Slashdot Mirror
Mac Users Blast Symantec ... Again
An anonymous reader writes "Once again Symantec has spouted FUD about Mac OS X ... perhaps in an attempt to make more money as Microsoft pushes its own security products? A commentary on the issue entitled "Symantec 'scare tactics' don't rattle Mac users" says Symantec's latest Internet Security Threat Report continues to voice concern for the security and stability of the Mac operating system, Mac OS X in particular. However, there isn't proper evidence to back this claim. Also from the story, readers are asked: Do Mac users think they are immune to security problems or is Symantec and others fishing for a new revenue stream? Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"
Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"
Apple would be retarded if it followed any of MSFT's security policy.
perpetually dwelling in the -1 pits
Comment removed based on user account deletion
- Users all switch to platforms without security problems.
- Microsoft makes Windows Vista secure.
- Microsoft includes AV and a decent firewall with Vista.
This is a counter to the possibility of option one.On the Mac, as with most other platforms, there are periodically vulnerabilities that allow arbitrary code to be run. These are generally patched quickly, making them a poor vector for attack (except amongst the uptime-is-a-measure-of-masculinity crowd, who refuse to reboot for security patches). The only convincing things they have are things like opener. Opener itself is nothing more than a bash script - it runs, and if you run it as root then it will disable the firewall, etc. and run a server people can connect to. Of course, you then need some kind of social engineering attack to persuade people to download it, run it, and enter an admin password. This is, of course, possible - just find some stupid people. The problem is that a virus scanner won't do anything to protect you against this kind of thing.
I am TheRaven on Soylent News
That doesn't mean the Mac is more secure it just means that there are less windows for worms and virii to crawl through. Oh wait, I guess that does make it more secure.
I've hit Karma 50 and gotten a Score:5, Troll... I win!
... so they need to convince us there's a market.
Just like drug companies that release a cure for a disease you'd never heard of, just after 'credible' reports appear in the media showing that most of the poopulation suffer from it.
It's a scare tactic, pure and simple.
However, there is a small sting in the tail - Mac users have little to nothing to worry about today. Tomorrow may be another story entirely.
Just because a virus hasn't been written doesn't necessarily mean it's impossible to write one. There's a creeping feeling in the Mac world that we can't be touched by malware just because we're using Macs. That's a dangerous attitude in the long run.
Mac users need only take advantage of the built-in security, plus enable a few options.
The Firewall should be on by default, but clicking the 'Advanced' button reveals an option for stealth mode. That's always a good idea. In fact, while you're there, turn firewall logging on and come back to read the log in a week or two. That'll highlight any attempts at breaking in.
Keep the administrative account around, but use a non-admin one for day to day tasks. There's no reason not to, and it forces a password check before any files outside the user's directory are altered.
Turn off the option to open 'safe' files after downloading in Safari.
There's a guide from the US NSA out there somewhere that's heavy going, but shows what good security looks like. Read a site like http://www.securemac.com/ once in a while to pick up a few tips.
Mac users needn't be as worried as Windows users should be, but a few ounces of prevention still go a long way.
Malware targets weaknesses in an operating system, not a processor.
A virus that hurts Windows will be ineffective against Linux, even though they run on potentially the exact same hardware.
OS X will have the same weaknesses and strengths on x86 as it does on PPC, so you can rest a bit easier. If you're still not sure, get the final PPC revision Macs, and wait for a year or two before going to x86 Macs. You'll know all about any issues by then.
I once bought a used Mac with pre-installed Symantec Software...
It was the worst crap I have ever encountered in my life, including Windows 2.x! The stupidity and uglyness of it is so enormous that the United Nations should ban it because it could easily pass as a crime against humanity. You would'nt believe it until you saw it... messing up a whole filesystem, bringing system performance to a grinding halt, fucking up the *nix part of OSX so badly that it is absolutely unusable. Oh, and of course you need a third party patch to uninstall it, and even with that patch it's a pain to go through and it still leaves some parts of OSX broken.
What kind of person must one be to program such a huge pile of shit? Compared to the braindead molluscs at Symantec, Microsoft looks like a Mensa con. There is only one Malware for the Mac and its name is Symantec. Works like a classical trojan: You install it because the programmer makes you believe it does something useful. But once you've done so, it begins to weak havoc all over the place and there is no way you can get rid of it except for major system surgery. Oh man, only thinking about that my HD was once infested with that dreck makes me puke!
The real danger for the Mac world is that these imbecile wankers are successful with their bloody scare tactics and get some ignorant management to believe their dirty, fucking lies. If then that management forces their employees to install Symantec "antivirus" dirt all over their Mac network, they might get stability and usability down to a point where they could just as well run Win95 on overclocked Pentium I Boxes with 16 MB of RAM.
It's true that OS X is more secure than XP normally, but there's one thing that worries me - stupid developers who make users type in their admin password for no good reason.
There are so many application installers out there that make the user type in the admin password that users are in the habit of providing it whenever the dialog box appears.
This opens the door for a socially engineered virus/trojan horse - one that politely asks the user for permission to infect the system.
Really. Why do developers insist on providing windows-style installers when all you have to do is drag the app to the right folder and let go?
Clear, Dark Skies
OS X's stability is absolutely , in all the time i have been running the system I have had one crash (The Crash was my fault ) , The finder has restarted itself a few times which i believe has lost me a sum total of 60 seconds working time .
/' command or running an applescript that formats the drive. It could ship with tighter default security settings, but allow fine tuning like "I know what I'm doing on the commandline" or the like.
The only times I have had programs that were unstable was when i was using Beta versions of things.
how much software do you run? How much do you actually do with your computer?!
I've had Adium, illustrator 10, illustrator CS, photoshop CS, MPlayer, Safari (many, many times), iTunes, Word, Filemaker Pro, InterfaceBuilder, Bittorrent, and Quake3 (repeatedly) unexpectedly quit on me.
Having a program die is not a reflection on the stability of OSX, but the programming of the application. Application crashes are usually caused by unexpected things happening in memory (accessing a freed block of memory or memory that doesnt' belong to the app)... eg: bugs.
I've had dozens of kernel panics in OSX, although most of them are attributed to bad hardware or bad drivers or earlier versions of X. OSX beta and 10.0 panic'd pretty often. Jaguar was quite solid and panther was even moreso. My G5 panic'd the first time I booted it, but when I called for support, they said that the machine may have just had some processor calibration issue, but if it panics again to give them a call (it's been 2 months an no panics).
Anyway... the only real market I see for symantec for OSX users is system diagnostics and filesystem repair. Maybe even support for trojan protection. I don't think it would be that difficult to have something that looks for certain "bad things." It could protect from malicious scripts and even user error. It could stop a beginner user from typing the 'rm -rf
i don't understand why they didn't do that already.
...spike
Ewwwwww, coconut...
Eh, I think it will hit a few people hard. But (unless Mac marketshare magically soars to 30%+ or something) by the time it manages to propagate very far, Apple will have had plenty of time to release a patch. I mean, I only know of a couple other people I email with Macs. Assuming I even used Mail.app (I use webmail, so it would be hard for the virus to send itself through me), that means that if I got the virus from one of them, I would probably only infect one or two more people - not like the dozens at a time that a Windows virus is sent to. Until/unless Macs become *way* more popular, any virus will move so slowly that it will be caught before it manages to infect the majority of Macs.
Though, yes, it will suck for those of us who are hit early.
Warning: Apple/Nintendo fangirl. Likes her electronics cute & cuddly. May be rabid.
Symantec is trying to sell a product that doesn't really apply in the Linux/OS X environments.
I'm not saying Viri and Worms don't or couldn't exist on a *nix platform. What I am saying is that security patches are released within the same timeframes as virus updates, so why not just set your box to auto-update those patches and skip the Anti-virus software route all together?
On other vendor's platforms, there are both a greater frequency of attacks and longer delays between patches (probably due to the shear number) so Anti-virus software serves a market there.
So it isn't hubris that the Linux and OS X are imune, it is that the OSS community and Apple work quickly to patch any vulnerability ASAP.
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
Do Mac users think they are immune to security problems
Many may, but in general... no more than Windows users, many of whom think that because they have antivirus software they don't need to worry about security.
Really, this is a straw man. It's like someone in California chiding someone in Darwin for not being prepared for an earthquake or mudslides.
Because you can't just drag some Applications over. Those installers put files in directories a normal user can't touch.
After all, I am strangely colored.
I don't bother running Virex, nor do most people I know. But I know one of these days I'm gonna pay for it. The problem with Virex, as with all Virus scanners is that in the nightmare scenario you describe Virex isn't gonna know about it until you already have the virus. And if someone does do all that stuff, and does screw your Mac...they will likely also find a way to disable your recovery and virus downloads anyway. Against a fast moving virus, yesterday's definitions are useless. So if the virus protection can't help you, why bother paying for it? Most of the major problems on windows are worms now anyway. Following the guidelines of someone like securemac.com should be plenty.
I tried for 5 years to come up with a clever sig...only to realize that I am not clever.
Symantec, does indeed need to create fear of threats where there aren't any. They sell an anti-virus for Palm OS even though most Palms don't connect to anything. They cite an actual TWO threats discovered in the wild in 2000.
Symantec's business smodel is to get US$29 or so per year from EVERY computer on the planet. They can't let any platforms go "un-taxed."
Because Windows is so pervasive, and because it has some obvious flaws, particularly in the security area, we have a whole "symbiotic" culture that has evolved around MS. That culture includes firms like Symantec and NAI/McAfee, as well as application vendors like Intuit. All of these have a strong vested interest in keeping the near-monopoly status quo, even if something else might ultimately be more in their customers' interest.
You can then have clueless journalists (as well as, of course, the vendors' coin-operated "think tanks" and "research firms") talk about "industry consensus" and similar nonsense.
Acrobat.
/Applications. On its initial launch, it asks for a password because it puts other stuff elsewhere in the system, the files necessary for the "Adobe PDF" printer to be created, for one.
It actually is installed via a drag and drop into
Microsoft Office does it that way, too, drag and drop install followed by supplemental stuff (fonts, etc) installing itself on initial launch.
~Philly
Anyway... the only real market I see for symantec for OSX users is system diagnostics and filesystem repair.
Too bad they gave up on that market by killing Norton Utilities for Mac a couple years ago. Of course, that product peaked at version 6 and started stinking up the place after that. IIRC, it was never updated for OS X, either-- the most they did with it was make it OS X aware, so it wouldn't screw something up while trying to "fix" something that OS X needed a certain way.
Pity, that. I used to swear by NUM back in the day. These days, I rely on Cocktail, DiskWarrior, and Data Rescue X. Not that I need them very often.
~Philly
Does anyone else believe there are only so many "real" viruses out there? The rest are engineered by the virus scan companies?
For example you install Symantec norton antivirus. It detects something as a virus. Let's say you DON'T clean or quarantine it, and just install norton.
Now install McAfee antivirus. It may not even detect that same virus at all. Assuming both scanners are all updated, how can a virus count in one software and not the other.
So, really, they have a rating system, but it's not dumbed-down. If you know enough ( or *think* you know enough ) to read through all of this and decide "hey, none of that really matters for me, I don't need this update", then you at least have a detailed idea of what you're passing on. Otherwise, you should probably apply all of these updates and patches anyway... maybe waiting a few days to see if anyone reports serious issues with it if you're extra paranoid about stability.
Since we all have different operating environments and practices, a strict rating scheme is a little meaningless. If you don't use Mail, a "Severe" rated patch that only patches Mail might not matter to you... really, you need to look at the description if you care about such stuff.
And what's this talk of OS X stability issues? Pu-leeeze. Maybe if you're running 10.1. Anything past 10.2.3... any instability is likely to be hardware ( likely memory) in cause.
%uptime
10:20 up 133 days
If it weren't for updates this thing would never get shut down...
No OS is immune from exploits.
Symantec shouldn't just be pointing out how many exploits have come to their attention, they should be providing evidence to support their position. Things like, how many exploits became full blown threats to the security of OS X. None.
They should be providing details about how their NAV(Norton Anti-Virus) software has changed over the past several iterations to deal with this pervasive threat. It hasn't.
Currently Symantec is using the same software, without any significant changes, since the release of OS X, that's no significant changes or enhancements, zero, zilch, nada, for over three years, but they're still happy to sell you a new version for $70+ and come out and make wild claims about how you too are unsafe. When what the consumers are really unsafe from is bad business practices and corporations that are willing to try and scare you out of your hard earned cash.
Why is this happening? Money, greed, avarice and lying.
That's probably the wrong question. Being such a large company, you have to assume they rate vulnerabilities and patches -- it's almost impossible to produce high-quality software like OS X without rating patches.
The question is whether or not to release the information to the public. I can't imagine that doing so would be practically useful. If you already know what the vulnerability is, without rating it, you have a better leg up on understanding its severity, and you likely have sources of alternative workarounds until the official patch.
-Rob
Biblical fiscal responsibility
Yes, Acrobat is more feature rich than the OS.
But please explain why it need to have the admin password to install it. Is there anything in Acrobat that is system wide, moreso than something like Office would provide? I really don't think so, but would love to be enlightened.
More likely, it's Adobe being lazy with programming and making things easier on themselves rather than proper and secure programming techniques. Remember, if there's a bug in their application at a system level, it could represent a real security hole because of the way the installer works.
There are two types of people in the world: Those who crave closure
Something a few other people have mentioned, I believe, that is quite important to the idea of Mac's and virii is the number of Mac's in use
It's not near as important as Microsoft's astroturfers argue.
Back in 1997 when Microsoft opened up the Active Desktop/Content/whatever security hole, the infection rate I saw on Windows boxes went through the roof in a matter of months. This was not accompanied by anything like the same kind of increase in Windows installations... it was clearly caused by a specific action that Microsoft took, and one that they have yet to undo... and this has a much bigger effect on the prevalence of Windows viruses than the market share of the OS.
There is one problem I see. Regardless of what may come in the future, Symantec are currently using deceptive tactics to lure people into buying their software. They are lying to Mac users. Shouldn't they be trying to earn our trust? On Windows computers, I won't use Symantec products because I don't trust the company.
It's that simple.
The reason girls and Windows users don't understand UNIX is because all the documentation is in Man files.
Clearly something does stop Spyware authors, otherwise Mac users would be complaining about spyware.
However, why on earth would one think that Symantec is the solution to the problem? If there is a known problem, Apple will patch it. If it is an unknown problem, Symantec cannot fix it.
There's a big difference in the sources where people get their virus news. On the Windows side, you see it in trade journals, on news sites, even on TV when there's a big virus making Windows machines crap out left and right. Yet...you only hear about Mac viruses from companies (Symantec?) who are trying to make a buck. Maybe when I read about Mac viruses in InfoWorld or some other news source I'll be mildly concerned.
"He uses statistics as a drunken man uses lampposts...for support rather than illumination." - Andrew Lang
I found a serious one when I was doing some testing prior to the implementation of Mac OS X 10.3. As far as I know, this issue still exists despite my reporting it to BOTH Symantec and Apple... (I believe Symantec did something about it in their latest version, though I haven't had a chance to test it yet... but I know OS X would still allow the problem in 10.4.)
The scenario goes like this: Create a cron task to update Norton AV for Mac from the command line. Log off the system. Unplug the network cable. Wait for the cron task to fire. Norton tosses up an error box indicating that it couldn't update itself. This error message appears OVER the login screen, along with an Apple menu that shows you logged in as the administrator user who setup that cron to update Norton. Even without logging in you have limited access to OS X as AN ADMINISTRATOR!
(I discovered this little "hiccup" when I'd configured Norton to auto-update and found that our network had experienced a problem overnight when the update was scheduled to take place. Imagine my surprise to come in and find a machine with an administrator's Apple menu accessible and no one logged into it!)
Personally, I think applications shouldn't be able to display GUI elements if the user initiating those applications isn't logged in at the moment, and certainly not if NO ONE is logged in.
For slightly more information on how to update Norton AV 8.0 and 9.0 from the command line and via cron, see: http://mikesalsbury.com/mambo/content/view/115/