Mac users 'too smug' Over Security?

wild_berry writes "Bill Thompson, one of the BBC's technology commentators and presenter of Go Digital on the BBC World Service, expresses his concerns that Mac users assume their safety in the face of trojans, worms, keyloggers and other malware. As a Mac user he is most concerned about the lack of herd immunity that is needed to stop a few infections becoming an epidemic, fully explained in his column week for the BBC technology site. Is he right, and what actual products exist for OS X that would protect against infections?"

he's nearly right...

[by Anonymous Coward]

Mac users are too smug about... everything ;]

Re:he's nearly right...

[FidelCatsro (861135)]

That's because we are better than you , Better lovers , Smarter , better built and more charisma ..

well, here's the problem...

[nuckin futs (574289)]

there are numerous anti virus programs out there for the Mac, but what virus are they scanning for? There are no known viruses for OS X, so how can they update the virus definitions if they have nothing to base it on? They've seen a vulnerability here and there, but nothing has been exploited yet. So it's like the chicken and the egg. you need an AV program to protect yourself from viruses, but you need a virus for the program to detect.

The day i see a virus on OS X is the day I buy an AV program.

Submitters place annoying questions at the end...

[NitsujTPU (19263)]

Is he right, and what actual products exist for OS X that would protect against infections?

Today, wild_berry was the billionth story submitter to place an annoying question at the end of his submission. Despite the pleas of nearly a million Slashdot users, wild_berry took part in the timeless tradition of Kindergarten Teachers and Coffee Talkers everywhere, and gave us a topic to discuss amongst ourselves.

What about YOU, what is your opinion of annoying questions at the end of postings? What do YOU think about them? Do YOU have any solutions to the problem?

Macs are not Targets.

[Barzoo (761898)]

You're not vulnerable if you're not a target. Macs are not targets. And I fix all computers, Windows, Linux, Macs. Mac people are no more or less smug than those other users. Most Windows people don't have a clue about firewalls, virii, trojans, or worms fyi. Computer users are all the same. They just want something that works. BTW I haven't had to remove a virus, trojan, or a worm from a Mac yet. I've done that for Windows machines all the time and make good money doing it. You do the math.

the camping tent allegory

[jeffehobbs (419930)]

A couple of men went camping. They camped at a remote site, new to them, where they didn't really know everyone else who was camping there. After setting up, one of the men put a little, teeny tiny lock on their tent flap door. His friend looked at the flimsy lock and remarked, "That lock is nowhere near good enough to keep out anyone who might want to get into your tent! Why, I bet I could get through that lock in less than a minute.". The first man replied, "The lock doesn't need to be the best lock in the world; it just needs to be better than that guy's" -- and he pointed to the tent next door, without a lock at all.

The point being, surely Mac OS X is not the end-all and be-all of security, but Apple has by all accounts gotten increasingly serious about security as Mac OS X has matured. It's not ever going to be possible to have a 100% perfect level of security, but as long as it's better than that guy's (points to Redmond, WA), in most people's minds it'll be the most secure commercial OS on the market. ~jeff

Re:Dead On

[pwhysall (9225)]

That link doesn't even mention OS X, and is dated 2000.

Re:Dead On

[ciroknight (601098)]

Better yet:

There are around 40 Mac-specific viruses and related threats. ++Mac users with [Microsoft] Word 6 or versions of Word/Excel supporting Visual Basic for Applications, however, are vulnerable to infection by macro viruses which are specific to these applications. Indeed, these viruses can, potentially, infect other files on any hardware platform supporting these versions of these applications. I don't know of a macro virus with a Mac-specific payload that actually works at present, but such a payload is entirely possible. ++[Microsoft] Office 98 applications are in principle vulnerable to most of the threats to which Office 97 applications are vulnerable.

Funny. 40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.

Re:Dead On

[bbernard (930130)]

40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.

That's beside the point of the article. The article wasn't blasting security on the Mac, it was pointing out that Mac's are susceptible to problems to. Doesn't the vulnerability of software running on a Mac constitute a security problem on the Mac? If I can get in does it matter if it's through the OS directly or through an application?

The article was suggesting that Mac users need to be every bit as cautious as the "rest of us" on our Windows boxes. It was railing against the same type of thinking that causes parents to decide not to get their children vaccinated against things like measles because you never hear of measles cases anymore. Of course not! It's because we've been vaccinated! So Mac users: go get your booster shots.

Re:Dead On

[ciroknight (601098)]

First of all, after my Googling, has there EVER been a virus for OS X? Seriously?

Secondly, any kid who's seen an AOL commercial realizes how bad viruses are. n new viruses a day. 50k Windows viruses and counting. And Windows still has no way to stop these things, whereas OS X/Linux/*BSD are designed from the ground up to be immune to the kinds of attacks that Windows gets constantly pounded by.

Next, look at the patch release time. Open Source developers get patches out almost the instant a volunerability is found that is considered to be serious enough to be patched. Mac OS X is an OS project (and thusly, all of the nasty bits that generally cause problems like network applications are OS), with a nice pretty closed GUI. Sure there have been security holes in their products, but they are extremly quick about getting patches out. Microsoft has proved time and again to be a beast of burden when it comes to patches, as seen just recently after it took them over a week to patch a ZERO DAY exploit.

No, Mac users aren't invulnerable. We're simply more secure overall. And we're proud of that.

Re:Dead On

[earthbound kid (859282)]

According to Wil Shipley [wilshipley.com], there has been maybe one real virus for Mac OS X, maybe. Even then, it didn't spread much and no one's sure if it really existed in the wild and it may have just been a trojan.

Re:Dead On

[arivanov (12034)]

You need to read non-Apple security material more. When MacOS X came out a whole list of setuid apps used by the "pretty shell" to tell the OS to do simple things like load a CD or eject it had security wholes all over the place. http://www.derkeiler.com/Mailing-Lists/securityfoc us/bugtraq/2001-10/0117.html [derkeiler.com] is a prime example. I admit Apple learned from its mistakes pretty fast, but the initial release of MacOS X was one big local security hole. You are correct - networkwise it was more or less OK, but once someone managed to connect it was ripe for picking.

Re:Dead On

[MasonMcD (104041)]

when I tried to argue with her about a number of things, she'd repeatedly reply with "No Mac has ever been hacked or had a virus on it."

Now, at the time, I was a young nooblet and probably should have let it slide but instead I snuck into her office and opened up her Macintosh's word editing software with the intent of some lil' bastardry.

So in the face of her computer never having been hacked, you physically sat down at her computer and hacked it?

Good thing she didn't say she's never had her house broken into, or her virtue compromised.

Re:Dead On

[NardofDoom (821951)]

The site you linked to covered a wide variety of the 30 or so viruses available for the Mac. None of which run in OS X. A few of which are spread using Hypercard, which has been discontinued.

1995 called. They want their FUD email back.

Re:Dead On

[Midnight Thunder (17205)]

I am a Mac user, albeit one that also spends equal time on Unix and MS-Windows, and realise there is an equal proportion of Mac and Linux users who reckon just because you aren't logged in as root you suddenly become invunerable to viruses and worms. In fact there have been viruses that targeted the pre-MacOS X systems and even a few worms that targeted BSD in the past.

True security is an active mechanism: The three points on security:

1. No castle wall in the past ever kept the invaders out indefinetly
2. Never understimate a determined person.
3. In view of points of 1. and 2. you are truely a fool if you think you have found the perfect method of security.

I suppose I could add 4: You are also truely a fool if you a salesman convinces you that their product is 100% secure to all security issues. It may be safe today, but we don't know what tomorrow holds.

Re:What's worse?

[guet (525509)]

A platform which doesn't have Active-X, doesn't have services running out of the box, doesnt' have autorun for CDs with Sony Malware, and doesn't have an unfortunate legacy meaning almost all apps require continual admin access, is more secure in my book. There's a couple of operating systems that fit the bill, one of which you seem to hate : )

Having no known viruses at this point is an extra bonus.

Not immune of course, but then I don't hear many people claim that, in fact, I've never heard anyone say that, just heard it repeated as a truism (Mac users think this) on websites.

It's just a shame that for them to be proven wrong, a lot of people and their PC's have to get hurt

A lot of people and their PCs get hurt continually at present, but they come back for more and keep running the same broken system.

Re:What's worse?

[Jason Earl (1894)]

You can keep waiting for the Mac folks to be proven wrong, but chances are good that you'll be waiting a long time. You see, just like biological viruses computer viruses need two things before they will take off. The first thing that they need is an exploitable weakness. The Mac has enough of those that a worm is certainly possible. The second thing that you need is a large enough body of susceptible hosts that the worm can spread. Macs *don't* have that. Without a large body of susceptible hosts the entire population is safe. That's why it doesn't matter that my neighbors don't immunize their children. The fact that their children are susceptible to immunizable diseases doesn't really matter because there aren't enough luddites to create a viable population of carriers.

Interestingly enough, most of the same effects can be had simply by not using Outlook and IE on Windows as these two programs are the main vectors for infection.

Re:Through the glass darkly

[dal20402 (895630)]

Actually, it's both. (Lower marketshare and a safer OS, that is.)

Just to name some of the obvious... OS X can't use ActiveX, it's actually useful when you run a non-administrator account, it doesn't come with Swiss-cheese services enabled by default, it doesn't automatically trust machines on its own subnet, and there's no real equivalent on it to VB scripting.

With that in mind, I absolutely agree that Mac users are too smug and that a dedicated malware author could bring many of us to our knees. (Hell, I run as administrator just to save time, despite knowing the risks. It's a gamble, although I keep good backups.) But an OS X (or Linux) malware author would have to be much more skilled than most Windows-targeting skript kiddies to do a lot of damage.

In today's real world, if you run a Mac (or Linux), you're going to suffer far less than your average Windows user. If you use an out-of-the-box Mac to do typical home-user tasks, which probably include visiting shady corners of the Internet, you won't have the spyware infestations you would with an out-of-the-box Windows box. And most of the routine worms out there have no effect on a Mac.

Re:Mac resistance to malware

[ioErr (691174)]

So, is there a profile of a Mac virus writer???

Judging by the amount of viruses out for Mac OS X he's one lazy fucker.

Re:Mac resistance to malware

[caddisfly (722422)]

Insightful? who mod'ed this?

one of the rules of security is "don't make it easy and obvious" -- OS X does that, Windows doesn't. Windows is the "honey pot" for the world. With all the unsecure machines any script kit can bust it. OS X would take some real work, so the hackers go elsewhere.

another rule: layered defense -- OS X does it, Windows doesn't. With Windows, break into an app or file and you are at the OS core -- see WMF.

  It is not about market share, it is about market share of *unsecure* machines. The Windows "not secure" architecture and legacy will haunt it for years to come. If OS X gets 50% market share, those remaining Windows machines will still be just as unsecure and will still get just as hammered by malware, etc. It doesn't follow that overall malware will equally affect OS X.

Try this analogy: there were more robberies of homes than banks....and it ain't because there are so many more homes. Banks are just more difficult to rob, risks are greater and penalties greater. OS X is the bank -- it can be robbed, but I don't spend my time worrying about it. My home, on the other hand, has "windows" -- and I worry about that a lot! ;-)

Two observations:

a) do a market share observation of security folks and technical folks at generic computer conferences: the market share of OS X is more like 30-40% for people in the know.
b) as much "negative reaction" as folks have to Steve Jobs and Apple, if someone could write a virus, etc. for OS X, they would have done so by now, just to throw it in his face and make headlines across the tech world. I am still waiting.

Re:How do you protect against the unknown?

[redragon (161901)]

I will be adding some extra security to the system. But the average user cannot do what I will be doing.

Why don't you enlighten us oh gifted one?

Re:MacOS X itself?

[jrockway (229604)]

> So again how is it a safer OS if these exploits existed in the first place? Go stick you head in the sand until the great Mac worm hits that erases everyone's OSX drives. Then maybe people will realize that NO Operating System is completely safe. PERIOD.

If you look at the OS X `exploits' (quotes because that's not what they are), most of them are holes in software that doesn't even run by default. Are you using Apache 2 (not 1.3) on your desktop? If so, the security update will prevent a malicious trusted (!) proxy server from crashing one thread of your Apache instance.

If you're using Windows, you need the security update to prevent the web browser from downloading an image that puts a rootkit on your machine.

It's all about severity, and OS X's "holes" just aren't that bad. However, MS consistently manages to provide a multitude of auto-infection routes to virus writers.

Re:MacOS X itself?

[Seanasy (21730)]

So again how is it a safer OS if these exploits existed in the first place?

Because most weren't critical vulnerabilities and there are no exploits. Show me an exploit for a Mac OS X vulnerability. Now, show me one in the wild. Can't? The only thing you have to do to wipe the smug look of a Mac users face is to release an exploit in to the wild. Go ahead. What are you waiting for?

If just one person who thinks Macs are just as vulnerable as PCs would just write a worm/trojan/virus, we could end these f*@&!#g trolls and all agree that security is hard. Really, please, someone write an OS X exploit and spread it. Make it benign if you're uncomfortable with writing viruses. Just get something out there.

I'd like to see it just so people will stop using the lame "there are more Windows PCs" arguments. I'm sorry but this whole issue has gotten so blown out of proportion that the first person to show a really bad Mac vulnerability with an exploit would be on every geek blog and quite possible the NYT. You'd be f*@&!#g famous.

Re:I'm a Mac user and...

[theAtomicFireball (532233)]

I have spyware detection programs, snort, firewall, litte snitch (network traffic filter), virus scanner make regular back ups.... etc. It's foolish to even step on to a computer... any and assume that you are safe. My personal opinion is those who keep blindly procaiming that Mac OS X is a security haven should be held accountable for their words.

Backing up and firewalls are a great idea. Little snitch isn't bad, either.

The rest of your regime is foolish. Virus and anti-spyware software on the Mac is a case of the problem being worse than the cure. Several of the anti-virus software packages for the Mac actually make your machine less secure. You're not just wasting your time and processor cycles, you are actually making yourself more vulnerable.

Use a firewall, backup regularly, and don't open executables from untrusted sources. That's my whole regime. Perhaps Mac users are a little smug, but hey... this article is six years old and we're STILL considerably safer than our Windows counterparts. Perhaps we deserve to be a little smug.

No amount of software can replace common sense, and common sense never let a virus onto somebody's computer (unlike certain anti-virus software).

Re:One product stops mac PCs from getting infected

[Zathrus (232140)]

There's no substituting an OS that doesn't let the average user have administrator rights all the time

Yes, because as we all know the really valuable data on the computer is the OS and installed programs. You know, the stuff that can be replaced in a few hours.

All that user data that's completely and utterly irreplacable? Worthless. Who cares if a virus or trojan destroys it? And it obviously doesn't matter if a keylogger running in userspace sniffs out all your bank passwords and sends them to a 3rd party (what, you don't need admin privs to open a socket?!?!), because, hey, the OS itself is still secure!

The amount of real damage that a virus, worm, or trojan can do is not substantially affected by whether or not it can get administrator privledges. It may be easier to remove, but that's about it. And, frankly, if your average user runs in a lower privledged account then they're likely to get used to typing in the admin password when prompted, without even thinking about it.

And that's what it ultimately boils down to -- the user. Clueless users will get hit by crap all the time regardless of the platform. Clued users will not, again regardless of the platform. I've been using PCs for over 20 years now, most of that time on DOS or Windows (although I've also used OS/2, Linux, FreeBSD, Solaris, and several others) and I've been hit with a virus exactly once -- and that was about 18 years ago. It infected very little too, because I was running a virus scanner that caught it quickly (back in the days when McAfee was free(ish) for personal use). Nor have I ever had to remove spyware, malware, etc. on any of my personal or work systems.

OS X has a rather high percentage of non-technical users, just as Windows does. Do you really think that they're immune to doing stupid things?