MacDefender malware and its variants, but some of our readers might want to do more to protect their Macs from malware. Avast has been a longtime supplier of a free (for non-commercial use) antivirus package for Windows that is unobtrusive and fast, so it was with a great deal of interest that I read a PR blast from the company this morning. The company has just released a beta of avast! Free Antivirus for Mac for download and testing, and like the Windows version of the software, it looks pretty good. The company previously had a download for Mac, but as noted in the user forums on the Avast site, "The current popularity of Apple products also makes them more interesting for the bad guys so we thought it would be good to prepare for the battle sooner rather than later." The result is a product that is much more on par with the Windows product. To install the downloaded beta app, you simply drag the application icon to the Applications folder and double-click to launch. The app uses Growl notification, so it helps if you have Growl pre-installed. The app has three shields that are in operation at all times: the File Shield, which scans the binaries of launched apps and all files that are being modified, the Web Shield, which monitors and filters all HTTP traffic coming from websites, and the Mail Shield, which monitors and filters all POP3 and IMAP traffic. In addition, avast! Free Antivirus for Mac can do on-demand scanning of the whole file system, network volumes, or mounted removable volumes. The scanning engine is updated automatically -- I'm just happy that it doesn't speak "virus database has been updated" the way the Windows version does because that has a tendency to startle me. Unfortunately, the app does seem to slow down page loading in Safari, and I'm sure it would do the same with Firefox and Chrome. Of course, this is beta-ware, so the Avast team will most likely work on optimizing their code as the product gets closer to general release. If you're considering antivirus software for Mac for yourself, relatives, or employees, you might want to take a look at the avast! Free Antivirus for Mac beta.
Apple cracks down on MacDefender, prevents malware downloads with daily quarantine list
Preconceptions aside, Apple products do occasionally spread viruses, and not just the biological kind, which is why Cupertino saw fit to equip Mac OS X 10.6 Snow Leopard with a quarantine function to safely set malware aside. This week, however, Apple's kicking those digital white blood cells into high gear, updating that quarantine list daily with a new background process. The company's primarily got its crosshairs on the recent MacDefender scare, of course, but on the off-chance malware starts coming out of the woodwork, it sounds like you won't have to wait for a formal security update to be forewarned of the dangers. If privacy's your primary concern, however, you can also opt-out -- take a gander at our source links to see how it's done. [Thanks, Jake]
Creeper, the first computer virus, is 40 years young today
Forty years ago today is considered by many to be the birthday of the first computer virus. Of course, in the early 1970s they weren't called computer viruses, but that doesn't make Bob Thomas's handiwork any less special. Creeper (named after a character in the old Scooby Doo cartoons) spread from BBN Technologies' DEC PDP-10 through Arpanet, displaying the message: "I'm the creeper, catch me if you can!" and messing with people's printers. One notable difference between this and the majority of viruses was the fact that it deleted old versions as it replicated itself. Incidentally, that would make 2011 the fortieth anniversary of the first antivirus software: called, appropriately enough, Reaper.
Blizzard posts new account security guide
Make no mistake: it really sucks when your WoW account gets compromised. Even with the speed with which compromises are handled by the support department nowadays, it's still a pain to have to wait to get your stuff back -- and it's even worse to know that someone was in there mucking around with your dudes, you know? Blizzard's been better about helping people with account security problems recently, like giving out free authenticators to some hacked accounts and offering a free phone-in authenticator service, but in the end, a lot of the responsibility falls on you the player to keep your account secure. To that end, Blizzard has assembled a new account security guide. It's a pretty comprehensive list of the steps you can take to secure your account, from getting an authenticator to learning how to recognize phishing emails to making sure that your computer itself is secured through the use of antivirus software. Learn it, live it, love it. In account security, as in Planeteering, the power is yours.
PSA: Botched AVG 2011 update might be why your PC won't start today
Did you update your free copy of AVG 2011 today, in the hopes of evading a nasty bug? In a set of mildly familiar circumstances, the antivirus company has inadvertently unleashed an even nastier one. Users running 64-bit editions of Windows 7 and AVG 2011 are reporting a STOP error after a mandatory antivirus update this morning, which is keeping some from booting their machines into Windows at all. The buggy update has since been pulled and there are a couple ways to preemptively keep it from happening if you're staring at the message above, but if you've already been stung, you're looking at some quality time with a recovery disc or repair partition to fix your Windows boot files. Find all the solutions, including the preemptive ones, at our source link below.
Sophos releases free Mac anti-virus package
Security company Sophos has today released a free Home Edition of its Mac virus scanner suite. This is a timely move by Sophos to get an early foothold in what could become a significant market for aftermarket OS X security tools. While it's true that Macs have, until now, enjoyed a relatively blissful life free of viruses and other malware, increasing market share means we can sadly expect to see more bad guys target us from now on. There are more examples of recent Mac security problems on the Sophos company blog, and while (of course) they are motivated to scare you into using their product, they aren't making it up either. Thanks to everyone who sent this in.
Symantec mobilizes Snoop Dogg's cybercrime unit
You know what? Snoop has really done more than any technology company has to bring products to new audiences. Back in fifth grade we had no idea what indo was or why anyone would ever want to combine gin and juice; 3 weeks after "Doggystyle" came out we were hooked on both. At the beginning of last year we couldn't fathom our Grandpas asking Snoop for directions in the Caddy...but it happened. So why not make the leap to, you know, hawking desktop and internet security to urban markets? Symantec's Hack is Wack campaign aims to "bring the attention level up...just try to make people aware that these [cyber] crimes are happening." Snoop invites you to "raise awareness by making a rap song about cyber crimes" and uploading a video for judgment on "originality, creativity and message." The winner gets a pair of tickets to see Snoop, a chance to meet his "mgmt/agent" and a Toshiba laptop. It's been a while since we hit the mic or had any antivirus software installed, but he's got us thinking pretty hard about throwing down some rhymes and our credit cards for a copy of Norton 360 v4.0.
Intel acquires McAfee for $7.68 billion
digg_url = 'http://digg.com/tech_news/Intel_acquires_McAfee_for_7_68_billion_Engadget'; Well, we got our copy of McAfee Antivirus for $29, but it looks like Intel had something a little more substantial in mind. The latter has picked up the Santa Clara-based security / antivirus company for a cool $7.68 billion, which works out to $48 per share in cash. Intel informs us that it will function as a wholly owned subsidiary (under the control of its Software and Services group). This comes hot on the heels of the company's acquisition of TI's cable modem unit, and possibly signals a new focus on security for connected devices. "The cyber threat landscape has changed dramatically over the past few years, with millions of new threats appearing every month," said McAfee CEO Dave DeWalt."We believe this acquisition will result in our ability to deliver a safer, more secure and trusted Internet-enabled device experience." This has added a wonderful new phrase to the Engadget lexicon (and possibly even a name for our new garage band): Cyber Threat Landscape. PR after the break.
Scammers exploit Apple iPad fever
And now we're at the point in the iPad cycle where there's just enough information out there about it that people are interested, but not enough that they can discern credible information from scammers. That's the report of the BBC, which says that "hi-tech" scammers are using iPad-based searches to prey on users and install various types of "rogue security software." The news here isn't necessarily that scammers are out there scamming people (that happens all of the time), but it's that scammers are cashing in on the iPad frenzy to do so. Then again, that's probably not a huge surprise, either: they probably always latch onto whatever the hottest search topics are, and this past week, of course, it was the iPad. In my own personal opinion, these fearmongering reports are the biggest scam of all. Even the BBC is only reporting this based on information from Symantec, and that's S.O.P. for the antivirus company: a) release a report that claims everyone is in danger and that viruses are everywhere, b) get some less-than-tech savvy journalist to believe it, and c) sell copies of your antivirus software and profit. In reality, if you click links only on trusted sites and keep an eye on everything coming in to your Mac, you don't need Symantec to tell you how to be safe. If you install "security software" that you happened to pick up while searching for iPad news, of all things, then you can't be surprised when your system gets compromised.
Ask TUAW: Auto-tagging music, iPhone VoIP apps, replacing a hard drive and more
Welcome back to Ask TUAW, our weekly troubleshooting Q&A column. This week we've got questions about VOIP apps on the iPhone, auto-tagging music, Boot Camp, replacing a hard drive and more. As always, your suggestions and questions are welcome. Leave your questions for next week in the comments section at the end of this post. When asking a question, please include which machine you're using and what version of Mac OS X is installed on it (we'll assume you're running Snow Leopard on an Intel Mac if you don't specify). And now, on to the questions.
Malware detection coming in Snow Leopard?
We usually look at news updates and blog posts from antivirus vendor Intego with a bit of a gimlet eye, since the company has been known to spread a little bit of that good old FUD when it comes to the everyday risk of malware faced by most Mac users (that is to say, pretty much none). Today, however, the Intego blog pointed out an unheralded feature of the forthcoming Mac OS X 10.6 Snow Leopard update: some basic malware checking built into the operating system, reported by users of the beta version. As the post notes (and sites such as The Register and ZDnet corroborate), when a problematic DMG is downloaded or mounted -- containing one of two known malware components -- the Finder throws the alert pictured above, warning the user not to install the software in question and to throw away the disk image. While this is a nice touch for the two security risks in question, The Register notes that the filter appears to only catch files downloaded through some of the more common apps (Mail.app, Entourage, Safari, Firefox and iChat among them) but not files copied over from removable media. It doesn't cover the wider gamut of threats out there, nor would it detect or block Windows malware that a Mac user could unwittingly transmit; for all of those scenarios, a true AV app (paid or free) is what the doctor ordered. You can keep up with all the latest Snow Leopard news via our category page.
Snow Leopard packing antivirus software?
If the online chatter is to be believed, Apple's very soon to be released Snow Leopard has in its code new protection for fighting malware. According to the picture above corroborated by other online reports, a DMG downloaded by Safari was checked by the OS and found to contain the "RSPlug.A" Trojan. The system promptly suggests you eject the disk image to avoid damage. Should Apple really be treading down this path, it begs the question of how often and how comprehensive / aggressive the company will be updating its antivirus logs. If nothing else, it's a certainly a notable symbolic gesture that the one-time underdog might be gaining enough market share to catch the attention of the darker side of the internet -- and all of a sudden, David Puddy isn't looking nearly as bad. [Thanks, David]
Sophos decries XP Mode vulnerability, Microsoft offers chill pill
If you're keeping score at home, Microsoft needs to bring two heavies to a fight with Google, but it can lay the smack down on an AV software firm like Sophos all by itself. Richard Jacobs, chief technology officer and master of inflammatory rhetoric at Sophos, points out that Windows 7's XP Mode makes computers vulnerable to attack due to it operating independently from the underlying OS and therefore not having the same firewall and anti-virus protection. For those who actually go to the trouble of buying and updating security software -- like say, most businesses -- this essentially doubles costs for each new Windows 7 machine. Microsoft has countered with the fact that big businesses will be using its MEDV management software, while smaller shops will be able to update the virtualized XP in the same fashion as they would a physical PC. Storm in a teacup, then? Absolutely, but you'll want to give these a read if only for the passive aggressive silliness that ensues. [Via The Register] Read - Richard Jacobs on XP Mode Read - MS chief security adviser for EMEA Roger Haibheer retorts Read - Jacobs retorts to the retort Read - MS developer James O'Neill threetorts
New computer shipped with malware that targeted WoW
Here's a big oops -- a company named M&A Technology accidentally shipped out a unit of their Companion Touch PC that contained some malware on it, including a password stealer that targeted World of Warcraft. It was an accident -- apparently someone at the factory decided to upgrade the computer's drivers and software before shipping it out, but they used a USB stick that had been infected with the bad apps, and thus in the process infected the brand new computer. Fortunately, the person who received the computer apparently scanned and caught the bad code before any damage was done -- I guess if you buy a computer from a brand you've never heard of, it's worth giving it an antivirus and malware scan at least once before you use it.And/or you can just use an authenticator -- even if someone nabs your password, the Blizzard Authenticator makes sure that they can't log in without a current code. So there's not too much to worry about here -- while computers do occasionally get shipped with software that could jeopardize your security, as long as you're vigilant about what's on your hard drive, and take caution before using apps and hardware that you've never used before, you generally won't have any problems.[via WoW LJ]
Wrath tops the PC sales charts for November
Surprised? You probably shouldn't be -- NPD has released the top sales list for November, and our favorite game is sitting right on top. In fact, the most interesting thing about the list is what's not on it: games. Wrath is at number one, followed up by such great titles like Office 2007 and Trend Micro Anti-virus. The collector's edition of Wrath comes in at number four, and after that it's all utilities except Call of Duty: World at War at number six and Spore at number 10.That's a sad month for PC gaming, especially during a time when sales are supposed to be at their highest. Blizzard's leading the charge (and they're not leaving PC anytime soon), but they seem to be pretty much the only PC studio able to bring it home this year.Videogame sales in general are doing just great: even in a bad economy, console companies -- both developers and retailers -- are seeing nice growth. But those saying PC gaming is dead will only have to point to November's sales for proof. Maybe in 2009 we can get a couple more titles quality enough to give World of Warcraft a run for its money.
Apple removes antivirus-related KB page
According to Macworld, Apple removed a Knowledge Base article about antivirus software compatible with Mac OS X. The article received "a lot of attention" because it seemingly contradicted Apple's marketing messages about malware for Mac. Our own Michael Rose tried to take the kettle off the stove, noting that the article had been around for years before the Washington Post noticed it this week. Macworld's Jim Dalrymple spoke with Apple spokesman Bill Evans, who said "We have removed the Knowledge Base article because it was old and inaccurate. The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box." Even so, Evans admitted, "Since no system can be 100% immune from every threat, running anti-virus software may offer additional protection." Thanks to everyone who sent this in!
Apple updates antivirus version numbers, security savants lose grip on reality
Update: The KB article referenced is now offline. You can see the archived version here. Update 2: On Tuesday evening, Apple told Macworld that the KB article was removed because it was outdated and inaccurate; Mac OS X includes adequate security protection out of the box. The BBC has also rolled back the story, and has a more detailed post on the issue. Not sure I'm completely in agreement with this approach from Apple.... --MR When the concepts of "antivirus" and "Mac OS X" approach each other in the blogosphere, the usual outcome is more heat than light. The current example of keyboards outpacing brainwaves has emerged from a storm of posts on various sites, mostly tracing back to security analyst/Washington Post writer Brian Krebs and AppleInsider's Aidan Malley. Both pointed to a "recently published" Apple KB article that listed a trio of AV applications available for Mac OS X. More shocking to this pair of pundits: the KB article actually went so far as to encourage Mac users to buy, install and use antivirus software -- even "multiple antivirus utilities" to prevent the spread of malware, which was trumpeted by a ZDnet headline. What now? Is Apple's security story on the marketing front now undermined by the quiet truthtelling of the support site? Should Justin Long apologize to John Hodgman? Are cats and dogs now living together? Is the BBC picking up the story (yes, unfortunately, it is)? The relevant quote from the shiny new KB article that has caused such commotion: Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one program to circumvent, thus making the whole virus writing process more difficult. Let's be fair: Apple's prose isn't helping matters, because while we all know that "widespread use of multiple antivirus utilities" doesn't mean you should be installing multiple AV tools on your one, single Mac -- the point is that the ecosystem should have variation, making it harder for malware writers to attack the entire population with one well-crafted exploit -- that fine distinction appears to have been lost on some of those who encountered this "new" KB article. This, of course, brings us to point #2: a careful reading (or really, any reading at all) of the KB item shows the "Old article: 4454" legend at the top right. Yes, Apple does sometimes update KB articles, and in this case the same exact "multiple utilities" copy has been on the support site for a while -- the article was originally publishedpresent on Apple's site in June of 2007, and was updated simply to reflect current versioning on the Intego and Symantec AV products. [Correspondents have pointed out that the sequence number of the KB article places the original version of it back in 1992. That version clearly dealt with Mac OS Classic antivirus apps, and isn't really on the same narrative track as the once-but-current Mac OS X incarnation -- but it's a valid point that Apple has had a public notice of available security tools for many years (who remembers Disinfectant and Vaccine?). Records of the KB4454 URL on archive.org indicate that there was something at that address as far back as September 2001, but cached copies are not available.] So, to sum up, Apple's recommendations have changed not a whit in 18 months. Everyone who is decrying the sad state of security on the Mac -- or, conversely, crediting Apple for waking up and smelling the coffee -- is chasing his or her cybertail with a great deal of enthusiasm. Malware on the Mac, such as there is, is still almost exclusively delivered via social engineering, so please don't install random video codecs downloaded from porn sites. That said, the commercial and free AV options for the Mac are pretty stable, and they're certainly worth exploring if you want to be a good computing citizen who doesn't relay Windows malware from friend to friend unknowingly. Read on for my top five tips when/if installing AV tools on your Mac. Hat tip to MacDailyNews for linking the original KB article from the Internet Archive.
PC Tools iAntiVirus aims to be Mac specific
With the recent trojan scare PC Tools' timing for the beta release of iAntiVirus for Mac could hardly be better. While there are a variety of anti-virus applications for the Mac, iAntiVirus seems to be especially designed to reduce resource usage by simply ignoring virus signatures for Windows. The idea is that your Mac is immune to Windows viruses so why waste memory, etc. scanning for them? Otherwise iAntiVirus is pretty conventional with a menubar interface and real-time scanning.In some ways I'm of two minds about this approach. It's true that I don't allow any Windows boxes on my home network so having a Mac-only solution makes sense. However, by not scanning for non-Mac viruses it's possible that your Mac might unwittingly pass along a virus or trojan by email, etc. I run an Enterprise version of Sophos provided by my University and I've been surprised by how many Windows virus signatures it has picked up on my machine from various downloads.iAntiVirus is a free download, but virus definitions and updates are $29.95 for one year.[via Macworld]
High voltage "antivirus" halo protects your laptop, keeps you vigilant
Here at Engadget HQ, we have a certain respect for tesla-based DIY endeavors. That being said, we still can't fathom who in their right mind would actually fling sparks around their laptop just to feel a little closer to that WoW raid. Nevertheless, the High voltage "antivirus" protection project claims to play nice with Macs or PCs and utilizes a ZVS flyback supply driving a 4-stage CW multiplier. According to the mad scientist who arranged this thing, the shot on the right was taken by a camera forced to hold its shutter open for ten seconds before capturing, and he even took a number of shots (check 'em all in the read link) to defuse the "Photoshopped!1one!" arguments. If you can't sense the fear in our fingertips, trust us, it's there.
