Apple has the most insecure software...

Discussion in 'Apple, Inc and Tech Industry' started by maflynn, Jul 21, 2010.

  1. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #1
    This is disturbing Ars is reporting that Apple is now the world leader in software INsecurity.

    One huge reason I use OSX is that I generally don't have to worry about viruses. I hope apple isn't starting to rest on its laurels.
     
  2. redbotsoftware macrumors regular

    Joined:
    Jun 2, 2009
    #2
    But the report clearly says the flaws are not of the major variety, and they are in the third party software.
     
  3. jammybastard macrumors regular

    jammybastard

    Joined:
    Apr 26, 2010
    Location:
    In Trasnic
    #3
    Did you actually read the article?
    Specifically this part?

    Duh.
    In the future don't be so quick to assume the content instead of actually reading it.
     
  4. Hellhammer Moderator

    Hellhammer

    Staff Member

    Joined:
    Dec 10, 2008
    Location:
    Finland
    #4
    If OS X was more popular, there would be viruses. In fact, there were some for older OS Xs I think. I'm not a software specialist but I've read it several times that OS X is more insecure than Windows 7 is but there is greater "market" for viruses in Windows as most users use Windows.

    Software is software. Whether it's and OS or app, it's still software. Safari is from Apple. QuickTime is from Apple. iTunes is from Apple. You don't get viruses if you don't use browser in Windows, it's usually a flaw in the app, not in the OS itself
     
  5. Sun Baked macrumors G5

    Sun Baked

    Joined:
    May 19, 2002
    #5
    Yep, if you are going to pay $10k bills to somebody to design trojan or virus for your spam business.

    You are going to go where you can get the biggest bang for your buck.

    Sort of sad that basic business ideas are working in this market. :eek:

    For the Mac market, it is rather easy to do a porn codec trojan and do a pop-up saying that you need to download a new codec to watch this video.

    Edit: for Macs the organic AI is corrupted and easy to defeat.
     
  6. thejadedmonkey macrumors 604

    thejadedmonkey

    Joined:
    May 28, 2005
    Location:
    Pa
    #6
    Actually, it's very rare to get a true virus in any OS. Now-a-days, it's trojans, worms, and the like, that Windows users get. And that's becoming less the fault of the OS, and more the fault of the end user for installing them on their system.

    example: Anti-virus 2009 requires a user download and install it. But then you can't get rid of it ;)

    It's only time until it happens for Apple... and given their lax security, when the s**t hits the fan, it will go everywhere.
     
  7. Eric5h5 macrumors 68020

    Joined:
    Dec 9, 2004
    #7
    No, there never were. There were viruses for OS 9 and earlier, which was basically a completely different OS. Apple is selling far more Macs now compared to when Mac OS Classic viruses were being written (although there were never huge numbers of them, maybe some dozens), so I think that kind of shoots your theory down.

    --Eric
     
  8. Cerebrus' Maw macrumors 6502

    Joined:
    Mar 9, 2008
    Location:
    Brisbane, Australia
    #8
    One point I would like to suggest-

    Apple may be selling far more Macs from back then, but so are PC's. Although it is refreshing to see Macrumors report that 3.37 million macs have been sold this quarter, and records have been repeated over the last 17 quarters, OSX market share has just barely reached 10% over all, which gives you an idea of how many PC are being shipped the entire time.

    If the market had stagnated, then yes, the point of more macs shipping may be applicable. but if you apply a micro example to it:
    If, back in 2000, there were 1,000 computers in the world and OSX had 6% share, they would have 60 macs against 940 PC's.

    Now imagine in 2010, we have 1,000,000 computers with OSX at 10%. Thats 100,000 Macs, but thats 900,000 PCs. An overly simple example, but one that I think gives a bit of sense to how many pcs there are in the world!

    As Charlie Miller has shown, there are vulnerabilities in Mac (and as the Java debacle showed last year) some quite serious. There is even a mac botnet. As Macs become more popular they are going to be exposed to the greatest security hole of all. The user.

    -Maw
     
  9. Hellhammer Moderator

    Hellhammer

    Staff Member

    Joined:
    Dec 10, 2008
    Location:
    Finland
    #9
    True. Plus, most viruses come through Adobe crapware nowadays because almost everyone has Flash installed and as we know, it's full of holes. Besides, the reason you have malware can usually be found between the keyboard and chair ;)
     
  10. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #10
    The Mac Malware Myth or the malware myth

    In short, market share does not seem to be the factor for having viruses or any other kind of malware, as Mac OS 8 and 9 (had some viruses) were installed on much less Macs than today's Mac OS X 10.5 and 10.6. Unix seems to be the deciding factor.
     
  11. maflynn thread starter Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #11
    I should have worded my post a bit differently but my point remains. I use OSX so I don't have to worry about malware, I of course need to USE software with OSX, what good is an OS if you don't use programs. So my point stands. I use OSX to get my work done, but that leaves me more insecure, so before flaming me, why not consider why people use an operating system - to use programs.:rolleyes:

    I'm not flaming, trolling OSX/apple. I think the architecture of OSX is such that I am confident that viruses won't slip by me, but it seems apple has taken their eye off security for much of their products, hence this report.
     
  12. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #12
    Been 10 years now and nothing to worry about. Moving right along . . .
     
  13. acurafan macrumors 6502a

    Joined:
    Sep 16, 2008
    #13
    don't worry, jobs will just hold a conference. and state Linux/Solaris/Windows has viruses too, and we all get MBP bumpers.
     
  14. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #14
    The typical OS X user is more vulnerable to attack vectors like phishing than they are to technical attacks. A better title would be, "Apple has the most security-UNconscious user base."

    This is a good example of what I'm talking about. The fact that iTunes, Safari, and Quicktime are all made by Apple doesn't seem to register.

    Also, "security" doesn't mean just viruses- a fact that most in this thread have obviously missed. It means buffer/stack overflows, code injection, password encryption/nonencryption, and the policies for dealing with them. Apple is among the worst vendors at taking quick action against major security flaws that are found in their software.
     
  15. Compile 'em all macrumors 601

    Compile 'em all

    Joined:
    Apr 6, 2005
    #15
    What are the other "vendors" out there if you don't mind me asking?
     
  16. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #16
    Microsoft, Sun, Cisco, take your pick.
     
  17. jammybastard macrumors regular

    jammybastard

    Joined:
    Apr 26, 2010
    Location:
    In Trasnic
    #17
    Your "point" is based on a misinterpretation of a 2 paragraph article put out by a company that sells anti-malware services and software.
    You really don't understand this sort of thing do you?

    It has nothing to do with OSX.
    These exploits don't run on OSX, they run in the applications. That means that
    no matter the OS they will still execute regardless.

    This is because many software makers do not spend the time and
    money to make sure their code is secure. They get it done and then push it out the door.

    If you really want to be paranoid then you need wonder why companies like Adobe continues to make easily exploitable software.
     
  18. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #18
    This whole question is framed wrong. It is not whether or not an OS is more or less secure.... the question is.... is the OS secure enough?

    OS X is secure enough for people to use it with confidence that they are safe from malware - assuming responsible computing. Downloading cracked versions of software from dubious sites, and using your admin password to install that software does not count as 'responsible'.

    People can't extrapolate what would happen if more viable threats emerged based on Apple's current practices. If a viable threat emerges, Apple would presumably respond. It's what every other software maker does, and we have to assume Apple would too.

    As an analogy... your house is not the safest place in the world to be. It is however safe enough for you, balancing how you use it and how much money you are willing to spend on security. We live in a small community, and city folk would just laugh at what we consider to be "secure". It's not that people can't lock their car doors, we just don't have to use the locks. But if threat of car thefts increases, then we could.

    I think OS X is the same way. The locks are ready to be used, but since the threat is not there there is no need - at this time - to inconvenience the user. And when the threat does emerge, the lock needed to keep the malware out will need to specific to that malware.

    Just my 2 cents ....
     
  19. mlts22 macrumors 6502a

    Joined:
    Oct 28, 2008
    #19
    Right now, the battle for security is being fought at the browser and add-on level. What really needs to be done is have the OS help out by limiting what the Web browser can do. For example, a browser should be able to download files, upload files a user specifies, but it should not be allowed to modify files outside its preference directory unless it is a direct user action. This will limit the damage an add-on can do if it gets compromised and allows code to be run in its context. Macs should be able to kick butt at this because of the jail functionality inherited from BSD, as well as the SELinux like security policies.

    Even with this, there is always the dancing bunnies problem. No OS unless it takes root or Administrator authority from the user can protect against this.
     
  20. Phokus macrumors regular

    Joined:
    Jul 17, 2010
    #20
  21. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #21
    Right, because Quicktime for OS X, iTunes for OS X, and Safari for OS X are the exact same code as their Windows versions.

    Oh, wait. That's completely incorrect.

    Right. In this case, Apple- as the title of the article clearly states.
     
  22. PerfSeeker macrumors 6502a

    Joined:
    Jul 10, 2010
    #22
    Also remember that most of the latest malware/viruses are coming from China where big money is backing it in their cyber-war on American computing. Naturally they would target the 90% Windows market share.
     
  23. PerfSeeker macrumors 6502a

    Joined:
    Jul 10, 2010
    #23
    You know on Windows if you stay away from non-reputable porn sites and other weird sites you won't get any malware or viruses either.
     
  24. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #24
    And again:


    Btw, you can edit your posts via the [​IMG] button, or multi-quote posts via the [​IMG] button, as sequential posts are "against" the rules.

    Minor Problems

    6. Sequential posts.
    Combine your comments into one post rather than making many consecutive posts to a thread within a short period of time.
     
  25. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #25
    Unless someone emails it to you - couple of different ways for that to happen; Someone on your network surfs a bad site; You were one of the lucky ones to get the Dell motherboards with malware included. Your visiting brother-in-law, Ralph, decides to check up on his new virtual girl-friend "kitTienNe" ...

    Can you still catch bad things from an infected thumbdrive? I don't know it that vector is still available.
     

Share This Page