Macs May No Longer Be Immune to Viruses 391
Bill writes "MSNBC reports that the combination of Apple's growing market share and their recent switch to x86 processors has made Mac OS X a new target for viruses. Unfortunately, it seems that many Mac users are in denial. '[Computer security expert Tom] Ferris said he warned Apple of the vulnerabilities in January and February and that the company has yet to patch the holes, prompting him to compare the Cupertino-based computer maker to Microsoft three years ago, when the world's largest software company was criticized for being slow to respond to weaknesses in its products.'"
Immune? (Score:4, Insightful)
Again, a total non-story (Score:3, Insightful)
This MSNBC(!) story contains no facts whatsoever. No piece of significant OS X malware has been discovered so far, and I believe it's highly likely that there won't be any in the immediate future. WTF does the Intel switch have to do with that?
Re:Switch to Intel (Score:1, Insightful)
Re:Article is a troll (Score:2, Insightful)
I don't think you've thought this through.
1) Consider how long it took for the hacking community to make OS X to run in a virtual machine on an Intel Box.
2) Now consider how long it took for the hacking community to make windows run on a macbook.
Which one of these tasks was harder (I would say the first, as Apple was actively hindering this activity, but 'not precluding' the second).
In spite of this (and inspite of the second task having a $13000 prize), the first hack was done in a much (much) faster time. Why do you think this is? The answer of course is barrier to entry. The $2000 barrier to entry you used to have to pay to use OS X (and test exploits against it) no longer exists, if you don't think that makes a difference to hackers (many of whom are in far less afluent countries then you), then quite frankly, you're insane.
Forbidden Fruit (Score:3, Insightful)
Viruses for all different operating systems exist.
There are holes and exploits for practically everything known to man.
Now, if I walk into the dodgiest parts of town (with my turtle neck sweater on) and ask the shady guy at the street corner for a forbidden secret preview of the next big thing do you really think I will survive with the same number (and size) orifices as I started with?
Once you leave the beaten track, you cannot be sure what lurks in the shadows.
Re:Macs have never been "immune" to viruses (Score:5, Insightful)
Nonsense. Microsoft is the target of viruses and spyware because of Microsofts moronic design decisions and security policies, not because of marketshare.
mixed article (Score:5, Insightful)
The article was mixed in accuracy. Many Mac users believe themselves to be invulnerable - the truth is they are currently
Nothing in IT or anywhere else is 100%. Currently OS X is more secure in many areas than its competitors. To maintain or improve on this, constant vigilence and innovation are required by Apple, ISVs and most importantly users.
cha-ching (Score:4, Insightful)
I'm in denial about invisible pink unicorns too. Put up or shut-up.
Re:Immune? (Score:5, Insightful)
Burglars break in houses with the most vulnerable alarm system, not because of the popularity of the alarm system.
Re:Macs have never been "immune" to viruses (Score:5, Insightful)
You're right that they have never been "immune" to viruses. I don't expect you to say something stupid like that *nothing* is immune to viruses unless you can successfully hack my hello world program, but macs definitely aren't. That doesn't mean they're as bad as Windows though, so if you say something like "Nor even markedly more resistant" how about you back up that comment...
Re:Switch to Intel (Score:3, Insightful)
How does everybody figure this? As a results-oriented person, I have to say Apple's track record is better than Microsoft's at the moment.
Re:Gosh, it does sounds like MS. (Score:5, Insightful)
Re:Immune? (Score:2, Insightful)
Countdown ... (Score:2, Insightful)
3, 2,
Re:Article is a troll (Score:2, Insightful)
Re:Switch to Intel (Score:1, Insightful)
Your comparison of Apple with Microsoft 3 years ago lacks any kind of substance; please provide examples if you wish to be taken seriously. Apple has been doing security updates for OS X since it was released, and they never had Microsoft's earlier issues with enabling all sorts of dangerous remote services by default. The closest to such a problem was the problem where a spoofed local DHCP server could be used at boot-time to gain access, but that still required access to the LAN the computer was on.
I would trust neither system to prevent local privilege escalation (i.e. trojans can and will be a problem for some time to come).
I'd say Apple and Microsoft are currently close to the same level of security in terms of potential for exploitation, but MSWin is still targeted considerably more.
Re:Switch to Intel (Score:3, Insightful)
Re:Article is a troll (Score:3, Insightful)
Good point - you're quite right. But, while virus writing has become a multi-million dollar industry recently, many of the people writing exploits are not the ones directly making money off them.
To these people, lowering the barrier to entry from $500 to $0 will make a tremendous difference.
And on that point, wouldn't some haxors love to also be one of the few to make a sucessful virus/trojan/etc OS X or Linux (where's the barrier of entry here?) instead of one of the few thousand for Windows? I thought prestige was some sort of motivation. Pff.
Its good that you mention linux - A few years ago, linux users were complacent [theregister.co.uk] the way mac users are now. A few worms, a few defacements, a few embarressed, burnt users & now the linux community is more proactive about threats. That has yet to happen in OS X land.
And yes, prestige as you say is going to be a big motivator to uncover OS X holes.
Comment removed (Score:4, Insightful)
Re:Macs have never been "immune" to viruses (Score:5, Insightful)
Nonsense. Microsoft is the target of viruses and spyware because of Microsoft's moronic design decisions and security policies AND because of marketshare.
Virus writers are writing viruses to make profit; either by stealing information, creating botnets, or proliferation of unwanted advertising. They make more profit by exploiting more machines, so it's no wonder that the most common OS is also the most targetted.
The fact that it's so trivial to exploit Microsoft software is purely because of the moronic design decisions and security policies, not because of marketshare. But the fact that Microsoft is so frequently the target of virus writers is a function of marketshare as well.
Re:Article is a troll (Score:5, Insightful)
No, the article points out what I thought was obvious.
To write a worm/virus you actually need to know how to assemble on the target architecture for at least two reasons:
1 - The first thing you do before attempting to exploit a crash is to debug it, now how do you debug on an architecture which you don't know? Trying to debug low level code (remember it's precompiled binaries we're talking about here, not scripts) without knowing how to assemble on the target architecture is like running the marathon without a leg.
2 - If you find a way to inject code you'll need, well... code to inject..., and this code has to be written in the lowest possible level so that you can interrupt to system calls without depending on operating system libraries and avoid specific opcode patterns that would have a meaning to the high level application and prevent your injected code from running as expected.
Taking in account that every geek in the universe knows x86 assembly, if you think for a while you'll realize that the architecture switch makes OSX much easier to debug for the majority of people, and inherently much easier to exploit.
Comment removed (Score:3, Insightful)
Car thieves steal Accords because they are common (Score:2, Insightful)
You don't see a lot of mac viruses because virus writers are looking for a large population to spread their malware, and macs are few and far between.
Re:Switch to Intel (Score:3, Insightful)
Re:Immune? (Score:1, Insightful)
So "security" doesn't exist? (Score:3, Insightful)
Fascinating. So
Machines can only be infected by:
Worms
Viruses
Trojans
Worms spread via open ports. If Macs have no open ports by default, then the worm threat should be near zero for Macs.
But you say that it is just because there aren't a lot of Macs out there. So
Fascinating.
What's the Difference Between Me and You? (Score:3, Insightful)
Still, I WOULD like to see Apple try to do more to keep OSX secure. The system should only allow its system directories to be modified in single user mode -- I'm pretty sure BSD has a flag for that. I'd also like to see downloaded applications run as some other user that isn't allowed administrative access to the system at all, password or no. They'd probably have to make some changes so that the user could be restricted from changing its user ID to minimize the damage of people providing their passwords blindly when the dialog comes up. Allow the user to take explicit action if they want the application to be able to run as the regular user.
It still wouldn't be a perfect defense, but nothing can help you if the user's going to bend over backwards to give an application access to the system. Operating system companies really should err on the side of paranoia whenever possible.
"No Longer" Immune? (Score:1, Insightful)
Nobody with a functioning brain thought that Macs were ever immune to viruses.
Re:Immune? (Score:1, Insightful)
Not entirely, you have to consider the market for stolen cars and stolen car parts for anyone other than your joyriding car thief (the thieves that steal cars for the money). Car thieves typically take what they can sell or chop up to sell, easily (as in there is a market for them). In this regards, they are like computer viruses. The brands/makes of cars that are most popularly stolen are also the ones that have large market share, thus the widely available market for spare parts and the sale of used models of that car. So, when faced with wanting to get some money and you are a car thief in the USA, are you going to steal the (alarm or not) Accord, which is widely popular in the USA, or are you going to steal the Pinto or the Gremlin, which you may drive every day for two hours for a month and not see a single one on the road? If you chopped it up for parts, which parts or "resale" would have the largest market, and therefore the most money into your pocket with the least effort?
Virus writers are the same. In order for a virus to spread, you have to have a "critical mass" of machines or the virus will simply stop spreading. For example, you'd have to have at least a single "link" between two machines that are of the same type of OS so the virus could spread. If the ratio were 1:more-than-one, for every machine infected, there would be a high chance of finding another uninfected machine to infect. If the ratio were 1:1, for every machine infected, there would be one more infected by that machine, if it weren't already infected, so even this is a very low rate of spread. If the ratio were 1:less-than-one, then the virus will most likely not have many options even if it did happen to infect a machine that could contact another machine and the new contact wasn't already infected.
In Mac-centric communities, this ratio may be fairly high (a Mac user may have a number of Mac user friends) even though the total number would be small. So, you could write a virus that would, in the best case a few years ago, infect at most two million machines.
Just like a biological virus and viral biological warfare. There may be reason to design a very targeted virus to infect only one targeted segment of the population (precision viral assassination) but if you want to take out a large number of individuals and cause the most devastation, you're going to design something that will spread rapidly among a very broad target host and that won't happen if you design the virus to target some weakness that only 1% of the target population exhibits.
User-base fallacy (Score:3, Insightful)
Take care,
brad
Re:Car thieves steal Accords because they are comm (Score:3, Insightful)
So. Not Accords. But get the picture? Nine year old Civics? The most common cars stolen are those which are owned by people living in the neighborhoods where thieves operate.
What really matters is no the most common car stolen but the car with the highest rate of theft. And for that, the top ten are: 1999 Acura Integra, 2002 BMW M Roadster, 1998 Acura Integra, 1991 GMC V2500, 2002 Audi S4, 1996 Acura Integra, 1995 Acura Integra, 2004 Mercury Marauder, 1997 Acura Integra, 1992 Mercedes-Benz 600. Someone likes those Integras.
Thing is, theft rate doesn't help your dorky argument. Because not only are there few Macs being broken into or zombied or attacked by virii, but Apple's *rate* is nearly zero as well.
Re:well duh! (Score:3, Insightful)
people supporting alternative systems such as linux and unix (including mac os), etc. should avoid claiming they are not able to be infected with virus and worms. such false advertising may cause people to abandon the adoption at the end because they will just think "hey, why spend all the fuss when you get the same problems.) ignorance is the problem. education is the solution.
I agree with you, but I think most of the ignorance is in the other direction. Talking to the average Windows user, most assume Mac users do have to deal with the same level of spyware, worms, and other malware that they do. When told, "No I've never been infected with any of them and in fact no mac worm has ever spread to OS X machines on the internet," many simply don't believe it. Those that do, sometimes inaccurately claim when speaking to others that mac can't get viruses, when in fact they just don't get viruses (or haven't yet).
Apple has been very careful on this issue, to never claim their machines are immune to viruses. I think the fact that most users don't know Macs are more secure than Windows machines and are unlikely to have malware problems greatly overshadows the problem of Mac's security being overstated by some individuals.
Re:Immune? (Score:5, Insightful)
There aren't any. That fact alone would be a challenge to a malicious hacker. The first successful writer of Mac viruses would earn enormous respect.
And it hasn't happened. Either the virus writers are idiots, or it can't be done.
This story is FUD based on the evidence. The article is spreading -- the article is the true virus. Microsoft and its little family of corps are at it again.
Re:Immune? (Score:3, Insightful)
A 'commercial' worm author doesn't give a shit about what you have on your PC, how much money the PC's owners have. Generally, all it cares about is that your PC is connected to the internet and that it can use the connection to send spam. That's it. They aren't trying to steal your secret family recipes or wedding photos.
I'm afraid you're woefully out of date. Worms can and do harvest CC numbers and other personal info and that trend is increasing. You can buy "identities" right now on underground Web sites where the higher the credit rating the higher the cost. A lot of those identities come from compromised databases, but more and more are garnered from worms reporting via the control channel. Further, the relative wealth of PC owner often correlates significantly with the bandwidth available to that computer.
Nice try on the whole "Mac users spend big bucks, so they're more valuable targets!" argument though. I wonder if you made any other irrelevant, probably incorrect generalizations in your post.
I don't know, why don't you actually read the post rather than complaining about the supposed inaccuracy of what you haven't bothered to read?
Re:Switch to Intel (Score:3, Insightful)
Re:Immune? (Score:2, Insightful)
According to this posting at macobserver:
http://www.macobserver.com/editorial/2003/08/29.1
He found 26 viruses that targetted Mac OS Classic, 553 Microsoft Macro viruses, and 0 Mac OS X viruses. This was in October of 2003.
So if you give Mac OS X a single virus to make the math work, there are 96% more viruses for Macintosh pre Mac OS X. There was not a 96% drop in market share for Apple from Classic to Mac OS X periods of time.
Re:Apple == MS (Score:2, Insightful)
Harvard Architecture? (Score:2, Insightful)