Slashdot Log In
Mac users 'too smug' Over Security?
Posted by
Hemos
on Mon Jan 16, 2006 09:14 AM
from the the-problem-of-a-monoculture dept.
from the the-problem-of-a-monoculture dept.
wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Dead On (Score:4, Interesting)
My first ever encounter with this mentality was in high school when my music theory instructor told us that she loved her Mac and when I tried to argue with her about a number of things, she'd repeatedly reply with "No Mac has ever been hacked or had a virus on it."
Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry. I found the option to replace a mistyped word with another that the user entered. After that, whenever she typed the word "the", it was replaced with "WARNING! VIRUS DETECTED! PULL PLUG FROM OUTLET AS SOON AS POSSIBLE!" Unfortunately, her son knew enough about computer to fix it so my fun didn't last very long (only one or two lunges at the wall).
Back to the issue--I think it is a grave mistake for anyone to ever feel 100% invulnerable when it comes to computers that are connected to the internet in anyway. I would diagnose this as a standard case of a false sense of security. This is something that has plagued many people throughout history and often led to their downfalls.
What message am I trying to get across to Mac users? First, realize you're not invulnerable. Second, just browse around and look at what's out there for you to use as anti-virus and virus blocking tools. And if you don't want to, read some horror stories [faqs.org], perhaps that will motivate you to become aware of possible worms in your Apple.
Re:Dead On (Score:5, Informative)
Parent
Re:Dead On (Score:5, Insightful)
There are around 40 Mac-specific viruses and related threats. ++Mac users with [Microsoft] Word 6 or versions of Word/Excel supporting Visual Basic for Applications, however, are vulnerable to infection by macro viruses which are specific to these applications. Indeed, these viruses can, potentially, infect other files on any hardware platform supporting these versions of these applications. I don't know of a macro virus with a Mac-specific payload that actually works at present, but such a payload is entirely possible. ++[Microsoft] Office 98 applications are in principle vulnerable to most of the threats to which Office 97 applications are vulnerable.
Funny. 40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.
Parent
Re:Dead On (Score:5, Informative)
That's beside the point of the article. The article wasn't blasting security on the Mac, it was pointing out that Mac's are susceptible to problems to. Doesn't the vulnerability of software running on a Mac constitute a security problem on the Mac? If I can get in does it matter if it's through the OS directly or through an application?
The article was suggesting that Mac users need to be every bit as cautious as the "rest of us" on our Windows boxes. It was railing against the same type of thinking that causes parents to decide not to get their children vaccinated against things like measles because you never hear of measles cases anymore. Of course not! It's because we've been vaccinated! So Mac users: go get your booster shots.
Parent
Re:Dead On (Score:5, Insightful)
That's beside the point of the article. The article wasn't blasting security on the Mac, it was pointing out that Mac's are susceptible to problems to. Doesn't the vulnerability of software running on a Mac constitute a security problem on the Mac? If I can get in does it matter if it's through the OS directly or through an application?
Yes, it does matter. A remote exploit available in the default install of an OS is what allows for a worm to propagate and is what makes plugging an unpatched Windows machine into a network suicide. Local vulnerabilities that don't even include a privilege escalation are a completely different severity. When those vulnerabilities further do not even have any payload that will affect OS X, well that is less of a threat as well.
The article was suggesting that Mac users need to be every bit as cautious as the "rest of us" on our Windows boxes. It was railing against the same type of thinking that causes parents to decide not to get their children vaccinated against things like measles because you never hear of measles cases anymore. Of course not! It's because we've been vaccinated! So Mac users: go get your booster shots.
Your analogy is flawed. How about if parents on the remote island of Wabbachucha don't go to the bother of flying to the mainland to get their kids vaccinated when their has never been a single reported case of measles on the island, while there have been a number of plane crashes flying to the mainland. Right now the mac neighborhood is in pretty good shape. By default the machines are relatively secure, and the architecture lends itself to containing and preventing security issues. It makes sense to be cautious and it makes sense to take precautions, but you have to have a reasonable threat assessment. If you have an 18 year old daughter living in Detroit, it might make sense for her to get a concealed pistol permit, especially if she goes out at night. On Wabbachucha, crime is so low the risk is greater that she will injure or kill herself than prevent harm to herself.
So far there have been no worms or viruses that have affected the mac. All vulnerabilities have been fixed before that becomes a problem. So far there have been two instances of virus scanning software for the mac that have had adverse affects and damaged files. Personally, I run ClamAV and LittleSnitch as well as some other useful precautions, but for the average user, they really are better off without these days. Mac users, don't get your booster shots until there is something in the syringe. Until there actually are viruses for the Mac propagating in the wild, don't risk installing possibly buggy virus scanners and certainly don't pay money for them.
Parent
Re:Dead On (Score:5, Interesting)
This is, by the way, not even mentioning the following: Now that OS-X, Windows, and Linux all run on the same hardware, spreading a fully cross-platform virus is easy. The virus first attempts to identify the target machine. Upon doing so and diagnosing apprent weaknesses, the virus then packages the relevant position-independant code in an appropriate executable container (ELF for linux, PE for Windows, a.out or unibin for OS-X) and set the entry point.
The virus then executes a found exploit, causing the offending computer to download the converted virus from the attacking computer (uploading a virus via buffer overrun is tricky; it's better to simply send up a stub that grabs the virus from the attacker than to try for a full infection via exploit). This can be done by either piggybacking the download through a program that's been cleared by the firewall (wget, internet explorer, etc), or by creating a servlet whos only purpose is to wait for connections from the attacker and let it upload.
Hell, on OS-X, you could even have it download and compile the virus SOURCE behind the user's back.
I've said it here before: I'm a pretty good programmer, and I've been fighting viruses for years. Be glad I don't write the damned things; I could probably cripple the world. The same is true for any half-competant programmer with an interest in security.
Parent
Re:Dead On (Score:4, Insightful)
Yes, and first let me say I'm not sure of either of those virus counts, i'm just taking the parents numbers for granted. I imagine the symantec count is hugely artifically inflated, given that they count every minor change to a virus as a new virus, often times having hundreds of derivations for a given virus.
That being said, there are of course many fewer virus threats for OSX. There are a couple obvious reasons for this.... First, if only 4% of computer users are on OSX, there aren't going to be many "hackers" who have had access to the OS to learn to make virii, and it's also fair to say that most of the 4% of OSX users are in very non-technical fields, and far less likely to be capable of the technical mischief. Yet another point would be that there is little motivation to write a OSX virus as you would be targetting a minority, and there are very few large networks of OSX systems, such as large corporations using Windows, which are breeding grounds for virii
I suppose the point I'm making, is that it seems there is a bit of 'security by obscurity' in place, that is falsly assumed to be actual security. It's not a bad thing, as it is very true that you are likely safe from this sort of harm if you are using OSX, regardless of the reasons for the safety. But People should also be aware that IF someone wanted to target their OSX machine, it would probably be possible... Just a bit harder than targetting a Windows machine i'm sure.
Parent
Re:Dead On (Score:5, Insightful)
After all, you'd vaccinate your kids right? Funny... I didn't ever get hepatitis or rabies vaccinations until I travelled to places where I could actually GET those diseases.
Everybody should be conscious of security concerns if their computers are hooked up to the Internet. But that doesn't mean you have to live in fear. I'll install a virus scanner on my Mac when there's an actual need for it. In the meantime I'm quite happy that there IS no need for it. I chuckle a little bit too when all the PCs go down to a virus and my Mac's only problem is that the network is slow because of all the infection traffic. I expect Linux users do the same.
Parent
Re:Dead On (Score:5, Insightful)
Secondly, any kid who's seen an AOL commercial realizes how bad viruses are. n new viruses a day. 50k Windows viruses and counting. And Windows still has no way to stop these things, whereas OS X/Linux/*BSD are designed from the ground up to be immune to the kinds of attacks that Windows gets constantly pounded by.
Next, look at the patch release time. Open Source developers get patches out almost the instant a volunerability is found that is considered to be serious enough to be patched. Mac OS X is an OS project (and thusly, all of the nasty bits that generally cause problems like network applications are OS), with a nice pretty closed GUI. Sure there have been security holes in their products, but they are extremly quick about getting patches out. Microsoft has proved time and again to be a beast of burden when it comes to patches, as seen just recently after it took them over a week to patch a ZERO DAY exploit.
No, Mac users aren't invulnerable. We're simply more secure overall. And we're proud of that.
Parent
Re:Dead On (Score:5, Informative)
Parent
Re:Dead On (Score:5, Informative)
Parent
Re:Dead On (Score:5, Funny)
Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry.
So in the face of her computer never having been hacked, you physically sat down at her computer and hacked it?
Good thing she didn't say she's never had her house broken into, or her virtue compromised.
Parent
Re:Dead On (Score:5, Informative)
1995 called. They want their FUD email back.
Parent
Re:Dead On (Score:5, Insightful)
True security is an active mechanism: The three points on security:
1. No castle wall in the past ever kept the invaders out indefinetly
2. Never understimate a determined person.
3. In view of points of 1. and 2. you are truely a fool if you think you have found the perfect method of security.
I suppose I could add 4: You are also truely a fool if you a salesman convinces you that their product is 100% secure to all security issues. It may be safe today, but we don't know what tomorrow holds.
Parent
he's nearly right... (Score:5, Funny)
Re:he's nearly right... (Score:5, Insightful)
Parent
Not to mention (Score:4, Funny)
Parent
Re:he's nearly right... (Score:5, Funny)
Parent
Oh no.. (Score:4, Insightful)
If you want to talk about any audience that's too smug, talk about Linux. Linux is on more important machines, and yet everyone talks about how safe and secure it is, even though in some cases it's just not true at all. Yes, Open Source code is generally more secure, but the major parts that need to be secured in OS X are Open Source.
As far as I'm concerned, both Linux and OS X are going to be one hell of a lot safer than Windows for a long time running, and so I can rest and relax in my relative security thanks to Microsoft's inferior security practices.
One product stops mac PCs from getting infected. (Score:4, Insightful)
There's no substituting an OS that doesn't let the average user have administrator rights all the time.
The windows users state that they don't need to run as administrator, but then ask them what hurdles they have to go through to make their software "just work".
Re:One product stops mac PCs from getting infected (Score:5, Insightful)
Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.
All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!
The amount of real damage that a virus, worm, or trojan can do is not substantially affected by whether or not it can get administrator privledges. It may be easier to remove, but that's about it. And, frankly, if your average user runs in a lower privledged account then they're likely to get used to typing in the admin password when prompted, without even thinking about it.
And that's what it ultimately boils down to -- the user. Clueless users will get hit by crap all the time regardless of the platform. Clued users will not, again regardless of the platform. I've been using PCs for over 20 years now, most of that time on DOS or Windows (although I've also used OS/2, Linux, FreeBSD, Solaris, and several others) and I've been hit with a virus exactly once -- and that was about 18 years ago. It infected very little too, because I was running a virus scanner that caught it quickly (back in the days when McAfee was free(ish) for personal use). Nor have I ever had to remove spyware, malware, etc. on any of my personal or work systems.
OS X has a rather high percentage of non-technical users, just as Windows does. Do you really think that they're immune to doing stupid things?
Parent
When people start targeting Apple or *NIX (Score:4, Insightful)
well, here's the problem... (Score:5, Insightful)
The day i see a virus on OS X is the day I buy an AV program.
Name ONE (Score:5, Insightful)
Name one.
C'mon. You just spent a lot of time telling us that there are a lot of viruses out there for OS X and that we should just research it. Well, I'm sure you've researched it, so enlighten us, please. Name one.
Oh, I know about the "opener" trojan. A shell script that never went anywhere. BTW here is a much more destructive "Mac OS X trojan" called "runme.sh" that also affects Linux and Unix! Oh my. Here it is, read with caution:
The only viruses I've seen on macs are word macro viruses - namely Claude.ASo, oh wise one, educate me and the rest of use please. I am aware that there are security weaknesses which could be expoited. But so far, none have. I agree, that we have to be vigilant, but for now, you are just talking out of your ass.
Parent
Re:well, here's the problem... (Score:4, Informative)
But "opener" requires a previously comprimized system. A "rootkit" without a viable delivery mechinism isn't really a "virus" or "worm" or even a "trojan". Acording to McAfee [nai.com]: "This threat does not make use of an exploit, so to have the script run successfully on a system and make changes, the user account from which the script is run must have sufficient rights. If no superuser/root/admin access is available many of the subroutines will fail and generate errors." I don't know why McAfee classifies it as a virus/worm since it doesn't seem to have any propagation abilities.
Exploit, unknown level of infections: http://news.zdnet.co.uk/internet/security/0,390203 75,39155837,00.htm [zdnet.co.uk]
True, the exploit mentioned is a tricky thing (potentially allowing code that was downloaded to be run as trusted), however I don't know if any was ever found in the wild - and even then it would still require an administrator's password to do system damage. The "hole" was supposedly patched by Apple's Security Update 2004-06-07 [apple.com] according to Unsanity [unsanity.com] who had released a little application to guard against the exploit.
If those are the only two you've found, you haven't really shown any "In Wild, known Infections" in my opinion.
Parent
What to use? (Score:4, Insightful)
It works here even with Windows XP.
Bill Thompson is right (Score:4, Interesting)
Although Bill may be writing to ride on the coat tail's of Apple's recent success, the Macintosh can get infected by a virus or a trojan program. In fact, some of the earliest computer viruses in the wild were found on the Mac. The Mac virus problem isn't as large as the Windows virus problem, but that's because there are many more Windows machines intermingling out there.
Any networked device, from routers to mainframes, from Bluetooth devices to cell phones to the XBox 360, may be vulerable to malware. All need robust security.
Submitters place annoying questions at the end... (Score:5, Funny)
Today, wild_berry was the billionth story submitter to place an annoying question at the end of his submission. Despite the pleas of nearly a million Slashdot users, wild_berry took part in the timeless tradition of Kindergarten Teachers and Coffee Talkers everywhere, and gave us a topic to discuss amongst ourselves.
What about YOU, what is your opinion of annoying questions at the end of postings? What do YOU think about them? Do YOU have any solutions to the problem?
Completeley useless article, no facts at all (Score:4, Informative)
Safer vs. Safe. (Score:4, Insightful)
But you can still put malware on a Mac. Just attach it to an other application and when they install it, it asks for a password and bang your malware has full access. Some of the new features shown at the Last Mac World scare me a little to. Like allowing people to email links when click opens up iPhoto etc... where they could be a flaw in the graphic renderer to cause a buffer overflow and run code.
The second level of protection is just the fact that a lot less people have a Mac then a PC. If you want to cause havic then you taget windows because the windows base is large enough to allow viruses and malware to spread. Apples are more dotted. And sending mac malwarer may not have the numbers to spread.
All in all I would feel safer using a Mac with a Raw connection to the internet. Vs. a Windows PC behind a well maintained network, with all the patches and secuirty tools. Because the chances are the Mac will catch on fire from a faulty fan, then get a security compremize (Without changing the origional out of the box setting)
Macs are not Targets. (Score:5, Interesting)
Current vs. Future Problems (Score:4, Insightful)
The issue, in my eyes, is not whether MacOS users are going to be immediately vulnerable to any virus outbreaks because they're not securing their computers properly - it's whether this whole "I use Macs, therefore, I am impervious" is fostering a culture of bad security practices in the Mac community. A good OS is only half the battle - you need to make sure you have good security practices, too, if you don't want to get owned.
-Erwos
the camping tent allegory (Score:5, Insightful)
A couple of men went camping. They camped at a remote site, new to them, where they didn't really know everyone else who was camping there. After setting up, one of the men put a little, teeny tiny lock on their tent flap door. His friend looked at the flimsy lock and remarked, "That lock is nowhere near good enough to keep out anyone who might want to get into your tent! Why, I bet I could get through that lock in less than a minute.". The first man replied, "The lock doesn't need to be the best lock in the world; it just needs to be better than that guy's" -- and he pointed to the tent next door, without a lock at all.
The point being, surely Mac OS X is not the end-all and be-all of security, but Apple has by all accounts gotten increasingly serious about security as Mac OS X has matured. It's not ever going to be possible to have a 100% perfect level of security, but as long as it's better than that guy's (points to Redmond, WA), in most people's minds it'll be the most secure commercial OS on the market. ~jeff
Two Stories (Score:4, Interesting)
My dad bought my niece an HP laptop for Christmas. The next day, I was installing some software (Firefox, AdAware) and got a pop up for "cheap mortgages". She was fiddling with it for all of three hours on Christmas day and got spyware.
Yes, I realize that these are anecdotal stories, but they're pretty typical of the experiences most tech people have in their families.
But, as someone posted earlier, if Macs are 5% of the computer market, why aren't 5% of the viruses and spyware on Macs? That would be tens of thousands, not a few dozen.
The Biggest Mac Security "Problem" (Score:4, Interesting)
-User reads something about "SSH" to access his machine.
-User turns on SSH
-User also has no imagination with password--uses common dictionary spellings
-User is cracked into with dictionary attack
-Security team shuts down port or blocks MAC after a bank calls to report attacks
-User calls helpdesk
-Consultant re-installs MacOS X and smacks the user about the head and shoulders because they had no business enabling SSH
-User has admin privileges stripped
-Problem solved--for now.
So, the biggest "problem" is, indeed, user ignorance. But, out of the box, I'd say Macs are in pretty good shape against attacks and malware given the current lack (and history) of Mac spyware, trojans, or viruses (none that I know of).
Macs are not impervious, but they enjoy 2 major benefits:
1) There aren't enough of them for a worm to spread quickly or effectively (which is what I'd want if I were in the black arts).
2) They don't come with giant holes from the complacent company who wrote the OS--why work when you can pick the low-hanging fruit from MS?
With the new Intel chips, executeables might find new life in the Mac...but we'll see.
Re:Through the glass darkly (Score:4, Interesting)
If enough eyes are looking, all bugs are shallow, that is the open source mentality. That is precisely the good thing about open source.
Parent
Re:Through the glass darkly (Score:4, Insightful)
To me, the advantage here has always been the availability of a quick patch. Not code that's inherently more secure due to it's license model.
Parent
Re:Through the glass darkly (Score:5, Insightful)
Just to name some of the obvious... OS X can't use ActiveX, it's actually useful when you run a non-administrator account, it doesn't come with Swiss-cheese services enabled by default, it doesn't automatically trust machines on its own subnet, and there's no real equivalent on it to VB scripting.
With that in mind, I absolutely agree that Mac users are too smug and that a dedicated malware author could bring many of us to our knees. (Hell, I run as administrator just to save time, despite knowing the risks. It's a gamble, although I keep good backups.) But an OS X (or Linux) malware author would have to be much more skilled than most Windows-targeting skript kiddies to do a lot of damage.
In today's real world, if you run a Mac (or Linux), you're going to suffer far less than your average Windows user. If you use an out-of-the-box Mac to do typical home-user tasks, which probably include visiting shady corners of the Internet, you won't have the spyware infestations you would with an out-of-the-box Windows box. And most of the routine worms out there have no effect on a Mac.
Parent
Re:Through the glass darkly (Score:4, Insightful)
That's the same reason there haven't been massive exploits for Apache. Even though it has over two-thirds market share, every script kiddie loves F/OSS to the point that they'd never attack it, ever. Same for Internet Explorer - it's only attacked more often than Firefox because it has a bigger market share and every cracker on the planet just plain loves Firefox.
Right.
In the real world, there's a lot of street cred to be earned by being the first to 0wn a network of Macs, and yet no one - not one single cracker anywhere - seems to be up to the challenge. Gee, what terrific luck on Apple's part!
Parent
Re:What's worse? (Score:5, Interesting)
Having no known viruses at this point is an extra bonus.
Not immune of course, but then I don't hear many people claim that, in fact, I've never heard anyone say that, just heard it repeated as a truism (Mac users think this) on websites.
It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt
A lot of people and their PCs get hurt continually at present, but they come back for more and keep running the same broken system.
Parent
Re:What's worse? (Score:5, Insightful)
You can keep waiting for the Mac folks to be proven wrong, but chances are good that you'll be waiting a long time. You see, just like biological viruses computer viruses need two things before they will take off. The first thing that they need is an exploitable weakness. The Mac has enough of those that a worm is certainly possible. The second thing that you need is a large enough body of susceptible hosts that the worm can spread. Macs *don't* have that. Without a large body of susceptible hosts the entire population is safe. That's why it doesn't matter that my neighbors don't immunize their children. The fact that their children are susceptible to immunizable diseases doesn't really matter because there aren't enough luddites to create a viable population of carriers.
Interestingly enough, most of the same effects can be had simply by not using Outlook and IE on Windows as these two programs are the main vectors for infection.
Parent
Re:Mac resistance to malware (Score:5, Funny)
Judging by the amount of viruses out for Mac OS X he's one lazy fucker.
Parent
Re:Mac resistance to malware (Score:5, Insightful)
one of the rules of security is "don't make it easy and obvious" -- OS X does that, Windows doesn't. Windows is the "honey pot" for the world. With all the unsecure machines any script kit can bust it. OS X would take some real work, so the hackers go elsewhere.
another rule: layered defense -- OS X does it, Windows doesn't. With Windows, break into an app or file and you are at the OS core -- see WMF.
It is not about market share, it is about market share of *unsecure* machines. The Windows "not secure" architecture and legacy will haunt it for years to come. If OS X gets 50% market share, those remaining Windows machines will still be just as unsecure and will still get just as hammered by malware, etc. It doesn't follow that overall malware will equally affect OS X.
Try this analogy: there were more robberies of homes than banks....and it ain't because there are so many more homes. Banks are just more difficult to rob, risks are greater and penalties greater. OS X is the bank -- it can be robbed, but I don't spend my time worrying about it. My home, on the other hand, has "windows" -- and I worry about that a lot!
Two observations:
a) do a market share observation of security folks and technical folks at generic computer conferences: the market share of OS X is more like 30-40% for people in the know.
b) as much "negative reaction" as folks have to Steve Jobs and Apple, if someone could write a virus, etc. for OS X, they would have done so by now, just to throw it in his face and make headlines across the tech world. I am still waiting.
Parent
Re:How do you protect against the unknown? (Score:5, Interesting)
Why don't you enlighten us oh gifted one?
Parent
Re:How do you protect against the unknown? (Score:5, Funny)
Why don't you enlighten us oh gifted one?
I imagine he's using Mac user standard precautions; place router inside wall safe, wrapped in tinfoil, and smothered with secret sauce. Nothin' beats that. We've been discussing it on the official Apple Fanboy List and have deemed this to be the best approach.
(Also we use characters like ü, ç, (TM) and © in our passwords which are nearly impossible to type in Windows.)
Parent
Re:wait.... (Score:4, Informative)
Parent
Re:MacOS X itself? (Score:5, Insightful)
If you look at the OS X `exploits' (quotes because that's not what they are), most of them are holes in software that doesn't even run by default. Are you using Apache 2 (not 1.3) on your desktop? If so, the security update will prevent a malicious trusted (!) proxy server from crashing one thread of your Apache instance.
If you're using Windows, you need the security update to prevent the web browser from downloading an image that puts a rootkit on your machine.
It's all about severity, and OS X's "holes" just aren't that bad. However, MS consistently manages to provide a multitude of auto-infection routes to virus writers.
Parent
Re:MacOS X itself? (Score:5, Interesting)
Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild. Go ahead. What are you waiting for?
If just one person who thinks Macs are just as vulnerable as PCs would just write a worm/trojan/virus, we could end these f*@&!#g trolls and all agree that security is hard. Really, please, someone write an OS X exploit and spread it. Make it benign if you're uncomfortable with writing viruses. Just get something out there.
I'd like to see it just so people will stop using the lame "there are more Windows PCs" arguments. I'm sorry but this whole issue has gotten so blown out of proportion that the first person to show a really bad Mac vulnerability with an exploit would be on every geek blog and quite possible the NYT. You'd be f*@&!#g famous.
Parent
Re:Options for OS X (Score:4, Informative)
Parent
Re:I'm a Mac user and... (Score:5, Insightful)
The rest of your regime is foolish. Virus and anti-spyware software on the Mac is a case of the problem being worse than the cure. Several of the anti-virus software packages for the Mac actually make your machine less secure. You're not just wasting your time and processor cycles, you are actually making yourself more vulnerable.
Use a firewall, backup regularly, and don't open executables from untrusted sources. That's my whole regime. Perhaps Mac users are a little smug, but hey... this article is six years old and we're STILL considerably safer than our Windows counterparts. Perhaps we deserve to be a little smug.
No amount of software can replace common sense, and common sense never let a virus onto somebody's computer (unlike certain anti-virus software).
Parent