|
|
Part 1: Macs And Viruses. Fact vs. FUD.
2006 seems to be the year of Mac FUD. Fear, Uncertainty, and Doubt. Why?
News headlines proclaim viruses on Mac OS X, new vulnerabilities, and potential exploits. Is there truth to the news? Are viruses a problem on the Mac?
Mac360 reader and former Windows user Michael Kenney of New York sheds some light on a dark problem in a two part series:
Macs And Viruses: Fact vs. FUD
Apple Computer’s Intel-based Macs have been the darlings of the news media recently. Apple announced last year they would switch their entire line of mobile and desktop computers to Intel processors by the end of 2006.
Earlier this year, Apple began shipping iMacs and MacBook Pros (formerly called “PowerBooks”) with Intel Core Duo processors, a full six months ahead of expectations. In early April, Apple once again did the unexpected and released Boot Camp beta, a program that allows Windows XP to be installed on an Intel-based Mac, on a separate partition, for the purposes of dual-booting.
This meant for those who wanted a Mac, but still needed Windows for some Windows-specific hardware or games, you could now buy a single computer to take care of everything. Mac OS X, Windows, and Linux.
Before long, technology writers, pundits and ‘experts’ expressed worries over Apple’s move to Intel, theorizing that it would make the Mac more vulnerable to malware attacks. Some speculated that Macs were no longer unique enough to keep them safe. Many even believed that since the Mac could potentially sell in greater numbers, it would become a bigger target for viruses writers and malicious code attacks.
Some have recently stated that the Mac is already in trouble, and it is just a matter of time before it is in the same quagmire as Windows.
Unfortunately, this speculation is being touted as fact by some in the media, and the truth is getting lost in the last paragraph, or not mentioned at all. How does one separate fact from fiction? How can you tell what articles are merely designed to create F.U.D. (Fear Uncertainty and Doubt)?
With so many articles about Macs these days, it’s getting harder to know what to believe, and what to dismiss. So here are some common “New Myths” about the Mac and the truth about the platform.
Myth #1
Macs are just as vulnerable to Viruses, Worms, and Trojans as Windows computers.
Fact
Macs are not as vulnerable as Windows computers, BUT Macs are not invulnerable either. The difference here is simple. Windows has roughly 114,000 known viruses. Mac OS X has 0 confirmed viruses since it came out 5 years ago. There are 2 confirmed trojans that did not spread and did very little damage, and three known ‘proof-of-concepts’ from three years ago. Why is this?
Simply put, it is much more difficult to design malware to effect the Mac OS. The Mac OS is based on Free BSD, a kind of Unix OS that has been around for many years and stood the test of time quite well. Mac OS X is designed with security from the ground up, so if there ever is a successful attack, it’s affect would be limited to lost user data.
The OS would remain intact. Root access is required to modify the system files, and by default the user does not have that kind of access. The user must type in their admin password to install some programs, and this would be a big tip off if you were just clicking on a picture or a music file.
The two known examples of Trojans, (Leap-A and Oompa-Loompa), required the user to accept and download a compressed zip file, open it, and double click on the file inside, then type their password in order for their Macs to be compromised. This is not a ‘well written’ trojan, but a simple matter of Social Engineering, fooling the end user with a promise of something for free.
The writer depends on tricking them into downloading, opening and installing the malicious payload themselves. As always, be suspicious of anything you get in email or via Instant Messaging that promises you something “free” or “cool”. This goes for Windows users as well as Mac users. If it sounds too good to be true, it is.
Does this mean the Mac can’t get a virus? No, someday some malicious code writer will figure out a way to create a virus that will affect the Mac successfully. In five years, this hasn’t happened yet. And even if ONE virus successfully affects the Mac platform, it will be a tiny fraction compared to all the viruses that Windows users must be on the lookout for.
Myth #2
Macs using Intel Processors are more vulnerable now because they use the same processors found in generic PCs.
Fact
It is not the processor that makes any platform more or less vulnerable, but the solidness of the Operating System that is the primary factor. Windows was not designed originally to be connected to other computers, or the Internet, so it was not designed to protect itself from the kinds of issues affecting it today.
Over the years, Microsoft has integrated many of it’s technologies, such as Windows Media Player and Internet Explorer, into it’s OS. Maintaining backwards compatibility has also meant that Windows has become overburdened with code. Old mistakes keep cropping up to affect the current incarnations of Windows.
Mac OS X was completely rewritten from the ground up, and is based on a solid OS foundation that protects the core system, even from the mistakes of the user. The PowerPC chip did not keep Mac safe. As many long time Mac users know, viruses were written for the Pre-OS X era Macs, such as SevenDust and autostart Worms.
When Mac OS X came out, the same PowerPC Processors were still used, but those viruses, worms and trojans could not affect OS X. Obviously, the processor a computer uses can only be considered a minor factor at best.
To be clear, Intel processors are known to have been vulnerable to exploits called Buffer Overflows, but usually as a result of poorly written application code. Intel has been doing a lot to correct this, so future versions of processors should not see this type of vulnerability.
As of this writing, there are no documented exploits on the Mac that take advantage of this type of vulnerabilty, and it is unknown if this vulnerabilty exists in the current Core Duo line.
Myth #3
Mac vulnerabilities have increased 228% since 2003, but Windows vulnerabilities have increased a much smaller amount. That means the Mac is MORE vulnerable than Windows!
Fact
Numbers can be used to portray anything and generally these statistics are twisted to suit the needs of the writer. For example, the Mac OS X platform has had three proof-of-concepts, and two unsuccessful trojans since it first came out 5 years ago. Other than these known, documented pieces of malware, there have been NO OTHER documented attacks on the Mac platform.
There will be more, but this is still a tiny fraction of what affects Windows machines. Remember, there are over 114,000 known viruses for the Windows Platform. That’s just Viruses! Add in all the known worms, trojans, spyware and adware afflicting Windows users, and we’re talking problems the size of Jupiter compared to a comet.
If the Mac platform sees 50 new malware problems surface in the next year, that could be written as a 1000% increase, but in reality there would be only 55 total problems affecting the Mac platform. Let’s say Windows viruses increase 15% in the next year, that doesn’t seem like much, right? But 15% of 114,000 equals 17,100 new viruses appeared, making the total number 131,100.
That’s Part 1. Tomorrow, we’ll extend the Myth list and provide more facts.
By the way, Mac360 gives daily Mac updates on Twitter. If you Twitter, give Mac360 a tweet. One more thing. Only the best Mac software gets reviewed on Ron's NoodleMac site. Check it out.
Off Topic Note: Guess what? Kate Mac is back after dumping Windows. Are you ready for a new web site that’s all about Apple? AppleHits covers the Mac, iPhone, iPod, and everything else that’s a hit at Apple.
We’ve updated the NoodleMac site to include more Mac software and daily updates. Click here for McSolo, daily notes by Ron.
Category: News and Commentary | 4 Reader comment(s) | Email This | Shop Now
Follow Mac360 on Twitter
| Page 1 of 1 Page(s) for this article. |
Talk Back to the folks at Mac360
Mac360 readers talk back. View their comments below or post your own comment to this article. Comments are moderated by the Mac360 staff.
Or, post comments in the Mac360 Forums. It's mostly anonymous, there's no obligation, and no cost, so join in-- it's free, fun, low in calories, low in carbs, non-fat, and mildly addictive-- like chocolate and blondes.
“Trust me, Apple is growing and so are the bad guys who right code or should I say are learning to code viruses for the Mac.”
The problem with that argument is that it goes against historical evidence. OS 9 had close to 100 viruses when Apple’s market share was 3%. Now Apple has 8%+ market share but no viruses for OS X.
Likewise Atari, Amiga and BeOS are examples of OSes which had numerous viruses despite their market share being a fraction of a percent.
“Nothing is bullet proof”
Absolutely. However the biggest hole in the system is the one between the user’s ears. No amount of antivirus software will stop people doing something stupid like deliberately installing a trojan despite warnings and prompts.
“It’s only a matter of time”
I’m sure we’ll see more Mac malware in time but I doubt we’ll see anything like the malware Windows has suffered. How long are you prepared to wait? It has been 9 years now since the first release of OS X.
I’ve been running Linux for 15 years and never had a Linux virus on any of my machines. If you are sensible about the software you install and websites you visit then there should be no need for an anti-virus program.
You may think that the average Mac user’s sense of security is “false” but I think it’s justified.
The Apple OS will not be free from the threats that windows faces forever. Trust me, Apple is growing and so are the bad guys who right code or should I say are learning to code viruses for the Mac.
It’s only a matter of time. Nothing is bullet proof/ Nothing.
So yes I keep Intego around so when that first real nasty virus does come our way, my 2 grand of purchased Itunes stuff will be safe I hope. Even If I where to get wiped out, I have four hard drives in my Quad Pro. The second drive is time machine, the third drive is my os clone and the fourth drive is a third back up plan.
Never say never.
I also use it to catch windows viruses so I don’t pass on a viruses to one of my p.c. friends and yes Intego has caught two windows viruses so far that I caught somehow from the web, I believe they where e-mail viruses. Virus righters use Macs as hosts knowing that 99% of Mac users don’t have a virus program. That way they know the windows viruses will sit on your Mac and when you send out e-mails you pass them on to your p.c. friends. “FACT”
Well jared, two and a half years since your comment and still no Mac viruses. Do you still think you need Intego?
I use Intego virus barrier and Intego net barrier x5 running the back ground on my Mac. I believe it is only a matter of time before Mac’s will start to see a random attack of malware start to come out. Nothing stays safe forever and someone is bound to figure out how to get through the cracks of the OS X platform. Even if they can’t find any cracks in OS X foundation then they will most likely find themselves making those cracks for themselves to get in.
I would not be surprised if someone or allot of programers/hackers(criminals) are working on it right now.
I am still new to Mac, only joining and leaving windows back in December of 06. I don’t want this to sound like sarcasm to much but I am going to tell it how I saw it. The I went into an Apple store for the very first time to buy my Mac, I was not impressed with the employee’s at all. They all had that buffer attitude about them and that turned me off. As I picked out what Mac machine I wanted I then headed to the software isle and started looking. And what was the first thing I was looking for? An anti virus program and I found it but was told very fast by an Apple store employee that I did not need it. He kind of had a smirk on his face like he wanted to laugh. I guess it showed real strong that this was my first mac.
My point is this, it has been a year and half now (give or take a few months) and I have met more Mac users that all have that false sense of security that their Mac’s are never gonna get whacked.
Time people, Time! And if I where you I would have Intego virus barrier sitting in your background so when the time comes and it will, maybe your computer will have a chance to beat the heat.
I you do decide to buy/install/and run Intego software and have time machine turned on, then MAKE SURE YOU TURN OFF VIRUS BARRIER’S background scanner as it will interfere with time machine thus rendering it useless. Every time to try to get into time machine, time machine will lock up on you. Simply turning off the background scanner will solve this. Intego is working on the problem as I type.
The end (what a great story)
| Page 1 of 1 Page(s) for Comments on this article. |
∧ Back To Top
- Tell Me What Is So Bad About Buying A Mac Clone? by Jeffrey Mincey, 291 views
- 3G or No 3G? by Jared B., 252 views
- How Many Utilities Do Mac Users Really Need? by Alexis Kayhill, 1450 views
| Copyright © 2004 - 2009 Ron McElfresh, Honolulu, Hawaii USA. All Rights Reserved.
Mac360 is published and edited by Ron McElfresh, Honolulu, HI. Powered by ExpressionEngine at Pair Networks. This page was rendered in 0.1772 seconds. |
