Slashdot Mirror
Mac's Immunity To Recent Virus Attacks
bluepinstripe writes "
An article over at MacCentral references two articles about the Mac's immunity to the recent virus attacks." This is nothing new, but worthy of note, from time to time, such as now.
← Back to Stories (view on slashdot.org)
People vaccinated against polio are immune to polio attacks. Duh!
The other thing that seems to slip people's attention, is that most of these Windows email viruses spread because of Outlook and Outlook Express. People running other mail clients like Eudora, Mozilla, etc. are not affected by these attacks either.
Overrated / Underrated : Moderation
1) immunity to WINDOWS viruses.. these aren't COMPUTER viruses, they are WINDOWS viruses (and worms).
.. is your inbox clogged wiht 10000 copies of Sobig and your mail program having fits? Write (or download, or have someone else write) a script to go into your POP server, and use the TOP command to search the headers for one of the 8 sobig subjects, and delete them. You can use Perl, Ruby, Python, PHP, AppleScript, Java, or awesome Objective-C!
2) easy to program
3) No open ports by default!
That being said, I'm personally not willing to say with 100% certainty that OS X is "immune" to viruses and worms like this. What if OS X was on thousands of desktops in each big company, like windows is? Imagine all those dumb, untrained users sending each other arbitrary executables... combine with ease of programming from #1 above... yeesh...
It depends on if you count worms, and what you consider "part of the OS".
Lots of software run on Linux/BSD/other unix-like systems, so if a worm uses a flaw in that software, can you really call it a Linux problem?
It's not as clear cut as it is in the proprietary software world. where programs generally run on one platform only, and MS/Apple bundles tons of stuff tightly with the OS.
There have been a couple honest to goodness Linux viruses, but none that I know of have ever spread widely. If you count worms that exploit only Linux, that have made it very far in the wild, you could probably count them on one hand.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
"It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
you'd be suprised...
Altough most are worms, there are about 50-60 virus existing.
Symantec: 1592 results found (includes articles)
Mcafee: found 58 record(s) matching
I live in Soviet Canuckistan you insensitive clod!
From another article I read a week ago. The 50 was really for OS 9 and earlier. The old OS is a very insecure OS, with little interms of memory protection, and multi-user access levels, but was left alone given low usage levels.
OS X however inherites from BSD, so it also inherited all the fixes to past problems in BSD, which is mainly used as an Enterprise Unix solution. And also keep in mind it is a new operating system, version 10.2 has only been around for just over a year. That said, it does come with a more secure default configuration, with most services disabled by default, which is the weakness of most Unix and Linux systems, since they're usually deployed as servers and have most of their services on by default.
Mac OS X uses micro kernel technology. This provides better memory protection between applications, and the ability to sperate the OS into different components and levels. This becomes key when updating the OS. Most updates, since it does not involve the micro kernel, a complete system restart isn't necessary. The micro kernel will continue to run while the rest of the OS is patched in restarted, reducing start up time for kernel updates.
For both points, you are referring to problems that have to be opened up explicitly. By default, all those excellent remote user capabilities are turned off, and the one place that uses fb_realpath() (the FTP server) is off by default.
The situation on X is not as good as it was with, for example, 7.0, where getting anything remotely exploitable up demanded a multi-digit number of clues, but it is still many steps back from the default Windows situation. After all, who outside of Redmond is conscious of the fact that every Windows machine is running a DCOM RPC endpoint mapper?
True, but only to a point.
The earliest macro virus, concept (1995), ran rampant on both Macs and PCs (despite the fact that MS Office 4 for Mac was a Piece of Sh*t) before Office had macro detectors.
Since then, almost all macro viruses in Word and Excel documents create havoc only on Windows operating systems because the viruses make procedural and path calls that work only on Windows, such as going to a directory path on C: drive, or activating a function that requires the full Visual Basic or ActiveX functionality found in Windows but stunted or non-existant in the Mac version of Office.
The Mac version of Office screams bloody murder when it detects macros and warns the user. If a modern macro virus is let to run on a Mac OS system, it fails to run or runs only to a point.
A point that should be made throughout all this virus hoopla is that while Macintosh users are generally immune from any direct attack from PC viruses, a Macintosh user can be a "typhoid Mary" style carrier by passing along a virus from an email or infected file. Also, due the SOBIG virus and BLASTER, everyone, including Macs, suffer from the Internet slowdowns that affect the servers that manage it, as well as intranet slowdowns in businesses.
Vos teneo officium eram periculosus ut vos recipero is.