Does this product contravene UK consumer protection legislation?

So, if you spot something being offered illegally, you download it first and then worry about whether it breaks the law? That sort of ethical stance might get you a criminal record, dude... ask the RIAA!  (I ought to point out that I dislike that organisation with a passion, as it protects no-one and nothing except the corporate self-interests of a handful of mega-corporations)

There is a pretty big difference between downloading pirated software, and downloading legal software which may have a few advertising problems. I don't think that YOU are breaking the law by downloading a piece of software that has been misrepresented. Also, the software is aimed at preventing all sorts of threats including viruses, torjans (note: Apple has even been busy patching OS X against some trojans), and worms.

a prize for anyone who could infect a properly-configured Linux machine with a virus

infect a properly-configured Linux machine

properly-configured ... Linux machine

So 100% of OS X users are running a properly configured linux machine? Let's say that you set up a parents/friends/whatevers OS X machine for them properly but they still insist on clicking on every link that is e-mailed to them or running any program that is offered. Those people could definitely use some protection against themselves.

Agreed enthusiastically - I run Clam on my mail server for exactly that reason.  But Clam isn't anti-virus for Linux, it's anti-virus for Windows that just happens to run on Linux.  That's not the same thing at all, which is what I'm trying to point out here.

The first words on the Clam AV website: "Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX"

No.  Vulnerabilities, yes... a self-replicating infectious item of computer malware, no.  If someone is silly enough to run untrusted software as root, and it turns out to be a malware trojan, then sure, that machine is compromised.  But where is the mechanism that provides, in userspace, a self-initiating infection vector on a properly-configured Linux machine that will compromise the machine?  That's what Netproject was prepared to pay for, and that's what no-one has ever demonstrated in over a decade!

Even OS X and Linux users are capable of being silly. Why not help protect them?

No.  That's the language of scareware, and even Sophos will tell you that a heuristic approach to malware detection can never be 100% successful.  A zero-day exploit can nail a "virus-protected" Windows machine as surely as a completely-unprotected Windows machine, and you just can't invert that logically to prove that "anti-virus for Macs" will offer "automatic protection".

I'm at the front of the queue of supporters for the installation of anti-virus for Windows (although I don't use Windows at all myself!), indeed I'm amazed at the hypocrisy of Microsoft at selling anti-virus solutions when their own marketing people continually overrode the protests of their (few) security analysts, e.g. when things like the "preview" feature in Outlook and Outlook Express were implemented, thus making the product in a virus magnet - and of course ActiveX probably made virus writers burst into spontaneous applause!  But, at the end of the day, "anti-virus for Macs" is like selling "elephant repellant for cherry trees"... spraying it on and showing you have no elephants in your cherry tree doesn't prove that it really works!! 

An alternative point of view: Let's say you happen to be immune to a particularly nasty virus, but none of your friends are (they get it and they are as good as dead). You are also quite capable of being a carrier for that virus (the virus can live in you but won't cause you any harm).  Don't you owe it to your friends to engage in some safe practices, especially if they don't really inconvenience you?

So, if you spot something being offered illegally, you download it first and then worry about whether it breaks the law? That sort of ethical stance might get you a criminal record, dude... ask the RIAA!  (I ought to point out that I dislike that organisation with a passion, as it protects no-one and nothing except the corporate self-interests of a handful of mega-corporations)

There is a pretty big difference between downloading pirated software, and downloading legal software which may have a few advertising problems. I don't think that YOU are breaking the law by downloading a piece of software that has been misrepresented. Also, the software is aimed at preventing all sorts of threats including viruses, torjans (note: Apple has even been busy patching OS X against some trojans), and worms.

a prize for anyone who could infect a properly-configured Linux machine with a virus

infect a properly-configured Linux machine

properly-configured ... Linux machine

So 100% of OS X users are running a properly configured linux machine? Let's say that you set up a parents/friends/whatevers OS X machine for them properly but they still insist on clicking on every link that is e-mailed to them or running any program that is offered. Those people could definitely use some protection against themselves.

Agreed enthusiastically - I run Clam on my mail server for exactly that reason.  But Clam isn't anti-virus for Linux, it's anti-virus for Windows that just happens to run on Linux.  That's not the same thing at all, which is what I'm trying to point out here.

The first words on the Clam AV website: "Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX"

No.  Vulnerabilities, yes... a self-replicating infectious item of computer malware, no.  If someone is silly enough to run untrusted software as root, and it turns out to be a malware trojan, then sure, that machine is compromised.  But where is the mechanism that provides, in userspace, a self-initiating infection vector on a properly-configured Linux machine that will compromise the machine?  That's what Netproject was prepared to pay for, and that's what no-one has ever demonstrated in over a decade!

Even OS X and Linux users are capable of being silly. Why not help protect them?

No.  That's the language of scareware, and even Sophos will tell you that a heuristic approach to malware detection can never be 100% successful.  A zero-day exploit can nail a "virus-protected" Windows machine as surely as a completely-unprotected Windows machine, and you just can't invert that logically to prove that "anti-virus for Macs" will offer "automatic protection".

I'm at the front of the queue of supporters for the installation of anti-virus for Windows (although I don't use Windows at all myself!), indeed I'm amazed at the hypocrisy of Microsoft at selling anti-virus solutions when their own marketing people continually overrode the protests of their (few) security analysts, e.g. when things like the "preview" feature in Outlook and Outlook Express were implemented, thus making the product in a virus magnet - and of course ActiveX probably made virus writers burst into spontaneous applause!  But, at the end of the day, "anti-virus for Macs" is like selling "elephant repellant for cherry trees"... spraying it on and showing you have no elephants in your cherry tree doesn't prove that it really works!! 

An alternative point of view: Let's say you happen to be immune to a particularly nasty virus, but none of your friends are (they get it and they are as good as dead). You are also quite capable of being a carrier for that virus (the virus can live in you but won't cause you any harm).  Don't you owe it to your friends to engage in some safe practices, especially if they don't really inconvenience you?