Naive? (getting a Windows virus)

Discussion in 'Mac Pro' started by LastLine, Jul 17, 2006.

  1. LastLine macrumors 65816

    Joined:
    Aug 24, 2005
    #1
    Was discussing a virus issue a friend of mine has with his windows setup which has virtually crippled his system. I suggested (jokingly) that he ditch them all and buy Macs (which realistically he'll not do as he works with Visual Studio and the like for a living) as they don't get viruses. He came out with a comment about how 'macs can get window viruses too now', which I told him I agreed on - however obviously only on a Windows partition if said partition is installed. His one reply to that was 'naive'

    Gotta love them Windows users ;)
     
  2. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #2
    Somebody who works in Visual Studio for a living seriously thinks that you could currently get a Windows virus while booted in the MacOS? The only way that would make any sense at all was with a WINE-like environment installed that was good enough to run a Win virus, which--so far--doesn't even exist. WINE won't even run Notepad on my machine.

    This isn't to say that it might not be a little easier to "port" a Windows virus to an x86 Mac, but even that isn't an easy task given the huge differences in the OSes, and the vulnerabilites don't match up anyway.

    Odd comment.
     
  3. LastLine thread starter macrumors 65816

    Joined:
    Aug 24, 2005
    #3
    Well I say he works with Visual Studio - I think he does anyway :p lol

    But yeah, I just find the whole comment amusing.

    I'm also amused by the fact someone changed my thread title :confused:
     
  4. WildCowboy Administrator/Editor

    WildCowboy

    Staff Member

    Joined:
    Jan 20, 2005
    #4
    Because your original title was rather uninformative...
     
  5. hayduke macrumors 65816

    hayduke

    Joined:
    Mar 8, 2005
    Location:
    is a state of mind.
    #5
    Having lived in a Mac world for a *long* time, this boy-in-the-bubble will freely admit that he doesn't know what havoc a PC virus can wreak. If booted in Windows with BootCamp can a Windows virus &$#@-up your Mac partition. Gives me the heebee-jeebees just thinking about it. Seems like they must be able to. Thoughts?
     
  6. codo macrumors 6502

    Joined:
    May 17, 2006
    Location:
    England, United Kingdom
    #6
    I'm not so sure. Windows can not, currently, read or write HFS+ formatted partitions without third party software so a virus cannot touch your Mac partition. However, I'm guessing there are ways to mess up the table on the hard drive that deals with partitions or file systems? Not being an expert in the area, I'm not 100%
     
  7. munckee macrumors 65816

    Joined:
    Oct 27, 2005
    #7
    True, but aren't there some windows viruses designed to break your hardware? IE, cause the HD to spin at full speed permanently (until it breaks). That'll ruin your OSX partition as well.
     
  8. drj434343 macrumors member

    drj434343

    Joined:
    Jan 11, 2006
    Location:
    Portland, OR
    #8
    I think so...

    I've seen a virus on Windows that can mess with or wipe the boot sector on your HD. I would think that would mean it would effectively hose any partitions on your drive, Windows, Mac, or otherwise.

    I've also seen one that would mess with the BIOS of a system, either changing settings or erasing it all together, making the system unbootable. Those, I believe, were motherboard model specific, and would probably be hard pressed to effect anything hardware wise on a Mac.
     
  9. howesey macrumors 6502a

    Joined:
    Dec 3, 2005
    #9
    No, untrue.

    As for the HDD to spin at full speed, it always does.

    As for malware on Windows infecting Mac OS X on a HFS partition, it is possible. It just needs an engine to work with HFS, and then to do whatever it wants. A virus will just self replicate and all it will do is fill the hard drive with data for example, please refer to what this thread is about as malware. A virus is something that self replicates to crash buffers, hard drives or RAM etc. by filling them with data for example.
     
  10. michaeldmartin macrumors regular

    michaeldmartin

    Joined:
    Jun 29, 2006
    Location:
    Testicles. That is all.
    #10
    Macs don't have a BIOS. The old macs use Open Firmware and the new ones use EFI, so I doubt they'd be able to make a virus to mess with EFI.
     
  11. drj434343 macrumors member

    drj434343

    Joined:
    Jan 11, 2006
    Location:
    Portland, OR
    #11
    You're right. What I was really thinking was someone running Vista, or some later incarnation on an Intel Mac with EFI. A Vista virus designed to hose the EFI on a PC could potentially be designed to hose the EFI of a Mac.
     
  12. ironic23 macrumors 6502

    Joined:
    Feb 8, 2006
    #12
    Hmm... Maybe you should ask him to explain what his comment meant. Quite odd considering he works on Visual Studio...
     
  13. purelithium macrumors 6502

    purelithium

    Joined:
    May 28, 2006
    Location:
    Kingston, Canada
    #13
    Not really, you don't need to know much about the inner workings of computers to use Visual studio, and I know plenty of people who are like that.
     
  14. GFLPraxis macrumors 604

    GFLPraxis

    Joined:
    Mar 17, 2004
    #14
    Windows can not read anything on the Mac partition, so I don't believe the Mac virus could really do anything to it.
     
  15. Nermal Moderator

    Nermal

    Staff Member

    Joined:
    Dec 7, 2002
    Location:
    New Zealand
    #15
    You can still delete the Mac partition from inside Windows, and a virus could too.
     
  16. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #16
    A Windows virus could certainly just break the partition map, which would kill the Mac partition right along with the Windows one, but most viruses these days aren't that outright destructive--they tend to try and be more insidious, laying low and opening security holes so the person who let the particular variant loose can set up a botnet.

    As far as doing any TARGETED damage to the Mac partition--that is, deleting specific files or infecting it, rather than just wiping out the entire partition--it's theoretically possible, but the virus would have to be expressly written to do that and would have to additionally include code to give it access to an HFS partition, neither of which is very likely. It's just not that big of a target, and I'd think you'd do much better to target the MacOS explicitly instead of trying to use Windows to get at it, particularly given that a tiny fraction of the systems you'd infect would even have a MacOS install.
     
  17. eXan macrumors 601

    eXan

    Joined:
    Jan 10, 2005
    Location:
    Russia
    #17
    Who would want to go online while is using Win in Bootcamp?

    Use OS X for web-serfing, unless you do a win-only operation.
     
  18. hayduke macrumors 65816

    hayduke

    Joined:
    Mar 8, 2005
    Location:
    is a state of mind.
    #18
    I agree with what you wrote and understand it. I, however, wouldn't underestimate the size of the target. Certainly OS X has a much smaller install base and those that are also running Windows via Bootcamp (or any other method) is even smaller, but *anything* Apple makes the news and a virus/malware/worm (whatever...) that targets Macs would make a splash, not because it infected so many users, but because it brought down a Mac.

    Just my two cents...
     
  19. LastLine thread starter macrumors 65816

    Joined:
    Aug 24, 2005
    #19
    Though I should point out/clarify that the conversation was in the context of an OS X only Mac. lol
     
  20. Cashmonee macrumors 6502

    Cashmonee

    Joined:
    May 27, 2006
    #20
    It should also be noted that viruses don't try to destroy systems anymore. They try to turn them into zombie machines to carry out DoS attacks and send spam mail, etc. So if it can infect the Windows drive its job is done. It may try to infect the OS X partition, but it would need to install a program to really work. Hackers are after money now, not destruction.

    As far as a Windows virus getting on a Mac-only drive, I don't think that would be possible. First and foremost, different vulnerabilities.
     
  21. jtown macrumors 6502

    Joined:
    Jul 3, 2003
    #21
    Simply using a thing to make a living doesn't make a person an expert in that thing's design. A long-haul trucker could drive 150,000 miles/year but it doesn't make him a mechanic. I've known programmers who don't own computers. In college, many of my classmates in upper level classes were completely clueless about basic computer operations outside of the scope of their classes. Had to ask how to store their files on a floppy. "Format? What's that?" Don't assume someone knows what s/he is talking about just because they sit in front of a monitor for 8 hours a day.

    Of course you can still get a windows virus in your windows environment in bootcamp, parallels, virtualpc, etc. So what? That's nothing new. It's been an issue since the first version of VirtualPC. There's nothing different here. What happens in that virutal environment stays in that virtual environment. It's like a holodeck. When you shut down that virtual machine, it's inert.

    If you're really paranoid, always run a copy of your last image. Do your installation in parallels, then make a copy of the image once it's configured, patched, etc. and has all your software installed. If you get a virus while working in windows, just close that session, delete the image, and make a fresh copy of your last clean image. When you finish working, close your windows session, make a copy of the image you were just using and delete the old backup. If you're worried you might not catch the virus right away, keep several old images like a rotating daily backup schedule.

    In order to threaten OSX through windows, a virus/worm/malware writer would have to exploit specific weaknesses in parallels, virtualPC, etc. To what end? All they'd be able to do at that point is inject a virus targetted at OSX. Why go to the trouble of delivering it through windows? An attack through windows is pointless unless they've got something to deliver that works on OSX. If they've got that, why bother going through windows?
     
  22. Makosuke macrumors 603

    Joined:
    Aug 15, 2001
    Location:
    The Cool Part of CA, USA
    #22
    Entirely true. But my point is still: Why on EARTH would you go to all the hassle of writing a Windows virus that has specific code in it to infect a Mac partition from a BootCamp Windows install, when you could just as easily write a virus that targets the Mac directly, and you've got about 50 times the target base. Actually, I'd guess MORE easily, since it would require roughly the same level of familiarity with the MacOS, and while you'd have to deal with OSX's built-in security rather than using Windows to bypass it entirely, you'd avoid having to write an HFS driver of some sort into the virus, which strikes me as more involved.

    And again, were that your goal, you'd have to infect thousands of Windows systems to get at just a handful of Mac partitions, when if you actually had a Mac virus at least you'd have a direct crack at the entire installed base, rather than just people with an Intel Mac who are running Windows via Bootcamp.

    No, strike that: People who are running Windows via Bootcamp AND getting their email in Windows. How many of those people are there really?

    Not that there wouldn'd be a certain irony if the only way a virus writer could effectively get a bug through OSX's security layer would be through a Windows flaw, but that's not the case. Most viruses are social engineering anyway, so all you'd need to do was have a Mac virus and convince an idiot to type in his admin password without thinking when launched. I'm sure that wouldn't be very difficult, and it wouldn't require exploiting any security holes, just enough familiarity with OSX to write a "decent" app for it.
     
  23. drummerbooker14 macrumors 6502

    drummerbooker14

    Joined:
    Jul 11, 2006
    Location:
    Georgia
  24. generik macrumors 601

    generik

    Joined:
    Aug 5, 2005
    Location:
    Minitrue
    #24
    Simply proves that anyone with a piece of paper starting with "Microsoft" is just as braindead as some diehard Mac users.

    What?

    You think only Macs have fanboys? Windows has heaps too!
     

Share This Page