Slashdot Mirror
Why You Shouldn't Panic Over Mac Malware
Earlier this week, we discussed reports that Mac malware was finally becoming a significant problem. Now, reader wiredmikey points out an editorial arguing that everyone should slow down and analyze the situation more calmly so the threat can be accurately assessed. Quoting:
"According to Apple, the Mac installed base is approximately 50 million users. But according to Gartner, the number of Android handsets sold in 2010 alone exceeded 67 million units, giving it an installed base that is larger, and growing much faster, than the Mac base. If a large numbers of eyeballs is indeed the lure that causes criminals to write malware for a given operating system, surely Android is a more tempting target than Mac OS. ... I predict that the increase in perceived risks to Mac customers will give Apple the excuse it needs to increase its control over the Mac software ecosystem, by moving ISVs to the Mac App Store. It is no accident that the theme of the upcoming Lion desktop operating system is 'Back to the Mac': taking concepts that Apple employed successfully with the mobile version of OS X (iOS) and back-porting them to the desktop OS. One of those features is the introduction of the Mac App Store, an Apple-controlled storefront for selling and distributing applications. ... This provides buyers some assurance that their apps are from known points of origin and that they don’t contain malware, such as the Mac Defender Trojan horse.
Safari browser exploits and other app exploits can still lead to installing malware on a machine.
I'll admit I bought a macbook in 2009 with likelihood of system vulnerabilities in mind. I *did* consider a number of other things, so I'm not a bad person, I swear.
Some say it's a case of going to a FOSS operating system... or specifically a BSD family kernel... or even of going to OpenBSD exclusively. Some say it's a case of knowing our OpenBSD software inside out and testing thouroughly *and* putting various in safeguards.
However, they're all missing a piece of the puzzle. Qubes OS should be on everyone's radar, especially since it's starting to progress. Sadly, it's one of those things that unless you give it some time to read up about you'll only hear bits and pieces about and then sadly ignore it.
Qubes, with Joanna Rutkowska at the helm no less, is a solid framework of ideas that results in the security we should all expect of an operating system. Fear that you'll have input sniffed or root compromised? Have your system disconnected from the internet - "what?", you say, before you read on and realise how silly it is in the first place.
Everything is in a VM instance, each VM instance can boot from the same image and run a (single, if you feel like it) program. The data that instance *thinks* was written to disk was instead pushed to a copy-on-write block device which can be thrown away when you're done.want files between different VMs? Message dom0 with the request from inside the VM and then accept the dialogue box that your isolated dom0 greets you with.
Sadly, I'm not the best ambassador. Sadly, I'm in a rush and haven't supplied my best effort in communicating how significant Qubes will be. Sadly, it's taken until now to have decent security on a desktop. But now I can be confident.
The universe is smiling down on me for this post with a captcha of "secure", and rightly so if you hop aboard.
There's no need to deflect attention,, this is not about Android, this is about Apple computers having the type of issues for which PCs have always been made fun of.
The reason Mac users are now targetted is because they are less computer savvy, have deep pockets and have been educated to open their wallet on command.
Unless Apple makes it mandatory for all applications on Macs be installed using the new app store, then it doesn't prevent anything. It's not like Mac users are going to immediately stop installing stand-alone programs the moment the store comes out. And if they're installing standalone programs, then the people who get tricked into installing fake anti-virus software won't give it a second thought about installing what that fake system message pop-up told them.
...because you don't have a Mac?
That covers most people - many of whom actually should panic over Windows malware. But nobody should be too smug, not even Linux-only or BSD-only users, since every compromised machine (Windows or Mac or whatever) pollutes the internet commons.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
It's probably not a popular opinion here, but my experience with the Mac App store is very positive. It works well, no installation hassles, automatic upgrades,... and I have the impression that it drives the price down.
Yeah, this story is complete bullshit. Apple is not going to lock down Mac OS X Lion. There's no way they can use this current trojan as an excuse to do something which makes no damned sense in the first place. Apple will not cripple Mac OS X. The only remotely possible thing is that 10.8 could have a security model that defaults to only allowing signed apps, but the user can toggle a System Preference to enable it. However, even this is of extremely low likelihood. Mac OS X and iOS are not the same OS. What's good for one OS is not necessarily good for the other. That's why there are two OS's in the first place! Tech "writers" need to figure this out.
Nice bit of Astroturf there.
So, we shouldn't worry about malware on the Mac because Oh LOOK here's some speculation about a completely different OS so don't pay attention to this story anymore!!!
And then the inevitable push from Apple to have total control over you system by the eventual restriction of apps to Apple market-approved programs only. Well that's sure a nice idea, too bad some of the Official apps like Safari also contain security weaknesses. So much for the safety of the walled garden approach. But it's not stopping them from trying, apparently.
No, I don't panic over Malware on my Mac. It has nothing to do with Android, or any other OS, or the App Market, or anything else this shit-for-an-article is talking about.
The story has the correct title but rather misses the point. Yes, it's not time to panic. There is a set of malicious tojan horse programs out there for MacOS. The current crop require the user to authorise their installation. i.e. the security weakest link (at the moment) being exploited is the one behind the keyboard. Very often this is the places where security is the weakest, just watch WarGames if you doubt this. MacOS is by design, with a greater degree of privilege and OS/Application separation, more resistant to attack than Microsoft Windows has been. However, this is not to say that it is not vulnerable. All systems are, be it design flaws or merely implementation flaws. Yes, I'm looking at you Linux, FreeBSD, OpenBSD, Solaris, HP/UX and AIX. No-one can rest on their laurels.
Agrajag: "Oh no, not again!"
And you'll see why 2011 will be like "1984."
"National Security is the chief cause of national insecurity." - Celine's First Law
The person who most passionately appears to criticise some ideology in his youth is most likely to follow it in his old age.
(Politicians doubly so.)
Yeah, this story is complete bullshit. Apple is not going to lock down Mac OS X Lion.
I disagree. I think Apple probably will ship a locked-down version of OS X sometime in the next couple of years, and it'll be the default version of the OS. Yeah, you'll still be able to unlock it, but it may not be particularly easy - indeed, the ability to unlock may only be available in a separate "professional" version of the OS.
And I think given the stupidity of the average user (Mac, PC, Android, whatever), this is probably not a bad thing.
So far, the OS X AppStore couldn't be called 'wildly popular' since its inception on January this year. Regularly, I checked my installed apps for availability in the App Store, because it allows for such easy updating. Lo and behold, only fairly trivial apps are there, the following list is not available in the App Store:
Now I agree that stuff like a bittorrent client (Vuze) and a network sniffing tool (KisMAC) would probably be refused in the App Store. But all in all, the OS X App Store could be called a disappointment so far.
Note that the Opera browser (which contains a bittorrent client) is in the App Store.
8 of 13 people found this answer helpful. Did you?
And, yes, they will certainly lock down OSX.
Ahh, the inevitably incorrect Apple prediction. The most valuable tech company in the world that was predicted dead in 1997...the company that killed the floppy drive prematurely...the company that adopted USB too early...the company with the lame mp3 player.
You may still be able to buy a Mac Pro with an unlocked OS, but I'm willing to bet that soon all iMacs and MacBooks will be 100% walled garden.
That is possibly the most stupid prediction I've seen. Why would the company who is getting ready to consolidate OSX Server and OSX Home into ONE edition --OSX Lion-- start making different versions of the OS based on the user's hardware?
Keep predicting slashdotters, because my livelihood benefits from your terrible predictions.
Don't worry, huh? There are more Androids than Apple computers out there... While I believe some people store pretty important information on their phones and "pads", I tend to think that malware in a deskptop is a much more serious threat to people - maybe because most people store their most personal and sensitive information in desktops?
Just an education to those "happy-go-lucky" fanbois who believe their beloved Macs are somehow immune to malware:
1. Malware can appear on any system - yes, even my beloved Linux is not totally immune from the threats.
2. Defending computing devices against malware is as much about your own common sense as it is about someone else's anti-walware software or handing over your responsibilities in their entirety to Lord Jobs The Almighty. That means understanding *how* malware can enter through a web-site, email attachment, etc. and not going to sulubrious websites or opening emails where you don't necessarily trust the source. Yes, fanbois, it may be beneath your designer "pay someone else to do it lifestyles" but it all comes down to not being naive plonkers and learning how a computer works.
3. Apple has become an "evil company" in the eyes of many, just like Microsoft and Sony did. When that's the case, subsets of malware authors who consider themselves to be Internet Robin Hoods will consider that they are doing the world a favour by targetting Apple over and over again. Whether they do that or not is irrespective of how many Macs are out there, it's more on just how big and evil they perceive Apple to be.
4. Apple moving all software under the App Store banner is *precisely* what Apple wants to do because it makes them more money - it has *nothing* to do with anti-malware measures apart from giving them a good excuse to do it amongst the faithful. As that lockdown gets more and more, you will see a recurrence of exactly what has plagued Windows for many years - namely that not every fanboi has millionnaire parents and whilst some will buy every piece of software they use, most will get cracked copies which will be infected with all manner of malware because they won't or can't pay for the software.
5. Yes, Android will also be targetted and non-techie Android users will suffer as a result. But anyone who is tech-savvy knows where the legitimate sources for software are and how to do as many checks as possible before installing anything. I've run Windows XP alongside Linux for years, for about 5 years now I went totally legitimate in the software that I use (I gave up with cracks and warez, I use Open Source programs and legitimately licensed and paid-for software) and I've not seen a piece of malware or virus in years - and that's running freebie virus checkers and anti-malware programs.
6. I've not used Vista or Windows 7 because I've found no good reason to - but as I understand it, in Windows 7 Microsoft have put in much better layered security that takes into account people who don't know what they're doing and, as a result, it's having a positive effect on reducing malware spread on Windows 7. Yet at the same time, Apple leaves a ridiculous amount of unpatched flaws (especially in that Safari garbage) on their systems. The net result is malware creators will ultimately find it easier to target Apple than Microsoft, as Microsoft gets better and better at holding them back. (Nope, I'm not an MS fanboi, I use Linux more than Windows but I tell it like I see it as a security techie in my day job.)
So stop with the defensive posturing, get your heads out of your assholes and READ THE FUCKING MANUALS like the rest of us do.
Gentoo Linux - another day, another USE flag.
For OSX its the opposite. For every small task that i want to accomplish, i seem to need to pony up. Every small time programmer tries to make a buck with his little program. Nothing wrong with that, but where are the Free/Libre alternatives?
Well, OS X is still a vastly smaller community than Windows, and I suspect that although Linux (desktop) users outnumber OSX users a disproportionate number of Linux users are also programmers. So its not surprising there's less choice. That also means that the money to be made from true "honesty box" shareware is probably smaller, so developers are more likely to require payment. Also, historically, Mac OS "Classic" developer tools and documentation cost an arm and a leg - of course, since OS X they've been free (or very cheap, for iOS), but the early days may have set community expectation. Finally - I don't think OS X is the easiest platform to develop for (however elegant) and OS X users tend to demand nice GUIs on everything.
However - its not all bad: First, OS X is Unix: Install "fink" or "macports" and you'll get access to a huge number of Free/Libre packages from the Linux/Unix world - albeit most of these are command-line or X11. If you don't want to roll your own, lots of major "free" projects offer OSX versions: (off the top of my head and at random: LibreOffice, Eclipse, InkScape, VirtualBox, PostgreSQL, MySQL, Mozilla) not to mention the stuff that is already present in OS X (Apache, PHP, Ruby, Python, Samba, CUPS...) I hope the latter list doesn't diminish too much as projects move to GPLv3.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
Maybe this part of a strategy to eventually get Macs back into the enterprise.
Views expressed do not necessarily reflect those of the author.
This is something Apple took the piss out of a couple years back, why would they start doing it with their own products?
To paraphrase SJ when he was introducing Mac OS 10.whateveritwas: "We have a Basic Edition that retails at $99. Moving up from that, you can purchase the Home Edition, also for $99, or the Business Edition for $99. And if you want the luxury of having all the features that we've built into Mac OS X, you can go all out and purchase the Ultimate Edition –at just $99".
They're not going to feature lock. This would just be daft.
1) hackers, malware makers will not find Apple interesting as they are too busy with android.
2) Apple's further monopoly on the distribution mechanisms for content and applications, creating an unphantomed money making machine, is their antivirus solution.
3) ...
4) Profit!
The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
I'm not really sure how Apple can lock down their systems without actually crippling them. Sure, the App Store will be there in Lion (it's already there in 10.6), but that doesn't mean you have to use it. Unless, of course, Apple plans on canning access to their development tools, which would be stupid.
Given that their current strategy is to include most of the facilities one would expect to find on a typical *nix box (of any stripe), that would be a big step to take. Since my use and support for Macs is based on the fact that I happily use a second-hand MacBook (inherited from my wife) that offers nearly all of the functionality of my Linux machines without having to diddle with it, that would be a marketing mistake. I quite like the compactness and reliability of the hardware, but not so much that I will accept being told how I may or may not use it.
Not agreeing they may do it - just saying its a trivial thing TO do if Apple does want to. Companies do 180s plenty of times; Apple has made numerous headlines doing so in the past.
To Apple, OS X is dead. Lion is the first push towards killing it.
From everything I'm seeing so far from Apple, They will be betting on iOS in the future for their OS offerings. It's got a huge userbase, has much more apps available, and has proven to scale very well to large format screens and processors.
I mean, when's the last time you saw a Steve Jobs E-mail that said "Sent from my iMac" instead of his iPad?
In Soviet Russia, Trojan exploits YOU!
This wasn't my contention, it was the so-called "tech writer's". His claim was, in part, that Android would sap away viruses from Mac OS X, because Android outnumbers the Mac. This conveniently ignores the fact that iOS *vastly* outnumbers Android. Yet somehow Android malware vastly outnumbers iOS malware...
In a strange way it does bolster his argument, but not in a way that flatters Android.
A well functioning app store is not what we object to. We object to the situation Apple has created with the iPhone/iPad/etc. were you are not allowed to install software that is not from the app store.
Palm trees and 8