Why WINE and Intel "could" pose more of a security threat.
Someone stated a while back that virus are not linked to the processor architecture, but to the operating system, meaning that if you are running WINE on a Mac, you should be safe from viruses.
This isn't, strictly speaking, true. Most viruses exploit security flaws known as buffer over-runs. Basically, a buffer over-run occurs when the programmer makes a mistake and allows the copying of too much data into a buffer of a fixed size. This extra data ends up being copied over the top of code. If you can write just the right data, so that the extra bytes actually represent a program that the processor can execute, the next time that the processor tries to run the overwritten code, it will actually be executing the virus instead. That's how viruses work. To make this happen is quite a technical feat, which is why most hardline hackers are considered to be guru programmers (as opposed to scriptkiddies that use tools written by gurus).
When the Mac changed to the Intel processor, it all of a sudden became a whole lot easier to write a virus that could attack a Mac and a PC at the same time. The virus code would "just" need to change it's API calls to those of a Mac. This would involve changing an address, and perhaps the order in which certain parameters are placed on the stack before calling the API routine. Certainly much easier than having to worry about translating all of the different op-codes etc.
If you then throw WINE into the mix, the only thing that needs to be changed to make a virus PC and Mac compatible would be file directory stuctures and things like that. Well, assuming that the loader in WINE copies the loader in Windows pretty well.
So, whilst it is true that WINE and an Intel processor don't mean that a Mac can be hammered by PC viruses, it does substantially reduce the amount of work needed to make a virus capable of infecting both computers at once.
My advice to those that don't want to have their Intel Mac nailed by a PC virus would be to not use WINE. Opt for VirtualPC (when it becomes available) instead. That way viruses can only wreck whatever limited work you absolutely have to do on the PC - your Mac will remain quarantined.
I work in IT security (my company does DRM software), and I often have a look at viruses (and DRM hacks) to see how the hackers have hacked the system (so that I can protect my products from the same flaws). Ironically, I do this work on an iMac G5 using Virtual PC, because when a virus destroys my hard drive, it takes me five seconds to copy over the hard drive with a saved copy, and reboot - with my Virtual PC back in pristine condition.
Virtualisation is great technology for staying safe, and if it's emulating at the same time as virtualising, you're even safer still...
Something to think about.
