Friday, March 19, 2010

Another Scathing MacScan Review

--
If you read my stuff, you know I despise ripoffs. This week MacScan is being sold as part of the MacUpdate promo bundle, advertised as a 'security' program. Not much of one IYAM. Today I posted an updated review of MacScan at VersionTracker.com. I decided to provide it here as well:

Just to keep this issue hot on the burner:

Much as I very much like the idea of what MacScan is 'supposed' to do, it FAILs.

1) If you want to detect all the 'malware' on your Mac, you have to run the thing OVER and OVER and OVER. One run is never enough. That's crap programming. And yes folks: I personally have been telling them this for YEARS and YEARS and YEARS. Then they do nothing to improve their detection engine. Instead they post friendly little notes asking for more feedback. Right.

2) Their list of Trojan horses has NEVER been adequate. Right now there are 4 types of Mac OS X Trojans with a total of 22 different strains. MacScan does NOT detect all of them. So what's the point?

3) It claims to find 'spyware', but there is NO illicit spyware for Mac OS X. Not a one. Everything MacScan detects is 'legal' spyware that is freely sold commercially or as shareware to be used by employers or owners of computers in order to keep track of where their users are going and what they are doing with their computers, particularly useful for parents who care about their children. Detecting such stuff can be very useful if someone has secretly installed one of these things on your Mac for nefarious purposes. But this stuff is NOT malware.

4) It is debatable whether tracker cookies are malware. At worst they are a violation of your personal privacy. So turn on the setting in your browser that prevents downloading 3rd party cookies and turn off the setting in Flash that allows any site to put cached data on your computer. You're done. That's for free. It doesn't require MacScan.

I seriously hope MacScan can actually, factually improve and become a useful product that does what it says. But for now it is junkware, not worth paying for, well worth ignoring in favor of real anti-malware applications like VirusBarrier, ClamXav, and iAntiVirus.
--

9 comments:

  1. Thank you for the info!

    You listed a few alternatives are all anti-virus programs, are there virus for the Mac?

    ReplyDelete
  2. The short answer is: No. There are no viruses for Mac OS X. There are, however, currently 22 Trojan horses for Mac OS X. I've covered each of the current 4 types of Trojans in previous articles.

    For those who'd like to know proper terminology: The overall term is Malware, not 'virus'. Sadly, very few 'professional' anti-malware providers use this terminology correctly. Therefore, it is no surprise that most users get the two terms confused.

    As usual I will also add that there is a well-defined and published protocol for naming malware. And yet it is rarely used. I have had 'professional' anti-malware 'experts' claim to not know this is the case. This gives you an overall feel for the haphazard, unprofessional, if not outright pathetic nature of a lot of the computer security community. So if you're confused by computer security, you are by no means alone.

    Previous articles here cover the breakdown of malware into its various types, including viruses. Some time in the near future I'll put together a revised summary article covering each type of malware as well as all the current Trojans for Mac OS X.

    ReplyDelete
  3. hey! Welcome your genius to help keep us safe. I came close to purchasing Macscan then stumbled upon your blog:) Thx! I want to be specific with my serious concerns and get your opinion in any other way besides a public post. Any email you'd share? I will check back to see if you posted anything. Again I appreciate your time and effort! Kate

    ReplyDelete
  4. Thanks for the nice note Kate! Seeing as the Red Hacker Alliance figured out my email address in order to SPAM me, I might as well share it with everyone. Note that you must substitute [at] with @.

    derekcurrrie[at]mac.com

    Methods such as this are used on the Internet in an attempt to thwart 'spyders'. They are automated programs run by SpamRats that collect every email address posted publicly. Collected email addresses are then put into 'Hit List' collections used or sold for SPAMMING purposes. Removing the @ character will cause the spyders to not 'see' you.

    ReplyDelete
  5. Hi again Kate. I received your second comment post but am not going to put it here as it contained my unadulterated email address. You have the correct email address. Please try again. My guess is that Apple temporarily had their email server offline. They've been updating their service this week, including an overhaul of their email system. I just emailed myself at Mac.com via Gmail successfully. In fact, I got my message twice, indicating that indeed Apple are messing around with their server today.

    ReplyDelete
  6. Would be interested to know if your comments on MacScan are up to date, i.e. cover version 2.7.

    Bill Strohm
    wstrohm[at]socal.rr.com

    ReplyDelete
  7. I appreciate your knowledge & comments. Especially about the @ in an email address. Thanks

    ReplyDelete
  8. I think the SpamRats (good name BTW) have LONG ago figured out these tricks and have algorithms set up to harvest the more obvious variations.

    ReplyDelete
  9. How did you ever manage to keep from calling it MacScam?

    ReplyDelete