My weekend with Sophos Anti-Virus for OS X

Written by

Sophos grabbed headlines last week when it declared that one in five Macs was subject to malware. So I decided to download the software and give it a try myself to see what it could come up with. I was one of the 20 percent. But there’s a catch, so read on.

As a matter of historical fact, Macs have been less likely to get infected by malware than their Windows cousins. Macs remain more secure than Windows to this day. That’s not to say that there are no malware threats on the Mac – indeed there are. But they happen infrequently enough to be the exception to the rule.

Still, that doesn’t mean that Macs don’t get exposed. In fact, if you get any reasonable amount of spam in your inbox, chances are that malware has entered your Mac’s gravitational pull like a rogue asteroid bound for the inner solar system. That’s because malware is a matter of fact in spam – if it’s not a phishing attempt to scam you out of your bank account information, the rogue e-mail often contains a payload – an attachment you’re encouraged to open. If you’re a Windows user.

But along the way, filtering algorithms used by mail software do an increasingly effective job making sure you never see these e-mails. I see spam and junk only rarely with my primary e-mail addresses.

So where was the Sophos software finding these malignant tumors in my e-mail circulatory system? Gmail, specifically. In the junk bucket.

I ended up uninstalling Sophos. I found the whole process too disruptive, from the installation to the initial scan to the constant maintenance activity. Quite frankly, the payoff wasn’t worth the effort – it was just to verify that the system I have in place is working.

I don’t need to be warned every time I get a malware payload in the junk folder of one of my mail accounts. I am already using effective enough tools (in the form of junk filtering on both client and server) to rid myself of that threat.

If the malware threat to the Mac develops, it’ll be time to rethink this strategy.

One other thing: If I was a corporate citizen in a heterogeneous computing environment, this story would have ended very differently. In fact, under those circumstances, I’d be crazy not to have some sort of anti-malware filtering in place.