PDA

View Full Version : Is your Mac really more secure?


MacBytes
Nov 7, 2005, 08:57 AM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Opinion/Interviews
Link: Is your Mac really more secure? (http://www.macbytes.com/link.php?sid=20051107095710)

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

grapes911
Nov 7, 2005, 09:02 AM
Is your Mac really more secure?Yes. Yes, it is. Thanks for asking. Do come again.



I hate articles like this. Basically, the author is saying "The Mac will fall to a virus. It's only a matter of time." Hasn't come yet, and probably won't come for a long time (if ever). I'll believe it when I see it. Until then, can all the pessimists and doom sayers leave the building?

ibook30
Nov 7, 2005, 09:27 AM
Yes. Yes, it is. Thanks for asking. Do come again.



I hate articles like this. Basically, the author is saying "The Mac will fall to a virus. It's only a matter of time." Hasn't come yet, and probably won't come for a long time (if ever). I'll believe it when I see it. Until then, can all the pessimists and doom sayers leave the building?

I agree! Haven't seen it yet!

But- sure it could happen and I still back up all my data, just in case a malware or a hardware crash hits me. But- even if malware was built for OSX - even if several were built, it woud represent a drop in the bucket compared to the multitude of virus' for Windoze. So as a group- Mac users would certainly have a problem, but be able to respond to one or two threats quicker than a platform with hundreds of current threats. So I hope.

The tone of the article is irritating. Like the writer is saying "... you lousey mac people, I am soooo sick of hearing how you don't get malware. Someday the world will take you down a notch !!! Someday..." (fist shaking at the sky follows....)

Seasought
Nov 7, 2005, 09:30 AM
It's upsetting to know that he was paid for his time to write this. The article has no value at all whatsoever imo. :mad:

mkubal
Nov 7, 2005, 09:31 AM
To be completely fair, there have been a few minor OS X-related viruses


Where? Please don't tell me we're referring to the "proof of concepts" where you delete your HD by running a program that deletes your HD.
:eek: :rolleyes:

This guys basic point: Sure, Windows has lots of viruses, but the Mac will eventually maybe probably have some too so there :p .

<Dane Cook> Meet me outside, I'll be the guy stabbing jaws. </Dane Cook>

grapes911
Nov 7, 2005, 09:37 AM
<Dane Cook> Meet me outside, I'll be the guy stabbing jaws. </Dane Cook>
Off topic. I'll be seeing Dane Cook live on Wednesday!!!!

SPUY767
Nov 7, 2005, 09:42 AM
This article is nothing but speculative rhetoric. The same trash that we've seen grace the pages of such fine publications as News.com, and eWeek. I don't know why it's so difficult for someone to admin that the Mac is just inherently more secure from an architecture standpoint. Hell All I have to tell this ******* is, Win User = Root. . . Mac user = Not Root. . . Any Questions? Get a real job mister tech writer.

I decided to be nice today, so I am going to say something in his defense. At least he admits in this article, unlike any other that I've read, that virus writers are pining for a Mac virus as a badge of honor. Other tech writers have skirted around this fact so as not to detract from their BS security through obscurity argument.

AlmostThere
Nov 7, 2005, 09:44 AM
Until then, can all the pessimists and doom sayers leave the building?

Probably what Steve Ballmer said to the Windows development team :)

The rest, as they say, is history.

angelwatt
Nov 7, 2005, 10:54 AM
The article was a waste of bandwidth. Nothing intelligent was said and nothing others haven't said before.

greatdevourer
Nov 7, 2005, 10:57 AM
I've got a good joke (http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=173) for you :D

Sharewaredemon
Nov 7, 2005, 10:59 AM
<Dane Cook> Meet me outside, I'll be the guy stabbing jaws. </Dane Cook>


Sour Apple is the best flavour...

:D

Mord
Nov 7, 2005, 11:02 AM
Now you see entorage cant execute code that can effect the OS, the worst it can do is send itself on to others, which i'm still not sure about, the mac simply is much much much secure, and as he said hackers want to make "the first" but none have, their is nothing nada ziltch, anyone can make malware, all it takes it writeing a simple script and tricking someone into executing.

the guy is retarded.

Bad Beaver
Nov 7, 2005, 11:03 AM
One day, a giant meteor will take us all out. That really might be any day now, so Mr. Techwriter better catch up & develop some competence beforehand.

OTOH, all the Macfaithful will be beamed to safety by Steve's mothership, so why bother.

redAPPLE
Nov 7, 2005, 11:15 AM
I've got a good joke (http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=173) for you :D

thanks for the read.

winmacguy
Nov 7, 2005, 11:21 AM
Proof of concept..........?
Nah didn't think so........
Mmmm kay......
Moving on then.:rolleyes:

winmacguy
Nov 7, 2005, 12:02 PM
Send the guy an email here:D
gem@cigital.com.

sabbath999
Nov 7, 2005, 12:06 PM
It will appear there if I can ever get their kludgy software to finish posting it:

The reply:



I would like to answer a resounding DUH! to the article "Is Your Mac Really More Secure?" by Gary McGraw, by drawing on a few points that he made.

Gary wrote: "Apple Macintosh users are quick to point out the dearth of malware, viruses, and security problems in the OS X world. Compared to the Windows/Intel Win32 platform, Mac OS X looks like an attractive alternative, at least when malware is the deciding factor. Win32 machines have suffered from any number of spectacularly successful malcode attacks over the years, and the problem shows no signs of abating."

I reply: That's because Mac users are at least able to understand the obvious. There are a gazillion malware/virus attackers out there reaping total havoc on the Win32 world, requiring a bunch of third party tools to fix holes that should have been plugged by the OS vendor from the start.

Gary wrote: "To be completely fair, there have been a few minor OS X-related viruses, and Apple regularly releases security patches. But Win32 is in much worse shape, and Mac users gloat about this all the time."

I reply: Name ONE. That's right, name me ONE OS X virus in the wild. He is right, there are very few... because ZERO is actually very few. Yes, there have been a couple of proof of concept's shown, but POC's do not spread themselves... I dare you to name me just ONE Mac OS X virus.

Gary wrote: "What follows is a simple and perhaps ironic prediction of how prideful Mac users will be taken down a notch."

I reply: Here's the title of this article... "Is Your Mac Really More Secure." The thesis of the article, however, apparently is "If all this bad stuff that I can dream up actually happens some day down the road, Macs will be less secure than they are now." This is both bad writing and editing.

Gary wrote: "The answer is that Macs represent a challenge. Hackers set out to solve puzzles, take things apart, understand how things work, and on occasion cause trouble. Building an attack that works on Macs will be a badge of honor proudly worn, and work is already under way to see who gets the prize."

I reply: So... following this logic... someday, somewhere down the road, a hacker is going to come up with something that causes problems for a Mac. Ok, I buy that. Now let's compare that to the state of the Win32 world. I don't need to even begin to tell you what a total security disaster that is from front to finish.

So someday, somebody is going to put out an exploit that hurts the Mac. I go back to the title, "Is Your Mac Really More Secure?"

I will grant that this hypothetical exploit will likely happen sometime down the road. Heck, there may even be two or three.

Let's pull a number out of our hoo-hoo's and pretend that there will be two of them in 2006. I don't honestly believe there will be, but let's pretend anyway.

Anybody want to compare those hypothetical 2 exploits in the wild to the security holocaust that exists in the Win32 world? Anybody?

Gary wrote: "The irony is that the very pervasiveness of Win32 and its ease of compromise present a clear and present danger to Mac users."

I reply: That's just stupid. I have 4 computers on my network, all of which are Macs. So my Macs are venerable to PC security issues? Ummm. NO.

Gary wrote: Macs run PC software.

I reply: Is he on drugs?

Gary wrote: "Almost all run Microsoft Office, and they include the ubiquitous Web server and Outlook-like Entourage client.

I reply: Almost all of them do? I have 4 macs, and one copy of office on one computer. Many do, yes... but "Almost all"? I would be interested to see where Gary gets his market share data for Office. Which particular "ubiquitous web server" is he talking about? Apache? What does this have to do with Microsoft Office? Also, most people I know do not use Entourage even if they have it installed... they use the OX X mail client, as I do. As an aside, however, I must give MS props on Mac Office... it is MUCH superior to the Win32 version, for some strange reason.

Gary wrote: "Most importantly, they're densely interconnected to thousands and thousands of Win32 machines. Rather than being above trouble, they're surrounded by it. A clever attacker can take advantage of this Achilles' heel with cross-platform malware aimed at Win32 and Mac computers."

I reply: I guess Gary must be talking about all those windows machines connected through the internet... because a LARGE percentage of Mac machines are stand alone or are connected only to other Macs on the jelly side of the router. My Macs are connected to Windows machines only after passing through two firewalls, minimum.

Gary wrote: "Though there have been no confirmed sightings of cross-platform payloads targeting Win32 and OS X, it's only a matter of time before they emerge. Propagation of such malware will follow the astounding Win32 release curve, covering the planet in a matter of hours. And the "superior"--and completely surrounded--Mac users will be in for it this time."

I reply: To quote that famous philosopher Jessica Alba during her Dark Angel days, "Blah Blah, Woof Woof".

Seriously.

Again, I point back to the headline of the story. "Is Your Mac Really More Secure?"

I think a more accurate headline (if a little long) would have been "Some Day Down The Road, Could Macs Face A Tiny Fraction Of The Security Problems That Exist In The Win32 World".

The answer to that question is yes.

The answer to your original headline, however, is blindingly obvious to anybody who has a brain larger than a pea.











Edited before any responses to fix a bad typo.

Silencio
Nov 7, 2005, 12:31 PM
"The irony is that the very pervasiveness of Win32 and its ease of compromise present a clear and present danger to Mac users. Macs run PC software. Almost all run Microsoft Office, and they include the ubiquitous Web server and Outlook-like Entourage client. Most importantly, they're densely interconnected to thousands and thousands of Win32 machines. Rather than being above trouble, they're surrounded by it. A clever attacker can take advantage of this Achilles' heel with cross-platform malware aimed at Win32 and Mac computers."

That's just about the dumbest thing I've ever read! So many fallacies and falsehoods, I don't have nearly enough time to go through them all. I'd call it FUD, but it's more of a complete misunderstanding of the topic at hand.

ohcrap
Nov 7, 2005, 12:48 PM
MacRumors.com should have some sort of project going on where a single Apple machine (let's say any G5 for speed's sake) is connected to the internet directly to a cable modem, behind no firewalls other than that which is built into OS X.

This way we can prove beyond a reasonable doubt just how secure our systems really are.

I wonder what would happen, then, if a designated user on that machine were to download many large files from various non-secure, dodgy websites, open emails from strange senders, and all of the remaining unthinkably stupid actions that could be performed on a Windows machine.

Just thinking out loud, but this sure would shut the mouths of morons like this guy...

winmacguy
Nov 7, 2005, 01:18 PM
MacRumors.com should have some sort of project going on where a single Apple machine (let's say any G5 for speed's sake) is connected to the internet directly to a cable modem, behind no firewalls other than that which is built into OS X.

This way we can prove beyond a reasonable doubt just how secure our systems really are.

I wonder what would happen, then, if a designated user on that machine were to download many large files from various non-secure, dodgy websites, open emails from strange senders, and all of the remaining unthinkably stupid actions that could be performed on a Windows machine.

Just thinking out loud, but this sure would shut the mouths of morons like this guy...
Been done already by USA Today last year called the honey pot project
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
Unprotected PCs can be hijacked in minutes 11/29/2004

dornoforpyros
Nov 7, 2005, 01:27 PM
Seems me there is about 10 times more authors writing about "how OS X is a high profile target because..." then there are hackers actually attempting anything. Kinda like the terrorist that are after us in our sleep

winmacguy
Nov 7, 2005, 02:07 PM
Seems me there is about 10 times more authors writing about "how OS X is a high profile target because..." then there are hackers actually attempting anything. Kinda like the terrorist that are after us in our sleep
Thats because they're jealous:p :D

Blue Velvet
Nov 7, 2005, 02:12 PM
MacRumors.com should have some sort of project going on where a single Apple machine (let's say any G5 for speed's sake) is connected to the internet directly to a cable modem, behind no firewalls other than that which is built into OS X.


Are you volunteering your time and your Mac? I'll second that nomination then.

I'll also take away any damaged equipment that has been subjected to such an assault it would be far too dangerous to continue using it.

ohcrap
Nov 7, 2005, 02:15 PM
Are you volunteering your time and your Mac? I'll second that nomination then.

I'll also take away any damaged equipment that has been subjected to such an assault it would be far too dangerous to continue using it.
If I was not in a position where my Mac was about the most expensive thing I own and did not have enough trouble paying for it as it is, I would. Yes.

But to answer your question, no. :D :p

Photorun
Nov 7, 2005, 02:29 PM
The only viruses OS X can get I'm aware of are, in fact, to Microsoft products, and shouldn't that be the first clue to this peecee weenie, as in, then why the ******* even USE a peecee, or Windoze peecee, get A MAC! And don't use ANYTHING Windoze.

Microsoft Wurd has the marco virus, which is really just annoying, it certainly doesn't disable any files. And if you install VirtualPeeCee by M$, that does, in fact, get adware and spyware just like if you owned (sadly if you're so unlucky) a peecee, however the beauty is you can simply delete the folder and reinstall, you're Mac, however, will still be running fine, that'll be untouched.

winmacguy
Nov 7, 2005, 02:34 PM
The only viruses OS X can get I'm aware of are, in fact, to Microsoft products, and shouldn't that be the first clue to this peecee weenie, as in, then why the ******* even USE a peecee, or Windoze peecee, get A MAC! And don't use ANYTHING Windoze.

Microsoft Wurd has the marco virus, which is really just annoying, it certainly doesn't disable any files. And if you install VirtualPeeCee by M$, that does, in fact, get adware and spyware just like if you owned (sadly if you're so unlucky) a peecee, however the beauty is you can simply delete the folder and reinstall, you're Mac, however, will still be running fine, that'll be untouched.
There is a very simple way to avoid the macro virus- dont activate a Macro when using Word or Xcel if you weren't the one who created it :rolleyes:

bryanc
Nov 7, 2005, 03:55 PM
Here's my email to the author:

Hi Gary,

I just read your article in IT Architect, and, because it was linked from a Mac-centric web-page, I expect your mailbox is overflowing with flames from frothing mac-evangelists about now.

I hope you find my short message within that deluge, and have a chance to read it. If not, I completely understand.

The reason I felt compelled to write is that, while some of your logic and facts are correct, you are sufficiently mis-informed about a couple of key issues that I think your conclusion is incorrect, and as an IT journalist, I hope you will consider writing a follow-up column to address this.

If I understand your article correctly, you conclude that Macs running OS X are not inherently more secure than PCs running windows on the basis of 4 key arguments:
1) Hackers are curious about novel systems and will be attracted to OS X as a target.
2) Macs run the same Office software, web servers, and mail clients as PCs, and these applications are vulnerable.
3) Macs are interconnected with Win32 machines, and therefore exposed to attacks from these demonstrably insecure platforms.
4) Cross-platform malware has been written before, and therefore is possible.

Let me address these in order:
1) Yes, hackers are curious, and writing the first successful OS X exploit will be the source of great notoriety for the successful hacker. This has been the case for 5 years, and the Hacker community now ranks OS X as the hardest target to exploit, and the effort to be the first continues unabated. They haven't succeeded yet, and, if current indications are any measure, it's not going to happen any time soon. BSD-Unix is the most secure core OS, and Apple's implementation of it has won legitimate praise for making this highly-secure OS transparent and easy to use for ordinary users. There have been security holes, but, because of the open source nature of Mac OS'es core, and because of the relatively painless and transparent patching mechanism implemented by Apple, patches for security holes have propagated much more rapidly than exploits could appear. Contrast this to the Windows world where exploitable security holes remain un-patched for extended periods, and when patches appear, they are often buggy and or unavailable to many users.
2) While Macs *can* run Office, and therefore *can* be susceptible to Word Macro viruses and so forth, not all do, and there are many (better) alternatives (e.g. iWork) for many mac users. Furthermore, Macs do not run any web-server by default, and if they do, it's the open-source (and therefore more secure) Apache server, rather than Microsoft's IIS. Finally, although Microsoft's automated virus propagator, er, I mean Entourage, is available to those who want/need it, Apple's default email client is Mail.app and, as far as I know, there have been no security exploits that utilize bugs in it.
3) Yes, Macs seamlessly interoperate with Win32 PCs, and are sharing data with them over the network all the time. However, unless someone comes up with code that will execute natively on both platforms, this does not appear to represent a risk for Macs. In our institution, mission critical PCs are simply not allowed any network connectivity for this reason, but, as they so far suffer no security risks whatsoever, we have no concerns about networking our Macs (and it's a lot easier to set up).
4) While it may be theoretically possible to write a cross-platform exploit (probably in Java), because the security weaknesses are heterogeneous, such an exploit would have to be very complex to function. It certainly won't be generated by some script-kiddie downloading some 1337 hacking tools from the internet after school. As I'm sure you're well aware, this is part of the argument for a mixed ecology of computer systems as a security measure. Given that someone with the capacity to write such software greatly narrows the potential risk, this alone makes the Mac vastly more secure than current Win32 systems. Furthermore, it seems probable to me that someone with that capacity is much more likely to be a 'white-hat' hacker or academic computer scientist, who contributes to the Open Source community (this may still be motivated by prestige), and therefore such potential exploits will appear as all security holes in Mac OS have appeared so far: as 'proof-of-concept' followed very quickly with a patch.

I'm not going to argue that the Mac will remain malware-free forever. Something will probably emerge someday. However, comparing the 'possibility of something someday' to the 'fact of a lot of malware in the wild right now' and concluding that the Mac is not necessarily more secure than Win32 is weighing theoretical possibilities so heavily as to be perverse.

I'd be happy to hear what you think of this counter argument.

Cheers

Gasu E.
Nov 7, 2005, 04:12 PM
If IT department folks really believed that Macs are only more secure due to obscurity, then they would be encouraging people (outside their own departments) to buy Macs. As Windows lost market share, it would become an increasingly unappealing virus target; hackers would switch their attention to the Mac, making Windows more secure. It is remarkable (and remarkably altruistic!) of Windows proponents that they do not encourage more people to switch to Macs, and make their beloved Windows a safer environment.

winmacguy
Nov 7, 2005, 05:35 PM
I'm not going to argue that the Mac will remain malware-free forever. Something will probably emerge someday. However, comparing the 'possibility of something someday' to the 'fact of a lot of malware in the wild right now' and concluding that the Mac is not necessarily more secure than Win32 is weighing theoretical possibilities so heavily as to be perverse.

I'd be happy to hear what you think of this counter argument.

Cheers

I might have to develop some of your clear and concise letter writting skills bryanc as your email is much more specific and to the point than my some what waffly attempts.
Cheers.
winmacguy:)

punter
Nov 7, 2005, 06:28 PM
I've been running my imac with a direct connection to the internet for two years now. Direct DMZ, all ports open, through to the imac, with the software firewall turned off. I'm not going to tell you the ip (it's not the one i'm writing from now) but it's still going great. Hasn't crashed either.

MacRumors.com should have some sort of project going on where a single Apple machine (let's say any G5 for speed's sake) is connected to the internet directly to a cable modem, behind no firewalls other than that which is built into OS X.

This way we can prove beyond a reasonable doubt just how secure our systems really are.

I wonder what would happen, then, if a designated user on that machine were to download many large files from various non-secure, dodgy websites, open emails from strange senders, and all of the remaining unthinkably stupid actions that could be performed on a Windows machine.

Just thinking out loud, but this sure would shut the mouths of morons like this guy...

macnulty
Nov 7, 2005, 07:30 PM
So are we done with the "security through obscurity" arguement?

macnulty
Nov 7, 2005, 07:37 PM
It will appear there if I can ever get their kludgy software to finish posting it:

The reply:



I would like to answer a ...

No offense, but brevity is the soul of wit.

winmacguy
Nov 7, 2005, 08:58 PM
I love this quote from an anonymous poster over at OSNews.com
" By Anonymous (IP: 82.44.33.---) on 2005-11-07 16:41:07 UTC
I was quite shocked to boot my Mac Mini for the first time and realize - hang on, I don't have to spend the next four hours installing AV/Firewall/Anti-Spyware/Firefox/Patches/A Slew of Software 5GB long...

It kind of knocks you off your feet the first time. A computer you can switch and make use of straight away - an incredible thing."

there are 112 more comments like that:cool:
http://www.osnews.com/comment.php?news_id=12567