Update: The KB article referenced is now offline. You can see the archived version here.
Update 2: On Tuesday evening, Apple told Macworld that the KB article was removed because it was outdated and inaccurate; Mac OS X includes adequate security protection out of the box. The BBC has also rolled back the story, and has a more detailed post on the issue. Not sure I'm completely in agreement with this approach from Apple.... --MR
When the concepts of "antivirus" and "Mac OS X" approach each other in the blogosphere, the usual outcome is more heat than light. The current example of keyboards outpacing brainwaves has emerged from a storm of posts on various sites, mostly tracing back to security analyst/Washington Post writer Brian Krebs and AppleInsider's Aidan Malley. Both pointed to a "recently published" Apple KB article that listed a trio of AV applications available for Mac OS X.
More shocking to this pair of pundits: the KB article actually went so far as to encourage Mac users to buy, install and use antivirus software -- even "multiple antivirus utilities" to prevent the spread of malware, which was trumpeted by a ZDnet headline. What now? Is Apple's security story on the marketing front now undermined by the quiet truthtelling of the support site? Should Justin Long apologize to John Hodgman? Are cats and dogs now living together? Is the BBC picking up the story (yes, unfortunately, it is)?
The relevant quote from the shiny new KB article that has caused such commotion:
Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one program to circumvent, thus making the whole virus writing process more difficult.
Let's be fair: Apple's prose isn't helping matters, because while we all know that "widespread use of multiple antivirus utilities" doesn't mean you should be installing multiple AV tools on your one, single Mac -- the point is that the ecosystem should have variation, making it harder for malware writers to attack the entire population with one well-crafted exploit -- that fine distinction appears to have been lost on some of those who encountered this "new" KB article.
This, of course, brings us to point #2: a careful reading (or really, any reading at all) of the KB item shows the "Old article: 4454" legend at the top right. Yes, Apple does sometimes update KB articles, and in this case the same exact "multiple utilities" copy has been on the support site for a while -- the article was
originally publishedpresent on Apple's site in June of 2007, and was updated simply to reflect current versioning on the Intego and Symantec AV products.
[Correspondents have pointed out that the sequence number of the KB article places the original version of it back in 1992. That version clearly dealt with Mac OS Classic antivirus apps, and isn't really on the same narrative track as the once-but-current Mac OS X incarnation -- but it's a valid point that Apple has had a public notice of available security tools for many years (who remembers Disinfectant and Vaccine?). Records of the KB4454 URL on archive.org indicate that there was something at that address as far back as September 2001, but cached copies are not available.]
So, to sum up, Apple's recommendations have changed not a whit in 18 months. Everyone who is decrying the sad state of security on the Mac -- or, conversely, crediting Apple for waking up and smelling the coffee -- is chasing his or her cybertail with a great deal of enthusiasm. Malware on the Mac, such as there is, is still almost exclusively delivered via social engineering, so please don't install random video codecs downloaded from porn sites. That said, the commercial and free AV options for the Mac are pretty stable, and they're certainly worth exploring if you want to be a good computing citizen who doesn't relay Windows malware from friend to friend unknowingly. Read on for my top five tips when/if installing AV tools on your Mac.
Hat tip to MacDailyNews for linking the original KB article from the Internet Archive.