Someone correct me if I'm wrong here, but an OS X or Linux user would have to actively transfer the file to a memory stick/e-mail etc in order to affect the Windows machine.

If the virus can't run in a UNIX or UNIX-like environment, I don't see how it could spread itself automatically.

a carrier may very well be unable to realise that they are infected, but that does not mean that the carrier can not infect others, even unknowingly by all the available means that are enabled by contact with a system via all channels of communication that are used by a computer system

i use OS X but i still have 'basic' AV installed as i do not wish to become part of the problem as most of my contacts use Windows
and i would look like a bit of an amateur if i sent them an unchecked 'infected' file that their AV picked up…

How often have you caught anything with your "basic" AV?

nothing for OS X but a few jpegs bmp files that were infected from other sources that i may have passed on to other users
these users may have been using windows

i would not like to think that without a 'basic' AV check a friend or client/customer could/would/maybe have to inform me that i had sent an infected file …

I tend to agree, but I would not pollute my computer with AV software to prevent it. I will just try not to pass on stuff that I have got from suspect sources.

Items like this I will just not pass on.

Dirtybitch.exe

You just never know.

Yes, they can copy it manually. That is the problem of them being unaware of the consequences of their actions...

That said, I don't currently run AV software on my iMac, but I do make sure I don't send any infected files or exes to Windows machines...

Saying that it is only a Windows problem and blithely copying possibly infected files to Windows users is only making the problem worse. Whilst there isn't any real reason for the average user to run AV software on Macs, currently, it doesn't mean that they should be ignorant about security.

If you don't know how to tell and infected file from an uninfected file, you should be using AV software...

I can see the point you are making. But I won't be doing it any time soon.



I have a lot of sympathy people who have to use AV software. Most Windows users that I know have it installed but are less savvy than my buddies on this forum. Even I know more about Windows than the average Windows user thanks to all the help you have given me over the years.

The average user buys a PC, often with a copy of AV and then runs it. That is the last time they think about it. If they have to reinstall the system AV might get left off. Definitions/versions are not updated every day like they really need to be. The AV they have may be of poor quality.

In other words the AV they have is grossly inadequate or non existent. They know how to use the "internet" button or the "mail" button and that is about it. Such people should run UNIX. OR Microsoft should make a version of Windows that is as secure as UNIX. I don't think it matters if it is Linux or OS X or some other OS. To install AV software is to give a false sense of security. At the moment there are Zero viruses for the Mac (and I assume Linux). How many are there out there at this minute that could affect your computer let alone the computer of the old lady down the street.

http://searchsecurity.techtarget.com/ne ... 77,00.html

55,000 daily new viruses (unless I misunderstood that) If you last updated you virus definitions an hour ago then there are just 250 out there for your system to be infected by.

Out of interest how much space does keeping the 25 million virus definitions take on your hard drive? I would imagine on a netbook this could be quite significant.

Based on this http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=n95 about 70 Mb

The numbers don't seem to add up.

Does a virus only take 3 bytes of code?

I would guess that definitions are text files, and text can be compressed very, very well.

I would guess that is not the case. I am not sure what is going on but compressing 25 million plus malware programs down to 70MB just does not make sense to me. Also would they not have to be decompressed to work?

You don't understand that isn't the programmes just the definitions e.g. unique code a particular virus has in it. Its just a listing of things to look for.

Well they're only signatures, and I'd guess there'd be fewer of them than actual virii. And I guess you could stop scanning for some after a while. ie. those that are no longer in the wild and haven't been for years, anyhoo, although this seems slightly bad.

It would be interesting to know if AV software could tell what patch of Windows you were running and stopped scanning for malware that didn't effect your version. Obviously outgoing email scanners should probably scan for everything because you don't want to infect the world...

Actually it should scan for all versions of the OS. What if you upgraded and some malware for a later version was already on your machine and became active as a result of an OS upgrade?