PDA

View Full Version : Apple Changes Its Tunes on Viruses


MacBytes
Aug 25, 2006, 10:09 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Mac OS X
Link: Apple Changes Its Tunes on Viruses (http://www.macbytes.com/link.php?sid=20060825230910)
Description:: none

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

WildCowboy
Aug 25, 2006, 10:15 PM
His theory that Mac should have had 5700 viruses last year since Macs have 5% marketshare, and since they didn't Macs must be inherently more secure is bunk. I'm not saying I disagree with the conclusion, but his assertion is ridiculous. Methinks that OS marketshare and viruses aren't directly proportional...if a hacker is going to take the time to write a virus, they want the maximum amount of impact. That comes by affecting as many computers as possible, which means going after Windows.

I know, there's the theory that the fame of writing a legitimate Mac virus should be a pretty good draw, but Pogue's data has a lot of holes in it...it does not (necessarily) mean what he thinks it means.

dmw007
Aug 25, 2006, 10:32 PM
Interesting article, I for one enjoyed Apple's swipe(s) at PeeCee's and their number of available viruses. :D :)

If the Macís market share is five percent, then shouldnít it have five percent of the viruses? It ought to have seen 5,700 viruses last year, not zero. Clearly, thereís something else at work here, and Iíll tell you what it is: Mac OS X is simply harder to hack.

The first part of the paragraph uses some fuzzy logic, but I agree with the second part. :)

bousozoku
Aug 25, 2006, 10:37 PM
I think it's pretty well known that there are a couple of security holes available in Mac OS X but it would take more research than most hackers care to do.

There is a lot more information available on Windows' vulnerabilities and you can find lots of code hanging out on the web.

Someone could write some horrendous exploits for Mac OS X, if they were willing to put some effort into it, but they'd still have to get past the initial security and I've only heard of one user willing to give an exploit access to his Mac.

rockthecasbah
Aug 25, 2006, 10:44 PM
Obviously we know that Windows has loads of exploited (and exploitable) vulnerabilities, but i find it hard to believe that Apple's OSX would still be nearly virusless if they had Microsoft's marketshare. Let's face facts; the main reason OSX has so few viruses is that hackers don't waste their time on such a small user base when they can do so much more damage to Windows machines. In fact, why even bother learning about Mac OSX to attack it? So in that regard, the ease to Windows hacking over OSX hacking i would say holds truth, but i don't believe it is that OSX has so few holes and so much better security with executable files, etc. that it has less attacks.

javabear90
Aug 26, 2006, 12:01 AM
No, no, no...
Do you realize how many people want to create a virus to prove all of us "smug" mac users that are computers are not really invincible? A lot. Believe me, people have tried very hard to create a Mac virus, or even exploit bugs. I don't think any of them have succeeded. The airport bug in the MacBooks was proven false (the wireless card was 3rd party and the drivers were bad), and the trojan thing on MacRumors did not spread by itself and did not do much harm (if any).

Not all virus writers just want to affect the most number of people. I am sure many people would love to be known for making the first successful Mac Virus.

iJon
Aug 26, 2006, 12:56 AM
[QUOTE=rockthecasbahIn fact, why even bother learning about Mac OSX to attack it? So in that regard, the ease to Windows hacking over OSX hacking i would say holds truth, but i don't believe it is that OSX has so few holes and so much better security with executable files, etc. that it has less attacks.[/QUOTE]
Because we simply don't have any. The first person who writes a successful Mac virus that does some serious damage will make headlines. Windows has viruses for two reasons, 1.They have 95% marketshare and 2. It's easier.

You gotta face it, Windows is a poorly written operating system that has backwards compatibility all the way back to 3.1 code. Us Mac Users had our operating system rebuilt almost 6 years ago and now we get to reap the benefits.

jon

redAPPLE
Aug 26, 2006, 01:04 AM
i believe i have read many many years ago, that mac users are generally a well educated group. the switchers are also well educated or are educating themselves.

we are smug because we know what we are doing.

i would continue paying for apple software and hardware and pay the premium, so apple can keep everything stable, easy and secure.

nagromme
Aug 26, 2006, 01:26 AM
The numbers thing is not directly proportional, no--there are many factors involved of course. But the general point is valid: if it's only about target size, it should be some number bigger than zero! Obscurity does NOT explain that zero.

There are many reasons to attack Windows. But there ARE reasons to attack Macs too. And still the zero.... because Macs ARE more secure by design.

A more technically-informed article on the subject:
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

(Besides, the "obscurity factor" is a GOOD thing. We won't lose that benefit for many years, so why treat it as a bad thing? It's not the ONLY factor that makes Macs safer, but it helps. And even if it WERE the only reason Macs are safer, it's still a reason to buy a Mac: most of the targets in the world will still run Windows, for years to come. So even someone ignorant enough to think Macs are only secure by obscurity, should still want to get a Mac and be more secure. Security by obscurity is not an anti-Mac argument, it's simple a pro-Mac argument that isn't complete.)

shadowfax
Aug 26, 2006, 05:53 AM
You gotta face it, Windows is a poorly written operating system that has backwards compatibility all the way back to 3.1 code. Us Mac Users had our operating system rebuilt almost 6 years ago and now we get to reap the benefits.The Mac OS wasn't so much "rebuilt" as it was moved to a better but old architecture. Microkernels and the *nix operating system model/paradigm are as old as Windows, easily...

All that to say, Windows isn't just POS because it hasn't been redesigned since its inception--it's POS because the original design was POS, as have been the refinements. OS X is reaping the benefits of an old, well proven security model. And that's just awesome.

Applespider
Aug 26, 2006, 06:10 AM
Do you realize how many people want to create a virus to prove all of us "smug" mac users that are computers are not really invincible? A lot.

I disagree. The majority of viruses/spyware/trojans these days that affect windows are written/designed by large groups of people who want to make money out if whether by selling botnets, spamming stock details, phishing accounts, blackmailing companies. They want the maximum ROI - and that's windows.

I believe there are holes in OS X but without the market share to exploit those weaknesses, the 'big boys' aren't interested. The real geeks out there who find these holes; are they malicious enough to want to open Pandora's box on another platform? With the current climate in terms of going after those who create malware with criminal procedures, would it be worth the bragging rights if they had to admit it? Or do they report to Apple and get the credit in the next Security Update?

Eraserhead
Aug 26, 2006, 06:55 AM
I disagree. The majority of viruses/spyware/trojans these days that affect windows are written/designed by large groups of people who want to make money out if whether by selling botnets, spamming stock details, phishing accounts, blackmailing companies. They want the maximum ROI - and that's windows.

Very true but if there were viruses now for OS X then there would be less switchers which would mean more people would stay on Windows where they are easier to exploit for botnets.

iJon
Aug 26, 2006, 10:19 AM
The Mac OS wasn't so much "rebuilt" as it was moved to a better but old architecture. Microkernels and the *nix operating system model/paradigm are as old as Windows, easily...

All that to say, Windows isn't just POS because it hasn't been redesigned since its inception--it's POS because the original design was POS, as have been the refinements. OS X is reaping the benefits of an old, well proven security model. And that's just awesome.
Thanks for clearing that up. Either way I knew Windows had gone wrong somewhere down the line.

jon

nagromme
Aug 26, 2006, 12:50 PM
I disagree. The majority of viruses/spyware/trojans these days that affect windows are written/designed by large groups of people who want to make money out if whether by selling botnets, spamming stock details, phishing accounts, blackmailing companies.
Very true--that's the MAJORITY of hackers. But it's not the only thing ALL of them are interested in. Prestige, challenge, and yes, taking Mac users down a peg, ARE motivating factors for some. A large number even, just nowhere near AS large as the number focussed on profit alone. And for that matter, taking down Macs would support the kind of organized criminal employment you mention:

* If the mob is thinking of hiring you for their next virus, having the first real-world attack on Macs is going to look pretty good on your resume!

* Mac users are a desirable demographic and an untapped one. Not just for software developers but for identity thieves and hackers too.


I believe there are holes in OS X but without the market share to exploit those weaknesses, the 'big boys' aren't interested.
There ARE holes--I've never heard anyone suggest otherwise--but they are fewer, harder to exploit, easier to block, and have less potential for harm once exploited. OS X is not perfect of course--no OS ever will be--but it IS much better and more secure, by design, than Windows.

EDIT: mangled quote!

Crike .40
Aug 26, 2006, 02:59 PM
Saying hacker will attack the larger marketshare to create an impact completely disregards the fact that there are a large quantity of viruses for the numerous different cell phone OS's which at least for a few presents a smaller "whole number" market than OSX.

nagromme
Aug 26, 2006, 06:22 PM
Similarly, "largest impact" would imply that hackers would not bother exploiting a Windows flaw that only affects a few percent of Windows users. But hackers do sometimes exploit those, not just the big holes that affect millions.

Porco
Aug 26, 2006, 11:45 PM
I couldn't read the article, but I just think the best argument against the security through obscurity theory (at least as the only reason Mac OS X have less viruses etc) is to mention OS 9 - which had, at various points I believe, far more viruses than OS X (of course!) with a similar or lower market-share. Kind of blows the obscurity argument away.

As others have said, I am very sure that were the security of OS X not as good as it is, numerous viruses would be out in the wild already, if for nothing else than kudos for the people who write them within their own circles.