Darwin asked me elsewhere if I use any security software in OS X, and I think that is a useful topic on its own for all two OS X users at DC, along with curious Windows users who may enjoy prodding us
Here are the Broad Categories and options:
AntiVirus- iAntivirus - this is by the same guys that make Threatfire and Spyware Doctor for PC. It is FREE. It is optimised to detect OS X threats only (all 88 of them, including regular apps with possible danger like keyloggers, proof-of-concept code and classic OS <10 virii), and thus it has a tiny database.
- ClamXav - Useful to remove windows virii, open-source and free.
- VirusBarrier X5 - Fairly well regarded. You can get it And 10 other apps (including Little Snitch outgoing firewall) for a spectacular discount ATM: http://www.mupromo.com/winter.php
- Mcafee and Norton - universally reviled as junk, badly written for OS X. Some consider Norton the clearest piece of malware on the mac!
- Sophos - I've seen no one using this, I suspect it is corporate only.
Firewalls- Built-in - Leopard has two outgoing firewalls, an application-based and a port-based (ipfw from FreeBSD, Tiger just has IPFW). Waterroof and Noobproof are very comprehensive GUIs to control it.
- Little Snitch - an outgoing application firewall. Low resource useage, a very nice UI, and on special offer over winter (see Virusbarrier above).
- Intego Netbarrier - Same guys who make Virusbarrier, used by quite a lot of users and with generally positive reviews. Both incoming and outgoing firewall, very configurable.
Others- Filedefense - a file system level driver which allows you to allow/deny file access for any application. Good idea but horrible UI, makes Vista's UAC seem like fun!
- MacScan - scans for keyloggers, a few trojans and clean tracking cookies. Nothing major but some people may find it useful (iAntivirus scans for keyloggers and trojans too and it's free).
- Apple Security Guide - Links to documentation for best practive for Leopard and Tiger
What do I use?Only Little Snitch. Nothing else except for NOD32 on the XP bootcamp partition. There are no viruses in the wild for OS X. There are a smattering of trojans which require user intervention to gain access to the system, or someone may guess my admin password to install them. This is not a high enough threat to warrant using AV for the moment IMO, as long as I exercise caution about "installing" codecs with admin privileges from web popups!. I only use Little Snitch as much for curiosity over outgoing traffic as necessity. Here is a fair article on security and why you don't need an AV yet:
http://db.tidbits.com/article/9511And for those who saw the "Apple recommends AV software" furore:
http://securosis.com...h-ado-about-nothing/What do I miss more than anything for OS X security: SandboxIE - I'd love a robust sandbox to allow more reckless behavior online
Core Leopard components are sandboxed, but there is not an adaptation to run user process in a sandbox yet.
