Macs don't sleep around so they stay virus free. There is some concern over the new macs that run with windows/vista also. Sluts...
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
How come there are no viruses/threats for Mac Computers?
- Thread starter James Cole
- Start date
- Sort by reaction score
Just curious, but I hadn't heard of any ISS threats or viruses since version 5 (think 5, or 4). Prior versions had problems, but I understood the later ISS was quite more secure.
I was going to use that example myself! The governemnt and companies will use whomever they feel can help them.
As for the first post, I think it's a complex situation. For starters, OS X has a Unix base, which makes a difference. Then there's the fact that a small percentage of computers are running OS X compared to Windows. The bigger they are, the harder they fall
Finally, I think that Mac users just have better stuff to do with their lives. When was the last time you saw a Mac user who looked like a nerd? I don't know why, but Mac users seem to look like they have a life
Anyways, the point is, you can enjoy your Mac guilt-free. No need to pay Norton $50 a year for a useless service.
Anti-virus programs can only be updated when a threat is present. At the moment, no threat is present, so there is no need to have any anti-virus software.
Reasons OS X has less viruses:
- Market Share
- Based off of Unix
- OPEN SOURCE KERNEL
The open source kernel is huge!!!!!!!! Why? Because the kernel can be tweaked by anyone that is willing to fix some code so that a certain virus can no longer affect it. This is one reason that Windows has so many viruses. The kernel can only be seen and developed by MS developers. Basically there are a few thousand developers for Windows that can work on virus issues while there are MILLIONS that can work with the Mach kernel (used in BSD and OS X) to fix virus issues. Not saying that millions of people will do this but I am sure there are more people working on the Mach Kernel than the Windows kernel. Also, because of the Mach Kernel being open source it can be tested in the real world. It also makes it faster to put patches out for the kernel.
Need a better explanation just ask... I am willing to help
A bit of a rough explanation I know, but I'm sure you may get a grasp on what I am saying if you read it a few times (sorry bout that). I am sure the more techy people will know what I am saying... Basically one thing I have learned from going from windows to Linux then partially to OS X (have a linux laptop and a MBP)
Oh... use Linux and/or BSD and your mind wil be filled with computer KNOWLEDGE
- Market Share
- Based off of Unix
- OPEN SOURCE KERNEL
The open source kernel is huge!!!!!!!! Why? Because the kernel can be tweaked by anyone that is willing to fix some code so that a certain virus can no longer affect it. This is one reason that Windows has so many viruses. The kernel can only be seen and developed by MS developers. Basically there are a few thousand developers for Windows that can work on virus issues while there are MILLIONS that can work with the Mach kernel (used in BSD and OS X) to fix virus issues. Not saying that millions of people will do this but I am sure there are more people working on the Mach Kernel than the Windows kernel. Also, because of the Mach Kernel being open source it can be tested in the real world. It also makes it faster to put patches out for the kernel.
Need a better explanation just ask... I am willing to help
A bit of a rough explanation I know, but I'm sure you may get a grasp on what I am saying if you read it a few times (sorry bout that
). I am sure the more techy people will know what I am saying... Basically one thing I have learned from going from windows to Linux then partially to OS X (have a linux laptop and a MBP)Oh... use Linux and/or BSD and your mind wil be filled with computer KNOWLEDGE
Thank you. Physical access to a computer == all bets off.
This is ridiculous. Malware doesn't have anything to do with Microsoft vs. Apple, and Apple themselves have taken a fair bit as well. Malware is bad for EVERYONE, and Mac users who can often inadvertently pass on infected files aren't always helping.
I think you're suffering from some misconceptions. Not everyone is a black hat, and many of them work for all sorts of corporations, government entities and what have you doing security work.
Even when you're a known "criminal", like Kevin Mitnick, you can still find good work doing computer security consulting.
Some of the people with the best intentions at heart get fired/arrested/whatever because they disclose severe vulnerabilities and everyone thinks they're out to do something so evil omg hacker bad bad bad!!!! That needs to end, honestly.
It's the idea that they've already disclosed vulnerabilities before, and that kind of skill would be useful finding more.
Sorry to say the field of security involves a LOT more than just a pathetic new virus.
And to a company where the primary product is antivirus/malware software, hiring people who've created some of the most innovative and effective viruses would not be a bad move.
I am so sick of reading *&#$ like this. I might actually be happy the day there's some major massive vulnerability in OS X that someone takes advantage of on a huge scale, just to show idiots that it's not okay to take it easy and not do anything just cause OS X is just "safer" out of the box due to the design or what have you. It's like all common sense and security basics are thrown out the window just because there's no real virus for OS X. It's nonsense...malware will always exist, always has, and people will never stop having bad intentions. This doesn't stop you from ****ing up after giving out your password inadvertently through social engineering, or being vulnerable to other exploits out there, or giving someone physical access to a computer.
Just because there is a lack of a threat doesn't mean AV software out there don't also include heuristic algorithms to find infections from unknown viruses that share the same characteristics as known viruses.
There's also other known ways of minimizing threats/the chance of a threat, such as sandboxing. Coming soon in Leopard.
Yes, like people actually update on a regular basis. Which adds on to the problem, because a lot of people don't, for whatever reason.
Security through obscurity is ridiculous, but if you think XNU and Darwin being open source will help that much...(and it's not Mach, it's XNU, but XNU uses part of Mach, so basically it's not a Mach kernel but rather a derivative). Sorry to say Darwin isn't most of OS X, there is a lot that is not open source that is also vulnerable, in addition to all the 3rd party not-controlled-by-Apple addons for Mac OS X like apache. And all those applications you use...how do you know something trivial like Adium won't have some sort of vulnerability?
And if you feel like going through a few million lines of source just for Darwin alone...be my guest. Some now-disclosed bugs, like from the despicable and dumb month of kernel/apple/... bugs, were found in your beloved open source kernel by fuzzing.
Like wow, so mindblowing, huh?
Security is dependent on three things:
- A good secure design of the OS, this is the case for OSX, this is what makes it extremely difficult to write a virus in the first place.
- De presence of known bugs. Very few: www.secunia.com. (Virii do need bugs in the first place).
- Quick response of Apple (security updates) when bugs become known: This does not give hackers enough time to develope a Virus. ( see first argument )
BTW MS did a rather good job when it comes to Vista in this area, although probably still lacking.
Market share is not really a good argument. (OSX does have 23 million users!) It has more to do with the lack of possibilities and the extreme effort it takes to make one. Even if somebody succeded in writing a virus, it is even more difficult to make the virus spread itself to other computers. I do feel extremely safe with OSX, a good OS does not need a virusscanner.
- A good secure design of the OS, this is the case for OSX, this is what makes it extremely difficult to write a virus in the first place.
- De presence of known bugs. Very few: www.secunia.com. (Virii do need bugs in the first place).
- Quick response of Apple (security updates) when bugs become known: This does not give hackers enough time to develope a Virus. ( see first argument )
BTW MS did a rather good job when it comes to Vista in this area, although probably still lacking.
Market share is not really a good argument. (OSX does have 23 million users!) It has more to do with the lack of possibilities and the extreme effort it takes to make one. Even if somebody succeded in writing a virus, it is even more difficult to make the virus spread itself to other computers. I do feel extremely safe with OSX, a good OS does not need a virusscanner.
Might I remind you this thread would also encompass more than just a virus, and there exist a plethora of vulnerabilities and exploits for them of all sorts for every single OS and lots of applications.
Also, since disclosure or lack thereof is dependent on the person who discovered it, who says that same person can't develop some exploit and actively use it before disclosure to the vendor?
If I really wanted to **** around with people after finding a vulnerability, I'd find some way to take advantage of it just to piss people off, without vendor disclosure. Or, full disclosure without prior vendor disclosure, so you're left hoping nobody will take advantage of it before Apple releases a security update, if ever.
edit: Please get your facts straight, a virus is not a worm.
Vulnerability is one thing, the possibility to exploit it another. Also Apple is pro-active, thus I consider 'exist a plethora of vulnerabilities' on OSX rather streched.
Agreed.
edit:
Whatever you call it, good security principles on OSX covers them both.
Notoriety isn't a job - it's an egotistical state. People don't climb Everest because they can't pay the bills!
'Viruses' aren't lumped together, there are obviously commercial advertising ventures, ranging to criminal activity and teams/individuals who want to test themselves and create damage for the same reason people vandalise other people's property. Malware, spyware, key loggers, viruses, trojans and worms all have different and at the same time overlapping purposes.
Commercially, if OS X was easy to crack, bingo - you'd have an easy extra 5% market share in your particular criminal venture at a stroke. If OS X was easy to exploit, it would be done over and over again as it would be easy money. A small amount of extra money, but some all the same.
Remember that thousands of new legitimate companies spring up every year, only catering for a niche market.
I don't even know where to begin with that.
Apple's turnaround time on security fixes isn't exactly fast...certainly on high priority extremely severe vulnerabilities, but otherwise no. Even with security patches, not everyone will upgrade immediately afterwards, leaving a significant number of vulnerable installs anyway.
See what happened during MOAB. Landon Fuller tried with others to release 0day, or close to 0day, fixes and workarounds for all bugs. Apple didn't patch some of them until months later. As for 3rd party apps, with the MOAB Colloquy bug (my favorite IRC client for mac os x), the exploit was actively being used on Colloquy users on Freenode, forcing people to upgrade once a fix was available because the app would crash due to the sploit.
Oh yes, lets use more examples from MOAB. MOAB did not disclose any bugs to Apple prior to full public disclosure. Their QuickTime RTSP bug was the first one (cve link), and it was fixed by Apple 23 days later (security-announce msg). What could it have done?
Oh yummy.
And if you're telling me I can't exploit that in 23 days..wait, the MOAB guys included instructions. It wouldn't take long to figure out some way to make a lot of people really unhappy really fast. Imagine the possibilities.
As for vulnerabilities...there are a lot, they just haven't been discovered/disclosed yet. I'm fairly sure even my little widdle apps to help me do trivial little things might possibly have some fairly major bugs that might make it crash and burn. Apple is far from invincible, as well as the people working there, and OS X itself.
It is not exactly slow either. I do imagine that Apple does use the batch approach, releasing multple patches in one update, meanwhile monitoring if any real exploit was being released. You are making a lot of fuss about something that is being taken serious enough by Apple, the auto-update feature gives the hacker at the most an extra 7 days.
I followed the whole patching scheme with moab, it was oke with me.
23 days turnaround is slow. The time between an operating system vulnerability being discovered and exploit code appearing has been falling exponentially for the past few years. Patches should really be offered within seven days of publication at absolute maximum. Otherwise sooner or later we are all going to get caught out.
I agree 200%
Viruses will come, my bet is sooner rather than later. Apple keeps getting it's name out there, and the more they talk about how "secure" and "virus free" OSX is, the more people out there are going to want to release something.
I personally get tired of reading people talk about how much more secure OSX is then Windows, how OSX will never get a virus because it's just so secure, etc, etc. People think that OSX is so absolutly wonderful that it's the OS itself that stos viruses or something.
Actually my fear is that someday once viruses start hitting the "market" Apple won't be prepared, and I'll be one of the "switchers" that get's to deal with viruses on OSX... Then I'll loose a bunch of photos or mp3s and I'll kick myself, because NEVER in my 12 hour a day useage of computers over the past 10 years have I gotten a virus in Windows. I just computed smartly and didn't download/click on things that were obviously dangerous.
edit: I'm sure somebody will point out I was lucky or something, which I suppose is true, but NONE of my friends have ever had problems either, and none of us run any sort of anti-virus.
If I remember correctly, 23 days is on the fast end for a security update. I don't think all of the MOAB apple bugs have even been dealt with yet.
The first Safari security update for Windows was days after the initial release, but had yet to fix all known issues. Wait, no, reports of bugs, again fuzzing (lol, and the emphasis that was placed on this by apple security at wwdc...) were out within hours of the initial release, some of them extremely severe (again, arbitrary code execution). Complete with proofs of concept.
Symantec found a 2 month turnaround time for OS X security fixes in general, although not all high priority.
I find none of that particularly fast.
What do you not understand about arbitrary code execution just based on something as trivial as visiting a website in a browser?
Apple might do batch updates, but that's no reason to delay patching with a known and severe vulnerability. Once a sploit is out, that's that. Nothing Apple does short of patching it and patching it quickly for a large number of systems will do anything. And Apple can't force people to patch. And Apple can't release 50 patches in a month all in regards to security, but nothing is stopping them from having a good turnaround time for the people who need/want these patches through the Downloads site, not necessarily in Software Update until you do a massive batch security update, or something along those lines. That QT RTSP security update was it for that particular one. It wasn't a batch update, the update only contained the patch for that particular QT bug.
And if you think people auto-update regularly, you are sorely mistaken. Even with Windows Update, I regularly ignore all the pesky warnings to update until there's a backlog of like 30 not-absolutely-critical updates to install. With Mac OS X, I don't update except for critical security updates or major OS updates. Some of those updates require restarts, which I am loath to do. Some of them are big downloads, and understandably a lot of people I know will hold off on them because they have slow or capped connections. You are simply ignoring reality and you're just in your little dream world imagining that Apple security is good and people update all the time.
They don't.
AFAIK they have.
Writing software for Windows: risky business you need to take in account a plethora of OS weaknesses and deal with them on the App level, Apple is learning the hard way.
Should I trust that source of information?
Good question, my knowledge of OSX is pure theory but solid, from what I know there is strict seperation between user-space and system-services. System-services are always save because of strict seperation of access rights. Do I miss anything?
They could indeed apply that strategy, as long the 'website' update remains the same as in 'software-update'. Releasing patches requires extensive testing because negative side effects should be avoided and causes lack of credibility, this is why I do not favor releasing patches too quickly.
All I am saying is OSX from a security point of view has an excellent design, and Apple is doing what might be expected from them within reasonable boundaries. If it comes to users and updating: Apple made the update feature as user-friendly as possible, what more can one expect? I got the awkard feeling you are trying to muddy your own water.
I am very confident that OSX will never see a succesful exploit, that does not mean Apple should not remain vigilant.
I too agree with this.
While the love for Apple is growing, the hate is growing right along with it. There are a lot of people out there who hate Apple because they feel Apple's recent success is due to "marketing hype".
They believe there are better products than iPod and iPhone, but Apple does so well in those areas because of marketing, and they don't like that. They get frustrated by, what they consider to be, the "sheeple" buying these products. Rather than simply choosing to buy the competitive product, they develop a hatred toward the Apple products.
Will this spawn a movement toward attacking Mac users? Only time will tell. I sure hope not.
Interesting that many Mac users felt the exact same way about the Microsoft juggernaut.
OS X has been around for roughly 6 years without a single serious exploit. 6 years! Millions of people not using any form of antivirus software and nothing. Nada. Zilch. Now arrogance isn't a good trait, and neither is complacency, but OS X is as good as immune.
OS X IS secure.
As for you and your friends never suffering from any problem in 10 year, I'm sorry, but I personally find that hard to believe.
I think you don't use Windows anymore? If you did, I was going to invite you to post your HiJackThis log...
Yes, because it was verified to an extent by Bud Tribble, Apple VP of Software Technology.
http://blog.washingtonpost.com/securityfix/2006/05/a_time_to_patch_iii_apple_2.html
Yes, in that despite access control, you can still do significant damage in multitudes of ways...whether or not you consider it significant could depend on what exactly is done, but for all you know, it could be this trivial little app that deletes your entire home folder with no problem at all...and if there's something you value in there that you didn't back up...bye bye file.
I am not denying that, but that is one reason why people don't always upgrade automatically to whatever updates are available - stability/compatibility issues. Testing is a given, but instead of having a patch and sitting on it for a few weeks in order to release a bunch of patches under a bundled security update might be a ridiculous idea at times.
And like I said, the security update for the rtsp vulnerability only had that patch, nothing else.
No, I'm just speaking from years of experience dealing with people who don't upgrade on a regular basis, across all OSs, myself included. I would actually be shocked if someone did updates on a weekly basis consistently.
And my point would be that Mac users shouldn't be so laid back with security, there is a LOT more to it than just trivial viruses. I could easily boot up most new Macs into single user mode..rm -rf / time...
Lack of serious sploit maybe, but that certainly hasn't prevented any social engineering by any means at the least.
I wasn't saying that Mac users shouldn't be warry. I was trying to imply that virus writers for Windows are "nerdier" and have no life. Not being careful and simply clicking on everything you come across is obviously stupid, and will get you into trouble on a Mac as well as Windows. Did you perhaps have a bad day? Usually your responses have less venom
But this isn't the case. There may be some possible, but there really aren't any viruses for OS X. None. Zero. Zilch. There have been vulnerabilities found, and like janey, I wish Apple was a little more on the ball with some of them, but there haven't really been too many confirmed exploits, and nothing released into the wild. There have been motivations, money and fame among them, not to mention the places that do use Macs, my work among them. But it's not so easy. I'm not going to say impossible, but it hasn't been done successfully yet. At least not like on Windows, with no user interaction or physical access to the machine needed.
Besides, OS 9 had viruses, and a much lower marketshare and media presence than OS X does with it's 0.
Sigh, my apologies. Touchy annoying subject.I was trying to imply that virus writers for Windows are "nerdier" and have no life....Did you perhaps have a bad day? Usually your responses have less venom
There really isn't a nerdy vs. not nerdy thing to this whole thing...that shouldn't even matter right now. What should is how vendors like Apple deal with disclosures, and what end users do to prevent/lessen damage in addition. This shouldn't have anything really to do with windows vs. osx either, because the worst can happen to anyone on any OS.
There are, plain and simple. No computer is safe.
Windows
Mac OS X
Linux
Solaris
BSD
There will ALWAYS be exploits, not only in the OS, but the Applications that run on it.
The computer is a dumb machine, it has no knowledge, it doesn't understand the difference between confidential data, and data that is to be shared. It just sits there and processes 1s and 0s. All it knows how to do is process binary code. It CANNOT do anything else. A computer alone is perfect, and always correct.
However, when you add human coding to the mix, it becomes far less perfect. Humans make mistakes, we do not think in binary code. We have emotions, we have knowledge - not intelligence. Therefore - we make mistakes. No software is perfect. A bug in something small and insignificant can affect something else, something big, and important.
If a hacker wants to access your data, he/she WILL access your data eventually, it may just take them a while.
Oh and as for hackers not being able to write Mac code. Macs use Java don't they..?
Windows
Mac OS X
Linux
Solaris
BSD
There will ALWAYS be exploits, not only in the OS, but the Applications that run on it.
The computer is a dumb machine, it has no knowledge, it doesn't understand the difference between confidential data, and data that is to be shared. It just sits there and processes 1s and 0s. All it knows how to do is process binary code. It CANNOT do anything else. A computer alone is perfect, and always correct.
However, when you add human coding to the mix, it becomes far less perfect. Humans make mistakes, we do not think in binary code. We have emotions, we have knowledge - not intelligence. Therefore - we make mistakes. No software is perfect. A bug in something small and insignificant can affect something else, something big, and important.
If a hacker wants to access your data, he/she WILL access your data eventually, it may just take them a while.
Oh and as for hackers not being able to write Mac code. Macs use Java don't they..?
Macs CAN be effected (although not as bad as windows machines) by java based malware.
Most viruses are designed to run amok without the user knowing, OSX requires authorization to run initial startup programs (most always AFAIK), only a complete idiot would say yes and type in his/her password to allow an unknown program to install. Having to type in a password means you'll maybe take a look at what the box is telling you, not just press OK to get the damn box off the screen (windows anyone?)
Unix and NEXTstep are a heritage and a blessing to the OS
Most viruses are designed to run amok without the user knowing, OSX requires authorization to run initial startup programs (most always AFAIK), only a complete idiot would say yes and type in his/her password to allow an unknown program to install. Having to type in a password means you'll maybe take a look at what the box is telling you, not just press OK to get the damn box off the screen (windows anyone?)
Unix and NEXTstep are a heritage and a blessing to the OS