Mac users 'too smug' Over Security?

wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"

Dead On

[eldavojohn]

This article was dead on.

My first ever encounter with this mentality was in high school when my music theory instructor told us that she loved her Mac and when I tried to argue with her about a number of things, she'd repeatedly reply with "No Mac has ever been hacked or had a virus on it."

Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry. I found the option to replace a mistyped word with another that the user entered. After that, whenever she typed the word "the", it was replaced with "WARNING! VIRUS DETECTED! PULL PLUG FROM OUTLET AS SOON AS POSSIBLE!" Unfortunately, her son knew enough about computer to fix it so my fun didn't last very long (only one or two lunges at the wall).

Back to the issue--I think it is a grave mistake for anyone to ever feel 100% invulnerable when it comes to computers that are connected to the internet in anyway. I would diagnose this as a standard case of a false sense of security. This is something that has plagued many people throughout history and often led to their downfalls.

What message am I trying to get across to Mac users? First, realize you're not invulnerable. Second, just browse around and look at what's out there for you to use as anti-virus and virus blocking tools. And if you don't want to, read some horror stories, perhaps that will motivate you to become aware of possible worms in your Apple.

Re:Dead On

[tkdog]

Off topic - but the type of "bird flu" that WHO is worried about hasn't been around for years. In fact it doesn't exist today either (we hope). What their worried about is that the current very lethal avian virus will mutate into an easily spread highly lethal human variant. Real viruses are much more advanced than computer ones, but then again they have been around longer. If only our cells didn't grant root privileges. :)

Re:Dead On

[Fordiman]

The point of TFA is that Macs don't get the kind of scrutiny that Windows machines do.

This is, by the way, not even mentioning the following: Now that OS-X, Windows, and Linux all run on the same hardware, spreading a fully cross-platform virus is easy. The virus first attempts to identify the target machine. Upon doing so and diagnosing apprent weaknesses, the virus then packages the relevant position-independant code in an appropriate executable container (ELF for linux, PE for Windows, a.out or unibin for OS-X) and set the entry point.

The virus then executes a found exploit, causing the offending computer to download the converted virus from the attacking computer (uploading a virus via buffer overrun is tricky; it's better to simply send up a stub that grabs the virus from the attacker than to try for a full infection via exploit). This can be done by either piggybacking the download through a program that's been cleared by the firewall (wget, internet explorer, etc), or by creating a servlet whos only purpose is to wait for connections from the attacker and let it upload.

Hell, on OS-X, you could even have it download and compile the virus SOURCE behind the user's back.

I've said it here before: I'm a pretty good programmer, and I've been fighting viruses for years. Be glad I don't write the damned things; I could probably cripple the world. The same is true for any half-competant programmer with an interest in security.

What's worse?

[DaHat]

The retailers who make this claim to those who may not know better.

A local Mac shop practically advertises that a Mac is totally secure and immune to viruses and spyware.

Every time I see one of their commercials I shake my head at the persons obvious lack of understanding of the issues at hand. It's one thing for a Mac fan to say there are secure due to their delusion... it's quite another for them to use their delusion as the basis for a sale.

It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt.

Re:What's worse?

[guet]

A platform which doesn't have Active-X, doesn't have services running out of the box, doesnt' have autorun for CDs with Sony Malware, and doesn't have an unfortunate legacy meaning almost all apps require continual admin access, is more secure in my book. There's a couple of operating systems that fit the bill, one of which you seem to hate : )

Having no known viruses at this point is an extra bonus.

Not immune of course, but then I don't hear many people claim that, in fact, I've never heard anyone say that, just heard it repeated as a truism (Mac users think this) on websites.

It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt

A lot of people and their PCs get hurt continually at present, but they come back for more and keep running the same broken system.

Re:Through the glass darkly

[A+beautiful+mind]

On the contrary. Linux is open source, therefor more people are looking to find bugs / rewrite code.

If enough eyes are looking, all bugs are shallow, that is the open source mentality. That is precisely the good thing about open source.

5% of the malware?

[yurigoul]

From the article:

One reason why there aren't many malicious Mac programs is that there are fewer Mac users out there, but the fact that some have been written shows that they are possible in principle.

5% mac users equals 5% of the virusses and other malware, wich should be equal to tens of thousands. Well, anyone knows how many there are out there? I haven't seen anything since os8, and trust me, I am neither safe, nor do I stay away from those funny sites or those servers with funny programs.

Migrated to Windows

[zlogic]

I've been using Linux for nearly a year with no Windows on my PC. After that, I had to use Windows (developed .NET apps) and on the first day got 3 completely different viruses and managed to get my system completely screwed up. Before that I had a huge experience in Windows and never had any real problems with that kind of stuff. However it appears that I've completely lost awareness of the possible dangers of running every app without checking first.
So it appears that Linux and probably Mac users are less aware of malware and do some really careless things because the probability of getting a virus is extremely low.

Bill Thompson is right

[standards]

Bill Thompson is right, but there is a much, much larger problem that's out there: cell phones. Cell phones are always connected to a large network. There are billions of them, And very few cell phones run any kind of anti-viral or anti-trojan software.

Although Bill may be writing to ride on the coat tail's of Apple's recent success, the Macintosh can get infected by a virus or a trojan program. In fact, some of the earliest computer viruses in the wild were found on the Mac. The Mac virus problem isn't as large as the Windows virus problem, but that's because there are many more Windows machines intermingling out there.

Any networked device, from routers to mainframes, from Bluetooth devices to cell phones to the XBox 360, may be vulerable to malware. All need robust security.

Re:How do you protect against the unknown?

[redragon]

I will be adding some extra security to the system. But the average user cannot do what I will be doing.

Why don't you enlighten us oh gifted one?

Macs are not Targets.

[Barzoo]

You're not vulnerable if you're not a target. Macs are not targets. And I fix all computers, Windows, Linux, Macs. Mac people are no more or less smug than those other users. Most Windows people don't have a clue about firewalls, virii, trojans, or worms fyi. Computer users are all the same. They just want something that works. BTW I haven't had to remove a virus, trojan, or a worm from a Mac yet. I've done that for Windows machines all the time and make good money doing it. You do the math.

Re:MacOS X itself?

[Seanasy]

So again how is it a safer OS if these exploits existed in the first place?

Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild. Go ahead. What are you waiting for?

If just one person who thinks Macs are just as vulnerable as PCs would just write a worm/trojan/virus, we could end these f*@&!#g trolls and all agree that security is hard. Really, please, someone write an OS X exploit and spread it. Make it benign if you're uncomfortable with writing viruses. Just get something out there.

I'd like to see it just so people will stop using the lame "there are more Windows PCs" arguments. I'm sorry but this whole issue has gotten so blown out of proportion that the first person to show a really bad Mac vulnerability with an exploit would be on every geek blog and quite possible the NYT. You'd be f*@&!#g famous.

Two Stories

[NardofDoom]

I made my mother-in-law buy an eMac. I didn't want to have to support the thing. The only trouble she has is that she doesn't run permission repairs as often as she should, but since I've turned on SSH and can run them (and software update) remotely, this isn't really an issue. She's had it for over two years and hasn't had a virus or spyware problem. (Though she gives out her email address freely, and gets a ton of spam, but Mail's filter is quite good at catching it.)

My dad bought my niece an HP laptop for Christmas. The next day, I was installing some software (Firefox, AdAware) and got a pop up for "cheap mortgages". She was fiddling with it for all of three hours on Christmas day and got spyware.

Yes, I realize that these are anecdotal stories, but they're pretty typical of the experiences most tech people have in their families.

But, as someone posted earlier, if Macs are 5% of the computer market, why aren't 5% of the viruses and spyware on Macs? That would be tens of thousands, not a few dozen.

The Biggest Mac Security "Problem"

[catdevnull]

I've seen this problem on our university's campus more than a half dozen times (oh, the horror!).

-User reads something about "SSH" to access his machine.
-User turns on SSH
-User also has no imagination with password--uses common dictionary spellings
-User is cracked into with dictionary attack
-Security team shuts down port or blocks MAC after a bank calls to report attacks
-User calls helpdesk
-Consultant re-installs MacOS X and smacks the user about the head and shoulders because they had no business enabling SSH
-User has admin privileges stripped
-Problem solved--for now.

So, the biggest "problem" is, indeed, user ignorance. But, out of the box, I'd say Macs are in pretty good shape against attacks and malware given the current lack (and history) of Mac spyware, trojans, or viruses (none that I know of).

Macs are not impervious, but they enjoy 2 major benefits:
1) There aren't enough of them for a worm to spread quickly or effectively (which is what I'd want if I were in the black arts).
2) They don't come with giant holes from the complacent company who wrote the OS--why work when you can pick the low-hanging fruit from MS?

With the new Intel chips, executeables might find new life in the Mac...but we'll see.