14.7. What Anti-Malware Software Can't Do
As you know from reading the rest of this chapter, I generally consider common sense a better way of protecting oneself from malicious software than anti-malware software. Without question, though, there's a place for anti-malware programs because they make up for a certain amount of human error and may protect your Mac against as-yet unimagined threats. But don't let the fact that a program is frequently scanning your disk for malware lull you into a false sense of security. Even the most sophisticated anti-malware program can't protect you against every conceivable danger.
Here are some examples of things anti-malware can't do:
Catch everything. Even with the most up-to-date malware definitions and the most clever heuristics, it's conceivable that your anti-malware program will miss a particularly clever or insidious virus designed explicitly to avoid common forms of protection. Unlikely? Very much so. But not impossible. Likewise, even among the top anti-malware programs, differences in design could lead one program to overlook a virus that another one catches.
Protect you from yourself. If you tell your anti-malware program not to scan a certain folder because it takes too much time, then, ipso facto, that folder becomes a potential safe haven for malware — especially if it happens to be, or contain, your ~/Downloads folder, your /System folder, or your /Library folder. Similarly, if you turn off on-access scanning or other features ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
