Unix Virus Software

This link may be gone if you are reading this after January 2009: BitDefender Beta Page. There are (or were) two beta products there: "BitDefender Antivirus Scanner for Unices" and "Bitdefender for Mac 2009 - Beta Product Concept Campaign". The first is for Linux and BSD, the second obviously for Mac.

This little blurb was part of release news for Mac:

While a virus may not affect your Mac, BitDefender Antivirus will detect it if downloaded from the internet or received by e-mail, instant messaging or by any other means. Therefore, you will be aware of it and not send it to a PC that could be infected by it.

No such message was in the Linux/BSD notes. Is this because they think Mac users are more apt to insist they have no need for an A/V product? Or because they think they need to explain more to Mac users? Or is it that they think this would be the only use of their product under current conditions?

Well, the last is pretty much the case. Mac users aren't currently threatened by much of anything. I think we all know that's not likely to remain true: while we may never face the disgusting mess that XP faces, Mac attacks certainly will increase as Mac popularity increases.

It is interesting that BitDefender would even bother introducing such a product now. Certainly they have to be incurring significant development costs and it's hard to imagine recouping them: I don't think Mac or Linux users are going to buy A/V products just now (though that may not be true in corporate environments).

Of course we don't want to pass on problems to our less enlightened friends and co-workers, so running an A/V product could be seen as just good citizenship. It was in that spirit that I installed the BitDefender Beta on my Mac.

Remember, this is early beta. Nothing I say here should be taken as slander or complaint. I looked at this in mid November; if it's much after that probably none of this is of value, so keep that in mind.

The main console for this is an attractive command center that gives access to the main functions.

The "Shield" is real-time protection. For example, if I try to copy an Eicar test file, I get stopped by this. The Scanner of course runs through your system as you would expect or can select specific directories to scan.

At the present time there is no way to exclude directories or files from protection; they say that will be added later. The Shield puts a significant load on a Mac: Firefox takes forever to load with this running. They are aware of that, too.

But there's the rub, isn't it? I'm sure they'll improve this, but any such product will impact performance. You can get help from file system notifiers, but there will always be a performance loss.

I honestly don't know if I would run this. It would have to be extremely un-demanding - it's just not worth any annoyance considering how unlikely any threat is right now. I suppose that if it were truly unobtrusive and very cheap I MIGHT use it. But that's pretty hard to imagine. Things can change, though. The threats may increase, we may need products like this.

But not now, right?

Phone and Email Support at Monthly rates