Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac users 'too smug' Over Security?

Posted by Hemos on from the the-problem-of-a-monoculture dept.

wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"

4 of 707 comments (clear)

  1. Re:Dead On by heavy+snowfall · · Score: 0, Redundant

    Good job replacing the FP trolls with real comments. You must be reloading /. a lot. :)

  2. "Too smug" or "Not aware"? by hal2814 · · Score: 1, Redundant

    I don't know what Mac users most people hang around with but the ones I know wouldn't know security or virus protection if it came up and bit them on the nose. A lot of these folks can barely turn on their machines and fire up their browser and word processor. I realize that I'm just speaking for the people I know but those people are Apple's target audience.

  3. Just wait.... by Austin+Milbarge · · Score: 0, Redundant

    "Mac OS may not have the gaping holes that let viruses spread, but worms, spyware and even keyloggers are out there."

    Once Mac's hit primetime and begin to take a larger market share of the personal computer industry, then we'll start to see some serious viruses. Won't be long. Hackers will find holes. It just isn't worth their time and effort right now to affect a small percent of computer users.

  4. Mac OS X is more secure, period. by daveschroeder · · Score: 1, Redundant

    At the risk of repeating myself, on this subject, I recently answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.

    Question from Lisa L. Spangenberg, UCLA:
    Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?

    Gregory A. Jackson:
    Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.

    First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).

    If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.

    It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a message, and nothing more. There is simply no equivalent to this on any other platform. Microsoft's track record and attitude on security (though admittedly much improved) versus other vendors speaks volumes on this topic.

    It takes work and thought to do security, and do it right. Ease of use and security aren't mutually exclusive. The key is to make security easy to use, and Apple has so far been on the right road with Mac OS X.

    But the small installed base of Macs makes them an unexciting, low-visibility target for the bad guys, and so the weaknesses don't get exploited much.

    The marketshare argument only goes so far. This seems to be a version of the "Macs have no software" argument. It is indeed true