Primum non nocere

Despite its critics, Wikipedia remains one of the great resources on the Internet. Turn to this article, for example, and you will learn that the exhortation to physicians to do no harm to their patients came not in the Hippocratic Oath, but in a nineteenth century book which attributed it to the seventeenth century physician Thomas Sydenham.

Whatever its origin, this primary and over-riding requirement to do no harm could usefully be heeded in other quarters. System-level software tools and backup utilities head my list of products that must never do any harm, yet many of us have painful memories of times when one of them has betrayed our trust and done damage.

Perhaps my most traumatic experience with Norton Utilities for Macintosh was when I was finishing some days working on site in Copenhagen, back in the early 90s. My final task was to perform housekeeping and performance tuning on each of the Macs being used to design and manufacture sails, and on the Sunday afternoon I had reached the last system before flying back the following morning. I was looking forward to an early tea followed by a bit of Danish hygge,* when Norton Utilities promptly crashed its hard disk, leaving me the rest of Sunday night to recover the contents by hand.

Turning to anti-virus and similar security software, I can think of three crucial requirements without which a product should be doomed. First and foremost, it must do no harm, second it must be unobtrusive, and third it must offer measurable protection against definable risks.

Casting my mind back, it is hard to think of an anti-viral product that has not, at some time or other, turned decidedly sour. Symantec’s flagship Norton Antivirus had various low points prior to version 5.0.3, again with version 9, and remained a pig to uninstall fully. Virex took a fall in version 7.2 when it clashed with fink, and version 7.5.1’s incompatibility with Tiger drove users away in much larger numbers before it became McAfee VirusScan. Virex is now, perhaps appropriately, the trade name for a disinfectant.

Intego VirusBarrier hogged processors in early 2003, and at other times acquired a voracious appetite for Control Panels and other sensitive bits. Some time ago, Sophos sent user credentials to its update server in the clear, creating its own security hazard. But each has infuriated more than a few users because they can so easily slow your Mac down to a trickle.

If you have the dubious pleasure of using anti-virus software on a Windows system, you will frequently be reminded of its presence. Norton AntiVirus 2006 and later enjoyed plastering its name over the screen, and popping up at every opportunity. Maybe if you’re a Windows user running scared of the sea of contagion out there, you find this re-assuring, but in all my experience with Mac users I know that we do not. Anti-virus protection that keeps thrusting itself in the face of Mac users will very quickly get subverted, disabled, or uninstalled, so that we can get on with our work.

It is hard at present, with OS X remaining relatively threat-free, to be balanced on issue of risk. Hysterical outbreaks, with premature announcements of the first major OS X malware or whatever, do not instill confidence in your products. Given the very different nature of OS X from Windows, and the changing threat landscape, we are now much less concerned with traditional viruses, but more with Trojans, phishing, and spyware. If the engine within a protection product is not geared to tackle that too, it is already obsolescent.

Taking those three requirements, I find it hard to recommend any of the existing anti-virus products. For my money, at the moment, Objective-See’s free products are targeted at the real threats, and don’t screw OS X up or around. Over to you, Symantec, McAfee, Intego, and Sophos…

* if you have never encountered hygge, I write about it a little in this article.

Updated from the original, which was first published in MacUser volume 22 issue 20, 2006.