|
|
And if that program takes advantage of a privilege escalation exploit, what's going to protect your system?
Also, you need a degree of trust in everyone that has administrator access to your computers, but exactly how confident are you that someone in a line or technical management position hasn't planted spyware on all the computers in the office ostensibly for employee monitoring purposes, but with the side benefit of capturing your passwords when you visit recreational sites during the lunch break?
No, it seems to me that what you really need is something that can watch for known bad code arriving on your computer, and preferably able to watch for suspicious behaviour.
I've got some sympathy for Sophos's position when it "urged Apple Mac users not to panic in light of Apple's recent advice to install anti-virus software, but instead to take calm, clear action to properly defend their Mac computers from internet attack." (Even though anyone who talks about "Apple Mac" is immediately suspect!)
And PC Tools' Malware Research Team has noted "a tendency towards socially engineered threats with the core purpose of tricking the user into an action that will cause a malware infection." This led the company to develop its free (for personal use) iAntiVirus that looks exclusively for Mac malware - cycles or bytes are wasted looking for Windows malware.
I'm not endorsing either company, or discounting any other security software vendor's stance or products.
So far, most Mac users have been able to get away without security software. But I am convinced that all other things being equal, I've got more chance of avoiding a future outbreak if I'm already running up-to-date security software.
For those who argue that there's enough time to acquire and install the software after a serious threat is identified, what if it coincides with an important work, educational or family deadline?
