Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Why DOESN'T someone make a virus for mac?
- Thread starter G5Unit
- Start date
- Sort by reaction score
Look at number three on your own list.
I'll leave this here:
And this....
http://secunia.com/advisories/product/
Search by product and see that Vista has had less vulnerabilities in the last 3 years than the current iteration of OS X at the time of it's release.
So I'll have a big LOL at you. Apple's own block randomization has also been under the scrutiny of security experts this week. So I'll have a LOL at you.
The reason: 'cause I'm too busy right now.
I don't know why others don't do it -- could be lack of interest, perceived value (prestige, financial), or some other reason. You'd have to ask at a Black Hat conference.
I think the reason there is little or no Mac malware (viruses would be tricky to write, but trojans very easy) is that most people who own Macs and - in particular - who programme on them are Mac fans (some are Unix fans too). Writing malware for a platform you're a fan of might be considered "peeing in your bathwater"
For most PC users - particularly because it's in the majority - it's just a tool. No Windows programmer is going to worry they're damaging the Windows market share, or making PCs less cool by releasing a virus/trojan.
For most PC users - particularly because it's in the majority - it's just a tool. No Windows programmer is going to worry they're damaging the Windows market share, or making PCs less cool by releasing a virus/trojan.
That isn't a virus.
A virus is something that self propagates, and has a payload, all deployed without the user's knowledge until it is too late.
http://www.actlab.utexas.edu/~aviva/compsec/virus/whatis.html
God forbid there are actually multple reasons that none physically exist (yet), and that much of what has been said all contribute towards that fact. Most of you seem hell bent on providing your opinion on why one particular reason is the sole contributor.
It was sent from Amish in the future in which they have finally adopted primitive forms of technology. However, while everyone else is time traveling, the Amish find that offensive to their culture and happily send out only practical joke emails to the past in order to disrupt technology and further the cause of their past Amish brothers.
It was sent from Amish in the future in which they have finally adopted primitive forms of technology. However, while everyone else is time traveling, the Amish find that offensive to their culture and happily send out only practical joke emails to the past in order to disrupt technology and further the cause of their past Amish brothers.
UNIX is hard to crack, that's why. The whole "they don't have enough marketshare" argument is BS. As has been stated, there are millions of Macs with no anti-virus at all, if it was so easy it would have been done.
Yeah, coz on Vista, you have a nice shiny "allow" button before you get infected. Provides no real protection at a technical level at all, just a UI trick for marketing.
At least when someone is infected on Vista, Microsoft can say "you can't say we didn't tell you so, it was your choice to hit allow!"
To do that, the program would need access to your filesystem, so I think you are wrong. And even if you're not, you would still need to install the program yourself for it to do anything.
Congratulations. You're proof that ignorant fanboys shouldn't be allowed opinions on complex technical subjects.
Actually, I think John Gruber said something interesting along these lines on Daring Fireball, to the effect that the Windows security "bunker" is very well built but it is shelled daily and needs constant repair because of that, whereas the Apple security "bunker" is somewhat less well maintained (but still maintained fairly well) and is also shelled very infrequently.
So even though windows might be "technically more secure" (whatever that means exactly!) it's still more pleasant to live in the Mac security bunker.
Just realised this deserves a proper reply (though I do still stand by my earlier comments too)...
UNIX isn't "hard to crack" at all. There have been plenty of exploits for various versions of UNIX over the years. This might prove an interesting and informative read, old though it is.
Is the wrong answer. As incredibly badly implemented as it was under Vista and as much as there's still room for improvement under Windows 7, UAC is to some degree an implementation of SUDO. If you didn't approve something it wasn't given admin access to the machine settings.
And of course Apple wouldn't say the same thing if you supplied your credentials to a trojan horse on OS X? Of course they would... and to a certain extent both they and Microsoft are right to do so. You can only do so much to protect people before you just have to take a leap and assume they can take responsibility for their own actions (and I'm not excusing Microsoft's poor decisions in the past that have made this more difficult on Windows).
Is the wrong answer. Again. But thanks for playing. Read this and weep.
UNIX isn't "hard to crack" at all. There have been plenty of exploits for various versions of UNIX over the years. This might prove an interesting and informative read, old though it is.
Is the wrong answer. As incredibly badly implemented as it was under Vista and as much as there's still room for improvement under Windows 7, UAC is to some degree an implementation of SUDO. If you didn't approve something it wasn't given admin access to the machine settings.
At least when someone is infected on Vista, Microsoft can say "you can't say we didn't tell you so, it was your choice to hit allow!"
And of course Apple wouldn't say the same thing if you supplied your credentials to a trojan horse on OS X? Of course they would... and to a certain extent both they and Microsoft are right to do so. You can only do so much to protect people before you just have to take a leap and assume they can take responsibility for their own actions (and I'm not excusing Microsoft's poor decisions in the past that have made this more difficult on Windows).
Is the wrong answer. Again. But thanks for playing. Read this and weep.
...I suspect that a lot of users at this forum use a "sudo"-able account on their day to day activities. the day that a Mac Trojan turns up we'll see just how many of them are out there
Am I the only one that doesn't need the computer itself to block him from his stupidity? I'm running an admin account and from time to time i even use root priviledges to do things. Now if i were such an idiot to jsut install and authorize some malicious app to ruin my computer, then there's no excuse, its not about using an admin account with rights, its about being stupid. So if someone is ignorant and stupid i guess he shouldn't use an admin account...
That's an application-specific exploit, not an OSX exploit itself.
Apparently, yes, you are apparently the only person on the planet who can differentiate between malicious and safe software/sites without looking at the source code. If you could bottle that, you'd make a fortune.
The rest of us are just getting by on playing the odds - the vast majority of programmes/sites don't contain malware, so most of the time most of us are safe.
Yes but that's the case here... be carefull from where you download your applications. And most of the times you don't need (or are able to) check the source code, but you can easilly compare the md5 checksums of a file *if* by any means you didnt get it from the official place. Also i disagree with playing the odds... We aren't talking windows here, that all the web is bloated by all kinds of stuff that could harm it, doing some research for the thing you are going to give admin access to isn't playing with odds, its not being ignorant. Hell, just googling the name of the application would give out if its a real app or not, and as i said before checking the md5 could make sure you actually got the original app instead of a malicious one pretending to be the one you want. We are using MACs! Not PCs! You're not going to get bombed by trojans and viruses whenever you open up your browser... you have to really help the malicious program itself to actually harm you
I might wonder how many apps that ship with OSX you have to string together to count as an operating system exploit but that would be splitting hairs. I've seen people here count Uutlook exploits as a comment on the security of Windows and as we all know, Outlook doesn't ship as part of Windows, making SL the only operating system to connect to Exchange out of the box, according to the Apple adverts anyway.
In any case, the point remains (specifically the one I was replying to), you don't need root to wipe a user's files, and its an example of malicious content the user is tricked into downloading from the web running without any further user interaction. Similar bug was found in mail.app just afterwards by the way.
Ok fair enough. Hopefully apple patched that one, and as long as such exploits dont show up in hundreds, apple can keep patching them. But i dont use safari
Opera <3
Probably because there's no financial incentive? Most windows virus's are built off of a previous one and everyone knows how to get ahold of one. Heck, give me some time and I can find a virus generator and make a PC virus. In contrast, nothing like that exists in OS X, so you'd have to write something from scratch.
I could easily see a site offering a trojan that appears to be an image of something, but in really spreads to every application in the computer, sends itself out to everyone in your buddy list, and causes some mischief.
I could easily see a site offering a trojan that appears to be an image of something, but in really spreads to every application in the computer, sends itself out to everyone in your buddy list, and causes some mischief.
Fair points, but the simple truth is if someone develops a useful piece of software (a utility, a movie codec, a shareware game etc.) and includes some kind of subtle malware/spyware in it, it could go undetected for months.
I'm not talking an empty trojan shell, which immediately on launch starts deleting files; more like a genuinely useful app, which secretly scans the user's directory periodically (ideally, it could do this when the screensaver kicks in, so the user doesn't notice) for useful keywords (password, credit card, social security number etc), encodes the data so it's not easily readable, and sends it as part of a 'check for version updates' request, so even if the user has Little Snitch installed, it looks innocuous.
So yes, smart users avoid warez sites and cracked software; but a more subtle attack like the above would catch out even a lot of wary, experienced users. I've installed a lot of 3rd party software.. Perian, VLC, MediaLink, Rivet, Flip4Mac etc. How do I KNOW none of them is doing anything malicious, without reading through - and understanding - every line of code?
That's why I'm worried when people say "I'm smart, so I'm safe". A lot of people seem to believe they're immune from such an attack, without anything there to protect them.
A little boring and definately not subtle, but still useful for proving a point/concept ;-)
*ding* <-- that's the sound of you hitting the nail on the head.
We don't know for sure, of course, without reading every line of code. Even then, if you want to be truly paranoid, this is an interesting article indeed.
I think the hacker community has a phrase for people who think they are magically immune: "The victim".
What we have to do is to try and make an informed decision about the level of trust we're prepared to invest in someone/an organisation, and what sort of level of access we're prepared to let them have to our systems (and as more stuff goes 'online', our whole damn lives - to return to that file deletion script, it stops being funny when it starts being your only copies of pictures of your baby or the only proof you've paid a really expensive bill that gets deleted). Some people are better equipped than others to make that decision. Some operating systems are better than others at making it easier to make an informed choice. Some operating systems are better than others at mitigating the effects of a bad choice... however it still ultimately comes down to "do you feel lucky punk".
One more thought about trust - lets say you decide to trust any code snippets or apps I send you based on... well lets just say you do. And lets say that I'm a truly honest person in whom that sort of trust would be pretty well placed (I'd like to think so actually but thats not important right now). That "trust" still only means I won't intentionally do something detrimental to you. It doesn't mean I won't send you malicious code by accident, or because my own security has been compromised. Now lets keep in mind that what I said about trusting me could equally apply to any business you care to name. Say, wasn't Apache.org hacked a while ago? Be really interesting for a hacker to distribute a web server-compromising trojan at source wouldn't it? I'm just sayin'
Something that has been bothering me. How easy would it be to "catch" a keylogger trojan for instance, from surfing (on a Mac with Safari). Would it announce it's presence by asking for a password to install itself for instance or would it work as the malware author intended and keep quiet logging all your key presses?
Apart from the obvious emptying of bank accounts, how would you know if you had one?
Apart from the obvious emptying of bank accounts, how would you know if you had one?
Very true. The more effort people make to secure PCs to one form of attack, the more attackers will shift their focus to others. Google Adwords was hacked too, with links pointing to dubious sites. Hacking DNS servers is another option, which could be used to redirect browsers to spoof versions of common sites, in order to get login details or trick the user into trusting downloads from that site.
Having a keylogger downloaded to your machine simply by browsing would be relatively difficult - I hope. But I don't know - it depends on what vulnerabilities are in your web browser and how it's set up. There was a serious Safari vulnerability found in 2006, where visiting a site was enough to enable a malware author to run a script on your machine, and you're in deep trouble. Or there's the Safari RSS vulnerability which would give a malicious site the ability to read sensitive information from your hard drive..
The simple answer is: we don't know. Your internet apps (browsers, mail, RSS readers, instant messengers) may have serious vulnerabilities which haven't been found yet. Or maybe they have been found by someone, and many of us have some kind of spyware on our machines, without our knowledge.. perhaps syphoning a little off a credit card account (but only once per person, so it's less likely to get detected..)
Judging from most of you guys, it's POSSIBLE to have viruses on MAC OS X. So, in terms of corporate strategy, why can't Microsoft hire someone to actually develop a deadly virus on mac, and claim that MAC OS X have viruses too?
i mean if there's a increase in virus for mac platform, Microsoft can do some claims saying "mac is not so secure after all", right?
All that i am saying is don't think of this in a hacker's point of view? maybe it could be use as a strategy for Microsoft..
I know its illegal, but we all know that there's always underground passage... so what's stopping this to happen?
i mean if there's a increase in virus for mac platform, Microsoft can do some claims saying "mac is not so secure after all", right?
All that i am saying is don't think of this in a hacker's point of view? maybe it could be use as a strategy for Microsoft..
I know its illegal, but we all know that there's always underground passage... so what's stopping this to happen?
A virus is a bit more tricky, but a trojan is simple to write.
Microsoft could - they'd hardly be the first company to go out of their way to sabotage a competitor. But - apart from the risk of being caught - it's not in their interests. They make a lot of money from Office on the Mac.
Plus, Apple's existence actually makes life a little easier for Microsoft. If Apple were to go bust tomorrow, then it would just be Microsoft vs Linux on the desktop, so the anti-trust focus might be a little more stringent on them again.
IF any legitimate company were to write malware, I'd expect it to be a security company; they have the most to gain from malware being released on OSX.
Microsoft could - they'd hardly be the first company to go out of their way to sabotage a competitor. But - apart from the risk of being caught - it's not in their interests. They make a lot of money from Office on the Mac.
Plus, Apple's existence actually makes life a little easier for Microsoft. If Apple were to go bust tomorrow, then it would just be Microsoft vs Linux on the desktop, so the anti-trust focus might be a little more stringent on them again.
IF any legitimate company were to write malware, I'd expect it to be a security company; they have the most to gain from malware being released on OSX.