When the Cure is Worse than the Disease: Mac Anti-Virus Software

Getting anti-virus software for the Mac is like getting chemotherapy for a cold. It's totally overkill and does way more harm than good. You're better off with the cold.

Via MacFixIt:
In yet another case of AntiVirus software causing serious issues while purporting to be identifying infected files, it appears that Sophos' AntiVirus software is generating false positives for the "OSX/Inqtana.B worm", invoking users to delete critical application and system files and causing serious issues.

Again, the virus being identified by Sophos AntiVirus is marked Inqtana.B -- apparently a variant of the Inqtana.A malware that likewise spreads by copying itself to other computers via a bluetooth connection.

As previously reported, OSX/Inqtana.A -- a Java based proof of concept bluetooth worm that affects older versions of Mac OS X 10.4.x (Tiger). The vulnerability does not affect Mac OS X 10.4.5, and has not been found in the wild.

Despite that, Sophos' software is identifying "infected" files -- sometimes numbering in the thousands -- on Mac OS X 10.4.5 systems.

The results of the false positives are, in some cases, disastrous...

...We currently recommend that users disable Sophos AntiVirus until further notice, and disallow the application to automatically delete any files it deems "infected."

That really says it all. The state of commercial Mac anti-virus software is pathetic. It seems like the developers of this software are desperately trying to drum up business with scare tactics for viruses that don't even exist in the wild while simultaneously writing code that damages people's systems. Fucked up? You betcha.

I'm all for virus protection, even on the Mac. But when anti-virus software is worse than the viruses it claims to protect against, it's no wonder no one's buying it.