Mac OS X under attack – 10 security packages put to the test
Criminals always set their sights on target groups worth stealing from. The vastly increased group of Mac OS users has now become a good target. The latest studies published by the antivirus software manufacturer Kaspersky Lab state that in 2014, each Mac user was subject to an average of nine malware threats. And even if some people don't always believe in studies, the sharp increase in the quantity and effectiveness of current malware threats demonstrates that Mac OS users are a worthwhile target.
10 System watchdogs put to the test
Anyone who doesn't wish to solely rely on the self-protection of Mac OS X will opt for a sophisticated security solution. AV-TEST tested 10 current products from Avast, Avira, Bitdefender, ClamXav, Intego, Kaspersky, Intel Security (formerly McAfee), Symantec, Sophos and Webroot. Four of the products tested are even available as freeware.
The test configuration was as follows: All the products were required to first identify 160 new malware threats. At this point, the testers also noted false positive files and applications detected by the solutions. Afterwards, it was examined how heavily the security solutions slow down the operating system when copying files.
Good malware detection
While the first test of OS X security solutions in September 2014 ("Mac OS X in the Crosshairs – 18 Malware Scanners Put to the Test") revealed that many products had massive problems in detection, the result in this test was significantly better. Accordingly, 5 out of 10 system watchdogs had a 100 percent malware detection rate in the test: Avast, Avira, Bitdefender, Kaspersky and Symantec. The packages from Avast and Avira are even available as freeware.
The other solutions still reached detection rates from 88.7 to 98.7 percent. Only the security package from ClamXav exhibited a total failure here: only 39.6 percent of the malware threats were detected.
No false positives
It is always particularly annoying to users when a file is falsely classified as malware. After all, the user is unsettled for no reason. In this test area, the AV-TEST lab is able to allay any concerns. All the products were able to distinguish error-free between "friend and foe". Only Webroot sounded a warning twice in the test when launching programs, although no danger existed. The other security solutions passed this test category without a glitch.
The test involving the detection of undesirable, yet not potentially dangerous software ("Potentially unwanted application", or PUA for short) is not yet an integral part of the test procedure for Mac OS X software. This test category will only be established in subsequent tests. Nonetheless, the testers did gain an initial impression by running the programs through detection, without evaluating them, however. The products from Bitdefender, Intel Security and Symantec already exhibited excellent performance for this initial preliminary test. Most of the other products still have time to increase their performance.
Speed is King
The best protection software should always detect everything error-free, and at the same time not put a burden on the system. For this reason, the following test category evaluated how heavily a watchdog slows down the system. For this performance test, a Mac OS X system was run on a reference machine without a protection package. Afterwards, a 26.6 GB set, consisting of various files, such as documents, media files, presentations, and programs were copied back and forth on the computer. The reference time for this copying routine was 66.1 seconds. Afterwards, all the protection security solutions were installed individually, and the test was repeated. In this test category, four products achieve the best results: Symantec, Bitdefender, Intel Security and Webroot. The times were only 0.1 to 2.6 seconds higher than on the reference PC. Such a minimal delay would not be noticed in daily use.
The midfield still obtains good results, requiring only 6 to 12 seconds more for the copying procedure than the system without protection. Only the products from Sophos and Intego put a greater burden on the Mac OS X in this test. Sophos required 21.6 seconds and Intego even took 31.7 seconds longer than the reference machine for copying the 26.6 GB of test data .
Club of the Spartan Security Packages
The freeware security packages are not brimming with extra features. Avira and ClamXav only include the components necessary for detecting malware threats. Sophos throws in additional browser protection, and Avast offers an anti-spam function alongside its surf protection.
The majority of the paid software products are not extravagant, but they are somewhat better equipped than the freeware solutions. Bitdefender offers the same level of extra features as the freeware solution from Sophos. Intego, Intel Security (McAfee) and Norton also include a firewall. Kaspersky is the only product to offer parental control. Otherwise there are individual extra features, such as file watchdogs, a password manager, a backup function or a blocker for network attacks.
The solutions from Symantec and Bitdefender detected all the malware threats without exception in the test, and put hardly any burden at all on the Mac OS X system. Symantec even includes a firewall and a file watcher as security-relevant extras.
The packages from Kaspersky, Avira and Avast also provide error-free protection. Avira does slow down the system when copying, for example – but not heavily. Thus the best freeware system watchdogs are from Avira and Avast.
While the freeware security solution from ClamXav does not slow a Mac down during copying routines, the level of protection at only 39.6 percent detected malware threats is far too low.
Tip: The appropriate security software should only be installed from the manufacturer's website or purchased in a box from a retail shop. If you install one of the versions from the Mac App Store, they often have restrictions in their functions!