Mac users 'too smug' Over Security?

wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"

Macs are not Targets.

[Barzoo]

You're not vulnerable if you're not a target. Macs are not targets. And I fix all computers, Windows, Linux, Macs. Mac people are no more or less smug than those other users. Most Windows people don't have a clue about firewalls, virii, trojans, or worms fyi. Computer users are all the same. They just want something that works. BTW I haven't had to remove a virus, trojan, or a worm from a Mac yet. I've done that for Windows machines all the time and make good money doing it. You do the math.

Re:Dead On

[Fordiman]

The point of TFA is that Macs don't get the kind of scrutiny that Windows machines do.

This is, by the way, not even mentioning the following: Now that OS-X, Windows, and Linux all run on the same hardware, spreading a fully cross-platform virus is easy. The virus first attempts to identify the target machine. Upon doing so and diagnosing apprent weaknesses, the virus then packages the relevant position-independant code in an appropriate executable container (ELF for linux, PE for Windows, a.out or unibin for OS-X) and set the entry point.

The virus then executes a found exploit, causing the offending computer to download the converted virus from the attacking computer (uploading a virus via buffer overrun is tricky; it's better to simply send up a stub that grabs the virus from the attacker than to try for a full infection via exploit). This can be done by either piggybacking the download through a program that's been cleared by the firewall (wget, internet explorer, etc), or by creating a servlet whos only purpose is to wait for connections from the attacker and let it upload.

Hell, on OS-X, you could even have it download and compile the virus SOURCE behind the user's back.

I've said it here before: I'm a pretty good programmer, and I've been fighting viruses for years. Be glad I don't write the damned things; I could probably cripple the world. The same is true for any half-competant programmer with an interest in security.