Go Back   MacRumors Forums > Apple Systems and Services > Mac Basics and Help

Reply
 
Thread Tools Search this Thread Display Modes
Old Jul 30, 2013, 04:49 AM   #26
throAU
macrumors 68030
 
Join Date: Feb 2012
Location: Perth, Western Australia
Quote:
Originally Posted by pastrychef View Post
The second a true self replicating virus hits OS X, it will be on every news agency and odds are you will learn how to defend yourself before any virus definitions get updated.
Your confidence in the ability of security experts to detect, analyze and distribute a work-around in a short time-frame for a zero day exploit (http://en.wikipedia.org/wiki/Zero-day_attack ) is cute.

(Safari has had zero days before: http://www.bing.com/search?q=zero+da...oit+in+safari& )

Especially given that because hardly any OS X users run any sort of protection and likely don't have any sort of network monitoring, the only way they'll detect an infection to report to a security company is via dumb luck or the virus announcing itself.

I.e., there's a good chance a significant portion of users will be infected before the virus is analyzed.

The IP ranges of the big AV companies are well known. Any virus worth its salt these days avoids attacking those ranges to avoid detection...


with regards to AV definitions:
http://en.wikipedia.org/wiki/Checksum
http://en.wikipedia.org/wiki/Heurist...mputer_science


Heuristics enables a scanner to detect something isn't quite right and report it, even if it has no explicit AV signature for a new virus.

Checksums enable detection of changes to system files...
__________________
MBP (early 2011) - Core i7 2720 2.2ghz, Hires Glossy, 16GB, Seagate Momentus XT 750GB
Mac Mini (mid 2007) - Core2 Duo 1.8, 2gb, 320gb 7200 rpm
iPhone 4S, iPad 4, iPad Mini, HTC One (eval)

Last edited by throAU; Jul 30, 2013 at 04:56 AM.
throAU is offline   1 Reply With Quote
Old Jul 30, 2013, 04:53 AM   #27
pastrychef
macrumors 68020
 
Join Date: Sep 2006
Location: New York City, NY
Without security experts finding said virus, how will virus definitions be updated to protect against it? This, again, makes anti-virus useless for a zero day attack. Your trust in anti-virust software and this heuristic technique is cute.
pastrychef is offline   0 Reply With Quote
Old Jul 30, 2013, 04:59 AM   #28
throAU
macrumors 68030
 
Join Date: Feb 2012
Location: Perth, Western Australia
Quote:
Originally Posted by pastrychef View Post
Without security experts finding said virus, how will virus definitions be updated to protect against it? This, again, makes anti-virus useless for a zero day attack. Your trust in anti-virust software and this heuristic technique is cute.
Read up on heuristics.

You've got a better chance of finding an infection if you're actually looking for it.

I'm not saying it is a 100% solution. Nothing is.


My point is: stuffing your head in the sand and yammering "there are no viruses, os x is secure" is exactly the reason that when the virus infection eventually happens, it's going to be an apocalypse...
__________________
MBP (early 2011) - Core i7 2720 2.2ghz, Hires Glossy, 16GB, Seagate Momentus XT 750GB
Mac Mini (mid 2007) - Core2 Duo 1.8, 2gb, 320gb 7200 rpm
iPhone 4S, iPad 4, iPad Mini, HTC One (eval)
throAU is offline   1 Reply With Quote
Old Jul 30, 2013, 05:01 AM   #29
pastrychef
macrumors 68020
 
Join Date: Sep 2006
Location: New York City, NY
It's also the cause of all those annoying messages in Windows whenever you try to install anything. No thanks.

I'll worry about OS X viruses if/when there are any to worry about.
pastrychef is offline   0 Reply With Quote
Old Jul 30, 2013, 05:13 AM   #30
pastrychef
macrumors 68020
 
Join Date: Sep 2006
Location: New York City, NY
OS X isn't the flaming mess that Windows is. What applies to Windows does not necessarily apply to OS X. Think twice before entering your admin password and you will be in good shape.
pastrychef is offline   0 Reply With Quote
Old Jul 30, 2013, 08:29 AM   #31
philosopherdog
macrumors 6502
 
Join Date: Dec 2008
It's a marketing scam. Your chances of getting hit by lightning are higher than getting an OS X virus. There are no such thing in the wild. Trojans yes. Trojans require the user to install something. Give their password. Just don't do that and you're good. Besides to really do damage you would have to give root access. The PC is crawling with viruses. There it makes sense. Worms, etc can infect your machine without any user action. But even so, I ran a PC for years and never had any serious viruses. Malware was a bitter issue. OS X is pretty immune from malware. Little javascript tricks don't really count because they rely on the stupidity of the user to believe they have a virus.
philosopherdog is offline   0 Reply With Quote
Old Jul 30, 2013, 09:28 AM   #32
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by throAU View Post
If a zero day was released tomorrow for OS X ...
Anti-virus apps won't protect you from a zero-day virus, since they don't know what to look for. That's already been proven with some of the OS X trojans.
Quote:
Originally Posted by throAU View Post
Heuristics enables a scanner to detect something isn't quite right and report it, even if it has no explicit AV signature for a new virus.
Heuristics are far more effective for Windows, where there have been thousands of malware patterns to draw from. As there has only been a small number of trojans on OS X, heuristics would be far less effective on OS X. As antivirus apps haven't been successful in detecting all OS X trojans when they were first released, it's foolish to think they would do any better with a zero-day virus.
Quote:
Originally Posted by throAU View Post
My point is: stuffing your head in the sand and yammering "there are no viruses, os x is secure" is exactly the reason that when the virus infection eventually happens, it's going to be an apocalypse...
It is true that there are no OS X viruses in the wild. It is also true that, like every OS, OS X is not completely secure.

Stuffing your head in the sand and thinking some antivirus app is going to protect you from a zero day virus, or even currently-existing trojans is a far less effective defense than users educating themselves about and practicing safe computing, and staying aware of changes that may be reported in the news. Antivirus detection rates have been less than 100% so far, while practicing safe computing has been completely effective in avoiding any OS X malware that has existed in the past 12 years. Based on track record, I'll go with safe computing, rather trusting my Mac to some poorly-designed and not completely effective 3rd party app.
GGJstudios is offline   0 Reply With Quote
Old Jul 30, 2013, 09:35 AM   #33
pastrychef
macrumors 68020
 
Join Date: Sep 2006
Location: New York City, NY
I need to start selling gas masks that will protect people from an as yet undiscovered, unnamed air borne pathogen that can potentially kill.
pastrychef is offline   0 Reply With Quote
Old Jul 30, 2013, 09:39 AM   #34
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by pastrychef View Post
I need to start selling gas masks that will protect people from an as yet undiscovered, unnamed air borne pathogen that can potentially kill.
Make sure the masks are heavy and bulky, have holes in them and have been proven to not successfully filter out smoke, pollen and small insects. Now make them expensive and you'll have ill-informed people lined up, believing your sales pitch.
GGJstudios is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > Mac Basics and Help

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
antivirus for macs? worth it CB1234 Mac Applications and Mac App Store 37 Jan 14, 2014 05:16 PM
Antivirus rogo43 Mac Applications and Mac App Store 17 Nov 21, 2012 02:47 PM
What are MacPro1,1 machines worth these days? benguild Mac Pro 8 Sep 15, 2012 05:29 PM
Do I need an antivirus? shonor6 OS X 10.8 Mountain Lion 4 Sep 5, 2012 01:51 PM

Forum Jump

All times are GMT -5. The time now is 11:11 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC