An ounce of virus protection is worth a pound of cure

PUBLISHED : Tuesday, 26 April, 2005, 12:00am
UPDATED : Tuesday, 26 April, 2005, 12:00am

One of the best characteristics of the Mac is that it is still the most secure OS available. My Mac has been continuously connected to the internet for 10 years, receiving hundreds of e-mails each day, but I have yet to experience a security breach other than downloading three viruses with my e-mail.

Actually, I rather enjoyed the viruses. I had a few pieces of virus detection software to evaluate, but had to wait three years before I got my first opportunity. I was thrilled. I ran all three applications and they all found it - a Microsoft Office macro virus. I gave Virex the honour of destroying the virus and repairing the file, which left me no way to test the other applications.

A few years later, I got another virus, and finally a third. They were all Office macro viruses. Eventually, all the software had been tested and the novelty of getting a 'deadly virus' wore off.

I haven't discovered any new ones since. Well, let me be more specific. I haven't received a Mac virus. I have received thousands of Windows viruses - from five to 50 a day. And each time I delete one, I give thanks that Apple has such a small market share, the purported reason for this blessing.

I was worried that with the introduction of the UNIX-based OS X there would suddenly be an abundance of Mac viruses but thus far, this has not been the case. To date, there are no viruses that compromise Mac OS X. However, I don't advise readers to be complacent. A virus is still a potentially devastating threat. I regularly run Intego's Virus Barrier ( US$59), or any other likely candidate in the Mac protection business.

Those who would like to take advantage of the Mac's reduced risk and save some money should check out the free clamXav (

It is a very thorough virus checker/repair tool that is essentially a graphical interface for the ClamAV open-source, free, virus-detecting application. The clamXav interface allows scheduled scanning and runs quietly in the background while you do other work.

I point this out because although all virus checkers are slow, this one (in my tests) is twice as slow as the commercial apps. The commercial apps also have a number of other advantages beside speed, such as (1) the ability to provide virus-monitoring of all new files as they are loaded onto your Mac; (2) the ability to scan only files modified since the last scan; (3) in the case of Virex, the ability to restart the scanning process should it fail; and (4) the ability to detect malicious spyware.

Spyware is essentially a software application that is surreptitiously installed on your computer for the purpose of monitoring your actions and forwarding them to others. Some can uncover your passwords and e-mail them to bad guys, while others download private information to websites that your browser is forced to visit.

There are two Mac applications that specialise in monitoring your machine for these hidden applications (Macscan and Internet Cleanup) but they are not worth the trouble to download.

The spyware Mac applications most used by bosses or parents to secretly track and report on a user's history are GURL Watcher, MonitorerX, logKext, typeRecorder X and Spector.

If you do a Sherlock search of your hard drive for these applications, they will be revealed. If you fear this type of invasion, use McAfee's Virex ( US$40/seat) or Sophos ( to detect and, if you so decide, destroy them.

Sophos is the Mac's shining star of virus detectors, but unfortunately it is only available in a small business enterprise edition ( 5 users/US $350/yr.). But then, small business are the ones who can least afford a virus interruption. It works with mixed platform (Windows or Mac) arrays of servers, desktops and portables, and is centrally managed through an administrator's console.

To the actual computer user it is almost invisible. It is loved because you never hear from it unless it discovers a threat and is dependable and up to date. It updates itself hourly, which is necessary if you have Windows machines on your network. This will also allow you to be first on the block to detect any Mac viruses - should anyone ever create one.