Part 1: Macs And Viruses. Fact vs. FUD.

2006 seems to be the year of Mac FUD. Fear, Uncertainty, and Doubt. Why?

News headlines proclaim viruses on Mac OS X, new vulnerabilities, and potential exploits. Is there truth to the news? Are viruses a problem on the Mac?

Mac360 reader and former Windows user Michael Kenney of New York sheds some light on a dark problem in a two part series:

Macs And Viruses: Fact vs. FUD

Apple Computer’s Intel-based Macs have been the darlings of the news media recently. Apple announced last year they would switch their entire line of mobile and desktop computers to Intel processors by the end of 2006.

Earlier this year, Apple began shipping iMacs and MacBook Pros (formerly called “PowerBooks”) with Intel Core Duo processors, a full six months ahead of expectations. In early April, Apple once again did the unexpected and released Boot Camp beta, a program that allows Windows XP to be installed on an Intel-based Mac, on a separate partition, for the purposes of dual-booting.

This meant for those who wanted a Mac, but still needed Windows for some Windows-specific hardware or games, you could now buy a single computer to take care of everything. Mac OS X, Windows, and Linux.

Before long, technology writers, pundits and ‘experts’ expressed worries over Apple’s move to Intel, theorizing that it would make the Mac more vulnerable to malware attacks. Some speculated that Macs were no longer unique enough to keep them safe. Many even believed that since the Mac could potentially sell in greater numbers, it would become a bigger target for viruses writers and malicious code attacks.

Some have recently stated that the Mac is already in trouble, and it is just a matter of time before it is in the same quagmire as Windows.

Unfortunately, this speculation is being touted as fact by some in the media, and the truth is getting lost in the last paragraph, or not mentioned at all. How does one separate fact from fiction? How can you tell what articles are merely designed to create F.U.D. (Fear Uncertainty and Doubt)?

With so many articles about Macs these days, it’s getting harder to know what to believe, and what to dismiss. So here are some common “New Myths” about the Mac and the truth about the platform.

Myth #1
Macs are just as vulnerable to Viruses, Worms, and Trojans as Windows computers.

Fact
Macs are not as vulnerable as Windows computers, BUT Macs are not invulnerable either. The difference here is simple. Windows has roughly 114,000 known viruses. Mac OS X has 0 confirmed viruses since it came out 5 years ago. There are 2 confirmed trojans that did not spread and did very little damage, and three known ‘proof-of-concepts’ from three years ago. Why is this?

Simply put, it is much more difficult to design malware to effect the Mac OS. The Mac OS is based on Free BSD, a kind of Unix OS that has been around for many years and stood the test of time quite well. Mac OS X is designed with security from the ground up, so if there ever is a successful attack, it’s affect would be limited to lost user data.

The OS would remain intact. Root access is required to modify the system files, and by default the user does not have that kind of access. The user must type in their admin password to install some programs, and this would be a big tip off if you were just clicking on a picture or a music file.

The two known examples of Trojans, (Leap-A and Oompa-Loompa), required the user to accept and download a compressed zip file, open it, and double click on the file inside, then type their password in order for their Macs to be compromised. This is not a ‘well written’ trojan, but a simple matter of Social Engineering, fooling the end user with a promise of something for free.

The writer depends on tricking them into downloading, opening and installing the malicious payload themselves. As always, be suspicious of anything you get in email or via Instant Messaging that promises you something “free” or “cool”. This goes for Windows users as well as Mac users. If it sounds too good to be true, it is.

Does this mean the Mac can’t get a virus? No, someday some malicious code writer will figure out a way to create a virus that will affect the Mac successfully. In five years, this hasn’t happened yet. And even if ONE virus successfully affects the Mac platform, it will be a tiny fraction compared to all the viruses that Windows users must be on the lookout for.

Myth #2
Macs using Intel Processors are more vulnerable now because they use the same processors found in generic PCs.

Fact
It is not the processor that makes any platform more or less vulnerable, but the solidness of the Operating System that is the primary factor. Windows was not designed originally to be connected to other computers, or the Internet, so it was not designed to protect itself from the kinds of issues affecting it today.

Over the years, Microsoft has integrated many of it’s technologies, such as Windows Media Player and Internet Explorer, into it’s OS. Maintaining backwards compatibility has also meant that Windows has become overburdened with code. Old mistakes keep cropping up to affect the current incarnations of Windows.

Mac OS X was completely rewritten from the ground up, and is based on a solid OS foundation that protects the core system, even from the mistakes of the user. The PowerPC chip did not keep Mac safe. As many long time Mac users know, viruses were written for the Pre-OS X era Macs, such as SevenDust and autostart Worms.

When Mac OS X came out, the same PowerPC Processors were still used, but those viruses, worms and trojans could not affect OS X. Obviously, the processor a computer uses can only be considered a minor factor at best.

To be clear, Intel processors are known to have been vulnerable to exploits called Buffer Overflows, but usually as a result of poorly written application code. Intel has been doing a lot to correct this, so future versions of processors should not see this type of vulnerability.

As of this writing, there are no documented exploits on the Mac that take advantage of this type of vulnerabilty, and it is unknown if this vulnerabilty exists in the current Core Duo line.

Myth #3
Mac vulnerabilities have increased 228% since 2003, but Windows vulnerabilities have increased a much smaller amount. That means the Mac is MORE vulnerable than Windows!

Fact
Numbers can be used to portray anything and generally these statistics are twisted to suit the needs of the writer. For example, the Mac OS X platform has had three proof-of-concepts, and two unsuccessful trojans since it first came out 5 years ago. Other than these known, documented pieces of malware, there have been NO OTHER documented attacks on the Mac platform.

There will be more, but this is still a tiny fraction of what affects Windows machines. Remember, there are over 114,000 known viruses for the Windows Platform. That’s just Viruses! Add in all the known worms, trojans, spyware and adware afflicting Windows users, and we’re talking problems the size of Jupiter compared to a comet.

If the Mac platform sees 50 new malware problems surface in the next year, that could be written as a 1000% increase, but in reality there would be only 55 total problems affecting the Mac platform. Let’s say Windows viruses increase 15% in the next year, that doesn’t seem like much, right? But 15% of 114,000 equals 17,100 new viruses appeared, making the total number 131,100.

That’s Part 1. Tomorrow, we’ll extend the Myth list and provide more facts.