Slashdot Mirror
Symantec: Mac OS X Becoming a Malware Target
tb3 writes "According to ZDNet 'Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.' They go on to warn that the only thing that's protected Apple users from exploits so far has been the small number of Macs on the net. Now that people are buying Apple products for 'style over function,' according to one analyst, Apple computer has become a target for new attacks. More coverage on Australian IT and Silicon.com. I guess sales of Norton Anti-Virus for Mac needed a boost." Symantec may well be right about this, but note that they also have the world's biggest vested interest in making Mac owners nervous enough to buy their anti-virus products.
..but I already use an Antivirus for my Mac. Mind you I switched over from Windows a little under 1 year ago and since I use these machines for work I really didn't want to risk, even if it's 0.0001% of getting my work machine infected by a virus. All it could take is one sneaky website I visit to infect me, record information and I honestly wouldn't really know - mind you I doubt the Antivirus updaters would know about any Mac virus within 1 week of being lanched.
And no, I use McAfee. And it's not too bad, but then again I am biased as we bundle McAfee with systems.
I have been using Mac's for 8+ years now, I even orderd my Cube on a Dreamcast, and have never had a virus or malware... so you can put me in the "believe it when i see it" catagory.
If I'm not mistaken, doesn't OS X log you in as a non-root user? And if that's the case, isn't the regular user (as in Linux and other Unixen) unlikely to do major damage to the system?
DBA? Software Engineer? My company is hiring! Click
Maybe Symantec is trying to draw attention to generate more business for themselves because there certainly haven't been any viruses released yet on OS X that Symantec provides any real protection for - so I wonder, what information could they be basing their statement on? Secret contacts with the hacker community? Certainly nothing public...
The protection will come from such sexily named files as Security Update 2005-002 and Security Update 2005-003 distributed courtesy of Apple Inc.
In my experience (as support staff for the Humanities Div of a university), far and away the most common virus issue with Macs is that they can be a carrier for Word macro viruses. Beyond that, you just have to keep an eye on users turning on services without knowing what they're doing (or using decent passwords). On the one hand, it's better to be safe than sorry, and just install an anti-virus package, but frankly, the need has been so slight that mac AV packages tend to be a mess.
I admin a sound studio with 10 macs and two windows machines. Nine run X.3 and one runs 9.2.2. The two windows machines run GigaStudio and are never, and will never be connected to the internet. I run antivirus software on the macs connected to the internet, and nothing has ever come up in a scan. Ever. I have run every single single version of X since 10.2.1 and they all stayed clean.
As for patching, I patch manually, because of quirks in all the audio software we run, but OS X will patch automatically if you set it up to. you will be manually installing patches for any apps not distributed by apple, but all of Apple's stuff will update automatically.
Sig (appended to the end of comments you post, 120 chars)
From what experience I've had with Norton antivirus for the PC, it does more damage to performance (network latency and throughput, memory and processor usage) than most malware. I've never installed it myself, just seen it on other people's PCs. I might just have wrong/incomplete experiences, but I think that their software is bloated crap with a horribly confusing UI. If I had a Mac OS X, I would prefer to have a command-line controlled utility which I never have to see, which runs as a service, updates transparently and can be fully controlled using plaintext configuration files. NOT anything remotely like Norton for the PC. Virex might not be good, but unleashing the pestilence of Norton upon the Mac is... cruel. Isn't there something like a chkrootkit in Darwin ports or Fink?
Look at drivers you have installed. Lexmark in particular is notorious for releasing crap that will not only put itself into startup without asking, but consistantly use 20% cpu whether you're printing or not.
Also, check dns for whatever that konfabulator widget is accessing... if your server is slow, add it to hosts... if it's just the target that is slow.. try changing targets... just a guess...
There may have been 37 alleged vulnerabilities identified in MacOS X, but there have been ZERO exploits of those vulnerabilities. Apple has often released patches within 48 hours of discovery of a vulnerability.
At the current time, there are NO known exploits for MacOS X. NONE.
Anyone who has been a Mac user for any length of time and has used Symantec products can testify to the horrid filthy mutilated piece of code that is a Symantec product on the Mac.
This is NOT A TROLL.
I have seen (and experienced myself) Symantec products CAUSE more problems than they fix (if they are even successful at fixing any) on the Mac platform.
I pity the poor soul who has no experience with Symantec on the Mac and falls for this pathetic ad piece.
First off, check and make sure popup blocking is enabled. I only see MAYBE one popunder a week, if that (and add the offending site to my mental blacklist, never to be visited again.) Go to the Safari menu and make sure there's a check next to the "Block Pop-Up Windows" item.
Secondly, yes, Konfabulator can really bog down a system if you have too many widgets running. They eat up memory and CPU power, even sitting idle. I have seven I keep open with little peformance imapct, but that's on a Dual 2Ghz G5. If you haven't discovered it yet, Activity Monitor (in Applications/Utilities/) can be very useful in tracking down where your CPU cycles and memory are going. It even lists all the Konfab widgets seperately, though it doesn't tell you which one is which. So if there's a widget that's being a hog, it'll let you know!
I'd bet that it's a low memory issue, Apple has a tendency to shortchange the memory in their systems, especially consumer level stuff like the iBook & iMac. Running OS X on less that 512MB will bring things to a snail's pace frequently, so a simple memory upgrade might help greatly.
The only virus definitions I have ever seen in Symantec products for Mac OS X are Word macro viruses and the like. That would suggest that there are no viruses in the wild that can cause any damage that Symantec will protect you against. There have been a few proof of concept stories going around which are usually fixed by Apple at the next security update. Sometimes they relate to open source software (I think Apache had one a while ago) and some relate to Apple software. As far as I know they have all been patched. And, as I said, I'm still not infected.
Update reguarly/automaticly, and keep an eye on an OS X site or two to stay abreast of things, and you'll be fine.
"A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
10 years on the Internet, 24x7 for eight of those years. No antivirus. Not a single infection....
I do install one copy every few years to verify this personal protest against virus company scare tactics
I agree this will be a good test of the out-of-the-box security of Apple. Actually, I believe that out of the box, Apples are ironclad secure. They start with no services turned on by default. There are no Microsoft-like ActiveX analogous components that allow viruses to replicate if you do something innocuous-sounding like read email or run a word-processor. About the only service that is password-free is Software Update, but that is a client, not a server. If users turn on sshd and choose a poor password, they may well be attacked. This will probably rarely happen, since most people enabling ssh will be aware of the risks of poor passwords, and not really complain if attacked. I think this is just FUD for marketing.
Currently hooked on AMP
If someone can get root on a mac you can install a root kit. But youhave to get root first. It's not good enough just to get user level or even admin user level. You have to get the admin user to enter their password to elevate to root.
The ppc played role too as I have read that until last year there was no widely know compact way to exploit a buffer overflow to execute arbitrary code. I beleive that is now solved and published so one might see these cropping up. :-(
Since the security model is better you dont have problems like active-X waiting to ruin your day, or auto execute on mous-over e-mail subject lines, or registry changes needed to install applications. Or other bonkers stuff.
But despite all the default security, nothing will stop a determined used from trojaning themselves good and hard. And if they are admin and enter their password your rooted. Nothing will withstand unrestricted physical access either. You can at least ward off limited physical access by using the firmware password but this can be overridden by a determined user.
and of course there have been security holes and always will be. SSH, quick time, and even JAVA had had security holes. Fortunately no one has manged to exploit these before apple fixed them and given apples default services-off settings and lack of root access, its going to be harder for these things to spread like wild fire.
on the other hand Macs are very homogenous so once a virus does finally break loose, if it can get in without requiring any services its going to spread quickly.
Some drink at the fountain of knowledge. Others just gargle.
No, it isn't true.
It may be true that obscurity helps, but (for instance) you can't infect a Macintosh by sending the right kind of packet to it, surfing the wrong web site, opening the wrong email, or clicking Yes at the wrong moment to some confusingly worried alert.
The blame for earlier versions of Windows being completely insecure lies firmly on Microsoft, just as the blame for System 6.0.5 being easily infected fell on Apple.
Decent security is neither hard nor complicated, it's just fusswork. But you need to plan for it right from the start.
http://mac.softpedia.com/get/Antivirus/ClamXav.sht ml
bo
bad_outlook
--
Is this vague enough for you?
This whole market share angle is mostly bogus. There is what, about 10 million OS X users? Why hasn't there been a worm (or trojan, anything!) attacking them? Witty has a very successful worm: it hit all 12,000 vulnerable hosts.
How can you say 10 million is too small? The population of Canada (where I live) is about 33 million. The installed OS X based is then (about) 1/3 the population of Canada. That's not far from the population of New York city (~15M).
If a worm can hit only 12,000 hosts like Witty did and be called "successful" (it was basically a 100% infection rate), then surely the OS X population is vulnerable.
John Gruber has some articles on this.
Mac OS9 has not ever been rooted or defeaced remotely ONCE and is used on countless secure servers. For years the US Army used it on www.army.mil until recently evaluating osx instead.
:
The reason? The us army was embarrassed by being routinely defaced using unix and Windows NT.
http://uptime.netcraft.com/up/graph?site=www.arm y. mil
Why is Mac OS9 hack proof?
Why is is hack proof? These reasons
1> No command shell. No shell means no way to hook or intercept the flow of control with many various shell oriented tricks found in Unix or NT. Apple uses an object model for procces to process communication that is heavily typed and "pipe-less"
2> No Root user. All mac developers know their code is always running at root. Nothing is higher (except undocumented microkernel stufff where you pass Gary Davidian's birthday into certain registers and make a special call). By always being root there is no false sense of security, and programming is done carefully.
3> Pascal strings. ANSI C Strings are the number one way people exploit Linux and Wintel boxes. The mac avoids C strings historically in most of all of its OS. In fact even its roms originally used Pascal strings. As you know pascal strings are faster than C (because they have the length delimiter in the front and do not have to endlessly hunt for NULL), but the side effect is less buffer exploits. Individual 3rd party products may use C stings and bind to ANSI libraries, but many do not. In case you are not aware of what a "pascal string" is, it usually has no null byte terminator.
4> Macs running Webstar have ability to only run CGI placed in correct directory location and correctly file "typed" (not mere file name extension). File types on Macs are not easily settable by users, expecially remotely. Apache as you know has had many problems in earlier years preventing wayward execution.
5> Macs never run code ever merely based on how a file is named. ".exe" suffixes mean nothing! For example the file type is 4 characters of user-invisible attributes, along with many other invisible attributes, but these 4 bytes cannot be set by most tool oriented utilities that work with data files. For example file copy utilities preserve launchable file-types, but JPEG MPEG HTML TXT etc oriented tools are physically incapable by designof creating an executable file. The file type is not set to executable for hte hackers needs. In fact its even more secure than that. A mac cannot run a program unless it has TWO files. The second file is an invisible file associated with the data fork file and is called a resource fork. EVERY mac program has a resource fork file containing launch information. It needs to be present. Typically JPEG, HTML, MPEG, TXT, ZIP, C, etc are merely data files and lack resource fork files, and even if the y had them they would lack launch information. but the best part is that mac web programs and server tools do not create files with resource forks usually. TOTAL security.
4> Stack return address positioned in safer location than some intel OSes. Buffer exploits take advantage of loser programmers lack of string length checking and clobber the return address to run thier exploit code instead. The Mac compilers usually place return address in front or out of context of where the buffer would overrun. Much safer.
7> There are less macs, though there are huge cash prizes for cracking into a MacOS based WebStar server (typically over $10,000 US). Less macs means less hacker interest, but there are MILLIONS of macs sold, and some of the most skilled programmers are well versed in systems level mac engineering and know of the cash prizes, so its a moot point, but perhaps macs are never kracked because there appear to be less of them. (many macs pretend they are unix and give false headers to requests to keep up the illusion, ftp http, finger, etc). But some huge high performance sites use load-balancing webstar. Regardless, no mac
Nope, merely visiting a website with a malformed quicktime file will do it. At least with OS X and most modern Linux distributions you can connect a newly installed system the internet without a firewall and download patches. It used to be that in Windows 2000 you could set required services (servers) like DCOM and RPC to listen on localhost only but that feature was removed from XP so the only way to prevent DCOM or RPC from binding to interfaces connected to the internet is a software firewall. Completely disabling bind_interfaces_only functionality in XP was dumb even by Microsoft standards.
I think it will be interesting, because I think OS X will be shown to be highly secure. I agree, though, as market share increases, the proof will be forthcoming. Apple has made some MS-like security mistakes, such as the Help vulnerability that was discovered last year. But in general you are not going to see a Mac box with no MS Word and no MS Access installed spreading viruses like the PC's around my office seem to. I cannot believe what people put up with on their Windows machines. They are such pieces of crap, security-wise. :-) I don't mean to troll, it's just that I have yet to see a virus forwarded from an OS X machine... yet have seen hundreds from PC's. It's not just market-share, people. There is actually a difference in operating systems. Why is the idea that OS X might be inherently more secure than Windows such a shocking one to some people?
Currently hooked on AMP
Neither (except if you're dumb enough to not have installed Windows XP SP2)
My point is that Windows needs special steps to be _protected_;
Actually, in SP2 it doesn't. The XP firewall is turned on by default in XP2. In SP1, all you needed to do was turn on the firewall for a connection in the Network Connections control panel.
Now as far as local security goes, I agree with you; there are some nasty local security exploits. Microsoft is to blame for much of the security issues, but also a major part of the problem is third-party developers! It would help if application developers would realize that Windows is a multi-user system and actually follow Microsoft's reference guides for how to program in this environment instead of forcing the user to be an Administrator to actually use their program. Windows has been multi-user for years, and application developers still haven't caught up. Why do I have to be an Administrator to run a game? Bad programming, that's why! Not even Norton AV gets this right (scheduled scans do not run for non-administrators and a non-administrators are told that Live Update is off even if it is actually turned on). The only program that I've see actually try to do something about this is Nero, which has a program to set up a group to enable burning by non-administrator accounts, but even this is a special download that is not part of the regular install. This needs to change; developers need to start using the Windows multi-user environment correctly.
In summary, Microsoft provided the ability to make the system more secure using non-privileged accounts and groups like every other major OS, but application developers are not taking advantage of it. I always run as a non-privileged user, and I am getting sick of applications that have no reason to need administrator privileges not running correctly.
Show me on the doll where his noodly appendage touched you.
This should help.
The Farewell Tour II
SP2 is a lot more secure. But even now lots of people are installing from copies of SP1. Yes Windows can be made secure, but it takes that little bit of extra effort - and if the firewall is ever compromised (like malware turning it off) you are quite screwed. OS X needs no firewall to stay quite happily connected without security issues because it does not ned any services running to function.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Windows because Apple, like all the other UNIX vendors, ships their systems in a (reasonably) secure state by default.
Really?
I just installed XP Pro and ActiveX was off by default and the firewall was turned on by default. And it yelled at me for not having AV software installed. (F-prot all the way!)
https://www.accountkiller.com/removal-requested
Viruses do not target data for destruction any longer. Data is only seen as a vector for further infection, or possibly information valuable to the attacker. But viruses simply don't destroy things anymore because using your computer as a zombie is far more valuable to them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I just bought a new computer that had WinXP. SP2 was already installed.
Nope, it comes pre-installed. Owners of older machines can get it automatically through Windows Update or download it from Windows Update.
Show me on the doll where his noodly appendage touched you.
I mean I gave up on their Norton Products with OS X because all they did was screw up my computer. Then my .Mac account gave me Virex for free, but all it did was screw up my computer, so I decided to try clamAV and for a front end their is the excellent ClamXav which lets you schedule Virus scans and updates. And best of all it is shareware based on open sourced virus protection software.
I picked up about 12 PC viruses that I had, and could have sent to a PC user, though they don't affect me at all.
I see your point, but my point is that yes, you can *make* Windows secure if you are knowledgable, but last time I checked, an out-of-the-box Windows box is owned minutes after connecting to the network unless the user takes steps to prevent attack, such as putting the machine behind a firewall and blocking all incoming traffic. Our Windows machines here spread email viruses like, er, the plague? I think our security here is taken very seriously, yet somehow we cannot stop the PC viruses from literally crippling our mail server occasionally. I think there is something fundamental going on here, and I think it is the notorious habit of Microsoft to start out with unnecessary services enabled, and allowing their email client to automatically run scripts under the instruction of an arbitrary email message. This makes Windows more insecure. I guess we'll just have to agree to disagree there. I'm not trying to troll.
Currently hooked on AMP
So, can you modify files in c:\windows in that XP installation? Yes? Then the system is an open book to anything that can get even a toehold.
jim frost
jimf@frostbytes.com
...Yes, obsucrity is absolutly he only reason it hasn't been targeted...
I don't believe that even for one CPU cycle time. There are millions of Macs and hackers love challenges. A hacker who could penetrate a Mac would and could feel very proud, but aside from some clever social engineering, tricking the user into giving some sort of OK, it is not likely to happen. If a user downloads some file onto a Mac, and if that file is a program that has never run before on that system, a dialog comes up warning the user not to click OK unless he/she KNOWS that it is a safe program. If there is any doubt, the user is advised to click cancel.
All theory is gray
New instalations have SP2 by default.
Excuse me, but isn't tcsh OS X's default shell?
Plenty of better scanners. ClamAV and F-Prot both are far better than Symantec. Symantec's stuff is trash. I spend at least a couple of hours a week dealing with that piece of crap Internet Security program of theirs. If you want to use Norton/Symantec garbage, be my guest. Do you really have that much faith in it?
The world's burning. Moped Jesus spotted on I50. Details at 11.
Last I checked, out of the box machines come with SP2, which fixes most such vulnerabilities, and have a firewall enabled by default. In addition, the latest desktop and server versions of Windows come with very few services enabled by default. It's also been a LONG time since any Microsoft email program ran worms without user interaction. And finally, if you take security so seriously, why don't you filter viruses in messages on your mail server, patch your mail clients, install client-side virus scanners, or TRAIN your users?
IE sucks for security, but that doesn't seem to be part of your argument. Please play again later.
Not any more. It was changed in Panther I believe. The default is now bash
seSales, Point of Sale software for OS X.
Really old post. A quick bit of googling reveals:
i d=6734660 from Aug 19, 20038 308 from Jun 12, 2003a dvocacy/msg/7a80fe09794d6331 from Jan 12, 20031 155 from Nov 26, 20029 006 from Aug 4, 2002
http://books.slashdot.org/comments.pl?sid=75257&c
http://slashdot.org/comments.pl?sid=67477&cid=618
http://groups-beta.google.com/group/comp.sys.mac.
http://slashdot.org/comments.pl?sid=45793&cid=476
http://slashdot.org/comments.pl?sid=37389&cid=400
And I seem to recall seeing it floating around long before then. If anyone knows of the original, please respond. Also, if the original troll could please fix the numbering? 4 isn't supposed to repeat again after 5 and before 7, I'd greatly appreciate it.
Not that complex actually. And it's been in since at least XP's release (maybe 2000, but I haven't used that much).
Ugh. I've defended Microsoft. I feel dirty now.
If it's possible, then it is *very* fucking new.
It's been there since Windows NT, although the configuration was different in NT.
Show me on the doll where his noodly appendage touched you.
Installing software from a non-administrator account.
/Library/Preferences is read-only to normal accounts, and only used for system-wide preferences (display resolution, network config, etc). Sure, there will be the odd app that uses an ini file, but those are always apps ported from Windows, bad behaviors and all. One that comes to mind is Unreal Tournament. In OSX, running as a non-admin is practically transparent.
In Windows, you have to either log in as an administrator, or use "Run as..." that 95% of the world doesn't know about but wouldn't use anyways becuase it's easier to just run an admin account. If already on an admin account, it just installs.
In Mac OS X, the installer simply asks you for the administrator user name and password. If on an admin account, it still asks for the password. They even ask for the password while root. If root is even enabled, which is superfluous with sudo.
Per-user preferences for all user apps
This isn't the case with Windows. Certain apps write to the global registry and save preferences in sytem folders. Bad coders, bad. This probably has something to do with the fact that there's no one single spot for preferences to go in Windows. It could be %HOMEPATH%\Local Settings, it could be in the app's folder, it could be %HOMEPATH%\Application Data. It could even be stored in the fucking Windows system folder. You just never know. The problem with the Windows model is that you never really know if you have to be an administrator to even run certain apps. Example: Until recently, the minimum group to run Yahoo! Messenger was Power User. Running an IM client as an administrator? Baaad. It's also just a general pain to run as a non-admin in Windows.
In OSX, it's ~/Library/Preferences.
And now a message for those of you that had the mental, ocular, and intestinal fortitude to read this entire comment, "What is wrong with you?"
The image is a dream, the beauty is real. Can you see the difference?
Windows has been multi-user for years, and application developers still haven't caught up.
Actually it's not, unless you count malware as an extra "user", and neither is OSX. Unlike UNIX, they don't allow multiple concurrent users connecting via network or terminals and using the system's standard UI. As such, local file security is less important, because the machine will likely be only used by people with physical access. VMWare and other solutions that actually allow concurrent access have decent security (not sure about terminal server).
On the other hand, Win and OSX should have serious sandboxes for browsers and email to avoid becoming multi-user systems!
Previous versions did come with bash btw, it is a simple change in the NetInfo Manager to go from tsch to bash.
seSales, Point of Sale software for OS X.
Until one of these anti-virus software vendors can prove that their software is less harmful to Macs than the alleged/pending viruses, I'll continue to leave Virex 7.2 installed just to make the admin's happy, but sure as hell won't upgrade (again) to version 7.5.x, which causes innumerable and far-reaching problems. It has always been the case and continues to be the case, that on Macs, virus protection software is far more harmful than the alleged viruses they allegedly protect against.
--- What?
Frankly, this annoys the heck out of me.
Give me a proof of concept virus that actually spreads via email, instant messenger or something similar, and I'll start worrying.
The problem is that the email client in MacOS X isn't scriptable, and so you can't use it to read the address book and automatically send out messages.
If malware comes for the Mac, it will probably come through something like Kazaa. The simple fix, of course, is not to install whatever program introduces the spyware.
D
Look, I'll make this short: I'm a non-grunt Symantec employee. NAV is crap, and I can't figure out what NAV on OSX is actually looking for. It's just scare-ware. We're dealers to people with a predisposition for addiction, and your discounted copy of NAV is a dime-bag.
Imagine that Windows is a house with the roof shingles installed upside down creating pockets for rain, and UN*X including OSX has a properly-installed roof. NAV is a subscription service for a new bucket of Henry's roof patch every week. (SP2 is a nice tarp in this analogy, but it's still just a mask for terrible security arcitecture.) On windows, the "roof patching" quickly becomes the main activity of the system. On OSX, not so much. The threats/vulns just arent there (yet), and the underlying architecture is basically sound. NAV-OSX just wastes cycles IMHO. Shit, a tripwire-for-dummies install would be a lot more useful.
Personal note: I'm provided a fully-Symanticised WinXP system to use for corporate email etc. And when I'm out of the office, I have to use Symantec's own amaturish VPN to connect to Notes ( of all godforsaken things...) sorry guys, four passwords to get into the main information repository of the company is four iterations of a single factor... This really shows how little Symantec collectively understands information security (as opposed to system security).
Yeah, I use a mac for personal stuff, and run my production (non-day-job) systems on Linux. Working for Symantec has taught me that the solution to endless repairs on a broken system is to get another system.
True. I know at least three persons that like to have smilies in their emails and just reinstall the spywares I removed about a day ago. I explain what the bad and evil spywares do, but hey, it's got smilies.
printf($randomline(sigs.txt) \n "-- "$randomline(authors.txt));
-- myself
I just checked the box I'm on (a generic WinXP Pro install) and found that c:\windows is writable by "administrators" and "power users". The former is appropriate, the latter isn't, but the whole thing is rendered moot by the fact that the accounts are, by default, created with administrator privileges.
That's largely of necessity, I realize. On one of my home XP boxes I decided that my 2 year old daughter's account really shouldn't be privileged, so I didn't make it so. The result? Nearly all of her children's games failed to operate. When I called vendors about that, I was told that I'd just have to give the account the necessary privileges. (Can't return the software, of course, nobody allows software returns.)
So: We have a system that, if configured securely, doesn't work very well -- and if configured so it works, is so wide open that any little application error can lead to a compromised system.
It's a disaster and the only solution to it is going to be to have Microsoft turn the security way up by default so the software vendors are forced to write their code accordingly. Like, say, every other major OS out there.
The transition is going to suck, but until it's made Windows is going to remain a really easy target.
jim frost
jimf@frostbytes.com
it is a simple change in the NetInfo Manager to go from tsch to bash.
Yes, and you'll have to change it yourself if you've upgrade to Panther from a previous version of OS X. (Unless you prefer tcsh, of course.)
You can also change it via the terminal, as someone else has pointed out.
One man's -1 Flamebait is another man's +5 Funny.
Yeah...with a Symantec product. Damn near as bad as HP printer software.
So now they're trying to scare mac users into buying their garbage? "Is your computer running too fast? Try our new and improved NAV for the mac."
"but by now you have a codebase you don't want to have to go back and rewrite"
Of course, forward-thinking OS developers make sure that in order to write files into a preferences location (for example) you have to call "GetPreferencesFolder" and you are discouraged from using absolute paths, assuming there is such a thing as "C:" and so forth. So when the OS gets revised you don't have to rewrite anything at all. Your code does the right thing.
This is the marvelous thing about Mac OS X and its legacy Carbon APIs. I have a fairly large shareware music program that I originally wrote for Mac OS classic, and it took me about two days to get it running on Mac OS X. And I didn't have to do anything specifically for the multi-user elements of the new OS because the system environment is so well abstracted. (And it was very helpful that Apple provided the "Carbon Dater" utility which told me all the changes I needed to make, and where.)
Of course, just getting it running wasn't enough. I felt the need to redesign the appearance and to take advantage of the modernized music and sound technologies that Mac OS X provides. Now I have a program with an entirely new codebase, but one which I can now use to build future music applications. And I wrote it entirely in C++ with strong separation between TheirAPIs and MyData so I can consider faster cross-platform migration in the future.
I think if you install the developer tools and study the Apple headers you'll be pretty impressed with their forward vision and the intelligent choices their technology developers have made. (There are also very few LONG_UNWIELDY_UPPERCASE_LABELS to deal with, so code tends to be more readable.) Who knows, you might even decide to field some Mac projects in the future...?
-- thinkyhead software and media