Focus on Apple
ClamXav for OS X 10.4 Aug 10 2007 02:43PM
Pfost William B (William Pfost ci irs gov) (4 replies)
RE: ClamXav for OS X 10.4 Aug 10 2007 09:28PM
Todd Woodward (todd_woodward symantec com) (2 replies)
RE: ClamXav for OS X 10.4 Aug 11 2007 12:07PM
David Harley (david a harley gmail com)
Re: ClamXav for OS X 10.4 Aug 11 2007 02:33AM
Edward R Marczak (marczak radiotope com) (2 replies)
RE: ClamXav for OS X 10.4 Aug 14 2007 09:42AM
David Harley (david a harley gmail com) (1 replies)
Re: ClamXav for OS X 10.4 Aug 14 2007 01:18PM
Edward R Marczak (marczak radiotope com) (1 replies)
Re: ClamXav for OS X 10.4 Aug 14 2007 08:43PM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies)
RE: ClamXav for OS X 10.4 Aug 15 2007 10:14AM
David Harley (david a harley gmail com)
RE: ClamXav for OS X 10.4 Aug 13 2007 09:51PM
Todd Woodward (todd_woodward symantec com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 14 2007 10:09AM
David Harley (david a harley gmail com) (1 replies)
Re: ClamXav for OS X 10.4 Aug 14 2007 08:32PM
Michael Dalling (mtdalling gmail com) (2 replies)
RE: ClamXav for OS X 10.4 Aug 15 2007 09:53AM
David Harley (david a harley gmail com)
Re: ClamXav for OS X 10.4 Aug 15 2007 07:32AM
Howard Oakley (h oakley btconnect com)
Re: ClamXav for OS X 10.4 Aug 10 2007 07:24PM
Rob DeWitt (diggertadmin gmail com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 10 2007 08:53PM
David Harley (david a harley gmail com) (2 replies)
RE: ClamXav for OS X 10.4 Aug 10 2007 09:17PM
William Holmberg (wholmberg amdpi com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 11 2007 11:41AM
David Harley (david a harley gmail com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 14 2007 07:43PM
William Holmberg (wholmberg amdpi com) (1 replies)
Re: ClamXav for OS X 10.4 Aug 14 2007 09:16PM
Dave Mangot (dmangot terracottatech com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 14 2007 09:41PM
William Holmberg (wholmberg amdpi com) (1 replies)
Re: ClamXav for OS X 10.4 Aug 14 2007 10:02PM
Dave Mangot (dmangot terracottatech com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 15 2007 01:29PM
William Holmberg (wholmberg amdpi com)
RE: ClamXav for OS X 10.4 Aug 10 2007 09:10PM
Dixon, Wayne (wcdixo aurora lib il us) (2 replies)
RE: ClamXav for OS X 10.4 Aug 11 2007 01:29PM
David Harley (david a harley gmail com)
> Is it me, or I am the only one who thinks that AV in general
> is a waste of time,

It's you. Or I'm in the wrong business. :)

> yeah it'll get the known stuff... But I'm
> more worried about the unknown things.

Quite rightly. But good AV doesn't -only- get known stuff.

> I don't think AV Is
> worth anything, we have 2 different types and they stop some
> stuff, but not everything.

The only way to stop everything is to lock down so tight as to make systems
near to unusable. That doesn't mean AV is useless: just that it isn't a
perfect defence. See below. But catching all(-ish) known malware and a
percentage of unknown malware is better than not catching anything.

> And AV on mac, in my opinion, is
> just for those who don't know what they're doing.

But that's the point about AV. People use it because they think it saves
them having to think for themselves, and they've resolutely avoided
techniques like integrity checking that require them to make a decision.
They want it to catch all malware, then complain because it doesn't, but
that's a matter of unrealistic expectations fuelled by wishful thinking.

Unfortunately, there are an awful lot of people with Macs and PCs who have
no idea what they're doing, and quite a few people feeding them (often
well-meant) misinformation.

> Once there's a major flaw, that's being exploited by most
> websites, I'll worry... But even then, I doubt it.

There already is a major flaw. It's just that it isn't being exploited.
Never mind the intrinsic security or otherwise of OSX: Mac users are
potentially wide open to social engineering attacks because they -think-
they're so safe they don't have to think. Maybe there'll never be another
serious attempt to exploit this, but it's always been there and it has been
exploited in the past.

> I don't
> want to get into a debate over Mac OS and virus software,
> it's just my opinion.

Too late. ;-) <serious>I don't want to get into one of those Windoze versus
God's Own Operating System arguments, either. Mac users are far safer right
now than they were when I first got into this game, however clueless they
are. My concern is that one of these days the bad guys (and I mean the
career criminals who are mostly responsible for malware these days, not the
rebels with satanic nicks who used to run the game) will decide it's worth
mining a fresh seam. </serious>

> I don't even run AV on my personal Windows computers (which
> are dwindling in numbers). I think it's more about behavior
> than anything else.

I didn't run AV by default for years, like a lot of other people who figured
they had a good appreciation of the risks in the days when it was
practically impossible to catch a virus if you didn't do anything stupid.
Unfortunately, I don't think that's enough anymore. Too many vulnerabilities
have come up that don't rely on human stupidity - or, if you prefer, rely on
coding problems rather than end-user stupidity. :)

--
David Harley CISSP, Small Blue-Green World
Security Author/Editor/Consultant/Researcher
AVIEN Guide to Malware:
http://www.smallblue-greenworld.co.uk/pages/avienguide.html
Security Bibliography:
http://www.smallblue-greenworld.co.uk/pages/bibliography.html

[ reply ]
Re: ClamXav for OS X 10.4 Aug 11 2007 10:16AM
Radoslav Dejanoviæ (radoslav dejanovic opsus hr) (1 replies)
RE: ClamXav for OS X 10.4 Aug 14 2007 09:48AM
David Harley (david a harley gmail com)
Re: ClamXav for OS X 10.4 Aug 10 2007 06:56PM
Tom Yarrish (tom yarrish com)
Re: ClamXav for OS X 10.4 Aug 10 2007 06:50PM
Roland Dobbins (rdobbins cisco com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 10 2007 07:35PM
Pfost William B (William Pfost ci irs gov) (1 replies)
Re: ClamXav for OS X 10.4 Aug 10 2007 08:09PM
Rob DeWitt (diggertadmin gmail com) (2 replies)
Re: ClamXav for OS X 10.4 Aug 10 2007 11:11PM
Paul Schmehl (pauls utdallas edu) (2 replies)
Re: ClamXav for OS X 10.4 Aug 12 2007 12:37PM
Casper Gasper (casper gasper gmail com)
RE: ClamXav for OS X 10.4 Aug 11 2007 12:13PM
David Harley (david a harley gmail com)
Re: ClamXav for OS X 10.4 Aug 10 2007 09:22PM
Kevin Finisterre \(lists\) (kf_lists digitalmunition com) (1 replies)
RE: ClamXav for OS X 10.4 Aug 11 2007 12:22PM
David Harley (david a harley gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus