The Practical Guide To Mac Security: Part 9, Do You Need Anti-Virus Software?

Check out the rest of the videos in this special course: The Practical Guide To Mac Security.

You don't need third-party anti-virus software on your Mac. In fact, your Mac already comes with anti-malware software as part of macOS.



Check out The Practical Guide To Mac Security: Part 9, Do You Need Anti-Virus Software? at YouTube for closed captioning and more options.
Video Transcript: Hi, this is Gary with MacMost.com. This is Part 9 of my course The Practical Guide to Mac Security. This course is brought to you thanks to my great Patreon supporters. To find out more go to MacMost.com/patreon. There you could read more about the Patreon Campaign. Join us and get exclusive content and course discounts.
So one of the biggest questions when it comes to Mac security is do you need to buy anti-virus software. Get a third party app that you install on your Mac and it runs and it protects your Mac. The answer is very simply NO. You don't. The main reason being that your Mac already has it. So Apple doesn't talk much about this but built into macOS are three tools that basically comprise anti-malware.
First you've got Gatekeeper. Now Gatekeeper is the simplest of them all. When you go to install software it's basically going to prompt you making sure that you know what you're installing and that you are confirming that you want to install. So this protects you from being tricked say at a website from downloading something and have it automatically installed. Gatekeeper will provide a layer of protection making sure that you know that you're installing something. If software has been signed by the developer, in other words they've identified themselves clearly in the software registered with Apple, then you get one level of security. If they haven't done that then it's even more difficult to get past Gatekeeper and install something. This prevents most, if not almost all, malware from being installed on your Mac.
Second, is XProtect which is a more traditional malware prevention tool. It basically looks and when you're going to install something it checks that against the list of software and tries to identify if that is a piece of malware. That list is quietly updated in the background all the time. So when Apple identifies a piece of malware from Mac it adds it to that list. You go to install that piece of malware it's going to identify that and you won't be able to install them on your Mac.
The third part is called Malware Removal Tool or just MRT. That's if software has already been installed in your Mac, say Apple finds that something is malicious that people have already installed this kind of works after the fact and will remove that from your Mac. So these are all built-in to macOS. You can read more about them at the URL here. Basically they comprise what you would consider to be an anti-malware or anti-virus tool built into your Mac. No third party tool is needed.
Now if you want to install some third party tools then you should know that there are a lot of downsides for these. First, a tool like this is probably going to be running in the background using System resources all the time. So I often hear people having problems with their Mac. Their Mac is running slowly and the culprit is some anti-virus software that they've installed causing the problem. So you install it to make things work better but, in fact, the opposite happens.
Next a lot of times this type of software will brag about how much malware it's looking for and what it's doing. In fact a big part of what it's doing is looking for Windows malware. The idea being that if you work at a large corporation and there is a mix of Mac and Window machines that the anti-virus software on your machine, on your Mac, will look for Windows' malware so that you don't accidentally spread that to somebody with Windows. But for most home users that's not a concern at all. You're also going to get many false positives. So I hear about this all the time. I see it in the forums. I get asked about it when a piece of software is installed and somebody is running some third party anti-virus software, they are warned about it and in fact there's no warning necessary. It's simply a false positive and I know people that they only ever see false positives and that's it. You're going to get many unneeded warnings. For instance, you may get warnings about visiting webpages, warnings about doing things in software, warnings that can be confusing if you don't know security telling you that maybe this app could violate your privacy, for instance, but of course maybe that's what the app is supposed to do. It's a social media app and you're supposed to be sharing things with people. So there's a lot of that and it creates basically a lot of paranoia when you use the software. That things are wrong all the time. This software is mostly subscription so, of course, they want to show you things every once in a while that are warnings to show you that oh, it's doing something and it just makes you more and more paranoid that things are going wrong when in fact they are not. But you want to keep paying your annual subscription.
I've even see it break or block legitimate software when you download something you need for work or you want to use as part of your job and it won't actually work when you have this anti-virus software in there blocking some part of it or going to some websites and things like that. So there are a lot of negatives. In addition to this consider that when a new piece of malware comes out and it's targeting the Mac who is most likely to actually put a block for that. Is it going to be this third party anti-virus company or is it going to be Apple through its XProtect and Malware Removal Tool. It's almost always, and I track these things, Apple that gets there first. Updating XProtect and Malware Removal Tool very quickly and then after that the third party apps maybe adding the definition there which, of course, is unnecessary because macOS has already taken care of it.
So I want to quickly show you where you can check to make sure that XProtect and MRT are being updated. You go into System Preferences, go into Software Update and then go to Advanced and here you'll see Install System Data Files and Security Updates. Make sure that is checked. Then you'll get those updates. Of course you should also have all of these checked. In addition Apple keeps these tools pretty well hidden. But if you wanted to actually see, because you're curious, as to what is actually there, what it's checking for, you can go to your computer level and then on your drive go into Library and then Apple and then System, Library Core Services, so you can see this is really deep down in the System Library here. Here you'll see there's MRT and there is XProtect. XProtect is a bundle. If you Control Click on it you can Show Package Contents. In the Contents here under Resources you could see several different files here which are really just text files. So you can, for instance, select this one here, let's open up TextEdit and that way I could drag to TextEdit here and you could see what's in this file here. You could see these are looking for patterns matching this which identifies a piece of malware. There's tons of these.
As you could see in general anti-virus is not needed for typical Mac users and in the next lesson I'll show you the things that you should be doing to protect your Mac rather than installing some third party software.Related Subjects: Security (106 videos)
Related Video Tutorials:
The Practical Guide To Mac Security: Part 5, Security Questions ― The Practical Guide To Mac Security: Part 7, VPN ― The Practical Guide To Mac Security: Part 1, Introduction ― The Practical Guide To Mac Security: Part 2, Passwords