Q&A: Which way for malware protection?

Q The consensus is that Apple’s built-in malware protection is not that hot, and commercial anti-virus tools are next to useless. Does removing Java improve security more?

A Protection built into recent releases of OS X has actually been very good, although it is only as good as the settings you have in the General tab of the Security & Privacy pane. Set to allow only apps from the App Store and identified developers (or the Store alone) it should stop most Trojans in their tracks.

Gatekeeper is discussed in more detail here, where you will see that it does have an unfixed vulnerability which Apple needs to address if it is to remain effective.

Commercial prophylactics have struggled to keep up with the threat landscape, and may cause more problems than they solve. Their approach appears still to be rooted in the old days of viruses and worms, and they have been unable to match the effectiveness of Gatekeeper, for instance.

Removing Java eliminates it as a vulnerability, but limits function as you will then be unable to use any Java apps, and does nothing to protect your Mac from the many other threats. Although there have been various vulnerabilities found in Java, and some have been exploited, the current biggest risk to most OS X users is probably from non-Java Trojans.

Comments Risk varies between users, and it is essential that you determine and monitor your own security risk. You cannot leave it all to Gatekeeper, third-party security products, or the removal of Java.

For most users at present, the major threat comes from inadvertently downloaded Trojans which could sneak past Gatekeeper and have a persistent presence, probably through a spurious plugin or other code component. The best tools to protect against that are free from Objective-See.

However your own risks may be quite different, if you frequent unsecured WiFi networks, download media from dodgy servers, or host your own public services, for example.

Updated from the original, which was first published in MacUser volume 30 issue 10, 2014.