Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac users 'too smug' Over Security?

Posted by Hemos on from the the-problem-of-a-monoculture dept.

wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"

12 of 707 comments (clear)

  1. Re:Dead On by pwhysall · · Score: 5, Informative

    That link doesn't even mention OS X, and is dated 2000.

    --
    Peter
  2. Completeley useless article, no facts at all by mstroeck · · Score: 4, Informative

    I don't know who the guy is, but the article is completely useless. There are absolutely no hard facts in there. Please point us to ONE SINGLE virus, keylogger, adware, or any type of malware at all before making ridiculous claims like the old and completely bogus "it's just because of low market share". It's just not true. I haven't come across anything dodgy so far and I've _actively_ looked for it. Nothing except some shell-script with a highly hypothetical threat. Also, keep in mind that OS X users tend to get a large percentage of their software from centralized sources like apple.com and VersionTracker, which wouldn't post or quickly pull any infected software. IF there was any kind of outbreak, it would be all over the Mac-web within an hour at the maximum.

  3. Re:wait.... by gEvil+(beta) · · Score: 4, Informative

    IIRC, Word macro viruses on a Mac tend not to be nearly as damaging as their Windows counterparts (less ties into the system and other Office apps, etc). However, the big problem is that Word for Mac acts as a vector of transmission. Word docs that contain macro viruses that don't affect the Mac in any way can wreak havoc as soon as they're opened on a Windows machine (assuming someone clicks the 'run macros' button on opening the file).

    --
    This guy's the limit!
  4. Re:Mac resistance to malware by Paradise+Pete · · Score: 3, Informative
    security by obscurity doesn't really work for long.

    Sheesh. Make a phrase that rhymes and people will just beat it to death. It's not security by obscurity, it's security by architecture. Is it invulnerable? Of course not. But it's more than just the market share that provides the security.

  5. Re:Dead On by bbernard · · Score: 5, Informative
    40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.

    That's beside the point of the article. The article wasn't blasting security on the Mac, it was pointing out that Mac's are susceptible to problems to. Doesn't the vulnerability of software running on a Mac constitute a security problem on the Mac? If I can get in does it matter if it's through the OS directly or through an application?

    The article was suggesting that Mac users need to be every bit as cautious as the "rest of us" on our Windows boxes. It was railing against the same type of thinking that causes parents to decide not to get their children vaccinated against things like measles because you never hear of measles cases anymore. Of course not! It's because we've been vaccinated! So Mac users: go get your booster shots.

    --
    ----- Connection reset by beer
  6. Re:Options for OS X by __aafutm5472 · · Score: 3, Informative

    You're more right than you think. Symantec's antivirus software for Mac is crap and difficult to get rid of...

  7. Re:Dead On by earthbound+kid · · Score: 5, Informative

    According to Wil Shipley, there has been maybe one real virus for Mac OS X, maybe. Even then, it didn't spread much and no one's sure if it really existed in the wild and it may have just been a trojan.

  8. Re:Dead On by NardofDoom · · Score: 4, Informative
    The site you linked to covered a wide variety of the 30 or so viruses available for the Mac. None of which run in OS X. A few of which are spread using Hypercard, which has been discontinued.

    1995 called. They want their FUD email back.

    --
    You have two hands and one brain, so always code twice as much as you think!
  9. Re:Dead On by arivanov · · Score: 4, Informative

    You need to read non-Apple security material more. When MacOS X came out a whole list of setuid apps used by the "pretty shell" to tell the OS to do simple things like load a CD or eject it had security wholes all over the place. http://www.derkeiler.com/Mailing-Lists/securityfoc us/bugtraq/2001-10/0117.html is a prime example. I admit Apple learned from its mistakes pretty fast, but the initial release of MacOS X was one big local security hole. You are correct - networkwise it was more or less OK, but once someone managed to connect it was ripe for picking.

    --
    Baker's Law: Misery no longer loves company. Nowadays it insists on it
    http://www.sigsegv.cx/
  10. Re:well, here's the problem... by j-beda · · Score: 3, Informative
    In Wild, known Infections: http://www.macintouch.com/opener.html

    But "opener" requires a previously comprimized system. A "rootkit" without a viable delivery mechinism isn't really a "virus" or "worm" or even a "trojan". Acording to McAfee: "This threat does not make use of an exploit, so to have the script run successfully on a system and make changes, the user account from which the script is run must have sufficient rights. If no superuser/root/admin access is available many of the subroutines will fail and generate errors." I don't know why McAfee classifies it as a virus/worm since it doesn't seem to have any propagation abilities.

    Exploit, unknown level of infections: http://news.zdnet.co.uk/internet/security/0,390203 75,39155837,00.htm

    True, the exploit mentioned is a tricky thing (potentially allowing code that was downloaded to be run as trusted), however I don't know if any was ever found in the wild - and even then it would still require an administrator's password to do system damage. The "hole" was supposedly patched by Apple's Security Update 2004-06-07 according to Unsanity who had released a little application to guard against the exploit.

    If those are the only two you've found, you haven't really shown any "In Wild, known Infections" in my opinion.

  11. Cowhand-A trojan for MacOS X by Animats · · Score: 3, Informative
    There are a few MacOS-X attacks in the wild. Cowhand-A was the most significant one of 2005. It's a Trojan, and it turns the computer into a proxy zombie for remote connections. It's primitive by Windows virus standards. It just installs a program in the startup folder, and makes no attempt to conceal itself.

    So it's clearly possible to craft attacks for MacOS-X. But Mac market share is so tiny that few bother. Back before the PowerPC transition, when Apple had more market share, there were more Mac viruses. "Back in the late 1980s, viruses used to be a much bigger problem on Macs than on PCs. We here at F-Secure used to have an antivirus product for Mac but discontinued it after the macro viruses died out".

    There have been some gaping holes in MacOS-X browsers that allowed execution of remote code. But nobody bothered to exploit them. Or so it is thought. There's always the possibility of quiet exploits that extract some useful information from the target, ship it somewhere, then clean up and exit.

  12. Re:Dead On by Peganthyrus · · Score: 3, Informative

    Hell, on OS-X, you could even have it download and compile the virus SOURCE behind the user's back.

    OSX only comes with compilers if you specifically install them from the dev tools disc. Most people won't have done this.

    --
    egypt urnash minimal art.