What do you think about Mac security and the Symantec report? Let me know.
You must be logged in to the O'Reilly Network to post a comment.

Showing messages 1 through 16 of 16.

• Know what, Mr. Gralla?
  2005-03-24 16:54:50  aristotle [Reply | View]
  
  
  Remember how a while ago, you used to harp on Firefox? Then you started using it, and shortly thereafter you were singing praises almost as delusional as those of the worst Slashdot kiddies.
  
  Wanna bet what would happen if you bought a Mac and started using it on a regular basis?
  
  Sometimes it gets tiring to read your rambles. Maybe I should envy you; it must be a nice and easy life having such a simplistic world view.
  
  To be fair, though, the admission half-way through this piece was a nice change of pace from all the usual Windows pundits.

• Out of curiosity
  2005-03-24 02:42:38  Oyku [Reply | View]
  
  
  I just happen to wonder what you are trying to imply? So you are telling that mac increasingly becoming popular will be subject to more attacks. So what? For only that FUD should I give up the most advanced UNIX desktop with affinity to open source to go get a couple of books of yours to feel safer using crappy software? No mister, I won't. I already paid more to have an apple hardware for liesure and fun that my Linux workstations (and indeed my older windows installations lacked). That is what I have and I believe many mac owners have done.
  
  
  
  No offense but you I suppose you make your living out of telling how to make workaround of crappy software and I don't think you'll be able to find opportunity in the Mac OS X = UNIX world.

• Troll Alert.....
  2005-03-23 11:48:46  themas [Reply | View]
  
  
  That I am privileged to run into a troll alert in an O'Reilly-Site.....
  Cute!
  
  In short words what he is saying:
  
  Symantec tells us we are going to run into trouble.
  Because we are so naive.
  Caught absolutely unaware.
  
  Because our OS is not as immune as we naive Mac-worshippers think.
  
  And there weren't any reallly threatening viruses (viriiiiusi) up to now because Apple is the absolute niche product (that could never even cause software developers like Microsoft or Adobe or Maya tech. or the other hundreds to even port software to the OS X platform. Which soooo small a company with negligible market share could....). And who would like to develop a virus for OS X or for Un*x or Solaris or so. (WHISPER:He just would be the hero. Finally a virus for those "safe" systems! Unix exists since approx.1969-1972.)
  
  It sounds so incredibly mature and grown-up (I'm fourty, btw...) and wise to say things like "this influenza epidemy will finally strike us really hard" or "Apple will die next year" or "We will have a second legislative period under this one".....
  But it is not.
  
  I prefer the facts. We HAVE a nice system. Quite honest to its user. Quite virus safe. If this changes, let's see.
  
  What is far more interesting than the OS is the gros of the users.
  How bug tolerant are Mac users? How tired of all the futile attempts to keep the system clean (virus, dialers, dll's, undeletable windows always popping up during boot) are we? Where could viri find a nest? Do we just double click every mail?
  In other words: How strong is the effect of pre-selection to become a Mac user?
  Let's not compare the OSes but the collective of users such an OS gerenates.....
  
  Only one issue I need an answer urgently:
  
  Why do I keep feeding them, even in this posting......

• Let's look at the stats
  2005-03-23 11:15:04  MartinHill [Reply | View]
  
  
  Preston, I'm afraid you have been misled by Symantec's marketing material. Let's look at the statistics:
  
  Microsoft Windows:
  Viruses and Worms = 70,000+ (symantec.com)
  Spyware programs = 78,000 (www.pestpatrol.com)
  Burrowers = 40 (www.pestpatrol.com)
  80% of PCs infected with spyware (webroot.com)
  Last year alone (www.pestpatrol.com):
  500 new Trojans
  500 new keyloggers
  1,287 new adware apps
  40 burrowers
  
  Mac OS X:
  Viruses and Worms = 0
  Spyware programs = 0
  Adware = 0
  Keyloggers = 0
  Burrowers = 0
  Trojans = 3
  Rootkit = 1
  
  Looks like it's actually a case of "Viruses for the rest of you".
  
  Note that Trojans can't spread by themselves - they are bits of code that pretend they are something else and need to be downloaded and opened by a user.
  
  Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself.
  
  Your espousal of the theory of "Security through Obscurity" fails to explain the fact that the number 1 web server, open source Apache with around 69% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which comes in at only 21% marketshare (Netcraft.com)? It also does not explain why the many flavours of Linux suffer from so many instances of malware despite having a small marketshare (similar to OS X I fact).
  
  31 vulnerabilities (mostly in open source components of Mac OS X) which were promptly patched by Apple does not constitute "increased attacks on OS X" as no attacks using any of these now closed vulnerabilities have been recorded.
  
  John Gruber has a useful article on why Windows suffers so much malware:
  http://daringfireball.net/2004/06/broken_windows
  
  However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 10 million+ OS X users out there - however, today is not that day. Mac OS X has been sitting untouched for 4 years now without blemish which speaks to a very impressive security story which would be a much more constructive issue for you to be writing about.
  
  Martin Hill
  Information Management Services
  Curtin University of Technology
  Western Australia

• Mr Gralia, I fail to see your reasoned point
  2005-03-23 08:49:49  rmeister0 [Reply | View]
  
  
  Nobody with a brain in their head has claimed that OS X (not Macs, but OS X - there is a difference) was immune to viruses. What they have said is that no known virus attacks have occurred in the wild.
  
  Given the structure of the core OS, they have also asserted that a successful virus attack would be capable of doing less damage to an OS X box than it would to a windows box.
  
  Spyware and adware are, to my mind, more insidious than viruses on Windows. My wife has to clean her computer on a daily basis due to the crap that mere web browsing pulls down to her machine. I have yet to find anything on my OS X boxes that I didn't explicitly put there.
  
  Symantec's assertion that hack attacks against OS X will increase is tantamount to saying that the sky is blue. Of course they will! The significant issue is this: Unix-based systems have had over 20 years of serious beating on to work out the security vulnerabilities inherent in the platform; Windows is playing catch up due to it's relative immaturity and the fact that's its code base is constantly evolving.
  
  On the flip side, the Mac community has not been very smart about this. Constantly exclaiming immunity to hack attacks is simply waving a red flag at a bull. Somebody is going to pull it off just to prove it could be done - and to have the bragging rights of being the first to do so.
  
  But the plain truth is still that the primary vectors for virus infection in Windows (Outlook's handling of attachments, the ability to edit executable files and to execute data files, ActiveX controls in Internet Explorer, etc) are more numerous than in OS X. So while security will never be absolute, would you want a system is slightly secure or reasonably secure?

• Who said anything about Viruses?
  2005-03-23 05:13:24  simon_hibbs [Reply | View]
  
  
  The malware cited by Symantec was a rootkit - a hacking toolkit that must be installed by a user logged on to the computer. Moreover it seems this toolkit (or at least some vrsions of it) must be installed by a user who already has administrator privileges.
  
  I'm not a Mac user, but if I was this realy isn't something I'd be even remotely woried about. It's also a severe stretch to talk about this script as though it's a virus, it's realy nothing of the sort although I suppose it could be used as a payload in a trojan.
  
  Scripts like this have existed for Unix for decades. Unix largely evolved in accademic institutions, breeding grounds for the most dedicated and imaginative hacker and cracker communities on earth, which is why unix security had to be so robust from day one. Yes such things exist, and yes it's right to point that out, be aware of it and take necessery precautions, but this anouncement is of little interest to anyone but conciensious sysadmins and security accademics, and it's probably not of much interest to most of them either.
  
  Simon Hibbs
  

• John Gruber's demolition of a similar argument
  2005-03-23 02:27:39  dscotson [Reply | View]
  
  
  John Gruber already addressed this very weak argument about viruses and market share:
  
  http://daringfireball.net/2004/06/broken_windows
  
  The money shot:
  The reason this argument is so popular with Windows apologists is that it’s a convenient bit of rhetoric. They say it’s so, we say it’s not. You can’t get past this argument, because it can’t be disproven without the Mac OS actually attaining a Windows-like market share.
  
  So, let’s concede the point, just for the sake of argument: OK, fine, if the Mac had the same market share as Windows, the tables would be turned and there’d be just as many Mac security exploits as there are Windows exploits today.
  
  Now what? Given that the Mac is never going to attain a monopoly share of the operating systems market — that merely expanding its share to, say, 10 percent would be universally hailed as an almost-too-good-to-be-true success — isn’t it thus only logical to conclude that the Mac is forever “doomed” to be significantly more secure than Windows?

• Wow, finally...
  2005-03-23 01:42:58  HarveyPengwyn [Reply | View]
  
  
  Finally a post on one of the O'Reilly blogs that managed to provoke a number of replies. It's a bit of an echoing void round here.
  
  Anyway, I distinctly remember (many decades ago when the universe was young and Macs were cool) that the advice was to have anti-virus software installed on them because of the number of virusses around in freeware. I had a couple running System 7 and had anti-virus software on them.
  
  I have no idea what is needed in the brave new world of the NeXTStep / MacOS / Unix cut and shut :-)

• PC Pundits Incapable of Acknowledging Reality
  2005-03-23 00:11:21  sammy90483 [Reply | View]
  
  
  I find it a frail argument, on the part of many Windows-loving pundits, that the Macintosh platform has not experienced a virus in over ten years just because of its relatively small market share. Symantec has on record, over 100,000 virues/trojans/worms. Apple's marketshare is only 3%. So wouldn't you expect that about 3,000 of those virus/trojans/worms would be written for the Mac? And yet the reality is, there is NOT A SINGLE known piece of malware for the Macintosh OS X platform going into its fifth year of the existence.
  
  True, Apple and other companies should be actively plugging security holes, but the hesitation of many PC pundits to switch to a Macintosh is more a matter of pride and foolishness than good reason. It's like saying "A car from Honda could breakdown so I'll keep buying cars from Ford."
  
  Idiocrity begets Mediocrity.

• Without realizing it...
  2005-03-23 00:08:22  Chris Shiflett | [Reply | View]
  
  
  Without realizing it, you've identified the reason behind the smug nature of Mac users. No one cares whether it becomes the target of malicious activity.
  
  You're like the little pig who built his house out of straw. While I'm sure the little pig who built his house out of bricks appreciates your concern, he doesn't care about the big bad wolf. :-)
  
  It's also helpful to have some perspective. Windows is vulnerable to the least sophisticated attacks - those that target PCs. Imagine if Amazon, Google, and Yahoo ran on Windows. They have more worries than bored 12 year olds.

• Hilarious... Good to see how Desperate you are for FUD
  2005-03-22 23:34:20  ClueGiver [Reply | View]
  
  
  Wow you must really be desperate, to have to quote fake news and FUD to make yourself feel better about your virus OS.
  
  By the way Windows isn't the only virus OS,, Linux which has a much smaller user base than the Mac OS has about the same amount of viruses as Windows.
  
  Macs have plenty of attacks it's just they've never had a successful attack. The last virus on any Mac OS was over a decade ago and it didn't do any damage, one before that was couple years with same result. OS-X of course has never had a virus worm or anything else. Name a day in the last decade that there wasn't a new Linux or Windows malware created. Oh sorry I guess there hasn't been a day yet, how embarrassing for you.
  
  Well the first Mac OS-X virus may one day arrive and on that day the score will be Mac 1 vs Windows 792,476 and Linux 664,547. Gosh it looks like you guys will always win this race, which is only fair cause you have always lost the OS race to Apple.

• re: mac os x security
  2005-03-22 22:05:57  unixguy3409 [Reply | View]
  
  
  What Symantec, this author and it seems everyone else seems to ignore is that the foundation for OS X is BSD Unix which is considered by most security experts/firms (Symantec excepted) to be one of the most secure operating systems in the world. OpenBSD is considered even more secure as it has security as it's main design goal. In short, OpenBSD is BSD pre-configured to be as secure as possible. The point of all this is to say that much research has been done on os security and BSD(OpenBSD, NetBSD, Darwin/OS X) has consistently fared well when subjected to a large series of security attacks.

• Just go and read this answer
  2005-03-22 21:09:17  timthoe [Reply | View]
  
  
  MacMerc has a balanced rebuttal that fits my opinon:
  Symantec spreads fear of viral attack on Mac

• Of course...
  2005-03-22 19:28:21  fdaapproved [Reply | View]
  
  
  ...Symantec has more than a little incentive to make claims like that. Proclaiming that the sky is falling is central to their business model. Can you name a virus for the Mac? I can't.

• Symantec are one of the least reliable sources
  2005-03-22 19:21:32  ajsutton [Reply | View]
  
  
  While I wouldn't doubt that the number of attempts to infect Macs will increase as it's market share increases, I wouldn't give too much credit to a report from Symantec as they are the biggest benefactors from Mac users worrying about viruses.
  
  It's kind of like a report commissioned by Microsoft which shows you're more productive with Windows than Mac, it's probably founded in some truths but it's definitely biased.

• At least they won't be built-in;-)
  2005-03-22 19:16:19  alain_99 [Reply | View]