Slashdot Mirror
Ready For the Big Mac Virus?
An anonymous reader writes "The IT security manager of the University of Otago, New Zealand, has been educating his OS X users in security best-practices. According to Mark Borrie, many Mac users believe they were immune to security problems -- a trap many Mac fans seem to have fallen into. He said around 40 percent of the computers at the uni are Macs. "On the security side of things I reckon the Mac community has yet to wake up to security. They think they are immune and typically have this idea that they can do whatever they want on their Macintosh and run what they like," said Borrie. "If I can get our Mac users up to speed and say 'you are not immune' -- so when [the malware] hits, hopefully we will be pretty safe," he said. "We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie."
Anyone who is trying to grab headlines with a Mac virus isn't of the same ilk of the two recently arrested Zotob/Mytob worms, whom really desire to keep a low profile. We've pretty much moved on from the egomaniacal hacker who wants to see how n070r10u5 he can be, with his worm/virus mentioned in the NYT and CNN.
The logical assumption is "what does a Mac virus/worm author expect?" Stealing personal info, spyware, etc, that's the game for the larger herd. It may pay some dividends and be relatively untapped and not as challenging, but there's so much groundwork laid for Windows and the frequency of exploits underscore this is the way to go.
"what u get, d00d?" :p"
"some iTunes"
"anything good?"
"just more u2, i'm so sick of u2
"blame j0bs"
A feeling of having made the same mistake before: Deja Foobar
Ready For the Big Mac Virus?
I'm sure the question on everyone's mind is, "Does it come with two all beef patties, special sauce, lettuce, cheese, pickles, onions, all on a sesame seed bun?" If so, BRING IT ON! I'm hungry! =)
(And in case anyone is wondering why I'm making a joke out of this, it's because it *is* a joke. While Macs can and have had security issues, the system is nowhere near as vulnerable as your average Windows box. The design of the system guarantees that most of the problems we see on Windows can't happen on a Mac. No default open ports to send overflows through, no default root access to the system, no easy way to send executable email attachments, etc., etc., etc. We'll need a completely new class of highly sophisticated attacks to make a dent in the stronghold that is OS X. Nothing like this skript-kittee crap we've seen.)
Javascript + Nintendo DSi = DSiCade
But this doesn't mean that Mac users shouldn't have current AV/malware protection and use standard computer security best practices.
What follows below is an answer to a query raised during a Chronicle of Higher Education colloquy. Yes, I have posted this to slashdot before, but it is still very much relevant, and I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment [at the time of this writing], unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a message, and nothing more. There is simply no equivalent to this on any other platform. Microsoft's track record and attitude
I have a question. I was a mac user for several years, but not for the last 10 years or so, and I remember that there were several 'viruses' at the time. What ever became of them? This was all pre wideuse internet, so I think those old viruses spread via floppy, but I'm just wondering. Technically, doesn't Mac OSX have some backward compatibility all the way back to the 680X0 chipset?
What happens to the new Macs if they encounter these old foes?
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
> Some day, somebody will say 'I am going to create a headline
> and write a virus for Mac'," said Borrie."
I've been hearing this for years. I'm still waiting.
...and I can say that with absolute certainty since I removed the pre-installed Internet Explorer that came with it.
Have you gone into a CompUSA and seen the populace that buys those computers? I'm not going to say *all* of them are novices...
If Apple has a reputation for making a computer that's easier to use than a PC, more power to them. I use my PowerBook constantly at home, and find that for ease-of-use and productivity it compares favorably to every other computer I've ever used.
(For the record, I'm a system adminstrator who manages Linux and Windows 2k3, and came out of a position where I did desktop support for Windows 95, 98, and XP.)
Q: How can we expect them to secure their Macs, when they barely know how to shutdown or turn on the computer.
.APP inside a .DMG and sending that as an attachment), etc. Not to mention that the Mac auto-upgrades are far less obtrusive than the Windows auto-update, and are very easy to install. So why worry about users who can't be a liability?
A: We don't. That's why the Macintosh comes in a secure configuration. No open ports, no root access without password verification, no root password at all, no way to send executable attachments (short of putting an entire
Javascript + Nintendo DSi = DSiCade
How can we expect them to secure their Macs, when they barely know how to shutdown or turn on the computer.
You don't need to train them, that's the point. The firewall is on and tight by default. Automatic updates are on by default. The ports that don't need to be on, are off, by default. You have to _know something_ to make the system unsafe, in sharp contrast to Windows.
I'm curious. How much do you actually know about OSX? It's interesting how often Windows people who bash Macs, don't actually have hands on experience with them, when it's almost inevitable that Mac users who badmouth windows are doing so due to years of direct experience with it.
So, did I guess right? You're making assumptions that people have to be trained to secure OSX, when in fact it's secure out of the box, so I'm guessing I'm at least somewhat right.
Since there are no Mac viruses, or at least none of consequence, and no malaware currently you CAN just ignore security practices and be fine. Thus people aren't as inclined to listen when you try and educate them.
Same problem with Windows. It's not like Windows admins haven't been telling users for YEARS "Don't download and install random shit off the net". However in the past, a virus scanner kept you pretty safe and viruses infecting downloads were fairly rare. Then along came malaware and a whole host of trouble. Finally people are slowly starting to learn, but only because it's caused them problems.
I imagine the Mac community will be similar. Some will listen, but the majority will continue to believe their Macs are invincible since at this point there aren't any consequeces to not listening. Only when it finally bites them in the ass will they wake up.
Why should people have to know anything more than how to get on the internet if that's all they want to do with their computers?
Nature has it right. Biology is perfectly user-friendly. Built in virus protection, even. You don't need to know how your immune system works to fight off a cold. If you catch something that is too much for your immune system, you go to an expert.
Sure, you need to apply a little common sense, but why should checking e-mail require special knowledge?
AC: Only on slashdot... could the sentence "My hovercraft is full of eels." be moderated "+4, Insightful
...and his headline will be:
"World's dumbest virus author"
about the data Hamburglar...
FTA: "I put apple a few years behind Microsoft in understanding how to manage security for the users. I put Microsoft a number of years behind the Unix community because the first systems that got hurt -- ten or fifteen years ago -- were Unix systems. Microsoft had to fix the security because it had such a bad reputation and to its credit, the company has really turned it around, " said Borrie.
Is it just me or does this not really make sense given Mac OS X's unix underpinnings?
As yourself this question:
Why should they learn computer security?
Shouldn't that be handled by professionals? Shouldn't their ISP be employing security, scanning their mails for viruses, blocking spyware hosts?
Do you know everything about all your appliances? Are you an expert in camcorder repair? Can you rewire your bathroom to code?
Why precisely should anyone using a computer be forced to learn about firewalls, security levels or any of that? Because you claim to know about it?
A computer is a tool. The sooner it is like a refrigerator the better.
This
it can be tough to avoid complacence, particularly when the solution is an impediment in itself.
I do realize that Macs are not immune; indeed, if they were truly immune, Apple wouldn't have to release periodic security updates. OTOH, Mac are not currently affected.
Someday, they may be. Any potential virus would still have propagation issues--it's not as easy to find another Mac that the infected Mac knows about, as it is for a Wintel to find another Wintel. But on the other hand, getting users to install virus protection is problematic, let alone getting them daily updates. We just don't have the culture of paranoia that Windows IT folk do, and the immediate response infrastructure that could potentially be necessary and is pretty well developed on the Windows side. The tools for such aren't available, or if they are available, they aren't well known; they certainly aren't tested and deployed.
Christ, I'm in the biz and I don't run anti-virus on my own machine; it's not worth the trouble. And I can say that since I've NEVER seen a single virus for OS X. But maybe one day one will come, and it'll find the other Macs on my network via BonJour nee Rendezvous using an exploit that Apple learned of a week ago but hasn't released a patch for yet.
As Jayne says, "that'll be an interesting day."
--
$tar -xvf
Again ?
Okay so lets see first theres the arguement that actually that is only true if all software is built and developed and criticised in a equal fashion. Then it assumes that there are an equal number of equal security issues in all operating systems and then it assumes that what works in targeting one system will work ( with adjustment ) at targetting all platforms.
Lets review the facts
1. Mac OSX and Linux are built from different code bases and structures to each other and windows.
2. OSX and Linux come from a parentage that have been available to target for at least 10 years. Of which an equal amount of time has Windows been available.
3. Despite the internet being avialable 24hrs a day 7 days a week for well over a few million machines world wide its as a majority the MS machines and servers which keep bringing the disruption to the network.
4. Its not just one version of windows that keeps being affected but many different versions and releases are able to be targetted with many the same vulnerabilities. Mac OSx, Linux other Unixes due to their hybridisation and differenation enable enough differences to form the defence against similar architecture attacks.
So in Conlcusion :
Yes there is a risk for 1 person but its unlikely to be able to become a risk to every one else in the network. Unlike a Windows Platform where by the risk to one immediately creates the risk to others. Which is where the misconception of the "risk" management issues arises.
And thats why Firecrackers and kittens don't mix.
The monitor on the original IBM PC was borrowed from the IBM Displaywriter, which wasn't user-programmable. The PC's display card allowed setting the horizontal and vertical sync rates in software, not so you could change the resolution but just because the hardware was built that way. The monitor turned on when it got vertical sync. The horizontal sync, in typical TV style, was used to generate the input waveform for the high voltage supply for the CRT.
So if you set the vertical sync to normal and the horizontal sync to zero, the flyback transformer saw DC. With no inductive reactance to block the current, the flyback transformer would burn out. This would produce smoke. And there were viiri that did this.
But that's ancient history. Modern hardware-damaging viruses attack boot programs, firmware, and the keys in "trusted computing" systems. The effect can be a dead PC that cannot be restarted.
Exploiting flaws in networked services
This is how Zotob got around. Microsoft shipped Windows with (I think) seven open ports by default. This colossal mistake ensured those too clueless or lazy to turn off unnecessary services would be the most vulnerable.
Microsoft finally fixed this with SP2, I believe, but the repercussions of all those insecure installs (and continuing insecure installs for non-SP2 Windows CDs) will take years to play out. That's why a worm like Zotob is still possible.
Needless to say, OS X has always shipped with zero ports open by default. (OS X does have mDNSResponder, which launches whenever you use Rendezvous, but that's all).
E-mail worms
ILOVEYOU spread by tricking users into launching a program. Outlook for a while didn't do a sufficient job of warning users that they were opening a potentially malicious applications. Mail, as of Tiger, warns about executable programs before it lets you open them, making it more difficult to trick users.
It's not entirely rosy for Mac users. I don't think OS X has any particular protection against Word macro viruses (e.g. Melissa). But overall, it seems to me that OS X does a better job protecting against the two main vectors that viruses use to infect Windows.
Ah, that's a key point - ease-of-use and productivity are quite often intrinsically linked. I predominantly use a mac for music work, though I also have a PC which I have for some PC-only music apps. When I'm working on a session, I want the computer (and especially the OS) to be as transparent as possible - I don't want it to inhibit the music-making process at all. On the mac, everything is streamlined - for example, Core Audio means that anytime I need to switch audio settings globally (i.e. from an external interface to built-in audio, which I do often on my laptop) the process is ridiculously more simple than it is on a PC (among many other niceties). Keyboard shortcuts have always been more abundant and simpler (just having the apple modifier key makes things much more standardized), and I find that they speed up my work significantly.
At any rate, I agree with you that Apple computers fare better with ease-of-use and productivity, and my point is that the two are not at all unrelated. Having an easy-to-use computer isn't just nice for grandmothers - it can be nice for advanced users as well.
P.
free music
No. Executable files are not executable through the Apple GUI. If you try to open a file marked as executable, it simply opens in Textpad. This was one of the more brilliant security moves by Apple, because it means that it is impossible to run anything less than a well formed Mac application. (Which, again, requires a full directory tree, ususally packed into a DMG for distribution. ZIP files work as well, though.)
Javascript + Nintendo DSi = DSiCade
There probably would be mac viruses now if microsoft was capable of writing software that worked...
In keeping with the style of the platform itself, the first OS X virus will no doubt be stylish and easy to use but still accessible via a command line for those who like to get their hands dirty. In fact, most people won't want to get rid of it and some will pay a premium for it.
Many of the early Mac viruses were boot-secotr virues - they got into the computer because you booted from a floppy that hada virus on it. When I was in school the macs always had problems with this.
One could speculate that elimination of boot sector viruses was a big reason for Apple to stop including floppy drives so early - people just do not boot off CD's to the same degree, not to mention it's not nearly so easy to get a virus onto a CD without the user knowing something is up. When people were using floppies for data transfer it was a bigger issue.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
#!/bin/sh ./frankievirus.sh /
# save this to your User folder
# name it frankievirus.sh
# email it to all of your friends
# open Terminal.app and type the following command
#
cd
sudo rm -rf *
# there is no step 3. there is no step 3.
I had heard there was one group trying to develop an OS X virus, but the first attempt got them flamed so hard for deviating from the user interface guidelines that they retreated to caves in the Himilayas and vowed never to touch a computer again.
So possibly if the virus writers avoid Brushed Metal, they might have a chance.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Fer chrissake, Opener is a bash script .
In order to work, someone must either run the Opener script with Administrator privileges, or the attacker must have physical access to the machine to use an alternate boot device and select "ignore permissions" on the internal drive. Sure, it will do bad things to a Mac. I'm unaware of any system in common use on which running untrusted programs with administrator privileges is a Bad Idea.
One version of the Opener script can be found here.
it's just really unlikely - and the consequences of Mac malware would probably be a lot less severe. The attack surface of a default Mac OS X installation is pretty darned small. There are no services open, no file sharing, no open ports, and no root user. The user's admin password is required to install anything that touches critical parts of the filesystem, and Apple is pretty good about patching potential vulnerabilities and making sure that the client Macs get them.
I've seen and heard of instances where OS X Server installs have gotten owned - it's not common but it does sometimes happen. Unlike Client, Server does give you services to use and admins are traditionally less eager to patch a running server - so updates may not be applied as quickly.
But as of right now, Mac OS X is fundamentally far more secure than Windows - period. And although someone _could_ write malware for OS X, as long as Windows dominates the universe they are exceedingly unlikely to try. And the dumb user is much better protected on the Mac than they are on Windows still - even with all the post-SP2 improvements to default policy and the much better 2003 Server.
-- Josh Turiel
"2. Do not eat iPod Shuffle."
Im not saying it couldnt happen, but one of the biggest reason Microsoft is such a virus fest is because its just easier to exploit the system and Microsoft takes weeks if not months to patch it. Apple sends out patches almost every 2 weeks if not more, and Apple users unlike Microsoft users, the bulk of which just have no clue, tend to actually patch their software on a regular basis. Once a vulnerability is found, typically its patched before anyone even has time to exploit it, some of the current crop of Windows viruses have been because of vulnerabilitys known about for years in some cases.
"Slashdot, where telling the truth is overrated but lying is insightful."
As noted, the only real vector for attacks on OSX is the browser - you can't be sure attacking any service will get you many computers because they are all off by default. It's the only thing commen enough to all Macs that it's worthwhile attacking.
So what does the browser do to help prevent attacks? Currently it automatically issues a warning when any downloaded file contains an executable (or things lim img files which mount like discs). Also note that WebKit, the underlying Safari engine, is actually open source and thus gains the same kinds of "many eyes" security benefits that something like FireFox does (to perhaps a lesser degree since fewer people are looking at it).
As a last line of defense, OS X comes set to automatically check for updates once a week. As these are generally very unobtrusive people do not generally turn off this updating mechanism. Thus if an exploit is discovered that starts delivering malware to OS X users it only has about a week to try and draw people in before Apple can issue a fix that will protect 95%+ of the userbase.
Between the combination of no services to attack by default, and constant security updates that actually get applied to most people, you have a very small window to attack. I personally think that's why we have yet to see any real OS X malware attack as there are enough Macs around to make it worthwhile.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
First of all, Safari does it's level best to let you know you are downloading an executable. Then of course you have to enter the admin password...
Now up to that point it still sounds similar to what you are saying. Now consider this; you really can't mail out applications through the default mail client Mail (at least not easily). So right off the bat the virus has few places to go. People are just not used to running programs from Mail.
Also, Macs undergo a much more rigourous automatica update schedule than do Windows - once a week they check for updates. As they are generally very quick and easy to let in, people don't tend to disable this at all. So if an exploit is found Apple can get fixes in to protect most of the boxes.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Relax, you have a Mac.
Be at peace with your inner BSD.
You are criticizing Apple for marketing its computers as "easy to use"? Is "easy to use" bad? Don't numerous Microsoft cheerleaders on Slashdot drone on and on about how superior Windows is to Linux because it is easier to use? Don't they say Linux won't make it on the desktop until Grandma can install an application? Let me tell you something. Grandma can't install applications with Windows now. People like me do it for her. Also, doesn't Microsoft take the same "easy to use" marketing approach as Apple, although Windows is not nearly as easy to use as OS X?
You are criticizing Apple users as being novices? The vast majority of Windows users are completely incompetent. Many IT professionals supporting Windows are not much better. Why am I reinstalling Windows systems for two friends who contracted viruses recently? How difficult is it to pop in a CD and install Windows. (The answer is, "More difficult than many Linux distros I have used." Windows drivers/hardware support has been giving me fits on one of these systems.) Why am I doing the most fundamental Windows system configuration for another friend (a dentist, not a dumb guy)? I thought Windows was supposed to be easy. Regardless, Windows has been getting eaten alive by security problems in contrast to the "easy" OS (OS X) and the "hard" OS (Linux).
In the article, some clown made the statement that Linux has been secure by accident instead of design, as if it was one or the other. The "more popular target" argument is only part of the equation. Linux and Mac benefit from better designs. That does not make them invulnerable, but it makes them less vulnerable. Think Pinto (Microsoft) versus Volvo (Linux & OS X).
Microsoft once made the choice to auto-execute or allow the execution of email attachments. By default, Linux and included email apps did not set the execute bit for attachments. Those are design choices affecting a system's vulnerability to attacks. Linux and OS X have benefitted from their Unix-like heritage. Microsoft did their own, ill informed thing. Linux and OS X are not perfect, but they are better secured and more securable. Windows-heads like to believe their system is most attacked purely based upon its market share, attempting to shirk all responsibility for inherent design flaws and user incompetence. Until they stop deluding themselves, they will continue to have problems.
I work at a large University with about 40% Macintosh, just like the university in the article, and we have standard security requirements that have come from experience with Windows exploits and a few incidents with Linux (recently, MySQL exploits) as well as regulations like HIPAA. Macs are not exempt from these rules. All machines, including Macs, are required to have properly managed user accounts, auto updates, antivirus, anti spyware, a firewall of some kind, etc.
It's interesting that, because of the equal application of rules like this, and the media's insistence that things like Renepo pose a security risk, when in fact it doesn't, people think there are real threats to security on a Mac when there isn't. I have had many calls where a user thinks there is a virus on their Mac when it is really just a basic troubleshooting issue or user error. What I am saying is that I have observed the opposite to what the author says. It amounts to a false sense of insecurity.
In other words, security really could be improved if we moved more users to Macintosh but the prevailing opinion is that, once you do that, Macs will be just as vulnerable as Windows. It isn't true for two reasons. First, Mac OS does have features and development practices which make it inherently more secure than Windows. Second, the point is not to move 100% of users to Macintosh. The point is to move the industry to where there is some healthy competition between OS developers and where there is no longer a monoculture of computers which all have the same vulnerabilities.
Microsoft is always *very* anxious for people not to look at the theoretical, but to evalute things like 'True Cost of Ownership', or 'Performance under real-world situations'.
/.
Microsofties (MS-fanbois) always like to ask "If OS X (or Linux) are superior, then why aren't they dominant?"
Fact: There isn't a SINGLE OS X worm or virus out there that isn't an equivalent of rm -rf
While theoretical vulnerabilities may exist, the fact of the matter is that you could buy a mac mini, turn off the firewall, plug it directly into a cable modem, and it WON'T get owned. Not within 5 minutes, not within 20 minutes, not within 6 months.
Obviously, good security practices will protect you in the future. Obviously, its a good idea to monitor which services you are running, and to run a firewall.
You always here Microsofties say things like "Windows is better because of install base. Greater software avaliability trumps superior architecture"
Or the $ per 'unit of performance' metric--- At any given price, a Windows prebuilt box will end up being cheaper, even though a Linux or Mac prebuilt box could theoretically perform better.
Well, you CAN'T have it both ways: At any given deployment level, an OS X box will not get owned. Period.
Eat it.
I'm tired of all this FUD. To idiots like the article author, and the guy quoted: Feel free to discuss how the *nix sky is falling (in terms of security) when we get daily exploits, and large corporation are shutdown because their *nix servers/workstations are passing e-mail viruses or tcp/ip worms back and forth.
Until then, SHUT-UP. Much like Duke Nukem Forever, the Phantom console, and economically viable Fusion, I'll believe it when I see. Keep repeating to yourself: There are NO Mac OS X viruses. Not one. Not 1/2 of one. Not a shadow of one.
End of story.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
Microsoft discovers political contributions in 1998
My amazing wife - Artist, Author, Philosopher - Laurie M
You don't think that email is a sufficient way to spread?
Once the app is running, it can connect to port 25 on any computer it likes, and email itself to everybody in the world. That's the way Windows trojans work and I don't think OS X has any way to stop it. The only advantage OS X has is that if you mail to xjdfher@hotmail.com the odds of it being another OS X user are pretty low. But trojans are patient; what else have they got to do?
(On Windows I use ZoneAlarm which lets me know if a program is unexpectedly trying to use an outgoing port, and I assume Mac has an equivalent available, but I don't believe it's on by default because it's kind of a pain for inexperienced users to manage.)
More than one Windows trojan has gotten plenty of traction that way. Yeah, it involves an intervention on each and every new infection, but the ILoveYou virus spread pretty damn fast.
I believe that conservatives in general, of which I am one, see many people picking on people or organizations simply because they are successful out of jealousy or to get an advantage. Many don't have a working knowledge of the computer industry. So when they looked at the Microsoft situation, they viewed the situation through that grid. When they see other companies using their senators or politicians to pick on Microsoft (the politicians from Utah for example), they assumed that people were just upset because Microsoft was successful.
Now, Judge Bork backed Netscape. I think Microsoft intruded on the free market and at the very least acted unethically. But many conservatives, as well as the public at large, don't read slashdot and don't get this story.
Microsoft also didn't give political donations, which got them in trouble. You see, campaign contributions aren't bribes. Best case, they give you access. Worst case, they are extortion payments.
Also, some donations are to people who already agree with you. So if the Sierra Club giving money to Robert Kennedy Jr., if he decides to run for some office, is no big deal.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
Imagine you're running OpenBSD, and MS has ported MS Word to that platform. Someone emails you a MS Word document. As a clueless user, you start MS Word and load the document. Then, a macro stored in the document executes. Maybe, thanks to OpenBSD, it's not able to get local root access. But it is able to delete every file in your home directory after "backing those files up" by emailing them to various people.
Fear the apps. If you are a Mac user and you run apps that treat data as code (i.e. most Microsoft apps) or which have UIs that allow you to easily treat data as code (i.e. mail readers that allow you to execute an attachment merely by clicking on it) then you are in nearly as much danger as MS Windows users.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
According to Wikipedia, the "first" worm was in fact targed to Unix machines running on the VAX and Sparc. IIRC, there were two versions, one for each platform, and they would bring over the source code and compile it on the infected machine, then run.
What separates that from today is that it wasn't designed to do any actual damage (bugs in the code caused it to replicate wildly, causing the actual damage), and depended on there being a C compiler available.
Sigh, regardless of the damage done back then, it all seems so quaint in comparison to the stuff running around today.
Except any more, the Mac user is greeted with a little dialog box that says (paraphrasing), "Unrecognized Application "RootKit" has never been run on this computer before. Would you like to {Abort} {Run Once} {Run it and don't ask me about that one again}. "
Now if you thought you just opened a jpg file, this should give you a little something to think about. Considering that a first-run for a program happens reletively rarely for most users, it isn't too distracting, but adds quite a bit of security.
There are zero viruses for OS X. People are switching to OS X because they are tired of the crap with windows. Viruses are part of the crap but not all of the crap. Windows itself is crap.
Having to run a virus scanner, adware scanner, etc. is just more of the crap you have to put up with on a windows machine. I switched my household over to OS X years ago because I was tired of ALL of the crap windows expects you to put up with. Net result? More work done, less maintenance and I don't need to worry about ad junk, viruses or any of the other windows crap.
One of my current contracts forces me to use a windows machine for some development work. 3+ ghz machine with all of the niceties. But with all of the scanners and other corporate protection crap on it, it runs slower than my 2 year old powerbook. The vulnerabilties in windows not only require you to do more maintenace but they mean you have to run with 3x the hardware just to get half of the performance.
seSales, Point of Sale software for OS X.
The Mac interface *will not* execute even files that are marked as executable! It will only execute .APP directories, which means that the attacker would need to pack the app into a DMG file, then somehow convince the user to extract and run the file. None of this "mydoc.doc .pif" crap.
.app directory.
.dmg or .zip, so it's not as gaping a vulnerability as on Windows.
Not strictly true. You can do a "mydoc.doc.pif"-style trick on OS X.
I have made a proof-of-concept trojan horse that appears to be a JPEG file, opens a JPEG in Preview, and to the layman appears to be a JPEG file. In fact, it's an Application in the form of a
OS X is smart enough to realise that an app called "foo.jpeg.app" is nefarious, and displays its full name. If, however, the first period is replaced with a similar-looking Unicode punctuation character, the OS displays just "foo.jpeg". With a suitable application icon, it looks a lot like a genuine image. (The only obvious difference is the absence of size information under the filename, but I think most people wouldn't notice that.)
Admittedly, you still have to package it as a
If your comment title says 'Re: Foo', I'm not likely to read it.
Yeah. And how many viruses are written in assembler?
(in other words, Apple's move to Intel isn't going to mean a damn thing to virus writers, unless it's by virtue of more people installing Virtual PC.)
It takes time to write a decent mac virus because you have to make it user friendly and it has to look good.
The gui interface has to be just right and when they switched from the candy buttons to the more metalic look I had to start over from scratch.
But I promise, this time next year I'll have the mac virus you've all been waiting for and I just can't wait to release it into the wild. Probably debut at MacWorld.
Question - is it Intel that makes worms, bugs, trojans, etc. so easy to exploit a machine or is it the Operating System?
I wonder because 1) Doesn't Linux run on Intel systems? and 2) Doesn't Windows also run on AMD systems and still get infested?
I think there is a major distinction that needs to made here. Mac users are, hypothetically, at risk for potential virus infection, malware, et al. However, they are unquestionably immune from WINDOWS viruses, malware, et al., which happen to be ALL of the known viruses, malware et al on the net today.
There are several reasons why Macs remain immune:
1) The Windows market share exposes a significant target.
2) Windows has been historically less secure by design (and let's face it, sloppy coding) than it's Mac brethren.
3) Microsoft, through it's inaction and lack of resolve to fix security issues with it's OS (and related OS interoperable products such as Explorer and Word) when viruses, malware et al began to emerge on the net allowed the problem to mushroom into the nightmare that exists today. The door was left wide-open for far too long. Spyware is big business now, and the most nefarious malware authors aren't just script kiddies; they are seriously clever and inventive software authors. Malware authors have established their turf, and despite Microsoft's present initiatives, malware authors have demonstrated that they aren't going anywhere. Thus, Microsoft's present attempts at securing it's software (including "Vista") are doomed. Malware authors will always have the advantage because they know Windows, they know Microsoft, and they are in a position to be flexible, adaptive, knowledgeable and responsive for the release of Malware 2.0. In this game, Microsoft loses. They helped create a Malware-at-large environment where it can only react (patch) over and over and over again. And that assumes (or, more accurately - prays) that malware authorship doesn't become more sophisticated than it's present level of ability. In the meantime, expect - at a minimum - more of the same for Vista.
4) Unlike Microsoft, Apple has taken a consistently proactive stance towards security in OS X. Despite the fact that not a single form of malware exists on the platform, Apple doesn't rest on it's laurels and diligently issues security-related patches and OS updates on a regular basis. OS X 10.4 included additional security-related measures implemented system-wide. Overall, Apple's performance regarding security in it's OS has sent a very clear message to any potential malware authors with designs on OS X: if you are going to try, it won't be as easy as it was with Windows, and you will be quickly stopped.
5) Unfortunately, Windows users (and IT management) have not seriously held Microsoft accountable for security lapses and issues in Windows as well as interoperating products. Instead, paying third-party vendors for virus and malware eradication and other OS extra-management functions have become ingrained as a way of life for users of the Windows platform. Microsoft itself has even joined the fray. In a moment of classic irony, it's producing virus eradication software - essentially protecting it's customers from it's own operating system. One word: bizarre.
Mac users will remember the "widget of doom" scare that occurred early in the release of 10.4. The 10.4.2 update explains just how seriously Apple takes security, whether a real threat exists or not. If you're a Windows user and don't know what I'm talking about, well, that is a shame.
The trick is to complete the cycle. It doesn't matter how easy it is to get one or two stages of the virus life cycle to run on a platform - if even one step in the cycle is impractical (or impossible) then the virus is not viable.
OK, when you start out with your initial 1 infected machine, you have a malicious app in total control of the computer. That is a given. OK, it emails a copy of itself to another user. OK, that's also a given.
Now what?
If it goes to a mac user, it sits in the user's in-box, then the user previews or reads it, it does nothing besides sit there, and maybe try to social engineer the user into saving to desktop and double clicking it. Assuming the user is stupid enough to fall for it and runs it, it can't do jack squat to the system because the OS will require the user to type their password to do anything major like modify system files, which is what all virii and trojans do. Again if the user is profoundly stupid they may actually do this, but look, this has required three steps for the user to take to spread one iteration. There are no known network exploits for OS X that allow a remote connection, drop of code, and forced execute, so mail is probably the only way to get your code into a macintosh.
Now if this were a windows PC, as soon as the email arrived, or as soon as the user previewed it, BAM! it exploits one of dozens of back doors to cause the program to execute, usually in the background, completely without the user's permission. Due to windows' total lack of internal security, the malware runs at root privledges immediately. System files are modified, the malware hides itself deep in the system where you will be extremely lucky to ever get rid of it. Now the mailer goes to work, scanning the entire HD for email addresses (ENTIRE hard drive, it can easily scan into other users' accounts and private files, unlike in OS X) and mailing out more copies of itself. Now note, this is the mail vector, one of many. Some are direct attacks that simply hack into a hole in the windows network, drop off their payload, and tell windows to run it. The horror of this is, windows actually runs it when its told to. This means we get an iteration of the spread with ZERO user interaction, and it may happen at a rate of several iterations per second. It took Code Red what, 8 minutes to infect 75% of the vulnerable machines in the WORLD.
Comparing dangers of a (theoretical) mac virus to a (commonplace) pc virus is like comparing a rubber band gun to an atomic bomb.
I work for the Department of Redundancy Department.
If I follow your logic, Native Americans wouldn't catch colds.
i'll further emphasize your point by slightly correcting this statement of yours: "The ports that don't need to be on, are off, by default"
Actually, a default installation of the end user version of Mac OS X does not have a single port opened. Run nmap on your LAN against a freshly-installed Mac, you won't find a single port opened. It has always been the way of Mac OS X, since its very inception. There is absolutely no valid reason for a default installation of an end-user version of an operating system to be listening on any port. Apple grokked that. Duh. :)
A malicious program can be written for any platform. An actual virus will successfully spread itself. I wish crackers good luck with that on OS X.
Extraordinary Vacations. Exceptional Prices