Slashdot Mirror
Mac Users Blast Symantec ... Again
An anonymous reader writes "Once again Symantec has spouted FUD about Mac OS X ... perhaps in an attempt to make more money as Microsoft pushes its own security products? A commentary on the issue entitled "Symantec 'scare tactics' don't rattle Mac users" says Symantec's latest Internet Security Threat Report continues to voice concern for the security and stability of the Mac operating system, Mac OS X in particular. However, there isn't proper evidence to back this claim. Also from the story, readers are asked: Do Mac users think they are immune to security problems or is Symantec and others fishing for a new revenue stream? Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"
i've used macs since I was 8 (1991) and i've never had a virus on any of them
I think I saw an nVir infection, and maybe Scores as well. That was back in, umm, I think ’89 or so.
Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
... so they need to convince us there's a market.
Just like drug companies that release a cure for a disease you'd never heard of, just after 'credible' reports appear in the media showing that most of the poopulation suffer from it.
It's a scare tactic, pure and simple.
However, there is a small sting in the tail - Mac users have little to nothing to worry about today. Tomorrow may be another story entirely.
Just because a virus hasn't been written doesn't necessarily mean it's impossible to write one. There's a creeping feeling in the Mac world that we can't be touched by malware just because we're using Macs. That's a dangerous attitude in the long run.
Mac users need only take advantage of the built-in security, plus enable a few options.
The Firewall should be on by default, but clicking the 'Advanced' button reveals an option for stealth mode. That's always a good idea. In fact, while you're there, turn firewall logging on and come back to read the log in a week or two. That'll highlight any attempts at breaking in.
Keep the administrative account around, but use a non-admin one for day to day tasks. There's no reason not to, and it forces a password check before any files outside the user's directory are altered.
Turn off the option to open 'safe' files after downloading in Safari.
There's a guide from the US NSA out there somewhere that's heavy going, but shows what good security looks like. Read a site like http://www.securemac.com/ once in a while to pick up a few tips.
Mac users needn't be as worried as Windows users should be, but a few ounces of prevention still go a long way.
I once bought a used Mac with pre-installed Symantec Software...
It was the worst crap I have ever encountered in my life, including Windows 2.x! The stupidity and uglyness of it is so enormous that the United Nations should ban it because it could easily pass as a crime against humanity. You would'nt believe it until you saw it... messing up a whole filesystem, bringing system performance to a grinding halt, fucking up the *nix part of OSX so badly that it is absolutely unusable. Oh, and of course you need a third party patch to uninstall it, and even with that patch it's a pain to go through and it still leaves some parts of OSX broken.
What kind of person must one be to program such a huge pile of shit? Compared to the braindead molluscs at Symantec, Microsoft looks like a Mensa con. There is only one Malware for the Mac and its name is Symantec. Works like a classical trojan: You install it because the programmer makes you believe it does something useful. But once you've done so, it begins to weak havoc all over the place and there is no way you can get rid of it except for major system surgery. Oh man, only thinking about that my HD was once infested with that dreck makes me puke!
The real danger for the Mac world is that these imbecile wankers are successful with their bloody scare tactics and get some ignorant management to believe their dirty, fucking lies. If then that management forces their employees to install Symantec "antivirus" dirt all over their Mac network, they might get stability and usability down to a point where they could just as well run Win95 on overclocked Pentium I Boxes with 16 MB of RAM.
I think you just hit the nail on the head; Our systems need to be diverse However, we need standards for our systems to interoperate. In that sense, we need monoculture in our data transmissions, right?
I think that's the exact reason why we should maintain a strong difference between our data and our programs. DirectX and Excel macros are probably good examples of this going wrong.
The only convincing things they have are things like opener.
Opener is a generic trojan, nothing special about it. Trojans have been somewhat effective vectors for years on many platforms. Right now someone could craft a sneaky trojan and use it to attack os x users. That said, it is unlikely, and it is even less likely such an a attack would be effective. First, Pretty much any way the user gets the trojan they will be notified that it is an executable. This means the social engineering has to pass it of as such. Second, unless it is a cross platform trojan, it will not propagate itself, thus it will only effect a small portion of the user base. Third, in order to do much useful, the user will have to enter their admin password, which will make some people suspicious of it. Fourth, there is disproportionately large number of security people using OS X, increasing the speed and likelihood it will be discovered, documented, and mitigated. Fifth, pretty much all OS X users run auto updating of their system, allowing security fixes for a given trojan to be rolled out to all users, not just those running the latest OS's. Sixth, Open source tools like ClamAV already function just fine on OS X, meaning Apple could turn around a trojan detector for a given trojan in very little time. seventh, many OS X users do not run as admin users and thus cannot perform many useful operations themselves (non-admin accounts are usable and local privilege escalations are non-trivial). Finally, while all of these stumbling blocks for a successful trojan can be overcome, it would take a great deal of motivation, which will not be financial due to the small number of machines that will be compromised compared to the relatively easy and profitable target that is Windows.
I'd also like to argue that there are a great many things that could be done to make OS's in general less susceptible to trojans. BSD Jails and virtual machines are a great step towards making trojans harder to implement. Properly implemented ACLs, with a good, understandable GUI, built into the OS, and with a well thought out series of defaults could make trojans very, very hard to pull off. I think this will eventually be done, but has not really happened simply because there is not a strong incentive. Windows has a monopoly and so many other security problems that there is no reason for them to implement such a system. Linux distros and UNIXes have implemented some protections, but for the most part they are not well tested or easy to use because the demand for them is so small. Apple has the talent to create this type of system, but customers don't want it since they are not generally under attack. These will materialize and become usable when something takes significant desktops from Windows, or when MS successfully creates a basically secure OS, and then has to address the proliferation of trojans that results.
Because you can't just drag some Applications over. Those installers put files in directories a normal user can't touch.
After all, I am strangely colored.
Symantec, does indeed need to create fear of threats where there aren't any. They sell an anti-virus for Palm OS even though most Palms don't connect to anything. They cite an actual TWO threats discovered in the wild in 2000.
Symantec's business smodel is to get US$29 or so per year from EVERY computer on the planet. They can't let any platforms go "un-taxed."
Acrobat.
/Applications. On its initial launch, it asks for a password because it puts other stuff elsewhere in the system, the files necessary for the "Adobe PDF" printer to be created, for one.
It actually is installed via a drag and drop into
Microsoft Office does it that way, too, drag and drop install followed by supplemental stuff (fonts, etc) installing itself on initial launch.
~Philly
So, really, they have a rating system, but it's not dumbed-down. If you know enough ( or *think* you know enough ) to read through all of this and decide "hey, none of that really matters for me, I don't need this update", then you at least have a detailed idea of what you're passing on. Otherwise, you should probably apply all of these updates and patches anyway... maybe waiting a few days to see if anyone reports serious issues with it if you're extra paranoid about stability.
Since we all have different operating environments and practices, a strict rating scheme is a little meaningless. If you don't use Mail, a "Severe" rated patch that only patches Mail might not matter to you... really, you need to look at the description if you care about such stuff.
And what's this talk of OS X stability issues? Pu-leeeze. Maybe if you're running 10.1. Anything past 10.2.3... any instability is likely to be hardware ( likely memory) in cause.
%uptime
10:20 up 133 days
If it weren't for updates this thing would never get shut down...
yeah, the couple of times I've had HD problems in OSX (caused by a failed powersupply in a firewire drive... screwed the disks up somehow), I was able to fix it by rebuilding the b-tree from the commandline. I haven't even needed any diagnostics....
but it would be nice to have. just in case. =P
we still reply on Norton at work, here, since we still have a single OS9 machine (for streamline and the occasional Jaz/zip disk that comes in). The machine occasionally won't boot or gets a system error and we need to repair the drive.
...spike
Ewwwwww, coconut...
Symantec's products, in my experience, create a lot of instability in Mac OS X and are very difficult to thoroughly remove. They also create a lot of unnecessary conflicts that can disable services you were using if you don't know how to go into all the kernel extension and other system folders to eliminate the software. I know OS X isn't the most secure OS in the world, but I would prefer to go without third party security than use Symantec's products, until and unless they learn how to make their products more effective and less disruptive.
(%i1) factor(777353);
(%o1) 777353
That's probably the wrong question. Being such a large company, you have to assume they rate vulnerabilities and patches -- it's almost impossible to produce high-quality software like OS X without rating patches.
The question is whether or not to release the information to the public. I can't imagine that doing so would be practically useful. If you already know what the vulnerability is, without rating it, you have a better leg up on understanding its severity, and you likely have sources of alternative workarounds until the official patch.
-Rob
Biblical fiscal responsibility
I think any game that uses SDL, because the SDL framework needs to be installed to /Library/Frameworks.
I do agree that too many applications seem to need a special password, I wish there was an easy way to expose in a decipherable manner exactly what it does that claims to need it.
Yep. They should've pulled Systemworks on version 2.0, which was simply a repackaged version 1.0 with a couple of extra third party programs to "round it out". Version 1.0 and version 2.0 were identical except that they added Dantz Retrospect Express Backup and Aladdin Spring Cleaning and called it version 2.0. I've boycotted their products ever since.
They actually had a version 3 at one point, it's still on their site. And they even have the nerve to sell it with NUM, which they discontinued for the Mac, what, last year...
To be used at the owner's expense...
I'm not saying Viri...
For the 10,000th time, the plural of virus is viruses.
Something a few other people have mentioned, I believe, that is quite important to the idea of Mac's and virii is the number of Mac's in use
It's not near as important as Microsoft's astroturfers argue.
Back in 1997 when Microsoft opened up the Active Desktop/Content/whatever security hole, the infection rate I saw on Windows boxes went through the roof in a matter of months. This was not accompanied by anything like the same kind of increase in Windows installations... it was clearly caused by a specific action that Microsoft took, and one that they have yet to undo... and this has a much bigger effect on the prevalence of Windows viruses than the market share of the OS.
That artificial one-year-from-installation expiration of Norton AntiVirus for the Mac is horseshit.
/Users/Shared. One year to the day after that file is created, your copy of NAV will cease working (you'll start getting nag messages about renewing your subscription a few weeks before that). Well, here's how you "renew":
/Users/Shared/snorosx
At install time, a hidden file called 'snorosx' is placed in
sudo rm
Voila! You just returned your copy of NAV to working order. If you're really motivated, you could set up a cron job to kill that file regularly.
I know this works for NAV 9, can anyone see if this still holds true for version 10? I suspect it does, those lazy, greedy fucks at Symantec probably just diddled with NAV 9 until it worked in Tiger and called the result NAV 10.