why is there no virus for mac?

[MisterMe]

OS 9 had plenty of viruses. ...

This is not true. There were no more than one or two MacOS 9-specific viruses. For the decade of the '90s, most Mac viruses were not Mac viruses at all. They were Microsoft Office viruses, which were cross-platform. For the entire life of the Mac, there have been fewer than 30 Mac-specific viruses. The number peaked during the reign of System 6 or early System 7. The appearance of Mac viruses resulted in the development of free and commercial antiviral software. Because Mac antivirus software was guaranteed to stop any infection, writing Mac viruses became an exercise in frustration. By the time MacOS 8 was introduced, the new Mac-specific virus was a thing of the past.

A while back there was a contest that offered $25,000 to the first person who could successfully write a Mac OS X viruses that could self duplicate and infect other machines with little or no interaction from the user. ...

You are confused. This contest was not about MacOS X viruses, but about a MacOS 8/9 webserver. The computer was setup in Sweden. The winner would be the first to hack the website. There was no winner. The contest was run for a second round. The second time, a hacker found a way to penetrate the Mac webserver. Apple fixed the vulnerability.

Macs are less prone to viruses because they are less prone to virues. ...

I would state it a different way. Macs are less prone to viruses because Windows is more prone to viruses. Windows is more prone to viruses because Microsoft gives users the tools to write them. It also promotes a culture in which viruses can easily propagate. With the introduction of Visual Basic for Applications in Microsoft Office, the number of viruses exploded. Unlike Java and AppleScript, VBA had unrestricted access to the OS. It expanded the domain of virus writers from that of skilled assembly language programmers to any dweeb with text editor. By 1999, things had become so bad that Microsoft asserted its now famous excuse: Microsoft Windows has more viruses because it was more popular. Microsoft presented not a shred of evidence to support its assertion, but the popular press and a lot of weak-minded users accepted the excuse uncritically. I call it the Whore's Excuse--"I'm not a whore, I'm just popular."

The excuse is put to lie even within the Windows family of operating systems. After the introduction of Windows XP, Windows 98 remained the dominant OS for several years. However, XP was rife with viruses. What's more, XP viruses were worse than any ever to infect 98.

 

[dpaanlka]

In response to "there were plenty of viruses for OS 9" --

Note that most of them were A) Super trivial (like making your computer beep) and B) written when Macs actually had a higher market share, like in the late 80s and early 90s. Pretty interesting...

EDIT: MisterMe beat me to it.

EDIT 2: Would all of those Word macro viruses still work in Office 2004?

EDIT 3: http://main.system7today.com/software/disinfectant.html

 

[Timepass]

The Trojan was something the user had to have a high level of interactivity with, it did not replicate by itself, it could no "self-execute."

do you know that of all the "virus" made for windows less than 3% of them are virus by defention. heck a vaste majority of these "virus" on windows are trojen horse. AV software has lump them in to calling them virus. Most papers and those people lump trojan in as a virus.

Just rememeber that relitily few of teh "virus" for windows are really virus. quite a few worms but still well over 60% are trojans

 

[stoavio]

Any viruses I've read about targeting macs don't seem very destructive. I'm mainly thankful spyware makers have no real reason to target us either.

 

[ChrisBrightwell]

I couldn't really ever see OSX have any viruses.

That just means that you'll be one of the first to catch one when it lands in the wild.

 

[thegreatluke]

Don't forget that Mac OS 9 had a smaller userbase but over 40 viruses.

Edit: never mind, haha.

 

[ahunter3]

OS 9 had plenty of viruses.

It most certainly did not~!!

Systems 3-6 had plenty of viruses (although not on the scale of Windows and DOS). Might have been 25 or 30 of them, in fact.

About a third of them would not execute under System 6 + MultiFinder. Another batch of them failed to execute under System 7. And a good portion of the rest were not viable after the switch from 68K processors to PowerPC. By that time, John Norstadt's Disinfectant and good Mac-user networking had pretty much eradicated them in the wild.

What OS 9 had was: the AutoStart worm, which was unusually malicious for a Mac virus, and really got around; a Graphics Accelerator trojan/virus that I never saw but heard about; and the Merry Christmas Hypercard virus which only infected Hypercard stacks (but did damage if you had Hypercard stacks).

None of them spread themselves via email or internet or even local network unless you had a networked volume mounted on your desktop. They spread by CD, floppy, or the hobbyist-distribution of infected application (trojan). Anyway, yeah, about 3 viruses. That's a lot??

Well, I suppose by OS X standards that's a lot

But seriously, I saw Mac viruses back in the early days (I had several floppies infested with nVir A and MDEF before I cleaned them with Disinfectant), then nothing for a long long time, then the AutoStart worm, and that's it. Oh, and Word macro viruses but they don't damage the Mac, they just proliferate there and do their damage exclusively on PCs.

 

[yellow]

Idle wonderment:

Despite the fact that most of us responding to this thread probably thought,
"Oh, no, we're not going to beat that dead horse again, are we?"..

here we are, <splat> <splat> <splat>.

Will this happen the next time someone asks the very same question? Of course..

 

[Scarlet Fever]

hey my mum gets hundreds of viruses on her MBP running OS X every day through email. They are all just useless .exe files, though

i loved that trojan that was goen around a few months ago. What a pathetic attempt at a "virus".
First, the user has to download the virus conciously. Nothing sus here.
Then the user double-clicks it. This is starting to look less like a virus...
Then it asks for confirmation that you want to open it in the form of admin password. This is no virus...
Then it opens Terminal, and tells you what its doing!

I love my Mac


EDIT: To those who posted below me, my mum gets her email from her work server, where dozens of viruses are spread every day. There was one day where all the computers at her work were down, bar her 1998 jellybean iMac...

 

[imacintel]

hey my mum gets hundreds of viruses on her MBP running OS X every day through email.

I think I just threw up a little bit™

 

[ChrisBrightwell]

hey my mum gets hundreds of viruses on her MBP running OS X every day through email. They are all just useless .exe files, though

She needs a new mail provider, then. No ISP worth their weight in ... anything ... would let that volume of .exe attachments through the perimeter.

 

[XNine]

do you know that of all the "virus" made for windows less than 3% of them are virus by defention. heck a vaste majority of these "virus" on windows are trojen horse. AV software has lump them in to calling them virus. Most papers and those people lump trojan in as a virus.

Just rememeber that relitily few of teh "virus" for windows are really virus. quite a few worms but still well over 60% are trojans

I'm not debating that, the problem is they have the ability to replicate easily, without much user interaction whatsoever, if ever.

 

[ahunter3]

If I write an AppleScript that says

display dialog "Simon says enter your administrative password" default answer "" buttons ["OK"] default button "OK"
set ThePW to text returned of result
tell the application "Terminal"
activate
do script "cd /" in window 1
do script "sudo <malicious stuff>" in window 1
do script ThePW in window 1
end tell

...that is not a bloody virus.

Not even if I paste an icon on top of it and post it on a bulletin board and claim it's a JPEG.

 

[bbrosemer]

Most people dont want to make a virus that can only replicate with 5% of the population, it isnt worth there time, and I can't say that I am complaing.

 

[dpaanlka]

Most people dont want to make a virus that can only replicate with 5% of the population, it isnt worth there time, and I can't say that I am complaing.

Well, as other people had pointed out, that cant be the only reason, as classic Mac OS had a few viruses. Mac OS X should have at least 3% of the world's viruses is 3% of the world is using it, but it has 0.

 

[whooleytoo]

I believe OSX is more secure than Windows, but if it's a long, long way from being 'safe'. If it were, we wouldn't be downloading all those security patches through Software Update. The vulnerabilities exist, they just weren't exploited before being patched.

In any case, virii aren't the biggest danger, it's trojans (as a means of propagating) and spyware which are particularly dangerous. Just look through the entire list of processes on your Mac, do you know what every single one does? Can you be certain none of those is a spyware app?

There are two kinds of hackers: the teenage vandal who wants to cause damage and the libertarian-esque vigilante who wants to prove that his/her own superiority and freedom.

There's at least one other group of hackers becoming more common - professional hackers; who create zombie machines which are sold by the thousands to 3rd parties for adware, or for use as spam relays; and also spyware/identity theft.

 

[topgunn]

This is not true. There were no more than one or two MacOS 9-specific viruses. For the decade of the '90s, most Mac viruses were not Mac viruses at all. They were Microsoft Office viruses, which were cross-platform. For the entire life of the Mac, there have been fewer than 30 Mac-specific viruses. The number peaked during the reign of System 6 or early System 7. The appearance of Mac viruses resulted in the development of free and commercial antiviral software. Because Mac antivirus software was guaranteed to stop any infection, writing Mac viruses became an exercise in frustration. By the time MacOS 8 was introduced, the new Mac-specific virus was a thing of the past.

There were enough viruses for pre-OSX systems that it actually made sense to have Norton to protect you from the few threats that were about. With the advent of OS X, Symantec saw a chunk of their business evaporate and tried to counteract it by saying that Macs were only secure because they had only a small share of the market.

You are confused. This contest was not about MacOS X viruses, but about a MacOS 8/9 webserver. The computer was setup in Sweden. The winner would be the first to hack the website. There was no winner. The contest was run for a second round. The second time, a hacker found a way to penetrate the Mac webserver. Apple fixed the vulnerability.

I am not confused. In 2005, after Symantec made its statement that OS X threats were on the rise, DVForge decided to call their bluff. They setup two PowerMac G5's running Panther and connected them to the internet. The first person to create a virus that would spread between the two machines on or before July 31, 2005 would receive the $25,000 reward. It was not claimed however the contest was pulled due to legal concerns. One report actually claimed that senior Apple employees contacted DVForge to inform them that it was possible to create such a virus.

 

[XNine]

Most people dont want to make a virus that can only replicate with 5% of the population, it isnt worth there time, and I can't say that I am complaing.

Again, this is BS. People WANT to write for it, but they can't find good ways around what's already been secured off from them. You can't exploit holes that have been patched, and you can't exploit holes you can't find.

The person to write the first Mac OS X virus will be heralded as one of the greatest virus writers ever. Why wouldn't they want to? It's because they haven't been able to.

 

[yellow]

To be "successful" one would have to hit the exploit curve pretty early.


I think some of it has to do with OS X's autocheck for updates right out of the box. Users are presented with update reminders constantly. Most often they simply click OK and follow instructions (sheep. ). Nothing wrong with that. That certainly limits the vectors of intrusion for a potential malware writer of today's published exploits.

Pre-WinXP-SP2, Windows didn't do this (out of the box). Let's face it, there's a lot of unknowledgable computer users out there (windows/mac). Particularly with windows, Grandma isn't going to know she should be checking for updates, hence, an exploit ridden PC waiting to be zombied.

Since Microsoft changed to suggest autoupdate with XP2 (that is when they did it, right?) there's been significantly less virus traffic, IMO. Of course this could be coincidence.

 

[Timepass]

Again, this is BS. People WANT to write for it, but they can't find good ways around what's already been secured off from them. You can't exploit holes that have been patched, and you can't exploit holes you can't find.

The person to write the first Mac OS X virus will be heralded as one of the greatest virus writers ever. Why wouldn't they want to? It's because they haven't been able to.

And if you are going to call BS on the first one I just going to call BS on the 2nd one. Most people do not make virus to make a name for themselves. The make them to cause the most damage possible or to get the most infomation. Yeah they may take there name into the code so everyone knows who wrote it but that in a very minor bonus. the main goal is to cause the most damage.

So keeping that in mind that is going to reduce the pool knowlegeble people could do it to a much much smaller number. 2nd a lot of the people who make virus and know how to make them dont know OSX so that reduces the pool even farther.

Now you are down to less than 5% *if not less then 1%, of the knowlegelbe virus writers out there. So that is a much small group of people to figure out how to write one.
And to top it off it is a little harder to make them. On top of that there is no base code to start with they have to work from scratch making it even harder.

 

[whooleytoo]

The person to write the first Mac OS X virus will be heralded as one of the greatest virus writers ever. Why wouldn't they want to? It's because they haven't been able to.

It's difficult, but it's not THAT difficult.

If you use a Trojan as a means of initial distribution, the only difficult part is creating a useful 'container' for the virus - perhaps a good Widget development tool - and create an OSX installer for it.

From then on, it's easy:

The tool which people download is perfectly usable and useful, but in the application package is an executable, with it's file type, extension and permissions masked to hide its purpose (in case anyone goes snooping through the package to look for anything harmful).

When the tool is run, it quietly copies the malware payload to another location (ideally somewhere under /Library), changes it's permissions to make it executable, changes it's name to make it appear to be part of the OS; it could even use launchd to set it to launch at a time when it almost certainly won't be noticed (say, between 3 and 6AM in the morning?).

When the malware runs, it's free to scan all the files in your home folder for personal information, and send anything useful back by obfuscating it so that it's not easily readable, but can be inserted into a long URL and sent, thus getting out through most firewalls, unless they're blocking port 80! (web traffic).

Since you probably gave an administrative password when you installed the tool, it would also be free to modify other applications, if need be.

 

[ero87]

the ads at the bottom of this page are kinda funny

they're advertising on the wrong kind of forum!

 

[dextertangocci]

This leads me to believe there is something inherent in Mac OSX's structure that is virus-repellent.

Yes, its karma thing. People don't want to write viruses for the mac because the OS is so nice, and they have no reason to want to destroy it, unlike windoze...

 

[wonga1127]

I can safely say that all viruses for Windows are user error. Not saying that Windows is good (i cringe even with those words in the same sentence), but its security is based solely on the user. Right now, I'm operating on a Dell Crapmaster 3000, with WinXP Pro SP2. No anti-virus, no anti-spyware. I purposely did that, just to see how long it took. Its been running clean for 3 months of heavy use. Combined with Firefox, Ad-Aware SE for lazy cookie removal, and SP2, nothing has got in. I think the reason that there are no viruses for OS X is because its users are much smarter.

 

[ChrisBrightwell]

I can safely say that all viruses for Windows are user error. Not saying that Windows is good (i cringe even with those words in the same sentence), but its security is based solely on the user.

This is just not true. A lot of problems can be attributed to the user, but the primary problem is lack of a "good" security model.

Right now, I'm operating on a Dell Crapmaster 3000, with WinXP Pro SP2. No anti-virus, no anti-spyware. I purposely did that, just to see how long it took. Its been running clean for 3 months of heavy use.

Are you sitting behind some sort of router? Using a non-MS email client? I bet you are.

Combined with Firefox, Ad-Aware SE for lazy cookie removal [...]

This is just self-defeating. Most users still use Internet Explorer and Outlook or Outlook Express. The average user has no idea what Ad-Aware is.