Viruses on new macs

Discussion in 'Buying Tips, Advice and Discussion (archive)' started by Cloudgazer, Jul 7, 2005.

  1. Cloudgazer macrumors 6502


    Apr 22, 2005
    I don't know much about how the move to intel chips is going to affect macs.
    But was wondering about viruses and spyware, will the new mac become susceptible to them.
    Will these virus writers be able to target macs easier because of the new chips? Or are viruses and malware dependent on operating systems only?

    One of the things i love about mac is not having to worry about these things.
    How will the intel move affect this situation?
  2. $MacUser$ macrumors 6502

    Mar 27, 2005
    Los Angeles
    As far as I'm aware, and what common sence would dictate, spyware/virus target holes in software. I fail to understand how a new architecture and hardware would open up suseptabliity to malware.

    That being said, I do recall reading something a while back in regards to a buffer overflow on intel chips somehow being a vunerability, or some such nonsence. Perhaps someone more knowledgeable in this arena can shed light on the issue.
  3. risc macrumors 68030


    Jul 23, 2004
    Melbourne, Australia
    It'll make no difference at all. Just look at all the viruses on x86 Linux, FreeBSD, NetBSD, OpenBSD, etc oh wait... no all the viruses are on Windows.

    Nothing to worry about here at all.
  4. ldburroughs macrumors 6502

    Feb 25, 2005
    Virginia Beach, VA
    Macs are not popular enough to be a target for mass viruses. With their growing popularity, maybe we'll see more attempts. Besides, the way Jobs keeps switching around the architecture, how can the virus writers keep up? Not even software writers seem to know what to do. If the market share ever increases above the dismal numbers that constitute Apple's share of the computer world, the likelihood of attack will increase as well.

    I'm sure people will want to write that Macs are virus free because they're so well designed and impenitrable, but let's get real. Some even say they are a greater target because they present such a big challenge and the virus writers want bragging rights. Again, get real. Let's say Macs make up 6% of the computer population (I realize I'm being extremely generous). Of that 6%, even fewer are businesses, so the target is even narrower. Of those businesses, few are financial institutions or any target worth targeting. Let's face it, the PC is a target because it is so mainstream. It runs the world as we know it.

    The day we see a viable Mac virus is the day Jobs accepts a position with Microsoft. Who knows, maybe the next Longhorn is taking so long because Gates is waiting for the next Mac OS X release on the Mactel platform. He can just buy it from Jobs and call it Longhorn.
  5. Jo-Kun macrumors 6502a

    Dec 20, 2003
    as mentioned above... and by experience... all virusses that are commonly pushed into the world target Windows & MS Office (for windows) I'm not sure if a Macro virus (I mean one that works from an office macro) can affect MS Office for mac... but still the threat goes out to MS products...

    maybe the switch to Unix with Longhorn will change things but I doubt it... MS is the bad guy in the eyes of most viruswriters... some off course have less nice intentions and just try to get acces to financial systems to enrich themselves... but most viruswriters make their virus to show the world how unprotected MS systems are...

    most people who use mac's use it for music & graphic design etc... no target hackers/viruswriters are interested in...

    PS: I just realised my post sounds in favor of viruswriters... but no I don't like them... the only thing positive about this is that my friends look at me: no antivirus on your mac??? why??? hahahaha
  6. wrldwzrd89 macrumors G5


    Jun 6, 2003
    Solon, OH
    Viruses (and other forms of malware) are primarily software-dependent rather than hardware-dependent. This means that an OS change will drastically change the virus landscape while a processor change will have a far smaller effect on the number of viruses.
  7. godbout macrumors regular

    Jun 22, 2005
    Montreal, Canada
    I tend to Disagree with you on this point. Although, I am sure that there are not nearly as many attempts to write malignant code for the mac, I believe that one of the reasons why it is so much more difficult to write viruses is because its UNIX core is fundamentally more secure (e.g. Permissions to install exicutables). IMHO even if macs gained 50% install base (BTW I read a while ago it was something like 13% of home users install base so it would not be all that crazy to try and write a virus for it) they would still not have the problems M$ does. So this aspect of the switch to Intel will obviously not be affected. One issuse that I have read a little about is processor overflow suseptabilities on the "not as well designed" x86 arcitecture but I am not sure how this problem is taken advantage of and so I do not know how it will be affect the new macintels.

    P.S. Don't big businesses tend to use UNIX boxes as their servers and workstations... Where are the viruses? ;)

    P.P.S I did not actually read HOW that user install base study was conducted so... you know... don't flame me for that... I will try and find it :)
  8. Mitthrawnuruodo Moderator emeritus


    Mar 10, 2004
    Bergen, Norway
    Not quite true, there are some viruses for x86 Linux, most targeting buffer overflows that may be executed on the x86 CPU (so called execution of code in the data field) but because of the vast numbers of configurations and superior permissions handling those viruses are rare and not doing much damage. But they are there, but only on x86, not on PPC which prevents these kinds of attacks.

    Now, Intel has said that the new line of CPUs will have disabled the possibility to execute code in the data field and should therefore be just as safe as any PPC architecture, and if this turn out to be true there should not be any virus problems on the Mactels, at all.

    But I'm not buying a Rev A Mactel the day of its release unless I know a h*ll of a lot more about the actual CPU they're using. So I'm really would like to see some confirmation/roadmap and start to read up on it... ;)
  9. risc macrumors 68030


    Jul 23, 2004
    Melbourne, Australia
    Intel are currently shipping XD Bit enabled processors so this whole buffer overrun thing means zero to Mac users. In the decade or so I've run Linux I have to say I have not heard of a single Linux box being exploited when it was fully patched and up to date. Also Red Hat have been patching their Linux kernel with Exec Shield since Fedora Core 1 which does the same as the XD Bit on the new Intel CPUs (or NX on AMD) on CPUs that don't have XD Bit support. I'm not sure how many other distros this patch would of made it in to as to be honest I really don't care too much about Linux outside of my work environment now.
  10. Mitthrawnuruodo Moderator emeritus


    Mar 10, 2004
    Bergen, Norway
    As I said, if everything works as it should, I don't expect any problems, but I want to be certain before I use any new architecture for e.g. Internet banking, I cannot believe people (including my own mother) dare to use this with poorly patched Windows boxes.
    Well, in that respect, most Windows viruses exploit known security holes and get large impact in part because many are sloppy with updating their system. If all Windows boxes were up-to-date the virus menace would be much smaller...

    (Another example why my "Computer certificate", which I've mentioned from time to time, is a good idea... ;))
  11. wiseguy27 macrumors 6502


    Apr 30, 2005
    Actually, the XD bit only prevents "data regions in memory" from being treated as "code regions in memory" - so the execution of instructions from "data regions in memory" is prevented.

    A buffer overflow could also just corrupt the stack and make the control jump elsewhere (instead of the normal program logic). For the technically inclined, the difference between PPC and x86 is that in PPC all parameters to functions (subroutines) are passed through registers whereas in x86 all parameters to functions (subroutines) are passed on the stack. This makes x86 potentially vulnerable to attacks that depend on modifying or corrupting the stack.

    BTW, an attack does not necessarily imply viruses spreading around - it could simply mean making the computer unusable for a specific period of time (by making programs crash).

    The Apple developer website has some information about this at

    It says:
    Calling Conventions

    The x86 C-language calling convention (application binary interface, or ABI) specifies that arguments to functions are passed on the stack. The PowerPC ABI specifies that arguments to functions are passed in registers. Also, x86 has far fewer registers, so many local variables use the stack for their storage. Thus, programming errors, or other operations that access past the end of a local variable array or otherwise incorrectly manipulate values on the stack may be more likely to crash applications on x86 systems than on PowerPC.


    Here, "...access past the end of a local variable array..." refers to what's called a buffer overflow.
  12. Willie Sippel macrumors newbie

    Jun 8, 2005
    There are compiler-based protections against stack corruption and other typical points of failure (usually, there's no need to change the code, just recompile with a certain flag). My gcc setup (on Linux/ amd64), for example, comes with ssp (stack protector) and pie (position independent executables, disallows text relocation). There are also kernel-based hacks like aslr (address space layout randomization) to greatly enhance the security on x86.

    PS: AMD introduced NX, iNTEL copied the idea and called it XD. Similar to amd64: AMD innovated, iNTEL copied and renamed to EM64t, and most people instantly think iNTEL invented it just because they are bigger...
  13. idea_hamster macrumors 65816


    Jul 11, 2003
    NYC, or thereabouts
    Is that true? that Longhorn will have a unix base?

    I'd heard that MS had decided to (try to) implement unix-style permissions, but I don't think that I had heard anywhere that Longhorn would have an actual unix kernel-style operation.

    Have I been missing the whole Longhorn story?

Share This Page