Forgot your password?
typodupeerror

Macs May No Longer Be Immune to Viruses 391

Posted by Zonk
from the harsh-reality dept.
Bill writes "MSNBC reports that the combination of Apple's growing market share and their recent switch to x86 processors has made Mac OS X a new target for viruses. Unfortunately, it seems that many Mac users are in denial. '[Computer security expert Tom] Ferris said he warned Apple of the vulnerabilities in January and February and that the company has yet to patch the holes, prompting him to compare the Cupertino-based computer maker to Microsoft three years ago, when the world's largest software company was criticized for being slow to respond to weaknesses in its products.'"
This discussion has been archived. No new comments can be posted.

Macs May No Longer Be Immune to Viruses

Comments Filter:
  • Heh. (Score:5, Interesting)

    by c0l0 (826165) on Monday May 01, 2006 @05:31AM (#15235652) Homepage
    One might wonder why this (non-)story is featured on the front page of MSNBC... ;-)
    • Re:Heh. (Score:5, Informative)

      by Rosyna (80334) on Monday May 01, 2006 @06:28AM (#15235786) Homepage
      It's just sad really. This Tom guy can't read crash reports. He reports the same TIFF crash as two different crashes, and then says there is a parsing error in CFAllocatorAllocate(), which does parse anything, it just allocates memory. In CF, most functions will call abort() and force an application crash if given bad parameters. Such as a 0 size for memory.

      Most, if not all, of these just amount to DoS attacks and it's not actually possible to get them to run arbitrary executable code. But now days any kind of reproducible crash is incorrectly regarded as a massively massive security issue. It's people like Tom Ferris that make real computer security jobs into a joke.
      • Re:Heh. (Score:3, Interesting)

        by h4rm0ny (722443)

        Yeah but don't worry - did MSNBC just report that Macs were gaining market share? Whoops. ;)
    • LMAO, yeah.. last time I checked, the bug was in this code of MS Management cycle..:P

      while (generating_crappy_systems())
      {

      char* company = pick_yet_another_company();
      int percentrisk = assess_risk_from(company);
      int percentgrowthrate = assess_growth_of(company);
      if (percentrisk > 10 || percentgrowthrate > 10) launch_FUD_against(company);
      continue; // with generating_crappy_systems();
      }
    • Re:Heh. (Score:3, Informative)

      by BrynM (217883) *

      One might wonder why this (non-)story is featured on the front page of MSNBC... ;-)

      MSNBC is a member of the Associated Press [ap.org]. They're probably hoping that the FUD will spread via other news agencies picking up the story from AP feeds. Since it's Monday morning, I'm sure at least one groggy editor has picked it up. From the looks of a Google News Search [google.com], MSNBC actually picked the story up from April 24 (The San Jose Mercury News and the Daily Breeze).

  • Immune? (Score:4, Insightful)

    by Red Samurai (893134) on Monday May 01, 2006 @05:32AM (#15235654)
    They never were immune. It's just that most virus writers don't give a crap about Macs.
    • Re:Immune? (Score:5, Interesting)

      by Scudsucker (17617) on Monday May 01, 2006 @05:37AM (#15235666) Homepage Journal
      It's just that most virus writers don't give a crap about Macs.

      And the fact that Macs never had Outlook, the PC version of Internet Explorer, Active X, ports and services open all over the place, or piss poor priveledge seperation. That is why Macs don't have viruses (Linux as well, for that matter), not because of market share.
      • Re:Immune? (Score:5, Insightful)

        by stefaanh (189270) on Monday May 01, 2006 @05:50AM (#15235705)
        Otherwise said:
        Burglars break in houses with the most vulnerable alarm system, not because of the popularity of the alarm system.
        • Re:Immune? (Score:3, Insightful)

          by squiggleslash (241428)
          Burglars aren't virus writers. They burgle specific homes they choose in advance.

          If you were to build a robot that simply burgles as many homes as possible, using each home as a launching pad to burgle other homes, then... ok, this analogy doesn't work to begin with, and I can't see a way of stretching it to actually work. Bad analogy. This is about virusses, not about burgling homes.

          If you write a virus, you most certainly DO aim it at the most popular platform amongst those it has to contact to spread

          • Re:Immune? (Score:3, Interesting)

            by stefaanh (189270)
            I don't agree.

            Virus writers, malware and adware writers are not that different from burglars.

            Nobody claims Mac OS X or Linux to be super secure. Especially not Apple or any engineer for that matter. Hence the number of security updates. But the process is very transparent for everybody, user, engineer, hacker or cracker.

            Of course social engineering works regardles of platform.
            I agree that the number of infections has to do with the popularity of the platform.

            But the speed and the ease of infection has to
            • Nobody claims Mac OS X or Linux to be super secure.

              [Glances at article title]

              Riiiiiight. No-one would ever dream of suggesting that Macs were previously "immune to viruses". :-)

          • Re:Immune? (Score:5, Informative)

            by 99BottlesOfBeerInMyF (813746) on Monday May 01, 2006 @11:08AM (#15237085)

            You make several good points, and it is clear a lot of people who are not in the security field overestimate the security of an OS X system. It is somewhere on par with the average Linux workstation, which is to say people out there can hack it if they are targeting you specifically. Worms might, but probably won't be an issue for an average user. Notifications and restrictions on users are middle of the road for security versus ease of use. I think, however, you are slightly incorrect on several points and are basing your opinion on several incorrect facts.

            If you write a virus, you most certainly DO aim it at the most popular platform amongst those it has to contact to spread, especially if all the other platforms combined don't even reach 10% of the market, unless there are serious mitigating circumstances.

            This is true in some cases, but not all. A good number of worm authors are for-profit these days they want to make money. Windows is the biggest market segment and the easiest target. It is not, however, necessarily the most profitable. Half the Windows machines out there are sitting in a business office and have no data easily exploitable for profit. Another 25% or so are home machines owned by people in the third world who have pirated the copy and don't even have credit cards.

            Mac users, on the other hand, are people who shelled out big bucks for a high-end machine. Some Windows users are too, but by no means a large percentage of them. What percentage of Macs do you suppose have valuable, credit card and personal info for someone with a high credit rating?

            Macs are not so rare that dumping one on Comcast's network would not net you a pile of machines. Further a cross-platform virus that hit both macs and Windows machines would solve the propagation issues. No, the reason worms don't hit Macs is not propagation or lack of a target. Nor is it lack of motivation. While many worm authors are working for profit, a large number are also just showing off and being malicious for its own sake. A lot of them would love to take "those mac users" down a peg.

            The reasons we don't have mac worms spreading are:

            • Unfamiliarity - many worm authors use tools and a knowledge base that is very Windows specific. Many just don't know how to write a Mac worm.
            • Difficulty - There is no IE or Outlook and the default, common internet apps avoid many of the security snafus MS has made with them. Ports are closed and services not running by default. Like it or not, the average Mac is harder to attack that the average Windows machine.
            • Community Expertise - you can have a worm propagate on Windows machines for weeks before it hits a honeypot or smart security guy's machine and becomes recognized. There is a higher percentage of security people and clueful professionals on Macs, so worms are/will be detected more quickly. The one attempt I know of to spread one used a Mac forum as the insertion point and was detected by users there and dissected immediately.
            • Zero day to a month - The time between the discovery of a vulnerability that actually presents a real risk of worm propagation and the rollout of the fix is shorter, due to Apple's faster response time. This is party due to the complexity of the architecture and partly due to policy.
            • Up-to-date security - If you're running Windows 95, 98, ME, or 2000 there are unpatched security holes on your machine. If you're running Windows XP, you may or may not be up to date depending upon your security update policy and what application you need and whether or not they work with specific security patches. If you are running any version of OS X you still get security fixes as they are rolled out. If you are running OS 9, well, there just isn't much pout there and isn't likely to ever be for a plethora of reasons.

            And the truth is that Darwin's lack of fine grained security means it has a limit to how secure it'll ever be.

            It is true that OS X has not implemented jails or Man

      • Re:Immune? (Score:2, Insightful)

        by Gobelet (892738)
        But that is the modern propagation of viruses. How did people infect computers before that? By infecting medias. Dammit, you don't need a security flaw to embed viral code in a software that you have to install with root.
  • Switch to Intel (Score:5, Interesting)

    by pryonic (938155) on Monday May 01, 2006 @05:33AM (#15235658)
    I can see how the increased market share would make them more of a target, but I can't really imagine how the change in CPU would. The vast majority of x86 viruses target Windows using very specific windows API functions or by patching Windows components. If a writer is targetting a x86 Mac, how does the CPU matter, it would just be compiled for that processor.

    Maybe we'll be seeing x86 and PPC virus fat binaries?

    • I can see how the increased market share would make them more of a target,

      The ability to run Mac OS X in virtual machine lowers the barriers to entry to test exploit code from $2000 to (effectively if you allready own a PC) $0.

      The intel transition makes it cheaper & easier for crackers, phishers, etc to develop for OS X. (As well as making assembly easier to port).

      Its about making it easier to port exploits rather then having fat binary viruses.
    • Re:Switch to Intel (Score:5, Interesting)

      by Rosyna (80334) on Monday May 01, 2006 @06:33AM (#15235801) Homepage
      I can see how the increased market share would make them more of a target, but I can't really imagine how the change in CPU would

      The Harvard architecture that the PowerPC uses is inherently more secure than x86. A remote exploit on running code has a very low chance of working on the PPC, but nearly a 100% chance on the x86 (which is why all these IE exploits work all the time). When they fail to execute code, the PPC application just crashes. I'd think if someone went to a place that causes their browser to crash 10 times in a row, they'd stop trying to go there.

      Then again, Apple has taken massive steps on the x86 side to prevent these kinds of attacks. Such as enforcing the NX/XD bit and enforcing a non-executable stack. The former goes a long way, it was even able to prevent the WMF exploit from working on Windows, if it was available in hardware. Luckily, all ICBMs ship with the hardware support.
      • Re:Switch to Intel (Score:4, Insightful)

        by jcr (53032) <.jcr. .at. .mac.com.> on Monday May 01, 2006 @06:38AM (#15235814) Journal
        Of course, beyond the code-level measures that Rosyna mentions, there is also the fact that the Mac, as shipped, is vending NOTHING. Rather hard to get the runaway propagation typical of a windows virus outbreak, when each user has to explicitly open each port.

        -jcr
      • I'd think if someone went to a place that causes their browser to crash 10 times in a row, they'd stop trying to go there.

        Yet somehow, MySpace still has visitors...

    • I can see how the increased market share would make them more of a target, but I can't really imagine how the change in CPU would.

      Let me tell you how: most hackers and virus writers just don't buy Macs. Many of them have machines enough to run games and their favorite Linux distribution and many of them don't have the money to pay for shiny overpriced (in their view) boxes with eye candy OS...

      What happens now, however? OSX runs on Intel, it was leaked on the Internet, the naturally curious hakcers install i
    • The vast majority of x86 viruses target Windows using very specific windows API functions or by patching Windows components.

      That's true of the viruses today. But it might not be far off where a virus attacks a particular chipset. I remember when I first heard of DRM in bios in the future being able to access the internet, I thought of the possibility of a virus attacking the bios. Guess we'll need norton antivirus 2007 for Phoenix.
      • Doesn't the trend in virus-writing go in the opposite direction? I have the impression viruses used to be really difficult to write, having just a small amount of space to store their code. Now it's a huge binary, or some visual basic script.
        • Doesn't the trend in virus-writing go in the opposite direction? I have the impression viruses used to be really difficult to write, having just a small amount of space to store their code. Now it's a huge binary, or some visual basic script.

          The trend in viruses is to exploit the latest weakness. It might be difficult to do (programming assembly sucks), but I think it's theoretically possible
    • Re:Switch to Intel (Score:4, Informative)

      by m50d (797211) on Monday May 01, 2006 @07:15AM (#15235902) Homepage Journal
      Well-written viruses (which, yes, the vast majority aren't) are usually done in hand-coded assembler. For many buffer overflows, that's all you have space for. Sure, you need to know the API as well, but I think that's easier to learn than another assembly language.
  • Article is a troll (Score:4, Informative)

    by bobintetley (643462) on Monday May 01, 2006 @05:34AM (#15235659)
    What a load of rubbish - viruses infect via operating system and application vulnerabilities, the chipset those are running on has very little relevance.
    • What a load of rubbish - viruses infect via operating system and application vulnerabilities, the chipset those are running on has very little relevance.

      I don't think you've thought this through.

      1) Consider how long it took for the hacking community to make OS X to run in a virtual machine on an Intel Box.

      2) Now consider how long it took for the hacking community to make windows run on a macbook.

      Which one of these tasks was harder (I would say the first, as Apple was actively hindering this activity, but 'n
      • by rolfwind (528248) on Monday May 01, 2006 @06:07AM (#15235745)
        The $2000 barrier to entry you used to have to pay to use OS X (and test exploits against it) no longer exists, if you don't think that makes a difference to hackers (many of whom are in far less afluent countries then you), then quite frankly, you're insane.


        I suppose you haven't actually checked the Apple Store the last few years. The barrier of entry has been around $500-600 the last few years. Unless haxors absolutely need l33t 15" Powerbooks instead of a mac mini.

        And on that point, wouldn't some haxors love to also be one of the few to make a sucessful virus/trojan/etc OS X or Linux (where's the barrier of entry here?) instead of one of the few thousand for Windows? I thought prestige was some sort of motivation. Pff.
        • by kryten_nl (863119)
          I totally agree, now to te rest of you: Since the trojan writer / spammer alliance, writing viruses has become a business worth millions of dollars. If you still think that a virus writer won't buy a couple of powerbooks, if he thinks he can make a profit, you're dead wrong.
        • I suppose you haven't actually checked the Apple Store the last few years. The barrier of entry has been around $500-600 the last few years. Unless haxors absolutely need l33t 15" Powerbooks instead of a mac mini.

          Good point - you're quite right. But, while virus writing has become a multi-million dollar industry recently, many of the people writing exploits are not the ones directly making money off them.

          To these people, lowering the barrier to entry from $500 to $0 will make a tremendous difference.

          And on
      • I don't think you've thought this through.

        1) Consider how long it took for the hacking community to make OS X to run in a virtual machine on an Intel Box.

        2) Now consider how long it took for the hacking community to make windows run on a macbook.

        Which one of these tasks was harder (I would say the first, as Apple was actively hindering this activity, but 'not precluding' the second).

        People in glass houses....

        Which one of these tasks is harder:

        1) For the hacking community to make OS X to ru

    • by AC-x (735297) on Monday May 01, 2006 @06:37AM (#15235812)
      Well I wouldn't say it was a complete troll.

      After all, if you've been writing windows exploits for x number of years in x86 assembly, which will be easier:

      a) Writing OSX exploits in x86 assembly
      b) Writing OSX exploits in PPC assembly

      Of course I'd still be surprised if OSX had anywhere near as many security flaws as Windows, but it only takes one...
      • Of course I'd still be surprised if OSX had anywhere near as many security flaws as Windows, but it only takes one...

        I'm thinking it would take two flaws...

        1) The flaw you want to exploit.
        2) A flaw in the OS to allow exploit #1's installation without throwing up the "Enter your administrator password" dialog so the user isn't tipped off something bad is happening.

        This is a big barrier--not impossible, but a big one to get past. The Apple "limited-Administrator" model is vastly preferable to the "Everybo

    • What a load of rubbish - viruses infect via operating system and application vulnerabilities, the chipset those are running on has very little relevance.

      It helps of 99% of the hackers out there run on a compatible chipset though.
    • by Deorus (811828) on Monday May 01, 2006 @07:54AM (#15235992)
      > What a load of rubbish - viruses infect via operating system and application vulnerabilities, the chipset those are running on has very little relevance.

      No, the article points out what I thought was obvious.

      To write a worm/virus you actually need to know how to assemble on the target architecture for at least two reasons:
        1 - The first thing you do before attempting to exploit a crash is to debug it, now how do you debug on an architecture which you don't know? Trying to debug low level code (remember it's precompiled binaries we're talking about here, not scripts) without knowing how to assemble on the target architecture is like running the marathon without a leg.
        2 - If you find a way to inject code you'll need, well... code to inject..., and this code has to be written in the lowest possible level so that you can interrupt to system calls without depending on operating system libraries and avoid specific opcode patterns that would have a meaning to the high level application and prevent your injected code from running as expected.

      Taking in account that every geek in the universe knows x86 assembly, if you think for a while you'll realize that the architecture switch makes OSX much easier to debug for the majority of people, and inherently much easier to exploit.
  • Leap of Faith (Score:5, Informative)

    by ozmanjusri (601766) <aussie_bob@NOsPam.hotmail.com> on Monday May 01, 2006 @05:35AM (#15235660) Journal
    I'm not even a Mac user and I still call FUD on this one. TFA was so slim on detail it was impossible to work out what had actually happened, and after searching for real info it turns out the virus, Leap.A, needs a root password to do any damage. Better article here: http://edition.cnn.com/2006/TECH/04/30/apple.secur ity.ap/index.html [cnn.com]
    • Re:Leap of Faith (Score:3, Informative)

      by NitsujTPU (19263)
      Just wait.

      Something will rip through OSX. It may not harm much, but the news to a lot of users is that it could happen at all.

      The real shocker will be when most Linux users get some nasty virus. It won't have to damage much.

      Simply put, viruses happen. That's life. Don't protect yourself, it's like sex without a condom. It's not that its usually unsafe, it's just that the one time it gets you, you end up with some terrible disease (and, if any future girlfriends read this, I'd just like to note that thi
      • Re:Leap of Faith (Score:5, Informative)

        by ozmanjusri (601766) <aussie_bob@NOsPam.hotmail.com> on Monday May 01, 2006 @07:07AM (#15235884) Journal
        Just wait.
        Something will rip through OSX.

        Something may well do so one day. This wasn't it though. This article was nothing more than hype about a three month old worm that failed to infect more than a few machines and doing little damage once it did. The worm used as an example had nothing to do with the architecture change purported to be trhe reason for the exploit. The whole thing was a puff-piece of self promotion by Tom Ferris, nothing more.

        If you want to hear about damage done in *ix, ask someone about sendmail or NFS exploits, or httpd, or telnet, or xdmcp.)

        I'm old enough to remember them. I'll start to be concerned about my Linux installs when there's an actual exploit that's happened less than a decade ago.

  • by mstroeck (411799) on Monday May 01, 2006 @05:37AM (#15235665) Homepage
    Why does Slashdot continue to post Apple-related non-stories? Every time Steve Jobs farts or some idiot proclaims the coming Mac-Virus-Mayhem (tm), Slashdot takes the bait.

    This MSNBC(!) story contains no facts whatsoever. No piece of significant OS X malware has been discovered so far, and I believe it's highly likely that there won't be any in the immediate future. WTF does the Intel switch have to do with that?
    • It's important to "throw poorly researched stories to the wolves" once in a while, so people can pick them apart.

      I, for one, am happy when Slashdot finds these stories with ridiculous claims or patently false information and brings them to our collective attention. Otherwise, as an I.T. professional, it can become really frustrating when a client drags one of them out as ammunition to back up a potentially bad business decision. If you're previously unaware of such an article and it suddenly gets thrown i

  • The funny part is what x86 would have to do with it? The x86 ABI of Mac OS X (which is SYSV like) preclude the usage of ordinary Windows tools, and getting a OSX/x86 targeting toolchain based on GCC is (slightly) harder than getting a PPC one has been.

    Sensasionalist piece. Hanging is too good for them :-)
  • Forbidden Fruit (Score:3, Insightful)

    by LiquidCoooled (634315) on Monday May 01, 2006 @05:39AM (#15235676) Homepage Journal
    Anyone knows you don't get something for nothing.

    Viruses for all different operating systems exist.
    There are holes and exploits for practically everything known to man.

    Now, if I walk into the dodgiest parts of town (with my turtle neck sweater on) and ask the shady guy at the street corner for a forbidden secret preview of the next big thing do you really think I will survive with the same number (and size) orifices as I started with?

    Once you leave the beaten track, you cannot be sure what lurks in the shadows.
  • CNN is carrying this article and so is msnbc, however no one mentioned the viruses name. I swear this is old, it sounds like the OSX/Leap-A incident that occurred back in early February. It wasn't even a virus is was a trojan horse. Apple will patch for this like they did the others and life will go one. At least Apple patchs for these unlike Microsoft that just recommends installing its "beta" program to "fix" the problem or some other 3rd-party software that may or may not cost even more money.
    • Mod Parent up.

      This incident happened in Feburary, when the guy got tricked into downloading something by thinking it was "Leopard" screenshots, and wound up with the trojan. All the trojan did was ask for a password to run some script in Terminal. Then a couple of other people downloaded it to work on it and rip it apart. This was on Apple Insider forums I think.

      Basically, it's a 10-week-old non-story that's confused in its technical details
  • If your new powerbook is running BootCamp and your currently using XP then you need to lower your expectations, its a Mac, its running a flawed OS, so unless your careful you are going to end up with a virus, just like the other X Million windows users, regardless of hardware.

    If your running OS X then I'd say your risk is just that bit lower, its a less flawed OS. My last check showed 4 viruses aimed at OS X; (Symantec) OSX.Leap.A; OSX.Inqtana.A; OSX.Inqtana.B; MacOS.MW2004.Trojan; Which is a few orders of
  • mixed article (Score:5, Insightful)

    by gmccloskey (111803) on Monday May 01, 2006 @05:44AM (#15235691)
    No-one can deny that with growing popularity of OS X that it becomes an increasingly attractive target. Malware writing works on similar economics to regular software: this implies that malware will exist but be a niche deployment. So it is a concern, but not the end of the world, or of Apple, as the world likes to regularly predict.

    The article was mixed in accuracy. Many Mac users believe themselves to be invulnerable - the truth is they are currently /less/ vulnerable than the mainstream desktop OS. The thesis that using an intel processor increases security risks is not true - OSen don't allow direct hardware access as such, and how many script kiddies write x86 microcode?. Running Windows on a IntelMac may potentially increase security probems, and reduce the Macintosh (not OS X) brand reputation for security. It depends on how the 'wall' between x86 file access and OSX file access is implemented.

    Nothing in IT or anywhere else is 100%. Currently OS X is more secure in many areas than its competitors. To maintain or improve on this, constant vigilence and innovation are required by Apple, ISVs and most importantly users.
  • cha-ching (Score:4, Insightful)

    by St. Arbirix (218306) <matthew.townsend@gm a i l .com> on Monday May 01, 2006 @05:44AM (#15235692) Homepage Journal
    I wonder what percentage of some anti-virus software company's profits are a direct result of this article.

    I'm in denial about invisible pink unicorns too. Put up or shut-up.
  • by ikekrull (59661) on Monday May 01, 2006 @05:54AM (#15235716) Homepage
    The Year of the Linux Desktop

    or

    The Year of The OS X Viruses

    Inquiring minds want to know.

    • The Year of the Linux Desktop
      or
      The Year of The OS X Viruses


      For me and millions of other Windows users who're on the edge of their patience, it's:

      The Year Vista Didn't Come Out *Again*
  • Even an Associated Press article, it makes you wonder what gains Microsoft would possibly have for putting it on the front door of MSNBC.

    I mean with Vista being such a slam-dunk, why would they need to engage in FUD?

    Granted - Apple has warnings of running windows on their boot-camp page and what fun awaits the end user so the reported denial is obviously massive from Cuppertino and that would create a massive pile of denial from the Apple-user community no doubt.

    God bless the press for keeping everyone info
  • warning us the sky is falling.

    I know as well as anybody the Mac OS was never immune from viruses, that's impossible.

    But how many times do I have to read articles where the alarmists are warning us that the big one is finally coming and we're all going to die horrible deaths.

    Yeah, I expect a virus or three may come one day. But Windows and it's users has survived thousands without the apocolypse on a world-wide. Hell, many of my friends run windows without anti-virus and mostly don't have infections (can't
  • Countdown ... (Score:2, Insightful)

    by Aceticon (140883)
    ... until somebody starts a flamewar by saying that Macs are not immune to viruses after all and they've only managed to stay relativelly safe because there are so few of them, to which a horde of Mac religious fanatics angrily reply that Windows is much worse at which point the flames start flying back and forth all the while drowning the only 2 posts that make sense, one saying that the only mainstream OS purposelly made with security in mind was OpenBSD and the other that says that stupid users running w
    • Hey, fuck you man. Periods are way superior to commas. I don't want to get into a punctuation flamewar... but you and your damn run-on sentences started it! Periods are the one true way to separate thoughts in writing. But the truth had to be said. And now a bunch of you religious fanatics are going to jump all over me. You'll argue non-stop about how commas are fancier and newer and and how periods are hard to draw and if you're in a hurry they just end up looking like commas anyways. But you all can go t
  • Perhaps a new line of malware will come along as the new macs grow in popularity, but it will be much different than the PC line of viruses. Mac OS X just doesn't have room and the customization to leave the gap for viruses. What I mean is that the software is written completely different. Safari is debatebly a very decent browser, but it's not customizable like IE is in Windows. There is no activeX, registry, plugins, etc. It runs alone, which greatly affects the difficulty of writing malicious software to
  • Experts eh? (Score:5, Interesting)

    by Keen Anthony (762006) on Monday May 01, 2006 @06:32AM (#15235799)
    Apple's iconic status, growing market share and adoption of same microprocessors used in machines running Windows are making Macs a bigger target, some experts warn.
    Sadly those "experts" could not be reached for explanation because they were out buying antivirus software for Linux and FreeBSD - cause, you know, they're both iconic, have a growing market share, and run on the same microprocessors as Windows.
    "They didn't know how to deal with security, and I think Apple is in the same situation now," said Ferris, himself a Mac user.
    Sure, being a minority OS does mean fewer virus writers targeting the Mac, but Mac OS X has been cool for a few years now, and I'm still waiting for those dangerous viruses. I'd say Apple knows a little something about dealing with security - certainly enough not to pawn off the responsibility to the antivirus aftermarket.
    The Mac's vulnerability could also increase as Apple transitions to a product line that uses microprocessors made by Intel Corp., security experts said. With new Macs running the same processor that powers Windows-based machines, far more people will know how to exploit weaknesses in Apple machines than in the past, when they ran on the PowerPC chips made by IBM Corp. and Motorola Corp. spinoff Freescale Semiconductor Inc.
    Who are these security experts, and do they work weddings and bar-mitzvahs too? Since when did familiarity with a microprocessor lead to intimacy with an operating system. There's so much I still don't know about BeOS and I've written assembly on PowerPC and x86. The vulnerabilities described in the article may be found here. [secunia.com] For the most part, it looks like flaws in the way Safari and Preview handle GIFs, TIFFs, BMPs, and bad ZIPs can cause an application crash, and *possibly* allow code execution (even via certain malformed HTML tags). I've had corrupt graphics files and zip archives crash Preview and Safari in the past, but never any virus-like behavior. Still, it's a good thing to note, but the reporting could have been much better.
  • Macs No Longer Thought To Be Immune to Viruses
  • An anecdotal tale of an unconfirmed in-the-wild exploit on a site run by a corporate rival? MAN THE LIFEBOATS! Mac OS X is no longer secure! No better than Windows with Microsoft's few... ahh... few thousand virii and exploits in the wild, no sir! Panic! Mass mayhem! Purchasing of Dells!

    Pfft.

    The Tech Punditocracy has been banging the drum on Mac OS X's insecurity pretty heavy these past few months. I'm beginning to believe it's just a scam to sell AV software to gullible IT managers, and to protect windows
  • If they are running XP on them now, but this is irrelevant of the hardware platform. The x86 issue has nothing to do with vulnerabilities other than portability or binary compatibility of the virus/worm itself. The biggest problem with virus/worms/phishing is plain old fashioned ignorance, and that is the most portable vulnerability that can be found on every hardware/software platform.
  • This article was on CNN last night as well, under the headline "Viruses catch up to the Mac."

    Uh, yeah. Sure. Two guys get hit by something, the articles are not even clear about exactly what, and it's, "Oh noes! The sky is falling!"

    Yeah, viruses are really catching up to the Mac. One down (maybe), a few tens of thousands more to go to catch up to the quantity available for Windows. Look at all the crap you need to do properly secure an XP box. [comcast.net] Even if this alleged Mac virus is the real thing, you can stay s
  • In the interests of full transparency the news article should state if the author, news organization, or parent of the news organization (if it has one) owns ANY stock in Symantec who makes (as far as I know) the only Mac Anti-virus product.
  • by bananaendian (928499) on Monday May 01, 2006 @07:05AM (#15235880) Homepage Journal
    What? So Macs were immune against viruses?

    Seriously, it's way too easy to have a go at this MSNBC BS. What is more worthy to note is the frequency and desperation with which these articles keep appearing, claiming sleeping beauty mac-users are in imminent danger if they continue to refuse to take part in the virus paranoia of the Windows world.

    I have been using W2K with no anti-virus software for years with no side effects. Sadly and with amusement do I follow the antics of my fellow XP users with their shiny anti-virus crapware popping up redundant warnings and notifications and slowing the machine to a crawl. And to top the irony they have to turn off anti-virus whenever they install anything or run certain software. And when you go to your workplace or school the machines there have been made almost entirely useless by over zealous protection software.

    Having a go at Macs for security is either stupidity or plain propaganda. Security doesn't come from anti-virus programs. It comes from the underlying architecture of the OS and the third-party software having to comply with the security principles of the underlying architecture. Anti-virus software only protects the computer against clueless users and thus it can be claimed that any computer/OS architecture requires some.

    And as for the age old user base threshold argument I'm still waiting. OSX has been for some time the most common UNIX based OS. It is remarkable how little vulnerabilities have been found considering the amount of software and services running on OSX by default. Thus, comparatively, statements involving OSX and poor security continue to be plain ludicrous.

    As for me I'll merrily continue running my apparently 'immune' W2K box (behind two tailor made firewalls) and wave my greetings and encouragement to my fellow mac users.

  • by Mathiasdm (803983) on Monday May 01, 2006 @07:08AM (#15235887) Homepage
    I'll believe that when I see water running uphill!
  • well duh! (Score:3, Interesting)

    by john_uy (187459) on Monday May 01, 2006 @07:27AM (#15235921)
    no system is 100% virus free. there may be systems that have probability that is very low.

    people supporting alternative systems such as linux and unix (including mac os), etc. should avoid claiming they are not able to be infected with virus and worms. such false advertising may cause people to abandon the adoption at the end because they will just think "hey, why spend all the fuss when you get the same problems.)

    ignorance is the problem. education is the solution. it may be easier to avoid getting worms and viruses in linux than windows but educating a user might be able to avoid the same with windows as well.
    • people supporting alternative systems such as linux and unix (including mac os), etc. should avoid claiming they are not able to be infected with virus and worms. such false advertising may cause people to abandon the adoption at the end because they will just think "hey, why spend all the fuss when you get the same problems.) ignorance is the problem. education is the solution.

      I agree with you, but I think most of the ignorance is in the other direction. Talking to the average Windows user, most assume

  • well oh well (Score:3, Interesting)

    by zpok (604055) on Monday May 01, 2006 @07:58AM (#15236002) Homepage
    I've been running sophos anti virus software on my mac since, well, since they became available. Thing is, apart from updating itself once in a while I haven't had ONE virus showing up. Every now and then I even scan my system. Just for kicks (I'm easily excited).

    Apart from all the other "usual crap", I wonder how this type of articles make it to mainstream news outlets. Even Steve Jobs' brand of underwear would be more newsworthy than this kind of FUD.

    There is - like in most of this type of journalism - no real defense against it. Whatever argument you use against "two guys encountering something weird" in "serious news outlets", you must be a mac zealot in denial. Right?

  • by S3D (745318) on Monday May 01, 2006 @08:11AM (#15236046)
    Antivirus vendors are looking for new markets to expand. Especially with looming Microsoft extrance into anti-virus market.
  • Maybe you mean increasing install base? Apple worldwide marketshare hasn't been over 3% for many years.
    • This article [slashdot.org] claims 16% according to the SPA. Personally I'd estimate it is somewhat lower, maybe 7%. Sales figures alone place it at about 4% for the year, but the average in use lifespan of a mac tends to be 1-2 years longer than that of the average PC (although close to that of other high-end machines). Also sales of macs were up 32% year over year from 2004 to 2005. The industry as a whole went up 18%. That means 14% of roughly 4% of all computers old would put Apple ahead by a little more than half a

  • We never were Immune (Score:3, Informative)

    by nurb432 (527695) on Monday May 01, 2006 @08:24AM (#15236082) Homepage Journal
    Apple users were Just (much) safer then windows. And less of a target. But in no way were we ever immune.
  • by cei (107343) on Monday May 01, 2006 @09:09AM (#15236258) Homepage Journal
    This is the same "virus" that we talked about in February. link 1 [slashdot.org], link 2 [slashdot.org]. The CNN (AP, really) article mentions Benjamin Daines as finding it. MacRumors forum post [macrumors.com] from Benjamin Daines dated Feb 13 whining about how he was duped by someone posting a link to said trojan. We've gone over this before. This is nothing new. Must be a slow news day at AP...
  • by Greyfox (87712) on Monday May 01, 2006 @09:59AM (#15236559) Homepage Journal
    The difference between OSX and Windows is that on OSX you have to download the "virus", run it and supply it with your root password. In Windows, you pretty much have to connect an unpatched install to the Internet without a firewall and wait 20 minutes.

    Still, I WOULD like to see Apple try to do more to keep OSX secure. The system should only allow its system directories to be modified in single user mode -- I'm pretty sure BSD has a flag for that. I'd also like to see downloaded applications run as some other user that isn't allowed administrative access to the system at all, password or no. They'd probably have to make some changes so that the user could be restricted from changing its user ID to minimize the damage of people providing their passwords blindly when the dialog comes up. Allow the user to take explicit action if they want the application to be able to run as the regular user.

    It still wouldn't be a perfect defense, but nothing can help you if the user's going to bend over backwards to give an application access to the system. Operating system companies really should err on the side of paranoia whenever possible.

  • User-base fallacy (Score:3, Insightful)

    by Dr. Brad (19034) on Monday May 01, 2006 @11:10AM (#15237106)
    If the installed base size is the critical factor for exploit success, then why are there more successful exploits for Microsoft IIS than there are for Apache?

    Take care,
    brad

"Irrationality is the square root of all evil" -- Douglas Hofstadter

Working...