Sophos Cloud Optix
Don’t just read the latest computer security news – watch it in 90 seconds!
This month: Mac malware gets commercial; Sony data breaches continue apace; the LulzSec crew flexes its cybercriminal muscle; Facebook facial recognition controversially hits the big-time; and Lockheed has a two-factor authentication crisis following RSA’s earlier breach.
Watch and enjoy:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)
Excellent information! I downloaded sophos antivirus for mac about 3 weeks ago… I feel safer! Thanks!
The fact remains that there is still no such thing as a drive-by exploit for Mac (and other UNIXes) or Linux. I don't run AV on my personal Windows boxes, and have never been infected with anything in 20 years of computing. I am not going to start running AV on my Macs and/or Linux boxes. It's not necessary.
May I ask you a tiny favour? Please?
I humbly ask you to read this: http://nakedsecurity.sophos.com/2011/02/07/flamin…
The Linux virus mentioned there – which we logged on over 12,000 unique infected servers (we didn't measure workstations) in two months in 2008, by which time it was already six years old – didn't even need a drive-by. You didn't even have to be logged in. It was a self-spreading worm. No human intervention required. Just plug in your network cable.
And I humbly ask you to watch this: http://nakedsecurity.sophos.com/2011/04/08/ie6-ts…
Then have a look at the Pwn2Own contest results for the past few years. And look at the history of jailbreaking the iPhone and iPad (which run a UNIX-flavoured OS). Bear in mind that Pwn2Own requires you to use a drive-by exploit (no social engineering of the user to authorise multiple security warnings) to win. Jailbreaks, too, are essentially drive-bys.
So you are welcome to use no anti-malware software anywhere. (Note, though, that this might make you a carrier, if not yourself a victim; an infecter, if not an infectee.)
But if you're going to use words like "not" and "no such thing", then you're talking in absolutes. Even a single counter-example is a disproof.
There may not be thousands or tens of thousands of examples of drive-by Un*x malware, as there are on Windows. But the fact remains that there are many more than zero.