Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ready For the Big Mac Virus?

Posted by Zonk on from the sharks-in-the-salsa dept.

An anonymous reader writes "The IT security manager of the University of Otago, New Zealand, has been educating his OS X users in security best-practices. According to Mark Borrie, many Mac users believe they were immune to security problems -- a trap many Mac fans seem to have fallen into. He said around 40 percent of the computers at the uni are Macs. "On the security side of things I reckon the Mac community has yet to wake up to security. They think they are immune and typically have this idea that they can do whatever they want on their Macintosh and run what they like," said Borrie. "If I can get our Mac users up to speed and say 'you are not immune' -- so when [the malware] hits, hopefully we will be pretty safe," he said. "We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie."

6 of 560 comments (clear)

  1. Re:Question about old Mac Viruses by EggyToast · · Score: 4, Informative
    It runs old OS9 applications in an emulation layer. That layer starts up as an application by choice, meaning that you either turn it on once your computer is on, or when an old application triggers it. So you would have to manually install the virus yourself.

    At that point, it would do its virus things inside that emulation layer, probably corrupting some aspect of the environment. When you close the environment (just like any other application), the virus's activity would cease. The fix would be simply "reinstall the environment."

    So if you needed to use the "Classic" environment for an old application, and you for whatever reason decided to install the virus or place a disk with a virus on it in your computer and run it in the Classic environment, yes, you could give yourself that virus. But that's hardly that much different than the numerous "Proof that you can intentionally break your system" scripts and applications that are around for every operating system.

    In my experience, all of the old viruses that Macs got were Macro viruses from old versions of Word. They have no way of propagating without writing to new documents, but the newer versions of word are pretty innoculated against Macro viruses IIRC.

    The short answer to "What happens" is "not much if anything."

  2. Re:Not BSE at McD's by temojen · · Score: 4, Informative

    BSE is a prion disease, not a virus.

  3. Re:Are you ready? by cappadocius · · Score: 4, Informative

    And also keep in mind that Safari gives that annoying "this file contains an application" warning whenever you download an executable, so it would take even more social engineering to actually run any code.

    --

    omnia tua castra sunt nobis

  4. Re:Not BSE at McD's by temojen · · Score: 4, Informative
    IIRC prions are the predecessors of viruses.

    Not even close. Prions are non-functional isomers of protiens that can catalyse their functional form of the same protein into the prion form.

    Viruses are packets of genetic material and enzymes that instruct the host cell's mechanisms to replicate the virus.

    Prions are so much simpler than viruses that there's probably no link. Remember, Michael Crichton is a fiction author.

  5. Re:Are you ready? by angel'o'sphere · · Score: 4, Informative

    No,

    both of you are completely wrong, and the "The IT security manager of the University of Otago, New Zealand" is very right.

    You both give false evidence why a Mac is more secure, and you think your evidence is right.

    E.G. ever heared about AppleScript? What you think how difficult it is to write an AppleScript that traverses the Adress Book and sends an email to every one in it with Mail.app?

    No SMTP needed ... so no point in disableing it :D I don't need super user/root access to send email in your name to all your friends from your adress book.

    Same for attachments. They are not "executeable" by double click, but when you get a mail from a "friend" telling you to save the script and launch it ... you likely do so! Because you think "you are save". But you aren't.

    A script/virus send to a Mac user has all rights the user has, besides exploites aiming to more rights. So the script/virus can do everything, the user can do: like searching the hard drive and mailing the last presentation, Excel file or Word file to a given adress.

    With the architecture of the OS writing basic virus programs is even far more easy than on windows, only the automated execution and exploit traversal via the Internet Explorer/Outlook/IIS and the gaining of root access is harder.

    angel'o'sphere

    --
    Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
  6. Re:But are users sufficiently secure? by shotfeel · · Score: 4, Informative

    Except any more, the Mac user is greeted with a little dialog box that says (paraphrasing), "Unrecognized Application "RootKit" has never been run on this computer before. Would you like to {Abort} {Run Once} {Run it and don't ask me about that one again}. "

    Now if you thought you just opened a jpg file, this should give you a little something to think about. Considering that a first-run for a program happens reletively rarely for most users, it isn't too distracting, but adds quite a bit of security.