Yes Ronni, I certainly will. It’s already archived.
Thanks.
Cheers.
Walter
*****************************************************
> On 27 Sep 2015, at 17:37 , Ronda Brown <ro...@mac.com> wrote:
>
> Well... No... It's not really anti-virus software.
> But I do not recommend and have never recommended that Malwarebytes
> Anti-Malware software be installed on current OS X systems.
>
> Please read thoroughly all the documentation I posted in my last reply to the
> list.
>
> Cheers,
> Ronni
> Sent from Ronni's iPad4
>
>
> On 27 Sep 2015, at 4:46 pm, FW <whae...@iinet.net.au> wrote:
>
>> Malwarebytes Anti-Malware is not really anti-virus software, is it Ronni ?
>>
>> Cheers
>> Walter
>>
>> ***************************************************************************
>>
>>> Begin forwarded message:
>>>
>>> From: Ronni Brown <ro...@mac.com>
>>> Subject: Re: Malwarebytes, anti-malware for Mac
>>> Date: 27 September 2015 13:18:50 GMT+8
>>> To: WAMUG <wamug@wamug.org.au>
>>> Reply-To: wamug@wamug.org.au
>>>
>>>
>>>> On 27 Sep 2015, at 11:58 am, Graham Rabe <gra...@rabe.com.au> wrote:
>>>>
>>>> A week or two ago Peter Marks on ABC Breakfast with Fran Kelly advised
>>>> against installing any Apple virus protection software given that recent
>>>> security upgrades have made them largely redundant and they seem to cause
>>>> more problems than they claim to fix.
>>>>
>>>> Graham
>>>>
>>>> Sent from my iPad
>>>
>>> I agree! In my previous reply I only supplied the information about
>>> Malwarebytes anti-malware for Mac.
>>>
>>> Peter, Daniel & I have posted numerous times re: Do Macs need Anti-Virus
>>> programs.
>>> The short answer is NO.
>>>
>>> Below I quote from Linc Davis - Level 10 Apple Support Communities
>>>
>>> /Begin Quote from Linc Davis:
>>> Mac users often ask whether they should install "anti-virus" software. The
>>> answer usually given on ASC is "no." The answer is right, but it may give
>>> the wrong impression that there is no threat from what are loosely called
>>> "viruses." There is a threat, and you need to educate yourself about it.
>>>
>>> 1. This is a comment on what you should—and should not—do to protect
>>> yourself from malicious software ("malware") that circulates on the
>>> Internet and gets onto a computer as an unintended consequence of the
>>> user's actions. It does not apply to software, such as keystroke loggers,
>>> that may be installed deliberately by an intruder who has hands-on access
>>> to the computer, or who has been able to log in to it remotely. That threat
>>> is in a different category, and there's no easy way to defend against it.
>>>
>>> The comment is long because the issue is complex. The key points are in
>>> sections 5, 6, and 10.
>>>
>>> OS X now implements three layers of built-in protection specifically
>>> against malware, not counting runtime protections such as execute disable,
>>> sandboxing, system library randomization, and address space layout
>>> randomization that may also guard against other kinds of exploits.
>>>
>>> 2. All versions of OS X since 10.6.7 have been able to detect known Mac
>>> malware in downloaded files, and to block insecure web plugins. This
>>> feature is transparent to the user. Internally Apple calls it "XProtect."
>>>
>>> The malware recognition database used by XProtect is automatically updated;
>>> however, you shouldn't rely on it, because the attackers are always at
>>> least a day ahead of the defenders.
>>>
>>> The following caveats apply to XProtect:
>>>
>>> ☞ It can be bypassed by some third-party networking software, such as
>>> BitTorrent clients and Java applets.
>>>
>>> ☞ It only applies to software downloaded from the network. Software
>>> installed from a CD or other media is not checked.
>>>
>>> As new versions of OS X are released, it's not clear whether Apple will
>>> indefinitely continue to maintain the XProtect database of older versions
>>> such as 10.6. The security of obsolete system versions may eventually be
>>> degraded. Security updates to the code of obsolete systems will stop being
>>> released at some point, and that may leave them open to other kinds of
>>> attack besides malware.
>>>
>>> 3. Starting with OS X 10.7.5, there has been a second layer of built-in
>>> malware protection, designated "Gatekeeper" by Apple. By default,
>>> applications and Installer packages downloaded from the network will only
>>> run if they're digitally signed by a developer with a certificate issued by
>>> Apple. Software certified in this way hasn't necessarily been tested by
>>> Apple, but you can be reasonably sure that it hasn't been modified by
>>> anyone other than the developer. His identity is known to Apple, so he
>>> could be held legally responsible if he distributed malware. That may not
>>> mean much if the developer lives in a country with a weak legal system (see
>>> below.)
>>>
>>> Gatekeeper doesn't depend on a database of known malware. It has, however,
>>> the same limitations as XProtect, and in addition the following:
>>>
>>> ☞ It can easily be disabled or overridden by the user.
>>>
>>> ☞ A malware attacker could get control of a code-signing certificate under
>>> false pretenses, or could simply ignore the consequences of distributing
>>> codesigned malware.
>>>
>>> ☞ An App Store developer could find a way to bypass Apple's oversight, or
>>> the oversight could fail due to human error.
>>>
>>> Apple has so far failed to revoke the codesigning certificates of some
>>> known abusers, thereby diluting the value of Gatekeeper and the Developer
>>> ID program. These failures don't involve App Store products, however.
>>>
>>> For the reasons given, App Store products, and—to a lesser extent—other
>>> applications recognized by Gatekeeper as signed, are safer than others, but
>>> they can't be considered absolutely safe. "Sandboxed" applications may
>>> prompt for access to private data, such as your contacts, or for access to
>>> the network. Think before granting that access. Sandbox security is based
>>> on user input. Never click through any request for authorization without
>>> thinking.
>>>
>>> 4. Starting with OS X 10.8.3, a third layer of protection has been added: a
>>> "Malware Removal Tool" (MRT). MRT runs automatically in the background when
>>> you update the OS. It checks for, and removes, malware that may have evaded
>>> the other protections via a Java exploit (see below.) MRT also runs when
>>> you install or update the Apple-supplied Java runtime (but not the Oracle
>>> runtime.) Like XProtect, MRT is effective against known threats, but not
>>> against unknown ones. It notifies you if it finds malware, but otherwise
>>> there's no user interface to MRT.
>>>
>>> 5. The built-in security features of OS X reduce the risk of malware
>>> attack, but they are not, and never will be, complete protection. Malware
>>> is foremost a problem of human behaviour, and no technological fix alone is
>>> going to solve it. Trusting software to protect you will only make you more
>>> vulnerable.
>>>
>>> The best defense is always going to be your own intelligence. With the
>>> possible exception of Java exploits, all known malware circulating on the
>>> Internet that affects a fully-updated installation of OS X 10.6 or later
>>> takes the form of so-called "Trojan horses," which can only have an effect
>>> if the victim is duped into running them. The threat therefore amounts to a
>>> battle of wits between you and Internet criminals. If you're better
>>> informed than they think you are, you'll win. That means, in practice, that
>>> you always stay within a safe harbor of computing practices. How do you
>>> know when you're leaving the safe harbor? Below are some warning signs of
>>> danger.
>>>
>>> Software from an untrustworthy source
>>>
>>> ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a
>>> website that also distributes pirated music or movies.
>>>
>>> ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come
>>> directly from the developer’s website. Do not trust an alert from any
>>> website to update Flash, or your browser, or any other software.
>>>
>>> ☞ Rogue websites such as Softonic, Soft32, and CNET Download distribute
>>> free applications that have been packaged in a superfluous "installer."
>>>
>>> ☞ The software is advertised by means of spam or intrusive web ads. Any ad,
>>> on any site, that includes a direct link to a download should be ignored.
>>>
>>> Software that is plainly illegal or does something illegal
>>>
>>> ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
>>>
>>> ☞ An application helps you to infringe copyright, for instance by
>>> circumventing the copy protection on commercial software, or saving
>>> streamed media for reuse without permission. All "YouTube downloaders" are
>>> in this category, though not all are necessarily malicious.
>>>
>>> Conditional or unsolicited offers from strangers
>>>
>>> ☞ A telephone caller or a web page tells you that you have a “virus” and
>>> offers to help you remove it. (Some reputable websites did legitimately
>>> warn visitors who were infected with the "DNSChanger" malware. That
>>> exception to this rule no longer applies.)
>>>
>>> ☞ A web site offers free content such as video or music, but to use it you
>>> must install a “codec,” “plug-in,” "player," "downloader," "extractor," or
>>> “certificate” that comes from that same site, or an unknown one.
>>>
>>> ☞ You win a prize in a contest you never entered.
>>>
>>> ☞ Someone on a message board such as this one is eager to help you, but
>>> only if you download an application of his choosing.
>>>
>>> ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an
>>> airport, but is not provided by the management.
>>>
>>> ☞ Anything online that you would expect to pay for is "free."
>>>
>>> Unexpected events
>>>
>>> ☞ A file is downloaded automatically when you visit a web page, with no
>>> other action on your part. Delete any such file without opening it.
>>>
>>> ☞ You open what you think is a document and get an alert that it's "an
>>> application downloaded from the Internet." Click Cancel and delete the
>>> file. Even if you don't get the alert, you should still delete any file
>>> that isn't what you expected it to be.
>>>
>>> ☞ An application does something you don't expect, such as asking for
>>> permission to access your contacts, your location, or the Internet for no
>>> obvious reason.
>>>
>>> ☞ Software is attached to email that you didn't request, even if it comes
>>> (or seems to come) from someone you trust.
>>>
>>> I don't say that leaving the safe harbor just once will necessarily result
>>> in disaster, but making a habit of it will weaken your defenses against
>>> malware attack. Any of the above scenarios should, at the very least, make
>>> you uncomfortable.
>>>
>>> 6. Java on the Web (not to be confused with JavaScript, to which it's not
>>> related, despite the similarity of the names) is a weak point in the
>>> security of any system. Java is, among other things, a platform for running
>>> complex applications in a web page, on the client. That was always a bad
>>> idea, and Java's developers have proven themselves incapable of
>>> implementing it without also creating a portal for malware to enter. Past
>>> Java exploits are the closest thing there has ever been to a Windows-style
>>> virus affecting OS X. Merely loading a page with malicious Java content
>>> could be harmful.
>>>
>>> Fortunately, client-side Java on the Web is obsolete and mostly extinct.
>>> Only a few outmoded sites still use it. Try to hasten the process of
>>> extinction by avoiding those sites, if you have a choice. Forget about
>>> playing games or other non-essential uses of Java.
>>>
>>> Java is not included in OS X 10.7 and later. Discrete Java installers are
>>> distributed by Apple and by Oracle (the developer of Java.) Don't use
>>> either one unless you need it. Most people don't. If Java is installed,
>>> disable it—not JavaScript—in your browsers.
>>>
>>> Regardless of version, experience has shown that Java on the Web can't be
>>> trusted. If you must use a Java applet for a task on a specific site,
>>> enable Java only for that site in Safari. Never enable Java for a public
>>> website that carries third-party advertising. Use it only on well-known,
>>> login-protected, secure websites without ads. In Safari 6 or later, you'll
>>> see a lock icon in the left side of the address bar when visiting a secure
>>> site.
>>>
>>> Stay within the safe harbor, and you’ll be as safe from malware as you can
>>> practically be. The rest of this comment concerns what you should not do to
>>> protect yourself.
>>>
>>> 7. Never install any commercial "anti-virus" (AV) or "Internet security"
>>> products for the Mac, as they are all worse than useless. If you need to be
>>> able to detect Windows malware in your files, use one of the free security
>>> apps in the Mac App Store—nothing else.
>>>
>>> Why shouldn't you use commercial AV products?
>>>
>>> ☞ To recognize malware, the software depends on a database of known
>>> threats, which is always at least a day out of date. This technique is a
>>> proven failure, as a major AV software vendor has admitted. Most attacks
>>> are "zero-day"—that is, previously unknown. Recognition-based AV does not
>>> defend against such attacks, and the enterprise IT industry is coming to
>>> the realization that traditional AV software is worthless.
>>>
>>> ☞ Its design is predicated on the nonexistent threat that malware may be
>>> injected at any time, anywhere in the file system. Malware is downloaded
>>> from the network; it doesn't materialize from nowhere. In order to meet
>>> that nonexistent threat, commercial AV software modifies or duplicates
>>> low-level functions of the operating system, which is a waste of resources
>>> and a common cause of instability, bugs, and poor performance.
>>>
>>> ☞ By modifying the operating system, the software may also create
>>> weaknesses that could be exploited by malware attackers.
>>>
>>> ☞ Most importantly, a false sense of security is dangerous.
>>>
>>> 8. An AV product from the App Store, such as "ClamXav," has the same
>>> drawback as the commercial suites of being always out of date, but it does
>>> not inject low-level code into the operating system. That doesn't mean it's
>>> entirely harmless. It may report email messages that have "phishing" links
>>> in the body, or Windows malware in attachments, as infected files, and
>>> offer to delete or move them. Doing so will corrupt the Mail database. The
>>> messages should be deleted from within the Mail application.
>>>
>>> An AV app is not needed, and cannot be relied upon, for protection against
>>> OS X malware. It's useful, if at all, only for detecting Windows malware,
>>> and even for that use it's not really effective, because new Windows
>>> malware is emerging much faster than OS X malware.
>>>
>>> Windows malware can't harm you directly (unless, of course, you use
>>> Windows.) Just don't pass it on to anyone else. A malicious attachment in
>>> email is usually easy to recognize by the name alone. An actual example:
>>>
>>> London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
>>>
>>> You don't need software to tell you that's a Windows trojan. Software may
>>> be able to tell you which trojan it is, but who cares? In practice, there's
>>> no reason to use recognition software unless an organizational policy
>>> requires it. Windows malware is so widespread that you should assume it's
>>> in every email attachment until proven otherwise. Nevertheless, ClamXav or
>>> a similar product from the App Store may serve a purpose if it satisfies an
>>> ill-informed network administrator who says you must run some kind of AV
>>> application. It's free and it won't handicap the system.
>>>
>>> The ClamXav developer won't try to "upsell" you to a paid version of the
>>> product. Other developers may do that. Don't be upsold. For one thing, you
>>> should not pay to protect Windows users from the consequences of their
>>> choice of computing platform. For another, a paid upgrade from a free app
>>> will probably have all the disadvantages mentioned in section 7.
>>>
>>> 9. It seems to be a common belief that the built-in Application Firewall
>>> acts as a barrier to infection, or prevents malware from functioning. It
>>> does neither. It blocks inbound connections to certain network services
>>> you're running, such as file sharing. It's disabled by default and you
>>> should leave it that way if you're behind a router on a private home or
>>> office network. Activate it only when you're on an untrusted network, for
>>> instance a public Wi-Fi hotspot, where you don't want to provide services.
>>> Disable any services you don't use in the Sharing preference pane. All are
>>> disabled by default.
>>>
>>> 10. As a Mac user, you don't have to live in fear that your computer may be
>>> infected every time you install software, read email, or visit a web page.
>>> But neither can you assume that you will always be safe from exploitation,
>>> no matter what you do. Navigating the Internet is like walking the streets
>>> of a big city. It's as safe or as dangerous as you choose to make it. The
>>> greatest harm done by security software is precisely its selling point: it
>>> makes people feel safe. They may then feel safe enough to take risks from
>>> which the software doesn't protect them. Nothing can lessen the need for
>>> safe computing practices.
>>> /End Quote from Linc Davis
>>> ---------------------------------------------
>>> Now, Apple Support and my added comments below:
>>> Are you running Mavericks OS X 10.9.5 or Yosemite OS X 10.10.x?
>>>
>>> Do Macs really need Anti-virus protection?
>>>
>>> OS X - It's built to keep your Mac safe
>>> <https://www.apple.com/au/osx/what-is/security.html>
>>>
>>> OS X Mavericks - Protect your Mac from malware
>>> <http://support.apple.com/kb/PH14365>
>>>
>>> OS X Mavericks - Protect your Mac
>>> <http://support.apple.com/kb/PH13730>
>>>
>>> About File Quarantine in OS X
>>> <http://support.apple.com/kb/HT3662>
>>>
>>> About Security of OS X Yosemite
>>> Tiny URL
>>> http://tinyurl.com/oueejqa
>>>
>>> OS X already includes everything it needs to protect itself from viruses
>>> and malware, and it's free. Apple recommends keeping your Mac updated with
>>> software updates from Apple. Refer to the links above, which apply equally
>>> to Mavericks as well as its predecessor.
>>>
>>> A much better question is "how should I protect my Mac":
>>>
>>> • Never install any product that claims to "speed up", "clean up",
>>> "optimize", or "accelerate" your Mac. Without exception, they will do the
>>> opposite.
>>>
>>> • Never install pirated or "cracked" software, software obtained from
>>> dubious websites, or other questionable sources. Illegally obtained
>>> software is almost certain to contain malware.
>>>
>>> • Don’t supply your password in response to a popup window requesting it,
>>> unless you know what it is and the reason your credentials are required.
>>>
>>> • Don’t open email attachments from email addresses that you do not
>>> recognize, or click links contained in an email:
>>> • Most of these are scams that direct you to fraudulent sites that attempt
>>> to convince you to disclose personal information.
>>> • Such "phishing" attempts are the 21st century equivalent of a social
>>> exploit that has existed since the dawn of civilization. Don’t fall for it.
>>>
>>> • Apple will never ask you to reveal personal information in an email. If
>>> you receive an unexpected email from Apple saying your account will be
>>> closed unless you take immediate action, just ignore it. If your iTunes or
>>> App Store account becomes disabled for valid reasons, you will know when
>>> you try to buy something or log in to this support site, and are unable to.
>>>
>>> • Don’t install browser extensions unless you understand their purpose. Go
>>> to the Safari menu > Preferences > Extensions. If you see any extensions
>>> that you do not recognize or understand, simply click the Uninstall button
>>> and they will be gone.
>>>
>>> • Don’t install Java unless you are certain that you need it:
>>> • Java, a non-Apple product, is a potential vector for malware. If you are
>>> required to use Java, be mindful of that possibility.
>>> • Disable Java in Safari > Preferences > Security.
>>> • Despite its name JavaScript is unrelated to Java. No malware can infect
>>> your Mac through JavaScript. It’s OK to leave it enabled.
>>>
>>> • Block browser popups: Safari menu > Preferences > Security > and check
>>> "Block popup windows":
>>> • Popup windows are useful and required for some websites, but popups have
>>> devolved to become a common means to deliver targeted advertising that you
>>> probably do not want.
>>> • Popups themselves cannot infect your Mac, but many contain
>>> resource-hungry code that will slow down Internet browsing.
>>> • If you ever see a popup indicating it detected registry errors, that your
>>> Mac is infected with some ick, or that you won some prize, it is 100%
>>> fraudulent. Ignore it.
>>>
>>> • Ignore hyperventilating popular media outlets that thrive by promoting
>>> fear and discord with entertainment products arrogantly presented as
>>> "news". Learn what real threats actually exist and how to arm yourself
>>> against them:
>>> • The most serious threat to your data security is phishing. To date, most
>>> of these attempts have been pathetic and are easily recognized, but that is
>>> likely to change in the future as criminals become more clever.
>>>
>>> • OS X viruses do not exist, but intentionally malicious or poorly written
>>> code, created by either nefarious or inept individuals, is nothing new.
>>>
>>> • Never install something without first knowing what it is, what it does,
>>> how it works, and how to get rid of it when you don’t want it any more.
>>>
>>> • If you elect to use "anti-virus" software, familiarise yourself with its
>>> limitations and potential to cause adverse effects, and apply the principle
>>> immediately preceding this one.
>>> • Most such utilities will only slow down and destabilise your Mac while
>>> they look for viruses that do not exist, conveying no benefit whatsoever -
>>> other than to make you "feel good" about security, when you should actually
>>> be exercising sound judgment, derived from accurate knowledge, based on
>>> verifiable facts.
>>>
>>> • Do install updates from Apple as they become available. No one knows more
>>> about Macs and how to protect them than the company that builds them.
>>>
>>> Summary: Use common sense and caution when you use your Mac, just like you
>>> would in any social context. There is no product, utility, or magic
>>> talisman that can protect you from all the evils of mankind."
>>> /End Quote
>>>
>>> Cheers,
>>> Ronni
>>>
>>> 13-inch MacBook Air (April 2014)
>>> 1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz
>>> 8GB 1600MHz LPDDR3 SDRAM
>>> 512GB PCIe-based Flash Storage
>>>
>>> OS X Yosemite 10.10.2
> -- The WA Macintosh User Group Mailing List --
> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml>
> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml>
> Settings & Unsubscribe -
> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
-- The WA Macintosh User Group Mailing List --
Archives - <http://www.wamug.org.au/mailinglist/archives.shtml>
Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml>
Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
