Ok i know this is on he boards.. but my know it all windows die hard feels that osx just has no viruses because there are not that many of them.. so can anyone here give me the tech reason why osx is secure.. like its based off of unix or something?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Viruses..
- Thread starter jer446
- Start date
- Sort by reaction score
In brief terms, a big reason is because OS X doesn't let you run wild over your system...it does a very good job of separating core system-level processes from user processes. Installing applications and things like that require you to enter a passwords that make you think about what you're doing and prevent programs from installing themselves.
nagromme
macrumors G5
Macs are more secure by design. It is MUCH harder to make a real-world virus for Mac than for Windows, and nobody has done so yet.jer446 said:
And Macs are also less common than Windows PCs--a smaller target--and that's good too.
Both factors help keep Mac users safe. And neither factor is going to change, so Macs will STAY safer than Windows 🙂 Even if we finally get our first real virus, it won't be anything like the swarms that Windows faces.
Basic reasons:
* More secure design that is harder to break into. UNIX is part of that, yes.
* Design that limits the damage then can be done even if something DOES break in.
* Windows has a LOT more code and thus a LOT more bugs. Windows is very complicated under the hood. This also makes flaws harder to fix when they are found--and worst of all, it makes the fixes more likely to do additional harm.
Some links that you can share:
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html
http://www.roughlydrafted.com/Oct05.5Flaws.html
http://www.itwire.com.au/content/view/4136/937/
http://www.duggmirror.com/software/The_Reasons_Windows_Vista_Keeps_Getting_Delayed
http://www.csoonline.com/read/080103/patch.html
http://www.eweek.com/article2/0,1895,1950095,00.asp
on this topic: what about those of us who will be running bootcamp for windows apps? How will a win virus act under boot camp - will it compromise the OSX side of things?
thewhitehart
macrumors 65816
No. A Windows virus can only affect Windows. If the offending files were put on your mac partition, they would just sit there.
gauchogolfer
macrumors 603
thewhitehart said:
Is there a consensus on this? Are we certain that an offending virus couldn't somehow format/corrupt the entire HD, not just the Windows partition? I'm not sure if this has really been established.
thewhitehart
macrumors 65816
gauchogolfer said:
I'm sure it would be possible, but the virus would have to be written to corrupt an HFS+ partition.
atszyman
macrumors 68020
gauchogolfer said:
I would think that in order for a Windows virus to affect the Mac partition you would have to have a utility like MacDrive installed to that the Mac partition was visible to the Windows OS. If the drive isn't read/writeable then the Virus can't affect it.
generik
macrumors 601
Part of the reason why Windows sucks so much is this cesspool known as Internet Explorer. Seriously at least half of Window's security woes come singlehandedly from IE and its HTML rendering libraries.
Apart from that I wouldn't really say OSX is more secure because of it's UNIX design and blah blah blah... In fact Apple doesn't even have authorisation from the Open group to refer to OSX as UNIX.
If you configure security options on your Windows box correctly (ie: don't run applications as administrator) you are probably as secure on Windows as on a Mac. Likewise this whole "mac has no virii" illusion is just that, an illusion.
What do you consider a "virus"? It is trivially easy to make an application send itself to your iChat contacts with a cute icon, and people can click it... and well it doesn't have to require administrative access and modify your applications and stuff (that mean of propagation is just so in the '80s). Virii today spread better through the net, they can just as easily send itself on to your friends.
And of course, it takes no administrative rights for random applications to delete your home drive and wipe all your user files spanking clean too. Sure it might not be able to delete your applications, but who cares about those... that financial reports for your boss that you pored over for weeks, that thesis you spent a year writing, the book you have been authoring over a few years... your entire iPhoto library... hahaha, any virus author will happily eat those instead.
And the beauty of it all? With Apple's file system, if a virus does eat your file, you can effectively kiss it good bye. At least with Microsoft's half arsed file system you still stand a chance getting your files back.
FYI if the user is braindead enough to operate Windows as an administrator, any rogue application is capable of seeing the HFS+ partition. You won't be able to read files off it without the necessary Windows drivers (there's a $ product for just that) but it can easily just... delete... it. You don't need to be able to make sense of something to destroy it.
Apart from that I wouldn't really say OSX is more secure because of it's UNIX design and blah blah blah... In fact Apple doesn't even have authorisation from the Open group to refer to OSX as UNIX.
If you configure security options on your Windows box correctly (ie: don't run applications as administrator) you are probably as secure on Windows as on a Mac. Likewise this whole "mac has no virii" illusion is just that, an illusion.
What do you consider a "virus"? It is trivially easy to make an application send itself to your iChat contacts with a cute icon, and people can click it... and well it doesn't have to require administrative access and modify your applications and stuff (that mean of propagation is just so in the '80s). Virii today spread better through the net, they can just as easily send itself on to your friends.
And of course, it takes no administrative rights for random applications to delete your home drive and wipe all your user files spanking clean too. Sure it might not be able to delete your applications, but who cares about those... that financial reports for your boss that you pored over for weeks, that thesis you spent a year writing, the book you have been authoring over a few years... your entire iPhoto library... hahaha, any virus author will happily eat those instead.
And the beauty of it all? With Apple's file system, if a virus does eat your file, you can effectively kiss it good bye. At least with Microsoft's half arsed file system you still stand a chance getting your files back.
thewhitehart said:
FYI if the user is braindead enough to operate Windows as an administrator, any rogue application is capable of seeing the HFS+ partition. You won't be able to read files off it without the necessary Windows drivers (there's a $ product for just that) but it can easily just... delete... it. You don't need to be able to make sense of something to destroy it.
gauchogolfer
macrumors 603
atszyman said:
Do you think that if a virus got that much control over the system, that it could be packaged with a 'MacDrive-like' program that allowed it access? I know this is just speculation, but....
I've never used MacDrive, btw, so I don't really know how it works.
generik
macrumors 601
gauchogolfer said:
Why even go through so much trouble just to infect it?
If someone hates MacOS so much as to create a virus to target Bootcamp users, and said luser is smart enough to open that email attachment and run it, s/he is toast. That program can just as easily delete and destroy MacOS' partition.
atszyman
macrumors 68020
generik said:
But where's the fun in that? If you are simply going to erase everything, anyone who backs up can easily get their stuff back. If you really want to cause the most havoc, quietly altering things behind the scenes while trying to propagate is definitely the way to go.... For those viruses, they can't do much to the Mac partition...
nagromme
macrumors G5
That's one way a Windows virus could harm the Mac side (it could include HFS software for Windows, which does exist) and therefore read/steal/change/delete Mac files; and another way is that it could wipe your whole hard drive, Mac side and all (pure vandalism, no need for the virus to be Mac-specific at all). Vandalism viruses are not the norm these days though: viruses are more often made to steal data, take control of systems, send out spam, etc.thewhitehart said:
Neither way has happened, but they could in theory. I know if I ever put Windows on my Mac, I won't want to spend time keeping it secure or "educating myself" on Microsoft's mess. Therefore, I will avoid going on the Internet.
But that IS a part of it, as explained in the links above. And OS X doesn't meet the official definition of UNIX now, but it's still UNIX-based (BSD) and still shares advantages with UNIX. (And with Leopard, it WILL officially be pure UNIX.)generik said:
You can be virus-free on Windows, many have done it 🙂 BUT:generik said:
a) You're waiting for the next big flaw to be found--a new one you are not defended against--and maybe a fresh virus to exploit it. That's a far more real fear with Windows than with Mac.
b) Keeping Windows secure requires more expertise, more educating your self, more time, and more effort. Macs don't demand so much of you. Your Mac is secure even if you don't know the difference between root and admin 🙂
Not true: it's no illusion, there REALLY are no viruses for OS X beyond theoretical proofs of concept that have already blocked by Apple.generik said:
But you're right: definition matters. If you call a Trojan Horse a virus, then any computer can get one, on any OS. A Trojan horse is simply a lie: someone says a file does one thing, and it does another. OS X is very good about warning when it gets suspicious, but nothing will ever stop people from lying. So it's important not to run apps from untrusted sources.
As for something easily spreading through iChat... no, not so easy any more 🙂 In fact, it wav VERY difficult the first time. And you say they spread over the Internet, but that iChat Trojan/virus did not! It had NO ability to transmit over the Internet. It could ONLY spread on LAN, and ONLY if you changed OS X's default config. And even then, there were warning signs... and even if you ignored the signs, no permanent harm was done. And that's all BEFORE Apple patched iChat to prevent even this minor incident from being repeated.
Take comfort where you can... until Time Machine 🙂 Of course the flip side of that is: it's easier for Windows malware to plunder data you have deleted! That credit card transaction, SSN, or private email you trashed? A virus can find it and share it.generik said:
The bottom line is, Macs REALLY ARE safer than Windows. Perfectly safe? That would be absurd and I've never heard it suggested. But MUCH, MUCH safer than Windows. Not just because of target size--although I'm happy to have that factor help too, since Macs won't outnumber PCs anytime soon 🙂
Some may think all OS's are exactly alike in terms of security design. But there really ARE differences. Windows and OS X are NOT equally vulnerable. That's no illusion, and neither is the total lack of real-world OS X viruses and spyware.
nagromme
macrumors G5
A virus could reformat the whole drive even if it couldn't "understand" the partitions: otherwise you could never reformat a corrupted drive.
That's an easy way for a Windows virus to harm a Mac, and would require no planning or intention regarding Macs.
And this is one reason virtualization (like Parallels) is safer: a virtual Windows environment (which currently runs extremely fast except for 3D) isn't aware of your hardware directly, and cannot harm the rest of your system. (Unless you share the whole Mac drive with Windows--so don't!)
That's an easy way for a Windows virus to harm a Mac, and would require no planning or intention regarding Macs.
And this is one reason virtualization (like Parallels) is safer: a virtual Windows environment (which currently runs extremely fast except for 3D) isn't aware of your hardware directly, and cannot harm the rest of your system. (Unless you share the whole Mac drive with Windows--so don't!)
thanks all for responding to my win virus on a mac question. I thinking twice now about buying Win to run on my mac - to just run one app (until this is worked out - I can't afford to lose my work or workable machine due to constant infections). I may pick up a cheap PC for this alone I think for my qualitative analysis crunching - and run it offline permanently.
I feel I can do without this 'potential' headache - even if this headache is caused by me alone trying to keep up with the various virus status etc.
I feel I can do without this 'potential' headache - even if this headache is caused by me alone trying to keep up with the various virus status etc.
nagromme
macrumors G5
I think a fair assessment would be:
* The headache of having a Windows virus harm the Mac side is possible but HIGHLY unlikely.
* The headache of having a Windows virus harm your WINDOWS files is distinctly possible, especially if you're not "expert" in Windows security.
* The headache of having to spend time keeping Windows safe(r), learning skills you'd rather not have to have, and keeping on top of the latest exploits/patches, is a pretty sure thing!
However, keeping a separate PC really only saves you the first (and least likely) of those headaches. So you may as well save time and desk space and just use your Mac for both.
* The headache of having a Windows virus harm the Mac side is possible but HIGHLY unlikely.
* The headache of having a Windows virus harm your WINDOWS files is distinctly possible, especially if you're not "expert" in Windows security.
* The headache of having to spend time keeping Windows safe(r), learning skills you'd rather not have to have, and keeping on top of the latest exploits/patches, is a pretty sure thing!
However, keeping a separate PC really only saves you the first (and least likely) of those headaches. So you may as well save time and desk space and just use your Mac for both.
I still feel not enough is yet known about this - in real world terms that is.
I do appreciate the input - I've certainly got nothing to bring to the table here.
Whilst I've been thinking off and on about this issue since the intel announcements - this article just landed in my inbox today - got me thinking yet again (granted this article is more to do with a certain app more than anything - but it's in the mix):
http://australianit.news.com.au/articles/0,7204,20496885^16123^^nbv^,00.html
I do appreciate the input - I've certainly got nothing to bring to the table here.
Whilst I've been thinking off and on about this issue since the intel announcements - this article just landed in my inbox today - got me thinking yet again (granted this article is more to do with a certain app more than anything - but it's in the mix):
http://australianit.news.com.au/articles/0,7204,20496885^16123^^nbv^,00.html
nagromme
macrumors G5
Yeah, I saw that--but just because Microsoft's latest security flaw potentially "affects" both Mac and Windows Powerpoint doesn't mean it's equally able to do HARM on both systems. More info is needed, but it's likely that the flaw actually doesn't pose AS much risk to Macs as it does to PCs. (But should be taken seriously regardless.)
Xeem
macrumors 6502a
generik said:
http://www.apple.com/macosx/features/unix/
I would say that Apple pretty clearly (and often) refers to OSX as being UNIX-based, even if it isn't advertised as a "pure" form of UNIX.
0098386
Suspended
I don't know the ins and outs of viruses, but the familys fastest PC has been having huge problems recently. The last time I saw it the computer wouldn't boot up at all! I hope big devastating viruses like that won't be as much as a problem with Boot Camp.
(iMac arrives later today 🙂 )
(iMac arrives later today 🙂 )
nagromme
macrumors G5
Congrats 🙂raggedjimmi said:
But viruses will be just as big a problem in Boot Camp: Boot Camp makes your Mac a Windows PC like any other.
To keep your Mac safer than that, stay in OS X 🙂
(And as mentioned above, virtualization like Parallels has SOME benefit for security--not to mention the convenience of two OS's at once--but Windows is still Windows.)
atszyman
macrumors 68020
nagromme said:
I agree with almost everything except your last point about a separate PC. Although yes it could in theory keep the first *'d item from occurring it could also make it more likely. I typically have my PC and Mac networked so I can access files/drives on either one from either computer. If a virus on Windows starts deleting files on any visible drive this actually makes it easier to delete files from my Mac since the networking filesystem requires no knowledge of HFS to see and delete files from my Mac.