Slashdot Mirror
Ready For the Big Mac Virus?
An anonymous reader writes "The IT security manager of the University of Otago, New Zealand, has been educating his OS X users in security best-practices. According to Mark Borrie, many Mac users believe they were immune to security problems -- a trap many Mac fans seem to have fallen into. He said around 40 percent of the computers at the uni are Macs. "On the security side of things I reckon the Mac community has yet to wake up to security. They think they are immune and typically have this idea that they can do whatever they want on their Macintosh and run what they like," said Borrie. "If I can get our Mac users up to speed and say 'you are not immune' -- so when [the malware] hits, hopefully we will be pretty safe," he said. "We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie."
Anyone who is trying to grab headlines with a Mac virus isn't of the same ilk of the two recently arrested Zotob/Mytob worms, whom really desire to keep a low profile. We've pretty much moved on from the egomaniacal hacker who wants to see how n070r10u5 he can be, with his worm/virus mentioned in the NYT and CNN.
The logical assumption is "what does a Mac virus/worm author expect?" Stealing personal info, spyware, etc, that's the game for the larger herd. It may pay some dividends and be relatively untapped and not as challenging, but there's so much groundwork laid for Windows and the frequency of exploits underscore this is the way to go.
"what u get, d00d?" :p"
"some iTunes"
"anything good?"
"just more u2, i'm so sick of u2
"blame j0bs"
A feeling of having made the same mistake before: Deja Foobar
Ready For the Big Mac Virus?
I'm sure the question on everyone's mind is, "Does it come with two all beef patties, special sauce, lettuce, cheese, pickles, onions, all on a sesame seed bun?" If so, BRING IT ON! I'm hungry! =)
(And in case anyone is wondering why I'm making a joke out of this, it's because it *is* a joke. While Macs can and have had security issues, the system is nowhere near as vulnerable as your average Windows box. The design of the system guarantees that most of the problems we see on Windows can't happen on a Mac. No default open ports to send overflows through, no default root access to the system, no easy way to send executable email attachments, etc., etc., etc. We'll need a completely new class of highly sophisticated attacks to make a dent in the stronghold that is OS X. Nothing like this skript-kittee crap we've seen.)
Javascript + Nintendo DSi = DSiCade
But this doesn't mean that Mac users shouldn't have current AV/malware protection and use standard computer security best practices.
What follows below is an answer to a query raised during a Chronicle of Higher Education colloquy. Yes, I have posted this to slashdot before, but it is still very much relevant, and I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment [at the time of this writing], unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a message, and nothing more. There is simply no equivalent to this on any other platform. Microsoft's track record and attitude
Whoa, for a second there I read the title as a "Big Mac" virus.
Mmm, Big Mac.
Slashdot = ((Technology + Politics) / Trolls) % Grammar Nazis
And I say that as a Mac user. At some point, you must educate the user to the dangers - don't open suspicious messages or attachments; don't wander into sketchy websites.
Not the easiest thing to instruct, though.
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
Imagine, Mac users being oblivious to reality. No Way! Apple bad, NO!
...grab headlines with prophesies of a future mac virus.
But this article is telling me I'll have the same issues if I switch? *sigh* Computers are becoming a real pain the butt to use.
Sam
Not all Mac users are oblivious to security. I still keep all the ones here locked down. Same as the Win boxes. It just seems as though a default OSX install is way more secure than a default Win install.
Two all beef patties, special sauce, rotting flesh, pickles, onions on seseme seed bun...
I have a question. I was a mac user for several years, but not for the last 10 years or so, and I remember that there were several 'viruses' at the time. What ever became of them? This was all pre wideuse internet, so I think those old viruses spread via floppy, but I'm just wondering. Technically, doesn't Mac OSX have some backward compatibility all the way back to the 680X0 chipset?
What happens to the new Macs if they encounter these old foes?
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
> Some day, somebody will say 'I am going to create a headline
> and write a virus for Mac'," said Borrie."
I've been hearing this for years. I'm still waiting.
...and I can say that with absolute certainty since I removed the pre-installed Internet Explorer that came with it.
Safer by design doesn't mean immune.
"We are all geniuses when we dream"
- E.M. Cioran
Maybe they can write it when they're done with that first game for Mac.
Not sure if this is just fud or what, but back in my HS days one of my Mac evangelist buddies pointed out that because of the itnegrated design of the Mac classic and similar "one box" macs that one could quite easily write a virus or trojan that would run the video subsystem really far out of spec and could actually physically damage the CRT. Is that still something possible with modern hardware?
-*The above statement is printed entirely on recycled electrons*-
I scan downloaded Mac binaries with Virex, but keep the on-access scanner disabled... I'm not worried.
To date I've found one trojan on my Mac, it was in my Java cache and a win32 one at that! Hah!
Have you gone into a CompUSA and seen the populace that buys those computers? I'm not going to say *all* of them are novices...
If Apple has a reputation for making a computer that's easier to use than a PC, more power to them. I use my PowerBook constantly at home, and find that for ease-of-use and productivity it compares favorably to every other computer I've ever used.
(For the record, I'm a system adminstrator who manages Linux and Windows 2k3, and came out of a position where I did desktop support for Windows 95, 98, and XP.)
Q: How can we expect them to secure their Macs, when they barely know how to shutdown or turn on the computer.
.APP inside a .DMG and sending that as an attachment), etc. Not to mention that the Mac auto-upgrades are far less obtrusive than the Windows auto-update, and are very easy to install. So why worry about users who can't be a liability?
A: We don't. That's why the Macintosh comes in a secure configuration. No open ports, no root access without password verification, no root password at all, no way to send executable attachments (short of putting an entire
Javascript + Nintendo DSi = DSiCade
I'm not exposed to Apple computers much. But all this time, I thought there were NO "Apple/Mac" viruses at all. I'm actually considering my new desktop PC at home, and I want to see about getting an Apple. But looking down the road, say 5 years or so, will it just be more of the same with Apple products? How far away from this being reality is what I'm asking the Apple gurus here. I am interested in buying one, but I don't know if now is the time to make a jump.
VOTE!
I'd imagine that viruses need a critical mass of available computers and clueless uers to spread: too few, and it'll just peter out. Although some Mac users might "flock" together and have each other in their address books, surely there just aren't enough Macs for something like this to be worth the virus writer's time?
$10/month: 120GB bw, SSH, CVS, Rails and 10 years' experience!
This is why you should not rely on your OS alone(Unix/OSX/Linux/*BSD) for antivirus/antimalware.
You need signature based checking for virii and malware.
If you think just because you run $OS then you are safe, you are as dumb as the average MS user with a spambot running on his/her pc.
all that means is that Mac OS X still has about 98,000 viruses to go to catch up with Windows....
guns kill people like spoons make Rosie O'Donnell fat.
I am not extremely familiar with macosX but I know that the underlayment is FreeBSD and I do not see how an effective virus/worm strain can be created for this infrastructure. After all, macosX does not require you to run everything as root to be able to function properly. So unauthorized access to the OS will be quite next to impossible without explicit permission of the computer's user by typing the root password when asked.
If it was that easy to make the headlines, or destroy the unix based systems, I believe Gates/Balmer et al, would have lauched a clandestine team of virus developers to attack the Linux running computers instead of paying Gartner, undisclosably high sums of money to provide proof that Windows is more secure than Linux. Don;t you think ?
__________
The more I know people, the more I love animals
I have this odd feeling that it just wouldn't spread the same as a Windows Virus...
Whenever I'm in CompUSA and people are looking at the crap pc clones they sell, I always talk them over to the macs... not that I like macs a lot (I don't), but I like them a lot more than that other junk CompUSA sells. They're one of the more solid computers that can be picked up at a retail shop.
If man can create it, they can most certainly destroy it. It may be next to impossible for a Mac to have a wide scale virus, but it's not impossible.
Murphy's law anyone?
$fortune
Tomorrow has been canceled due to lack of interest.
And I don't eat there often because it gave me a diarrhea a couple of times, but a virus? No, I'm far from ready for it. I'd rather quit eating out at McDonalds altogether.
Your pizza just the way you ought to have it.
Yes, as opposed to Windows machines which attract only experts, right?
Truth is, I know a lot of geeks who like OSX as an alternative to Linux. It lets you do nice little Unix-type things. I'm not going to compare Gnome or KDE to OSX's interface, but lets just say some people prefer it and choose OSX over Linux.
Most computer novices that I know, on the other hand, want to buy Dells because they're "normal computers".
http://malfeasance.50megs.com/
the cause.
People will just click right through any dialog box that askes them for their password, not even reading it. Then this little beast will tear their system limb-from-limb and they'll blame Apple. And you know why? Most people today expect others to do all of their security for them. I can't even count the number of times I meet people who just expect the police to provide for their security, and that includes girls with stalkers and crazy exs. Do they take responsibility for their own security? No because that would require effort.
This is all part of a larger societal trend. One of my friends basically said she shouldn't have to really worry about securing her PC. Can anyone imagine taking that attitude toward their house? "I shouldn't have to lock up at night." The same people often say that they shouldn't have to buy a gun and learn how to use it if someone is harassing them with possibly injurious or murderous intent.
What we need are really strong policies at work that say to people that if they refuse to follow policies such as not opening attachments from unknown sources they get fired. Are you a 70 year old secretary who can't learn them new fangled compooters? Too bad, you get fired because you couldn't be bothered to take responsibility. The only solution is to force people to take responsibility, and I have plenty of more examples, but then again so do most slashdoters..
Click here or a puppy gets stomped!
How can we expect them to secure their Macs, when they barely know how to shutdown or turn on the computer.
You don't need to train them, that's the point. The firewall is on and tight by default. Automatic updates are on by default. The ports that don't need to be on, are off, by default. You have to _know something_ to make the system unsafe, in sharp contrast to Windows.
I'm curious. How much do you actually know about OSX? It's interesting how often Windows people who bash Macs, don't actually have hands on experience with them, when it's almost inevitable that Mac users who badmouth windows are doing so due to years of direct experience with it.
So, did I guess right? You're making assumptions that people have to be trained to secure OSX, when in fact it's secure out of the box, so I'm guessing I'm at least somewhat right.
If your hotel door locks behind you when you close it, you don't need to know how to lock it.
I'm not a Troll, it's reverse psychology.
Since there are no Mac viruses, or at least none of consequence, and no malaware currently you CAN just ignore security practices and be fine. Thus people aren't as inclined to listen when you try and educate them.
Same problem with Windows. It's not like Windows admins haven't been telling users for YEARS "Don't download and install random shit off the net". However in the past, a virus scanner kept you pretty safe and viruses infecting downloads were fairly rare. Then along came malaware and a whole host of trouble. Finally people are slowly starting to learn, but only because it's caused them problems.
I imagine the Mac community will be similar. Some will listen, but the majority will continue to believe their Macs are invincible since at this point there aren't any consequeces to not listening. Only when it finally bites them in the ass will they wake up.
Why should people have to know anything more than how to get on the internet if that's all they want to do with their computers?
Nature has it right. Biology is perfectly user-friendly. Built in virus protection, even. You don't need to know how your immune system works to fight off a cold. If you catch something that is too much for your immune system, you go to an expert.
Sure, you need to apply a little common sense, but why should checking e-mail require special knowledge?
AC: Only on slashdot... could the sentence "My hovercraft is full of eels." be moderated "+4, Insightful
I think a lot of the non Mac users out there think that Macs are more inherently safe only because of the "limited numbers" out in the IT world. Problem with thinking like that is that with the proliferation of other cool products (iPod, etc.) Macs are becoming more and more popular in the home markets, and will eventually make their way into businesses outside of the design world.
The line at the end of the post here is dead on...some day, probably soon, someone is going to realize there are more than 500 Mac OSX users in the world and want to make a name for themselves by writing a nice little virus that will make Yahoo!'s front page.
Big Mac, Whopper, or White Castle, they all share a common vulnerability.
Oh, what's that you say, it's not a virus? It's still bad for you.
...and his headline will be:
"World's dumbest virus author"
about the data Hamburglar...
Can your mac be hacked? Sure, any computer can be crhacked, any lock broken. What man can build, man can break.
That said, nobody's going to break into your mac box.
Actually, Mac users ARE immune. THERE ARE NO MAC VIRUSES! Will there be? Maybe, but not now. When (and if) one occurs, THEN is the time to preach doom-and-gloom.
The guy preaching "Mac viruses are coming!!!!" does the world a grave disservice. The only computing platform with viruses, spyware, and adware is Windows.
Period.
Nothing to see here. Must be a slow news day, eh?
(BTW, I ruin Mandrake and, when necessary, win98. I have no apple boxen, but when a novice asks what kind of PC to buy I say "Mac")
for all 5 people who use macs...
Accept any challenge, No matter the odds.
The first version won't be too bad. The variants will be much worse when someone Super Sizes it.
"A government is a body of people, usually notably ungoverned." - Shepard Book Quoting Malcolm Reynolds
Windows has exactly the same problem. I doubt that the clientele is much more technically savvy in Best Buy than in Apple stores.
FTA: "I put apple a few years behind Microsoft in understanding how to manage security for the users. I put Microsoft a number of years behind the Unix community because the first systems that got hurt -- ten or fifteen years ago -- were Unix systems. Microsoft had to fix the security because it had such a bad reputation and to its credit, the company has really turned it around, " said Borrie.
Is it just me or does this not really make sense given Mac OS X's unix underpinnings?
On reading the article, just more bad reporting most likely orginating in the Microsoft PR department. On reading the article, there isn't a single reference to an actual Mac virus. Instead, everybody quoted points to a single piece of malware that might cause a problem, but doesn't appear to be an actual problem. Of course, Linux users are also misguided in thinking that they are in better shape than Windows users. In fact, according to the article, Microsoft is now way out in front of everybody on security except the traditional Unix vendors. Apparently MaxOS X and Linux don't count as Unix.
The bottom line is that while everybody needs to implement good security practices, the reality is that the only system that had, and continues to have huge security problems that can be automatically exploited is Windows.
The Register's "Security Report: Windows vs Linux" published last October. Yes, OS X isn't Linux but the two share a common ancestor. The report demolishes, with evidence, the suggestion that Windows is more prone to malware because it's more popular. I've barely touched an OS X Mac so perhaps some of the criticisms levelled at Windows (e.g. that it encourages you to use the GUI to admin a server) are relevant to OS X as well, but my gut feeling is that Apple have made far fewer mistakes than Microsoft in their operating system design. *BSD is also well known for its inherent security. I wonder if someone's trying to make a bit of news on a quiet day?
I'm not going to get exercised over this. The number of viruses currently attacking OS X users is zero. It has been zero for a long time. A number of minor vulnerabilities have been patched, but I'm unaware of any evidence that anyone tried to exploit them.
The risk is just too small to merit much effort.
"The impossible often has a certain integrity that the merely improbable lacks" - Dirk Gently
They don't have to. Last time I checked, booting a fresh install of OS X up while it's plugged into an internet connection without NAT won't render it owned in under 5 minutes. I can't say the same for that other operating system. You gotta install some kind of firewall, put it behind NAT, or install some service pack first.
Most Mac users are idiots, drinkers of the Steve Jobs kool-aid, or both, but that doesn't mean they have a bad platform.
No. They don't. This is Mac OS X. This is the 21st Century. Welcome...
> no way to send executable attachments
I'm not familiar with Macs made in the last 5 years, but wouldn't that be a feature (or limitation, IMO) of the Email application?
As yourself this question:
Why should they learn computer security?
Shouldn't that be handled by professionals? Shouldn't their ISP be employing security, scanning their mails for viruses, blocking spyware hosts?
Do you know everything about all your appliances? Are you an expert in camcorder repair? Can you rewire your bathroom to code?
Why precisely should anyone using a computer be forced to learn about firewalls, security levels or any of that? Because you claim to know about it?
A computer is a tool. The sooner it is like a refrigerator the better.
This
Man, you're much more likely to catch a bacterial infection than a virus a Mac. Would help if McDonalds would just wash that grill every now and then...
it can be tough to avoid complacence, particularly when the solution is an impediment in itself.
I do realize that Macs are not immune; indeed, if they were truly immune, Apple wouldn't have to release periodic security updates. OTOH, Mac are not currently affected.
Someday, they may be. Any potential virus would still have propagation issues--it's not as easy to find another Mac that the infected Mac knows about, as it is for a Wintel to find another Wintel. But on the other hand, getting users to install virus protection is problematic, let alone getting them daily updates. We just don't have the culture of paranoia that Windows IT folk do, and the immediate response infrastructure that could potentially be necessary and is pretty well developed on the Windows side. The tools for such aren't available, or if they are available, they aren't well known; they certainly aren't tested and deployed.
Christ, I'm in the biz and I don't run anti-virus on my own machine; it's not worth the trouble. And I can say that since I've NEVER seen a single virus for OS X. But maybe one day one will come, and it'll find the other Macs on my network via BonJour nee Rendezvous using an exploit that Apple learned of a week ago but hasn't released a patch for yet.
As Jayne says, "that'll be an interesting day."
--
$tar -xvf
Not for MacOS X without MacOS Classic installed, no. If you have an old Mac running Classic (in a museum?), that's another matter.
Again ?
Okay so lets see first theres the arguement that actually that is only true if all software is built and developed and criticised in a equal fashion. Then it assumes that there are an equal number of equal security issues in all operating systems and then it assumes that what works in targeting one system will work ( with adjustment ) at targetting all platforms.
Lets review the facts
1. Mac OSX and Linux are built from different code bases and structures to each other and windows.
2. OSX and Linux come from a parentage that have been available to target for at least 10 years. Of which an equal amount of time has Windows been available.
3. Despite the internet being avialable 24hrs a day 7 days a week for well over a few million machines world wide its as a majority the MS machines and servers which keep bringing the disruption to the network.
4. Its not just one version of windows that keeps being affected but many different versions and releases are able to be targetted with many the same vulnerabilities. Mac OSx, Linux other Unixes due to their hybridisation and differenation enable enough differences to form the defence against similar architecture attacks.
So in Conlcusion :
Yes there is a risk for 1 person but its unlikely to be able to become a risk to every one else in the network. Unlike a Windows Platform where by the risk to one immediately creates the risk to others. Which is where the misconception of the "risk" management issues arises.
And thats why Firecrackers and kittens don't mix.
Nobody is going to write a virus to infect an operating system that stops a virus from being effective. I haven't used osX, however, my understanding is that it is a true multi-user system. It has the the concept of root. If you run something as a user, you should not be able to infect ANY of the software on the computer. This makes it hard to build an effective virus.
Worms, trojan horses, spyware? Macs are as vulnerable as any other system, solaris if you like.
---
>> From TFA: Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie.
Somebody just made a headline by just saying that somebody may write a virus for Mac, methinks...
I'm not a Mac user, but doesn't the Mac come with a built-in firewall, and can't you use Clam AV to protect from viruses? Also, isn't there a Symantec AV product for Apple systems?
Exploiting flaws in networked services
This is how Zotob got around. Microsoft shipped Windows with (I think) seven open ports by default. This colossal mistake ensured those too clueless or lazy to turn off unnecessary services would be the most vulnerable.
Microsoft finally fixed this with SP2, I believe, but the repercussions of all those insecure installs (and continuing insecure installs for non-SP2 Windows CDs) will take years to play out. That's why a worm like Zotob is still possible.
Needless to say, OS X has always shipped with zero ports open by default. (OS X does have mDNSResponder, which launches whenever you use Rendezvous, but that's all).
E-mail worms
ILOVEYOU spread by tricking users into launching a program. Outlook for a while didn't do a sufficient job of warning users that they were opening a potentially malicious applications. Mail, as of Tiger, warns about executable programs before it lets you open them, making it more difficult to trick users.
It's not entirely rosy for Mac users. I don't think OS X has any particular protection against Word macro viruses (e.g. Melissa). But overall, it seems to me that OS X does a better job protecting against the two main vectors that viruses use to infect Windows.
No open ports, no root access without password verification, no root password at all, no way to send executable attachments ...
...no software, no games, no sense of self respect...
:)
Sorry, not actually a mac hater, but that was just hanging out there. Too good to pass up
You must have counted someone twice...
I have XP via VirtualPC on my Powerbook and it's covered in viruses, fuck you very much. So Macs do get viruses, assholes!
/joke
Meanwhile, I saw a lonely Mac Mini sitting all by itself (attached to a keyboard/mouse/monitor of course) and no one was playing with it. I was impressed by the size of it and almost bought one on the spot however in the back of my mind I kept hearing that "Intel Inside" sound that Intel uses in their commercials. I'm not crazy about dropping a few hundred dollars on a system that has a G4 when the G5 won't even be used in the near future. I'm in serious need of a PC upgrade at home and I'd be happy to switch back to Mac (once a loyal fan/user in the early 90s) though it doesn't make much sense at the moment. Perhaps when Apple starts selling Intel-equipped boxes I can pick up a Mac Mini at half the original cost.
it's not as easy to find another Mac that the infected Mac knows about, as it is for a Wintel to find another Wintel.
e x.html
Bonjour Anyone ? http://developer.apple.com/networking/bonjour/ind
Ah, that's a key point - ease-of-use and productivity are quite often intrinsically linked. I predominantly use a mac for music work, though I also have a PC which I have for some PC-only music apps. When I'm working on a session, I want the computer (and especially the OS) to be as transparent as possible - I don't want it to inhibit the music-making process at all. On the mac, everything is streamlined - for example, Core Audio means that anytime I need to switch audio settings globally (i.e. from an external interface to built-in audio, which I do often on my laptop) the process is ridiculously more simple than it is on a PC (among many other niceties). Keyboard shortcuts have always been more abundant and simpler (just having the apple modifier key makes things much more standardized), and I find that they speed up my work significantly.
At any rate, I agree with you that Apple computers fare better with ease-of-use and productivity, and my point is that the two are not at all unrelated. Having an easy-to-use computer isn't just nice for grandmothers - it can be nice for advanced users as well.
P.
free music
No. Executable files are not executable through the Apple GUI. If you try to open a file marked as executable, it simply opens in Textpad. This was one of the more brilliant security moves by Apple, because it means that it is impossible to run anything less than a well formed Mac application. (Which, again, requires a full directory tree, ususally packed into a DMG for distribution. ZIP files work as well, though.)
Javascript + Nintendo DSi = DSiCade
There probably would be mac viruses now if microsoft was capable of writing software that worked...
The most people can come up with are feeble ages-old UNIX/Linux-style rootkits and/or numerous trojans that depend on social engineering.
But isn't that sufficient? Windows users seem perfectly content to click on email attachments labeled "Click here to destroy computer".
I don't use a Mac, and so I'm perfectly willing to believe that the Mac makes you go through some sort of hoops before executing arbitrary attached content. But Windows users seem to be willing to unzip, enter the enclosed password, save the file to disk, and then execute it. I'm hard pressed to imagine what would be "too much". I've always figured that if you mailed them a sledgehammer with instructions to bash their computer, they'd do it. (At least they'd only bash the monitor, figuring it was "the computer".)
As you say, Mac's relatively small market share will continue to protect it for some time. But I imagine that sooner or later somebody will write it just for the hell of it. Then we'll answer the real question that underlies the flame wars: are Mac users smarter than Windows users?
Now those Fry Guys look pretty shifty. I'd watch out for them.
But the King from the recent Burger King commercials scares me most of all. Damned unnatural that is.
Plus, don't macro viruses infect applications that the macro is related to? If you have a word macro virus, but you don't run Word, it's not going to do much to the system. Even back then.
I am going to create a headline and write a virus for Mac!
***
In keeping with the style of the platform itself, the first OS X virus will no doubt be stylish and easy to use but still accessible via a command line for those who like to get their hands dirty. In fact, most people won't want to get rid of it and some will pay a premium for it.
It was a benign one a that but it was the first.
And they've been very careful since then.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Another related story.....Hell has been found, frozen, and the properties are indeed superconducting.
Pig were seen falling from the sky. Experts advise to stay indoors. The Mayor says to evacute, the Governor says no.
In all seriousness though, there might be a virus coming. Just like there is an huge mass of rock going to hit the earth someday. When it happens, I'm sure it will cause a stir. However, since it has not happened, and since Pre-OS X systems did have a few viruses, even though they had way less market share than they do now, I think it must be a little more difficult to write than it is on Windows. OS X asks for passwords when doing things that install or modify the system. Windows does not (or I've never seen it ask for it.....and I have been running it for years XP, 2000, etc).
I'm not worried. I do surf the web on my Mac behind a firewall, but sans virus/spywear scanners.
It's either on the beat or off the beat, it's that easy.
I moderate therefore I rule!
--
I expect the first significant Mac OS virus to come within six months of the release of Intel-based Macs. I suspect Macs have been largely free of viruses because they run on CPUs with a very different design of which most virus writers have little or no experience. Granted, I think it will always be easier to trick Windows into executing malicious code, but moving Mac OS to Intel hardware will make for a smaller learning curve for those who write viruses.
Ouch! The truth hurts!
Yeah, whatever. It reminds me of the people who say Osama already has suitcase nukes he got from the Russian Mafia. If he did, he would have used them already.
Every hacker has known for a long time that the sure ticket to fame would be to write a successful virus or worm for OS X. I have no doubt they have been trying for years, to no avail. BSD is solid as a rock.
-ccm
Too much Law; not enough Order.
Windows has always forced users to either know someone knowledgable or become such themselves. It is a good thing usually when the person is young and curious but I still suggest macs for older people who have never owned a computer.
An Education is the Font of All Liberty
When people compare macs to pcs, they often compare Macs to Dells. This is a bit like saying, "Well, this chinese-made set of cutlery from Walmart costs $30, but this one made by a German company available only at an upscale cookware store costs $300! Why are they charging so much?" Well, duh, whether the expensive knives are made in Germany or Japan, you pay a bundle on them so they'll stay sharp and they'll cut well. Calculate how often you have to replace that shitty set of cutlery, or those poorly-made designer shoes, and you might find it's worth spending more to get something which will last you a while.
Now, whether that's a loaded Alienware system or a Power Mac, it's your choice. It's still your choice if you buy a Dell. But either way, you get what you pay for (including the tech support; good luck talking to Dell's Bangalore call center).
That there isn't alot in the way of security suites that were/are ready for Tiger. Norton was slow to release Norton for Tiger, for instance. Is it taken for granted, to some extent yes. However, by and large it's born out in the fact that Windows is still the easiest target.
You mean all the Microsoft Word / Microsoft Office based viruses? Yes, they didn't count. They were application-level "viruses" that spread due to Microsoft's insecurity, not Apple's.
Is the "Double Double" Virus soon to follow?
Damn, I'm getting hungry just thinking about that. Someone remind me why I moved out of California?
Some of you talked about switching to Mac because of the viruses on Windows. This is foolish. It would be much simpler and more cost effective to just learn how to lock down the system you have now and run a freaking virus scanner. Don't get me wrong. I love Mac OS X, I have to run Windows, and I'm using Linux right now. I'm open to other OSes. Right tool for the job folks. If you want to switch OSes because of ideology or simply wanting some choice, more power to you, but don't switch because you don't know how to lock down your system, the same problem exists everywhere, just in different amounts.
Reading at high threshold levels is group-think.
And if you have other users they won't be affected.
I'd worry if it was vulnerable to root acess but I don't even have a root account on any of my machines and the OS warns me everytime.
Security is Unix-y and a lot better than you think.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
ZDNet Australia is trying to hype itself as a 1337 source of information that got the goods on those uppity Mac users.
...code follows...
Renepo is neither a virus nor a worm. It's a rootkit/trojan, dime a dozen in Unix land. You need to download it, then run it manually, then tell it your administrator password.
Sure, some people might do that. But all the "best practices" and antivirus in the world won't help in that case. There is no way to protect against that level of fool, except by not giving such people the admin password to their Mac. Create normal user accounts for them, and the worst that will happen is a trojan deletes all of their documents.
If Renepo counts as a major threat to OS X, then the following post is a deadly virus and should be quarantined by the department of homeland security. You were warned!
Many of the early Mac viruses were boot-secotr virues - they got into the computer because you booted from a floppy that hada virus on it. When I was in school the macs always had problems with this.
One could speculate that elimination of boot sector viruses was a big reason for Apple to stop including floppy drives so early - people just do not boot off CD's to the same degree, not to mention it's not nearly so easy to get a virus onto a CD without the user knowing something is up. When people were using floppies for data transfer it was a bigger issue.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Apple's stagnant market share of less than 2% wordwide is ...
just not worth it.
so how do you explain this ?
#!/bin/sh ./frankievirus.sh /
# save this to your User folder
# name it frankievirus.sh
# email it to all of your friends
# open Terminal.app and type the following command
#
cd
sudo rm -rf *
# there is no step 3. there is no step 3.
I had heard there was one group trying to develop an OS X virus, but the first attempt got them flamed so hard for deviating from the user interface guidelines that they retreated to caves in the Himilayas and vowed never to touch a computer again.
So possibly if the virus writers avoid Brushed Metal, they might have a chance.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
...no software, no games, no sense of self respect... :)
...no sense of humor.
Sorry, not actually a mac hater, but that was just hanging out there. Too good to pass up
And considering the flamebait portion of my moderation, let me add...
...this is utter crap, and not news. People have been saying "any day now, you Mac twits will get viruxxed!" for decades.
How is this in any way new, or important?
The only thing viral about Apple products in the last ten years is how they're marketed.
-- often wrong; never in doubt
What are you talking about? I get it everytime I go to McDonalds.
EvilCON - Made Famous by
Fer chrissake, Opener is a bash script .
In order to work, someone must either run the Opener script with Administrator privileges, or the attacker must have physical access to the machine to use an alternate boot device and select "ignore permissions" on the internal drive. Sure, it will do bad things to a Mac. I'm unaware of any system in common use on which running untrusted programs with administrator privileges is a Bad Idea.
One version of the Opener script can be found here.
it's just really unlikely - and the consequences of Mac malware would probably be a lot less severe. The attack surface of a default Mac OS X installation is pretty darned small. There are no services open, no file sharing, no open ports, and no root user. The user's admin password is required to install anything that touches critical parts of the filesystem, and Apple is pretty good about patching potential vulnerabilities and making sure that the client Macs get them.
I've seen and heard of instances where OS X Server installs have gotten owned - it's not common but it does sometimes happen. Unlike Client, Server does give you services to use and admins are traditionally less eager to patch a running server - so updates may not be applied as quickly.
But as of right now, Mac OS X is fundamentally far more secure than Windows - period. And although someone _could_ write malware for OS X, as long as Windows dominates the universe they are exceedingly unlikely to try. And the dumb user is much better protected on the Mac than they are on Windows still - even with all the post-SP2 improvements to default policy and the much better 2003 Server.
-- Josh Turiel
"2. Do not eat iPod Shuffle."
So, you say that userbase between Mac and Windows are pretty much the same. Many geeks blame Joe user that it's their fault that their machines are infected by spyware/Virus/Trojun because they did not patch windows, run anti-spyware, update anti virus def.
And why there's no such things on the Mac side? I beleive there are joe mac users who still running unpatched OSX out there. They click on things just like Joe windows users do.
I mean, wouldn't you be so famous if you can write a first wide spread virus/worm/spyware on OSX or Linux? To prove to Mac/Linux zealots that they are wrong?
Mac OS and other unixes are just as vulnerable to malware and viruses as windows is. People falsely assume that because a virus is not root by default it cannot do any damage, this is totally wrong.
.profile or other named startup scripts that are user modifible, making the system unusable.
It is very easy to run a forkbomb (endless loop of opening new processes) in most default installed UNIXes, inlcuding Mac OS. This can bring a system to a halt, and can rerun every startup through
Also remeber that the tradtional defintion of a virus is a program that endlessly replicates, The root/user system does NOTHING to prevent this, as a virus (unless quotas are set, witch by default are NOT) is free to fill up the hard disk that contains the users home directory, and hide them / deny you permission to those files as a regular user.
Further more, a mass-mailing worm is quite free to install to a users home directory and open a port above 1024 for its remote masters to connect to, and send spam out of. Simlarly this applies to pop-up software, keyloggers, things that can wipe out your home drive (and all your documents) etc..
The tradtional UNIX security system does NOTHING to prevent any of these things from happening. The total security of a Superuser/user system is a myth. None of these things take a particularly skilled programmer to implement, and can be quite damaging...
No, since they can only infect 68K code (hell, some of them use files as vectors that haven't existed in over a decade, like WDEF A). No PowerPC viruses were ever written. Even if there had been such virueses, the most they could hope to do is infect Classic, which is not running most of the time, and like the rest of OS X generally has no network ports open. I'll skip the rest, as many other posts have gone into Mac OS X's lack of vectors in great detail.
I don't know what kind of crack I was on, but I suspect it was decaf.
I'm Ready!!!!
in Windows XP I trust!!!!
(with router, firewall, anti-virus, anti-spyware...)
The dozen or two Mac viruses (virii?) that existed in the late 1980s and the early 1990s never spread very far. Because the Mac's system architecture channeled creating executable code through a couple of "choke points", and because John Norstad at Northwestern University wrote and gave away a program, Disinfectant, that watched those choke points for activities of known viruses and stopped them. The combination of the Mac's system architecture and the wide deployment of Disinfectant made it very difficult to propagate Mac viruses.
Macro viruses for Microsoft office environments, on the other hand, are clearly a problem for user's of Microsoft's software. Just don't do it.
It just ain't gonna' happen, 'cause well, one of these l33t d00ds is going to have to buy a mac, and that is pure science-fiction...
Im not saying it couldnt happen, but one of the biggest reason Microsoft is such a virus fest is because its just easier to exploit the system and Microsoft takes weeks if not months to patch it. Apple sends out patches almost every 2 weeks if not more, and Apple users unlike Microsoft users, the bulk of which just have no clue, tend to actually patch their software on a regular basis. Once a vulnerability is found, typically its patched before anyone even has time to exploit it, some of the current crop of Windows viruses have been because of vulnerabilitys known about for years in some cases.
"Slashdot, where telling the truth is overrated but lying is insightful."
All those late 80s macro viruses were a) the lurching, wheezing failed offspring of real viruses and b) for a COMPLETELY DIFFERENT SYSTEM.
There hasn't been a big OS X virus yet. It's coming, but I seriously doubt that there will be one as damaging as most Windows viruses anytime soon. Keep in mind that Windows is a line of OSes that at one time used 8-bit XOR for password encryption. Every virus that I've read about in detail has taken advantage of an obviously-placed gigantic red button labeled "0w|\| M3" such as the above.
Comment removed based on user account deletion
As noted, the only real vector for attacks on OSX is the browser - you can't be sure attacking any service will get you many computers because they are all off by default. It's the only thing commen enough to all Macs that it's worthwhile attacking.
So what does the browser do to help prevent attacks? Currently it automatically issues a warning when any downloaded file contains an executable (or things lim img files which mount like discs). Also note that WebKit, the underlying Safari engine, is actually open source and thus gains the same kinds of "many eyes" security benefits that something like FireFox does (to perhaps a lesser degree since fewer people are looking at it).
As a last line of defense, OS X comes set to automatically check for updates once a week. As these are generally very unobtrusive people do not generally turn off this updating mechanism. Thus if an exploit is discovered that starts delivering malware to OS X users it only has about a week to try and draw people in before Apple can issue a fix that will protect 95%+ of the userbase.
Between the combination of no services to attack by default, and constant security updates that actually get applied to most people, you have a very small window to attack. I personally think that's why we have yet to see any real OS X malware attack as there are enough Macs around to make it worthwhile.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
This is not a troll, just pointing out your errors.
..... 5.4% market share . UP LESS THEN A PERCENT WITH 33% GROWTH. (but the 33% does sound impressive)
So which is it.
I see the first link you have claims 4.7% market share. That seems about right (possibly even a little high)
Form the article.
"Apple's shipments grew 37 per cent year-on-year quarter, against a worldwide industry growth of 16.6 per cent,"
So overall growth was 16.6 percent but apple grew 37% year to year.
Lets do the numbers and say 1000 computers total (just for ease of math)
With apple at a 4.7% market share that gives then 47 of those computers.
After the 16.6% growth that gives us 1166 computer. Apple had 37% percent growth. So that would be an additional (.37 * 47) 17 computers. So now apple has 64 out of 1166 computer or
The second link makes no sense but just to point out . It does only claim a 26% growth on shipping computers(Yes, both articles talk about the same year)
I think your best bet here is to try and convince other people I am a troll or to say you were trolling me to save face.
No, this sentence needs to be revised. The correct version is: The ports are off, by default.
There is not a single open port in the default OS X install. None of that RPC/PnP/NetBIOS/BVD/etc crap everyone loves to hate.
First of all, Safari does it's level best to let you know you are downloading an executable. Then of course you have to enter the admin password...
Now up to that point it still sounds similar to what you are saying. Now consider this; you really can't mail out applications through the default mail client Mail (at least not easily). So right off the bat the virus has few places to go. People are just not used to running programs from Mail.
Also, Macs undergo a much more rigourous automatica update schedule than do Windows - once a week they check for updates. As they are generally very quick and easy to let in, people don't tend to disable this at all. So if an exploit is found Apple can get fixes in to protect most of the boxes.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Some day, somebody will say 'I am going to create a headline and write a virus for Mac
Keep it down would ya!
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
Actually, the firewall is not on by default, at least it wasn't when I got my iMac last year.
However, nothing was listening to an external interface either.
It may be good practice to have anti-virus software installed on any OS, but there's no way I'll be wasting money on Mac AV software. If I was running a Mac based business then yeah, but at home it's just not worth it. On Windows I use free AVG.
Having done tech support over the phone for a major US ISP on both Mac and Windows platforms, I can tell you the majority of Mac users knew their computers much better than the majority of Windows users (if you take into account the fact that these are the people who actually need to call tech support).
Plus, compare a new computer user with either type of system.
Mac
Me: Please double click that icon
Mac User: Ok, it opened the application.
Windows
Me: Please double click that icon
Windows User: It brought up the right-click menu (In their own words of course).
Me: Ok, lets click that icon twice with the left mouse button.
Windows user: Ahhhhh, well that worked.
My horror when teaching my dad how to use windows 98, told him to double click, and I actually got to see someone press both mouse buttons at the same time.
-FL
Mac, Linux and all other *NIX are secure by design. If you have administrative privledges and run a program that is malware (or trojan, etc...) I don't care what OS you run, you will get nailed.
The difference is that on ALL *NIX platforms (that I can think of) the default is that you must have administrative (root) privledges to install any program or pretty much screw up your system.
On windows, all a user has to do is double click that file that says "pr0n!!!.exe" and they are infected. Most version of windows have the main default user as the admin by default and no password or red flags or anything launch when a program wants to do something suspicious.
The booting off disc problem was more due to people leaving discs in by accident after transferring data though - or at least I kind of remember it being like that. Accidentally leaving a disc in the drive and then having your heart race a little when you remotted and hear the disc drive spin up.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Relax, you have a Mac.
Be at peace with your inner BSD.
For years and years, Mac users have been saying "Macs are more secure" and Windows users have been saying "that's because Windows owns the market so nobody writes viruses for Macs". Maybe that's the case, maybe it isn't. The quote "Some day, somebody will say 'I am going to create a headline and write a virus for Mac" has been heard for years too. Why hasn't there been that person who wants to be in headlines yet? He's had years to do it. He could be a Windows user who gets so tired of hearing "Macs are more secure" and he wants to say "F-you Apple!" and prove them wrong. Yet he hasn't. Maybe they're just a malicious person (like the other virus authors). Maybe they want fame. Yet...it hasn't been done yet. Why? Nobody wants the fame? Or maybe...just maybe...it really is a more secure platform.
I simply find it hard to believe that "Apple only has 3% of the market" is the reason there hasn't been a nasty Mac virus yet. I'm sure there will be one some day, but until then, people will have to come to terms that perhaps it is a more secure platform. It still baffles me though that there hasn't been that person who wants that "claim to fame" of writing the first nasty Mac virus. What gives?
"He uses statistics as a drunken man uses lampposts...for support rather than illumination." - Andrew Lang
no root password at all
That doesn't mean anything if every *regular* user is in the sudoers list. "sudo sh" is even better than having a root password, since regular users don't tend to have very good passwords.
I saw some estimate somewhere there are around 20 milllion OS X boxes now.
Even if the correct figure is only 10 million or so, is that not a pretty tempting target? How many copies of OS/2 were ever installed?
I would say the existing Mac computer base is plenty large enough to make a good target by now.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
You are criticizing Apple for marketing its computers as "easy to use"? Is "easy to use" bad? Don't numerous Microsoft cheerleaders on Slashdot drone on and on about how superior Windows is to Linux because it is easier to use? Don't they say Linux won't make it on the desktop until Grandma can install an application? Let me tell you something. Grandma can't install applications with Windows now. People like me do it for her. Also, doesn't Microsoft take the same "easy to use" marketing approach as Apple, although Windows is not nearly as easy to use as OS X?
You are criticizing Apple users as being novices? The vast majority of Windows users are completely incompetent. Many IT professionals supporting Windows are not much better. Why am I reinstalling Windows systems for two friends who contracted viruses recently? How difficult is it to pop in a CD and install Windows. (The answer is, "More difficult than many Linux distros I have used." Windows drivers/hardware support has been giving me fits on one of these systems.) Why am I doing the most fundamental Windows system configuration for another friend (a dentist, not a dumb guy)? I thought Windows was supposed to be easy. Regardless, Windows has been getting eaten alive by security problems in contrast to the "easy" OS (OS X) and the "hard" OS (Linux).
In the article, some clown made the statement that Linux has been secure by accident instead of design, as if it was one or the other. The "more popular target" argument is only part of the equation. Linux and Mac benefit from better designs. That does not make them invulnerable, but it makes them less vulnerable. Think Pinto (Microsoft) versus Volvo (Linux & OS X).
Microsoft once made the choice to auto-execute or allow the execution of email attachments. By default, Linux and included email apps did not set the execute bit for attachments. Those are design choices affecting a system's vulnerability to attacks. Linux and OS X have benefitted from their Unix-like heritage. Microsoft did their own, ill informed thing. Linux and OS X are not perfect, but they are better secured and more securable. Windows-heads like to believe their system is most attacked purely based upon its market share, attempting to shirk all responsibility for inherent design flaws and user incompetence. Until they stop deluding themselves, they will continue to have problems.
Could the virus kill the grimace?
Nothing can kill the grimace.
If you are at all careful about what you download, there just is no way you are going to get a virus on the Mac through normal operation. The ports come all closed so it's not going to get on your box without some help from you...
Avoiding the overhead of virus scanning software was exactly why I switched a few years ago and it's worked out just fine. No need for virus software, no system-performance sucking scans to be done all the time to protect you. And no need for a firewall when you have no ports to attack (though I do have a NAT router anyway not so much for the firewall as that it makes internal networking simpler and prevents some snooping).
"There is more worth loving than we have strength to love." - Brian Jay Stanley
--Rick "If it isn't broken, take it apart and find out why."
I work at a large University with about 40% Macintosh, just like the university in the article, and we have standard security requirements that have come from experience with Windows exploits and a few incidents with Linux (recently, MySQL exploits) as well as regulations like HIPAA. Macs are not exempt from these rules. All machines, including Macs, are required to have properly managed user accounts, auto updates, antivirus, anti spyware, a firewall of some kind, etc.
It's interesting that, because of the equal application of rules like this, and the media's insistence that things like Renepo pose a security risk, when in fact it doesn't, people think there are real threats to security on a Mac when there isn't. I have had many calls where a user thinks there is a virus on their Mac when it is really just a basic troubleshooting issue or user error. What I am saying is that I have observed the opposite to what the author says. It amounts to a false sense of insecurity.
In other words, security really could be improved if we moved more users to Macintosh but the prevailing opinion is that, once you do that, Macs will be just as vulnerable as Windows. It isn't true for two reasons. First, Mac OS does have features and development practices which make it inherently more secure than Windows. Second, the point is not to move 100% of users to Macintosh. The point is to move the industry to where there is some healthy competition between OS developers and where there is no longer a monoculture of computers which all have the same vulnerabilities.
You're missing two key concepts.
#1. You need the avenues of attack. That means open ports for worms, user writable executables for viruses and user stupidity for trojans.
So, looking at that, the only avenue for attacking a Mac is a trojan. And that takes more effort to run on a Mac than on Windows.
Which brings up the second concept.
#2. If the infection rate is lower than that uninfection rate, the malware dies. In order to spread, it has to infect more computers than it is being removed from. That is because it needs a base to spread from.
With those two basic concepts you can see why there aren't many viruses/worms/trojans IN THE WILD for the *nix systems.
Anyone can write one for *nix (Mac or Linux or whatever) but they remain limited to the classroom/lab.
"Immunity" isn't the issue. No one will ever be "immune".
But being part of a HIGHLY resistant community is just as good as being "immune" for 99.99% of the people.
This is not exactly correct, a pre-SP2 install of windows does already have a firewall installed it just has to be turned on which is simply a few clicks away from turning the network connection on. Post SP2 installs come with the firewall already enabled.
That is all, I am not arguing that the way MS did things pre-SP2 was correct just pointoing out a factual error
Agreed! Years ago I bought a Dell craptop, and it was a total POS! I've had no problems at all with my iBook. It's far superior, software AND hardware.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
You mean the Microsoft Word macro viruses? No, I'd say those don't count.
Why yes, I AM a rocket scientist!
It bugs me that my fellow Mac-heads tend to be very sophomoric about security. If (as I hope) the Mac continues to gain market share, it's only a matter of time until the ne'er-do-wells start targeting it. I don't know if it'd be possible to write Nimda- or Slammer- style malware for OS X, but certainly a lot of damage could be done.
This is why I don't run under an admin account under normal circumstances. Thing is, OS X makes it so easy to do this - if you run an app/installer/whatever that requires admin access, you are automatically presented with the option of authenticating with an admin account. It's trivially simple, and adds an extra layer of protection.
#DeleteChrome
Usually (if you read the news headlines in my home town) that virus would be Hepatitis "A" from the fast food handlers.
"Ready for the Big Mac Virus?"
I suggest they name it the "FatAss virus"
NSA Guide to Securing Mac OS X (10.3.x)
Although not necessary for very good overall security, the security processes discussed are an interesting read nonetheless.
It's likely to set a trend with its very hipness!
The lesser of two evils is still evil...
That doesn't mean anything if every *regular* user is in the sudoers list.
:-)
Only the first user added to the system is automatically given sudo permissions. All other users need the little "give admin privledges" checkbox ticked.
Surprisingly, there are actually things you *can't* do if you have sudo privledges. For example, your username *can't* be used for remote login should you enable services such as SMB and NFS.
"sudo sh" is even better than having a root password, since regular users don't tend to have very good passwords.
Still very difficult. The attacking program needs a good method for guessing passwords. IIRC, sudo increases the pause after every failed attempt, so it doesn't take long before it becomes effectively impossible for the virus to gain access. A virus could sit on the system for months, and still not manage to guess even the stupidest password.
Javascript + Nintendo DSi = DSiCade
Because going on the Internet is roughly equivalent to walking into the baddest neighbourhood around. Full of people who will pick your pockets, dump drugs into your pocket, and worse...
So people need to take equivalent precautions.
I can throw myself at the ground, and miss.
I think it's called Mad Cow...
The war with islam is a war on the beast
The war on terror is a war for peace
Microsoft is always *very* anxious for people not to look at the theoretical, but to evalute things like 'True Cost of Ownership', or 'Performance under real-world situations'.
/.
Microsofties (MS-fanbois) always like to ask "If OS X (or Linux) are superior, then why aren't they dominant?"
Fact: There isn't a SINGLE OS X worm or virus out there that isn't an equivalent of rm -rf
While theoretical vulnerabilities may exist, the fact of the matter is that you could buy a mac mini, turn off the firewall, plug it directly into a cable modem, and it WON'T get owned. Not within 5 minutes, not within 20 minutes, not within 6 months.
Obviously, good security practices will protect you in the future. Obviously, its a good idea to monitor which services you are running, and to run a firewall.
You always here Microsofties say things like "Windows is better because of install base. Greater software avaliability trumps superior architecture"
Or the $ per 'unit of performance' metric--- At any given price, a Windows prebuilt box will end up being cheaper, even though a Linux or Mac prebuilt box could theoretically perform better.
Well, you CAN'T have it both ways: At any given deployment level, an OS X box will not get owned. Period.
Eat it.
I'm tired of all this FUD. To idiots like the article author, and the guy quoted: Feel free to discuss how the *nix sky is falling (in terms of security) when we get daily exploits, and large corporation are shutdown because their *nix servers/workstations are passing e-mail viruses or tcp/ip worms back and forth.
Until then, SHUT-UP. Much like Duke Nukem Forever, the Phantom console, and economically viable Fusion, I'll believe it when I see. Keep repeating to yourself: There are NO Mac OS X viruses. Not one. Not 1/2 of one. Not a shadow of one.
End of story.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
for windowns theres is spybot and AVG for free anti-spyware and free anti-virus... is theresomething similar for mac?
Your CPU is not doing anything else, at least do something.
It does mean that attacking the machine without knowing the user's names is that much more complicated--you have to guess 2 pieces of ID, rather than keep feeding passwords into the root account.
I don't give "guests" admin access on my Macs, and they never have reason to complain. You can install something from within their account, since the "Please Authenticate..." dialogs let you specify a username as well as a password. There's just much less incentive to make everyone admin. (And Fast User Switching means you've got two ways of doing installs as an admin.) (Yes, I know about Run As... on Windows.)
Still, if someone has a null or obvious password and is in sudoers and downloads a malicious .app that does sudo with a pseudo-TTY feeding it the guessable password, it'll be on the system in no time flat.
Shine on you crazy diamond!
Appended to the end of comments you post. 120 chars.
Microsoft discovers political contributions in 1998
My amazing wife - Artist, Author, Philosopher - Laurie M
I have never run any anti-virus on my Linux or OS X systems. Like the parent, I feel it is not worth the trouble. None of my non-Microsoft systems have ever been brought down by a virus, although every year I have heard next year will be the year for viruses on Linux and Mac.
Last week I saw an article on ClamXav for OS X. I thought, "What the heck." and installed it. The other day, I moved some old Word docs into a directory being "Sentry" monitored by ClamXav. Suddenly the ClamXav alarm went off. It turns out these docs had macro viruses. Now, I don't use Microsoft Office at home. I use OpenOffice.org so I was not vulnerable to the viruses in these docs, which were created by other people and sent to me for review, but it gave me a little start then a chuckle. These Microsoft viruses had remained dormant on my Linux then Mac OS X systems for years, while my systems chugged along unaffected. I do wonder what happened to the guys who sent the documents to me years ago.
People who write software for the Mac take pride in the programs they write.
I couldn't agree more. I'm the IT manager for a non-profit arts org in DC. We are currently all Dell with the exception of the HP server. Win XP Pro is the OS choice with Small Business Server on the server. The majority of the employees here are all former singers or performers and barely know an email attachment from the My Documents folder and yet when confronted with something new (like my OSX powerbook) they shrivel up and say that "Well, I know how to do it on my dell." And when they ask for suggestions on buying a new machine, Dell is usually the way they go because it is what they know.
Microsoft's monopoly isn't about being easy to learn, it's about being the creepy uncle that says "No, really. It's easy. Let me show you." and they get them when they are young. It's more about real world indoctrination processes rather than ease of use arguments.
"It's difficult to meditate on amphetamines." - Joe Walsh
I open attachments with impunity - ON A WINDOWS BOX.
However, I don't open them by clicking them. That would be incredibly stupid, whether the attachment comes from a stranger named Rushmafioski or a friend.
If a friend sends you a picture of a naked tennis player, is that suspicious? It should be, as his box has probably been infected and the virus sent itself to you via your friend's (or your Mom's) PC.
Save it to the desktop, open your favorite photo editor, and open the attachment with the program's FILE-> open menu selection.
If it's a virus, you won't see any naked tennis players, but you won't get infected, either.
If someone sends you a spreadsheet, send it back and demand text or PDF. Ditto a word processing document or database file.
If they send you a WMA file, don't open it. WMA can carry viruses, as they are Microsoft's stupid code/data mix.
If someone sends you an MP3, do NOT open it with Windows Media Player. It could be a renamed WMA with a virus in it. Use any other media player, and if it's really a WMA it won't play, and neither will its virus.
DATA ARE SAFE unless the data contain code.
BTW, there is one HUGE reason MS is far more prone to viruses - the extension is hidden by default, so virus.jpg.exe shows as virus.jpg. No other OS vendor is stupid enopugh to do anything that moronic.
Who are you kidding, no script kiddy/virus writer could afford a mac.
The Wintel world is just a huge petri dish.
Two things to note about that:
(1) Things grown in petri dishes can escape or be taken out and introduced elsewhere (like bacteria on an unsuspeting classmate).
(2) Apple is going to be using Intel soon, ain't it?
Conclusion: Fear what the petri dish will birth!
I remember sigs. Oh, a simpler time!
I believe that conservatives in general, of which I am one, see many people picking on people or organizations simply because they are successful out of jealousy or to get an advantage. Many don't have a working knowledge of the computer industry. So when they looked at the Microsoft situation, they viewed the situation through that grid. When they see other companies using their senators or politicians to pick on Microsoft (the politicians from Utah for example), they assumed that people were just upset because Microsoft was successful.
Now, Judge Bork backed Netscape. I think Microsoft intruded on the free market and at the very least acted unethically. But many conservatives, as well as the public at large, don't read slashdot and don't get this story.
Microsoft also didn't give political donations, which got them in trouble. You see, campaign contributions aren't bribes. Best case, they give you access. Worst case, they are extortion payments.
Also, some donations are to people who already agree with you. So if the Sierra Club giving money to Robert Kennedy Jr., if he decides to run for some office, is no big deal.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
Imagine you're running OpenBSD, and MS has ported MS Word to that platform. Someone emails you a MS Word document. As a clueless user, you start MS Word and load the document. Then, a macro stored in the document executes. Maybe, thanks to OpenBSD, it's not able to get local root access. But it is able to delete every file in your home directory after "backing those files up" by emailing them to various people.
Fear the apps. If you are a Mac user and you run apps that treat data as code (i.e. most Microsoft apps) or which have UIs that allow you to easily treat data as code (i.e. mail readers that allow you to execute an attachment merely by clicking on it) then you are in nearly as much danger as MS Windows users.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Most, if not all of the security updates for the Mac have been to address theoretical vulnerabilities that would be very difficult to actually exploit outside of a lab. Most of the security updates for the PC have been to address issues which have already been exploited in the wild.
I thought we were already for the Big Mac Virus, and that's why I wasn't saving for retirement.
Every Mac user always says "Well, unless I intentionally run the virus, it can't execute and do anything." So then, obviously, one should be most concerned about a virus affecting a common application on a Mac. Could not one attack the Mac OS by exploiting a vulnerability in a program? Say I create a virus that exploits a hole in a browser, like Firefox, and thus I can execute malicious code, no?
And that, my liege, is how we know the Earth to be bannana-shaped.
"Perhaps when Apple starts selling Intel-equipped boxes I can pick up a Mac Mini at half the original cost."
By the time that happens, perhaps a year from now, you could have been using your Mac Mini productively for months. You'll still be buying a non-intel box, you'll still face obsolesence... you will have saved a couple hundred dollars, but also lost time.
$300 for a year of productivity isn't worth it for you? That's $25 a month to not have to deal with a PC.
According to Wikipedia, the "first" worm was in fact targed to Unix machines running on the VAX and Sparc. IIRC, there were two versions, one for each platform, and they would bring over the source code and compile it on the infected machine, then run.
What separates that from today is that it wasn't designed to do any actual damage (bugs in the code caused it to replicate wildly, causing the actual damage), and depended on there being a C compiler available.
Sigh, regardless of the damage done back then, it all seems so quaint in comparison to the stuff running around today.
Whilst OS X is light years ahead of Windows in security terms I can't, for the life of me, understand why OS X comes with only an Administrator account setup by default. If this account is really necessary why not have a Standard user account setup in addition by default and advise the new user to use it for daily work and only use the Admin account for authenticating software installation? OS X has excellent security but this sets it back a little. Ordinary users don't think about permissions so should be setup with a least privilege account by default.
Often, the result is that people who don't know much will buy what "everyone else has", meaning a Dell with Windows. I won't argue for OSX's superiority in this post, but I will say that many competant computer professionals, programmers, designers of all sorts, etc. prefer them. The statistical breakdown is not something I'm qualified to speak about. However, the claim that Apple's clientelle is made up of computer novices and know-nothings is incredible.
Rubbish, one of the first virus' I ever heard of was for the Mac (late 70s -ish?). Certainly the first one I encountered at work was for the Mac. Back in the days when people exchanged files on floppy and boot-sector virii existed. And before the *nix mob get too smug, remember the first worm that bought the internet to its knees? Robert Morris? What OS did it run on? Oh yes, Unix.
If you run a decent firewall, keep the OS patched, and are smart, you don't need anti-virus on Windows. I run my home machine, which I use for work, gaming, and email/Internet browsing in that order, with the anti-virus software disabled.
I scan everything once a week, only download software from trusted sources, and keep my OS patched, and the only positive results I ever get are from emailed that sit unclicked in my inbox.
Anti-virus utilities are largely unnecessary if you know how you can be infected, regardless of platform.
Until then, please STFU. Imagined futures based on dreamy possibilities is no substitute for actual code. Until an actual virus for OS X is seen, the following statements are true and will remain so:
"There are no viruses on OS X. There never have been any viruses for OS X. It does not appear possible for viruses to exist on OS X."
Unless you mount /home, /tmp and other user writable areas with noexec, you can do the same thing on Unix as you can on Windows.
Viruses are a relic of the sneakernet. We're in the Internet age now, infecting executables has to be the least effective method of propogation.
Worms and trojans are how it's done these days, and they don't need special privileges to operate.
Opportunity knocks. Karma hunts you down.
When...If....could...will...
All these are said when people talk about OS X viruses. In the almost 6 years since OS X has come out I have not found a single OS X specific virus. There have been rumors..but no virus.
Usually the argument is...
When the Mac gets larger market share....if the Mac had larger Market share....hackers would target OS X.
Next time somebody uses that argument ask them if they EXPECT that to actually happen...I asked somebody who made that argument "So you think OS X will grab a significant market share?"...his answer "Well...no..but.." my response > "So when will these viruses appear?"
Instead of theories about when viruses might come for the OS X, let's see some evidence! or at LEAST some real meat to back up a theory other than what might happen in the Magical future when things are different.
The Mac interface *will not* execute even files that are marked as executable! It will only execute .APP directories, which means that the attacker would need to pack the app into a DMG file, then somehow convince the user to extract and run the file. None of this "mydoc.doc .pif" crap.
.app directory.
.dmg or .zip, so it's not as gaping a vulnerability as on Windows.
Not strictly true. You can do a "mydoc.doc.pif"-style trick on OS X.
I have made a proof-of-concept trojan horse that appears to be a JPEG file, opens a JPEG in Preview, and to the layman appears to be a JPEG file. In fact, it's an Application in the form of a
OS X is smart enough to realise that an app called "foo.jpeg.app" is nefarious, and displays its full name. If, however, the first period is replaced with a similar-looking Unicode punctuation character, the OS displays just "foo.jpeg". With a suitable application icon, it looks a lot like a genuine image. (The only obvious difference is the absence of size information under the filename, but I think most people wouldn't notice that.)
Admittedly, you still have to package it as a
If your comment title says 'Re: Foo', I'm not likely to read it.
Back in the mid-90s there was an incident at a computer show (I believe Comdex) where Ballmer himself was walking around with a floppy disk that had an application on it that crashed OS/2 machines, and basically knocking them down personally as he walked by.
How this made Microsoft products any more stable, I have no idea. Welcome to the world of marketing. This was in response to IBM marketing OS/2 as "Crash-proof".
My point is that Ballmer is not beyond doing something nasty to competitors' systems in the name of marketing.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
What about Javascript viruses? I ran Clam AV for Mac OSX and it discover 6 instances of one Javascript trojan. I try to google for more information on javascript viruses and their imapct on the system. I didn't find any thing useful on it. So, can a javascript get administrative priviledges in OSX. Does it only run in safari? What is the impact? The fact that there seems to be no good answers is scary. With Windows, you can be pretty certain you will be attacked and thus you take precautions. What about Mac people. How many invest in antivirus? If a sly hacker can find a hole, I doubt many will ever notice they been attack until after weeks or months have past.
You don't have to be smart to use a Mac, you just have to be smart enough to buy one
While you are right in principle, I disagree with the language you use to be right:
Mac OS X is more secure. Period.
It's not that it's more secure, it's that it's easier to secure. Give me a couple of macs and a couple of PCs, all out of the box, and I'll get them to equally secure states. The PC will just take all my time.
At work I'm responsible for almost 40 PCs, and home I'm responsible for a couple Macs. I'm pretty sure that all my babies are equally secure, but you can imagine the relative amount of effort that goes in to this (I'd guess it's 100 to 1, or 1000 to 1, something like that).
Just a small quibble.
It takes time to write a decent mac virus because you have to make it user friendly and it has to look good.
The gui interface has to be just right and when they switched from the candy buttons to the more metalic look I had to start over from scratch.
But I promise, this time next year I'll have the mac virus you've all been waiting for and I just can't wait to release it into the wild. Probably debut at MacWorld.
The existence of a native OS X virus is like looking for a alien spacecraft...
Absence of evidence is NOT evidence of absence...BUT..just because I can't PROVE flying pink elephants don't exist does not mean that they DO in fact exist.
Thus far NO evidence exists for a Mac Virus. If you think one exists and want people to believe that people need to protect themselves from it...or Flying saucers with death rays then you need to have a credible theory that they exist and go looking for them.
If you don't find any...then it means you know absolutely NOTHING...since you can't authoritatively say ANYTHING about that which you have no evidence for.
So until somebody gives me a CREDIBLE theory as to why I need to get anti-virus protection for the Mac, I'll remain virus software free.
Thus far NOBODY has come up with a theory as to why I should get virus software NOW...only half-ass predictions about some future environment where Mac market share is MUCH higher.
Technically, doesn't Mac OSX have some backward compatibility all the way back to the 680X0 chipset?
The way it works is that there's a software version of the old OS (called 'Classic') that loads up similarly to VMware, and you can run some, not all, older software under this "classic environment"
The kind of damage an older virus could do under this set up? Minimal, probably. Hang Classic is probably the worst it could do. I *suppose* it could delete files if it could take over some running software, but not on its own, since the file management is so different.
And, I'm not sure it could run inconspicuously, since the big classic boot screen would interrupt whatever the user is doing.
Virus Scanners are only good at finding what is known.
People claim some OS is immue to virus or none-have been successfully written - that you know about.
While writting virus's for fun and profit it is possible to create a dynamic Mac virus and due to the errorgance of the user base it does go 100% undetect for years!
While attending school we did exactly that - placed a small pack sniffing program on a mac that could and would slowly mirgate to other mac on the network. It went the remained of the term undetected and was only squashed when they refreshed the mac at then end of the term. We where just fooling around but I have no doubt it would be possible to create a specific mac virus. Althought the tricky part would be to get it spread quickly enough before it was detected. The thing working for you is the typical Mac user thinks they are no virus's for the Mac. And that is what this guy is warning poeple about!
Yeah, I already got hit with a "big mac" virus, i was stuck on the toilet for days. Seemed like I had dysentery but when I switched to Wendy's, I got over it...
Ocean is land, covered with water.
Because sometimes stuff slips through the cracks, and the end users are the last line of defense for their own systems. We expect people not to fall for phone scams (and make fun of them if they do, excepting for mental disabilities), yet insist that it's not their fault for running the latest "Osama loves Beyonce" screensaver. Why the dichotomy?
Can you rewire your bathroom to code?
No. I'm also not a gasoline engine mechanic, but I know not to put latex paint in my car's fuel tank. Neither am I anybody's idea of street smart, but I don't walk down Drug Alley at 2am waving a twenty. Some things are inherently dumb, and we should be expected not to do them even without being explicitly told.
Dewey, what part of this looks like authorities should be involved?
" The only reason grabbing headlines is passe is because its easy to create a PC virus. Its an accomplishment on the other hand to infect unix boxes (Macs especially because they are popular and their smug users think they are invulnerable ;-)"
You know where the term root kit comes from, don't you? They don't call it an Administrator kit.
Vote for Pedro
This is where I use the analogy of the internet being like having sex. The more times you "browse" the higher your chances of catching something bad. This is even more true when you go straight for the pr0n. Basically, practice safe hex.
Actually, so many of the responses to this article more or less prove one of the guy's points which is that macheads (linuxheads too) believe it can never, will never, ever happen to them. Now, a Mac OSX virus may never be written, but that doesn't mean it can't be done and if it happens such attitudes will be what allows the virus to spread.
Maybe wintel people might be vulnerable, but most of them know it, acknowledge it and most take some steps to deal with it.
When logged-in as an admin user the "Please supply an administrator password" dialog still comes up when doing software installs.
It's not like being logged-in as a local admin on Windows where everything is a free-for-all without any further authentication checks.
How do you propose writing a virus that automatically spreads on a mchine with a 2% market share? With Windows, if you steal someone's address book, you can email other people and have a high probability of hitting another Windows machine. I don't know why people keep saying Macs are more secure since that is impossible to prove. You need to accept the fact that no machine is secure, and take the appropriate steps based on the risk you're willing to accept. I've seen hacked Linux, and Solaris boxes, as well as Windows. Saying a machine is more secure than another without being able to point to specific code, or even architecture, is naive.
Vote for Pedro
Often, the result is that people who don't know much will buy what "everyone else has", meaning a Dell with Windows.
What ever happened to Gateway? (remember the cow-painted boxes?) What ever happened to their market share?
when will Apple finally come out with a mouse that is usable by left handed midgets? Preferably one that matches my hair.
There is a big difference between an admin account and the root account on OS X. I know that on windows people are used to admin accounts having full access but on OS X an admin account has only minor differences compared to a regular user account. Even logged in as an admin you must still authenticate to confirm you want to make system changes. If you are logged in as a regular user you still must authenticate with an admin account to make system changes. The difference? When logged in as an admin the username is prepopulated for you.
At most as an admin you can delete applications without warning. The system is still owned by root and not an admin.
seSales, Point of Sale software for OS X.
Once your virus is on a Mac, it then needs to propagate. If only 2-3% of the machines around it are Macs (and perhaps only a fraction of those are vulnerable) then it is much harder for the virus to reach critical mass. (The 'Tipping Point', as the book by the same name describes)
:P)
In an environment where 40% of the machines are macs there is a considerable risk, so I think that Mr. Borrie is right to try to take preventative measures.
As far as the inherent security of Macs, it cannot defeat user stupidity, so that point is rather moot, IMO. Most of the serious virus epidemics seem to be email or web based these days.
To drive the point home, let's look at how a virus might make it onto the mac: you email it to a number of mac users (grabbing their emails from some mac fan site). Only a small percentage of them will actually open the attachment or visit the link (although the percentage will probably be higher than for today's Windows users). The virus propagates itself by going out to every person in the address book. (Accessing the user's address book doesn't require root privileges, AFAIK
Anyhow, now the tricky part arrives: how many of people in the average Mac user's address book are themselves Mac users? If (as I suspect) the average is close to the usual 2-3% then the virus fails to reach critical mass (How many people do you have in your address book? I have a few dozen at most). If, on the other hand, Mac users have a high proportion (40%?) of mac using friends, then you might be in luck.
I can think of a way or two around this, but the difficulty lies in dealing with the small % of mac users rather than in trying to find a flaw in the OS.
I think Disinfectant stopped coming out after the first burst of Office macro viruses. There were too many of these and they were coming from the Windows world and I think the author (John Norstadt?) didn't want to keep up with all that junk. Up until then he did a great job of updating it for every new virus that came out, including new strains of old viruses. That was well before the autostart madness though.
seen the populace that buys these computers? I'm not going to say *all* of them are novices, but I've noticed a fair amount of the people are mom-and-pop types who have zero computer experience.
...and this differs from Windows users how? I'd be willing to bet the skills of five random Apple store users against five random Wal-mart computer purchasers any day. I'm sitting in an office full of computer security experts and programmers who work on security products. About half of the people here are running macs. About 10% are running Windows and those are mostly tech writers and sales. Macs find their way into the hands of novices because they are really easy to use, but they also are the choice of many of the most advanced users because they are also some of the nicest hardware and software available. This mix is part of what makes macs so nice. Security guys pound on them, submit bugs, and demand quality. Novices know nothing, so Apple makes sure they don't need to know anything to have a secure computer to start with. Anyone who needs to run a web server bloody well can figure out how to open up that port and enable that service. Anyone who doesn't, well then they don't have to do anything. Easy and powerful, it's a good place to be.
I think there is a major distinction that needs to made here. Mac users are, hypothetically, at risk for potential virus infection, malware, et al. However, they are unquestionably immune from WINDOWS viruses, malware, et al., which happen to be ALL of the known viruses, malware et al on the net today.
There are several reasons why Macs remain immune:
1) The Windows market share exposes a significant target.
2) Windows has been historically less secure by design (and let's face it, sloppy coding) than it's Mac brethren.
3) Microsoft, through it's inaction and lack of resolve to fix security issues with it's OS (and related OS interoperable products such as Explorer and Word) when viruses, malware et al began to emerge on the net allowed the problem to mushroom into the nightmare that exists today. The door was left wide-open for far too long. Spyware is big business now, and the most nefarious malware authors aren't just script kiddies; they are seriously clever and inventive software authors. Malware authors have established their turf, and despite Microsoft's present initiatives, malware authors have demonstrated that they aren't going anywhere. Thus, Microsoft's present attempts at securing it's software (including "Vista") are doomed. Malware authors will always have the advantage because they know Windows, they know Microsoft, and they are in a position to be flexible, adaptive, knowledgeable and responsive for the release of Malware 2.0. In this game, Microsoft loses. They helped create a Malware-at-large environment where it can only react (patch) over and over and over again. And that assumes (or, more accurately - prays) that malware authorship doesn't become more sophisticated than it's present level of ability. In the meantime, expect - at a minimum - more of the same for Vista.
4) Unlike Microsoft, Apple has taken a consistently proactive stance towards security in OS X. Despite the fact that not a single form of malware exists on the platform, Apple doesn't rest on it's laurels and diligently issues security-related patches and OS updates on a regular basis. OS X 10.4 included additional security-related measures implemented system-wide. Overall, Apple's performance regarding security in it's OS has sent a very clear message to any potential malware authors with designs on OS X: if you are going to try, it won't be as easy as it was with Windows, and you will be quickly stopped.
5) Unfortunately, Windows users (and IT management) have not seriously held Microsoft accountable for security lapses and issues in Windows as well as interoperating products. Instead, paying third-party vendors for virus and malware eradication and other OS extra-management functions have become ingrained as a way of life for users of the Windows platform. Microsoft itself has even joined the fray. In a moment of classic irony, it's producing virus eradication software - essentially protecting it's customers from it's own operating system. One word: bizarre.
Mac users will remember the "widget of doom" scare that occurred early in the release of 10.4. The 10.4.2 update explains just how seriously Apple takes security, whether a real threat exists or not. If you're a Windows user and don't know what I'm talking about, well, that is a shame.
Having done tech support over the phone for a major US ISP on both Mac and Windows platforms, I can tell you the majority of Mac users knew their computers much better than the majority of Windows users...
I find this very hard to believe, (speaking from my own experience here). Maybe the Mac people who called you seemed more intelligent because they were the subgroup of Mac users who'd learned to operate a telephone.
Don't get me wrong, I'm not particularly attached to Windows either, but any system designed with, (as you point out), only one mouse button because they assume the users are too incompetent to be given more control says a lot about the company's philosophy about their own intended customers. ("I know, if they ask, we'll tell them it's a feature for their own user-friendly Mac Kool-Aid experience!!! Yeah, they'll buy that....")
Just $.02.
I for one will not use this as an opportunity to Windows bash nor will I pontificate about the wonder of linux/unix/mac, thus I accept the inevitable mod down/flame war I'm about to start. No computer OS is safe from being hacked, none what-so-ever. Nor is it *ALL* big bad microsoft's fault that there are so many exploits being exposed (there is a keyword and a key phrase here that I ask you not to ignore before you start flaming, the first is "all" the second is "being exposed").
I would bet my life on the fact that there ARE things that CAN be exploited on the OSX, but if I'm some malovelent type WHY in the world would I spend my time finding shit that affects such a small segment of the population? If I want to gain noteriety or cause havoc, I'm going to go after Windows...why? Because 90% of computers use the Windows operating system. There's a greater market for my virus if its in Windows; afterall most of these assholes use it to create zombie armies to do nefarious things. Not enough linux/unix/mac users combined to make it worthwhile...
Everyone's experiences are going to be different. Overall, from the customers I dealt with, the majority of mac users were much more pleasant to deal with. Overall, they were much nicer people.
Windows users on the other hand, went to "bob's bargain basement" and got the cheapest PC they could find, then called in complaining wondering why nothing's working.
That being said, there was the one old guy (mac user) that called in, I got him to write down his 15 character cryptic password on paper so he could read it back to me, and when it came time to type it in, I hear him go "Ooooooh". I told him "Oh, the password will just show up as little dots". His reply: "Ah-HA! You CAN see my screen".
-FL
Much as I loathe Dell and like my 2 Macs, I've always had reasonably pleasant experiences with Dell technical support. I always end up talking to some nice female, usually with a southern accent, who will skip the first few pages of the script when I mention that I've done it all before.
Unfortunately, I never have these pleasant tech support experiences without first running into a problem that is either beyond my experience, or (more frequently) getting handed something from my boss and being told to call Dell about it (The fact that I can solve it without their help most of the time is irrelevant to this guy, we paid for the extended support and he'll damn well make me use it).
Paul Ducklin, head of technology in Asia Pacific for antivirus firm Sophos, agrees that security discussions about Mac OS -- and Linux -- are not constructive because too many users believe they are "secure by design".
Read: I gotta hand it to Midge, the smack user, who gave me head before she left. What was the question again?
this is getting boring. when does the fun start?
Niche malware is entirely doable. It saturated nearly the entire vulnerable population -- users of BlackICE firewall -- really fast. I'm not sure how the marketshare of BlackIce users compares to Macs, but it's probably the same order of not-so-magnitude.
What I say does not represent the views of my employers, my friends, my cats, or myself.
Can you mail a compiled applescript file with a custom icon of a naked girl and .jpg added to the end of the file name, that when run, tells Entourage or Mail.app to send copies of itself to all contacts and then delete all files that it has permission to do so (all of the current user's files at the least)?
.jpg to the end of the file name).
Actually no, because what that would do is run Preview to try and view the image and Preview would just say it cannot open that image (if you add
File handling is somewhat different under OS X and you can't "fool" the system as to the truw type of the file in the same way.
Now you could possibly just mail the compiled Applescript file (actually nt sure you can really compile Applescript like that, but we'll just say it's any onld non-bundled executable), but I think Mail does something on detecting such things. At the very least it issues a warning. I'll have to try sending myself one and see what it does.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I disagree.Thats the best thing in life, is to be able to disagree.
Open Source Sushi
Done. Now for the 'write a virus' bit...
A relatively harmless example: Finder
OK, most console commands require options or arguments on the command line, which restricts, but does not prevent, their doubleclickability. And there are a disturbing number of apps appearing which are not well behaved bundles, or foo.app directory structures, but consist of a monolithic binary executable. You don't have to be very, very afraid, but please be a little afraid.
I will point my finger towards THIS GUY and THIS GUY - because - they seem to be egging people on.
... it's another to cause the paranoid population to be cautious!
It's great to be aware
Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
On behalf of all thinking people on Slashdot, thank-you for not using the car analogy, or the video recorder analogy, and instead coming up with a fresh one.
Your contribution to intelligent analogies cannot be understated, and will be remembered.
FYI: University of Otago is where you go for an education in bing drinking, alcohilc bevareages and unsafe sex, not for a CS degree.
Nuff said
GPLv2: I want my rights, I want my phone call! DRM: What use is a phone call, if you are unable to speak?
Are they talking about SARS you might get from Big Macs that are made from Indian enetically enhanced beef?
In my RSS aggregator, CNet reported the news with the headline:
Just thought it amusing, 'tis all.
Prior to pnp versions that is. They usually scream when they die, no smoke.
Old enough pnp monitors can sometimes be kicked off the edge with a spec resolution that they just can't do anymore.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
No, I tend to think of it more as Pinto (MicroSoft) versus Lamborghini (Linux) and Ferrari (OS X).
There already have been BIG viruses for the Mac. Guess you just haven't heard of them.
Interesting guy (or at least the first one google finds) - though not me.
Superkendall sounds terribly egotistical but actually I modeled the name after SuperGrover in some sort of fit of Sesame Street nostalga while I was signing up for my Slashdot user ID. Never have regretted it though!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
"... . Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie." I think some are convinced that if you let thousands of monkeys bang away on typewriters long enough, that one of them is bound to eventually produce the greatest American novel, too. Or, that if you were to shake a box full of airplane parts just right, and long enough, a fully functional space shuttle will eventually emerge.
"The Mac interface *will not* execute even files that are marked as executable! It will only execute .APP directories"
.app extensions. These are single-file executables without an extension.
... except, you can't touch the System, because of that Password box that always opens, every time, naming the app calling it, and even listing its path.
... or at least, that's my best guess.
This is completely wrong.
Carbon and Classic applications do not have
Apple is presently better at confirming application execution, especially after the Safari installation of Dashboard widgets without confirmation incident, which prompted that really annoying but incredibly nice for safety reasons "yada yada is an app / might be an app" (it bugs you about Apps and *potential* apps, and any sort of archive that could possibly contain one -- tar, zip, dmg, etc.) --
That said, get the user to download a JPEG, it'll open automatically in Preview w/o asking, and if you've got a vulnerability in Preview.app, that's how to get a virus onto a Mac
Except nowadays, MS isn't too bad in this case either. It's just the damned opened ports for services no one ever freaking uses. Screw the firewall -- if nothing's listening, you don't need the bloody thing. (Rendezvous... so far so good, but who knows in the future....)
It's just that Apple's so consistent weird stuff is noticed more
The OS X admin account does not have root level access like Windows pre-Vista.
Jesus was a compassionate social conservative who called individuals to sin no more.
"I don't walk down Drug Alley at 2am waving a twenty" You should try it sometime. I hear it's a great way to get a blowjob!
Check out my foes list to see who is so retarded that they can't use the signature line!!!
vim will execute because it has HFS metadata that tells OS X that to run it using Terminal. This metadata is lost if you try to send the executable by eMail. Just like any other type of Mac executable, be it .app bundle or CFM app.
Feel free to try eMailing vim to yourself. You'll end up with a generic document.
The lack of metadata will neuter an executable every time.
Here's a free MAC OS perl script virus scanner.
#/usr/bin/perl
return 0
That's it! Because there's no viruses for Mac OS, it's easy... There's no WINDOWS directory that any and all programs can write to and modify system files at will, stupid microsoft programmers, if you can call them programmers that is.
Users don't use root level to run their programs unlike windows.
Oh, how simple the solution is, you would think that maybe microsoft WANTED viruses so they could make more $$$ in a twisted sort of way.
Could it be?
i'll further emphasize your point by slightly correcting this statement of yours: "The ports that don't need to be on, are off, by default"
Actually, a default installation of the end user version of Mac OS X does not have a single port opened. Run nmap on your LAN against a freshly-installed Mac, you won't find a single port opened. It has always been the way of Mac OS X, since its very inception. There is absolutely no valid reason for a default installation of an end-user version of an operating system to be listening on any port. Apple grokked that. Duh. :)
A malicious program can be written for any platform. An actual virus will successfully spread itself. I wish crackers good luck with that on OS X.
Extraordinary Vacations. Exceptional Prices
But to do super-power damage, a virus only needs the user to give their own password once, and then nasty things can be run using sudo.
Adding a 'false' login screen at some point of startup would be possible without super-powers, and then after the user 'logs in' to that, the passwords stolen, and sudo whatever.
I've already had a Big Mac virus. The emergency room called it food poisoning.
I've had mixed experiences. Speaking of the past, I know exactly what you're talking about. Those people from Florida and Texas were awesome, and like you say, acknowledged when you really knew what you were talking about. I loved that.
Then, around the same time that I went to college (2003), you could only get through to people in India. I found that 1) the connection was horrible, 2) they refused to talk louder and 3) ignored my pleas for them to do so, not even indicating that they understood (e.g., "My hearing is not perfect and I can't understand you, can you please, please speak louder?" "Sir, please reset your computer. . ."). I can track most Indian accents pretty well and I'm not going to grief somebody because they grew up speaking Hindi, but I just couldn't hear them. Secondly, they slavishly, mechanically followed the script, never demonstrating that they knew anything but what the on-screen menus told them, every time.
Wow, I am really gonna get modded down by the left handed, redheaded midget Mac users.
They prefer to be called little people, you insensitive clod.
I always like to get my security advice from people who don't even understand common English words. Presumably he meant "salutary"?
There do appear to be holes. For example, if Safari is configured to automatically open "safe" files (and is it so configured by default), then your vector is along these lines:
Get the user to open a link to your disk image. The disk image is downloaded to the victim's computer. If the victim is using Safari, the disk image will probably be automatically opened. You have configured your disk image to launch your malware when the image it's installed upon is mounted. The user may then be prompted to open or not open your malware. Most users will click the "don't bug me again" option. Your malware is now running as that user. It copies itself to some convenient location where it has write privileges. Then, some period of time later, it pops up a phony (or real, depending on your objectives) authentication dialog box asking for the user to enter his/her password. The user, having been conditioned to type their administrator password frequently, obliges. NOTE: almost all OS X users run as an administrative user. Now your malware, with either effective root privileges, or (depending on how it asked for the password) the user's admin password, has free reign over the system.
But isn't that the most appropriate location for kicking asses?
... and then they built the supercollider.
"As far as the inherent security of Macs, it cannot defeat user stupidity, so that point is rather moot, IMO. Most of the serious virus epidemics seem to be email or web based these days."
And one of the reasons is that the most common email and web based applications use the Microsoft HTML control, which has an inherently insecure design. The Windows user interface depends in many places on the ability of HTML documents to launch native code with full local user permissions. In the case of the control panel, it's not even acceptable to interrupt the user with the inadequate "security dialogs" that the HTML control brings up for documents it doesn't trust.
I do not believe it is acceptable for the HTML control itself to have this ability at all. A security mechanism should "fail closed", so that the normal situation is that the dangerous actions are impossible and some external mechanism - one that can't be invoked from the HTML control itself - has to intervene to provide these mechanisms.
Safari works that way. Safari itself has no mechanism to run native code, and if you turn off "open safe files after downloading" there's no supported mechanism in Safari to run code provided by another site. Dashboard uses Webkit, like Safari, but it adds extensions to Webkit for native code support.
Internet Explorer on Windows doesn't do that. Instead, it has a "trusted" security zone in which native code support works. There have been repeated cases where an attacker has managed to inject a native executable or script into this zone, by various chichanery in email messages or web pages, and use that to perform the initial intrusion.
This is a HUGE difference.
And it has made a HUGE difference on Windows. Before this was introduced around 1997 viruses on Windows were more common than on other systems... but you could generally get by without antivirus software if you didn't download and run random applications. The whole idea of being able to run code just by viewing a mail message was a joke (literally, there was a joke going around about a "GOOD TIMES" virus, and it was a joke in part because just viewing email was normally safe).
Then came "Active Desktop" and its followons. The virus population on Windows skyrocketed. Not because people were suddenly buying that many more Windows based computers, but because the *system security* of Windows had taken a nosedive.
And until Microsoft changes this, Windows will remain a "Typhoid Mary" of the cybernetic world. And unless Apple changes the way their mail and web software works, it will never approach the infection level that Windows enjoys... EVEN IF it had comparable market share to Windows.
*system security* does matter, and it's NOT a "moot point".
No, but it would have
Since this thread started with the question "Why does Windows XP still dominate the OS market?" how about sticking with that subject?
People use Windows because it comes with their hardware. It comes with their hardware because MS has stitched up hardware vendors tight with illegal contracts. Windows dominates precisely because Microsoft has consistently attempted to 'cut off the oxygen supply' of any and all competitors, no matter how small. That's how they operate, and it's illegal and amoral. To quote Balmer - "I'm going to f***ing bury that guy, I've done it before and I'll do it again."
Why do you defend such sociopaths?
Because I don't find selling an OS on a machine to be illegal.
Of course it's not illegal to sell an OS on a machine. I'm not quite sure how you reach that disingenuous reading. What is illegal is to restrict trade by threatening sanctions on unrelated products (ie all your machines have Windows on them or else). MS have been convicted for doing just that, in the US, no less. It's illegal for reasons I happen to agree with, I just wish they were actually punished for it.
I sincerely doubt Apple could have dominated the industry - some variety might have been nice though. MS has been bloodthirsty from the start, and always will be - they're a corporation in the mould of IBM. Why must one company dominate the industry? It's that lack of imagination (I must win and that means the death of all others) which sucks capitalism of its morality.
The quote from Balmer is an outburst of which there are many many examples going back to the foundation of Microsoft - all with the same idea of cutting the oxygen supply of competitors and collecting money from all the world (Windows everywhere etc). It's a pervasive, pernicious vision. Personally I wouldn't choose to work with Steve Jobs, or defend him as a manager; there were many alternatives in the 90's, not just apple, all crushed by MS (Be, Next and OS/2).
So, right now, with every state and federal government agency continually breathing down their necks, your take on it is that Microsoft is actually writing "illegal" contracts?
Anti-trust action in the US has now been dropped (as the grandparent noted MS have been linked to massive payments to politicians) - how is every gov agency breathing down their neck??!? A few states timidly challenging the entire monopoly they have in office suites? They got a free ride in the US.
They have recently been taken to court for restrictive OEM contracts in Japan though and given their history I would not be surprised to see their strong-arm tactics continue - they have not been bothered by the laws of the countries they operate in in the past, why should they change until they're caught?
To return to the original point, the illegal machiavellian tactics of MS are to blame for the monoculture we have in the OS market - we are only just recovering, as the tentative offerings at Dell you link to illustrate. To claim they got there on merit is not credible.