Slashdot Log In
Apple Quietly Recommends Antivirus Software For Macs
Posted by
timothy
on Tue Dec 02, 2008 09:59 AM
from the wear-your-rubbers dept.
from the wear-your-rubbers dept.
Barence writes "After years of boasting about the Mac's near invincibility, Apple is now advising its customers to install security software on their computers. Apple — which has continually played on Windows' vulnerability to viruses in its advertising campaigns — issued the advice in a low-key message on its support forums. 'Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.' It goes on to recommend a handful of products." Reader wild_berry points out the BBC's story on the unexpected recommendation.
Related Stories
[+]
Apple: Apple Says Macs Are Safe, No Antivirus Needed 449 comments
lobridge writes "Over the last two days multiple news feeds (and Slashdot) have been reporting that Apple has been quietly recommending antivirus software for their machines. It appears now that Apple has deleted an entry on their forums that suggested this and are saying that Mac computers are 'safe out of the box.'"
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Sophos (Score:5, Interesting)
Interestingly enough... to date, they have only detected MS based viruses.
Re:Sophos (Score:5, Interesting)
When I ran a lab of Macs several years ago, we ran AV software on all the machines. It was mostly there to strip out the Word macro viruses that students would bring in from their home computers. I'm not aware of the software catching any viruses that could actually have done anything to the machines themselves.
Parent
Let the flame wars begin (Score:5, Insightful)
I don't need a virus to affect my system (Score:5, Funny)
I have Quicktime.
Does a Mac AV program really do anything? (Score:5, Insightful)
Re:Does a Mac AV program really do anything? (Score:5, Informative)
That is what I always thought, in fact looking at clamXav it appears to only scan for windows viruses.
Parent
Old document (Score:5, Informative)
This story is just wrong. That document is several years old. Apple advises to install security software since years. They just added new names for recommended software products and therefore updated the issue date on the document.
a necessity (Score:5, Funny)
Well, duh... With the Apple CEO engaging in the unhygienic practice of peeing on all the hardware before it ships, no wonder users are being advised to get some sort of protection against pathogens.
Or was that the Mapple CEO... meh, they probably all do it.
Makes sense in heterogenous networks (Score:5, Informative)
Although your Mac may be safe from the vast majority of malware stuff circulating right now, it can still spread them around and infect for example the other Windows machines on the network (those Microsoft Office macrovirus infections are a good example).
Also, with all the nice virtualisation programs available on the Mac and BootCamp, it makes sense as a Mac user to be more aware of potential malware problems , although then the antivirus solution should be inside that environment, I think. Also those antivirus programs open up a whole other can of worms, because those antivirus companies are splendid examples of honesty and efficient programming, as we all well know
If you listen carefully... (Score:5, Funny)
Um huh? Apple has always recommended protection (Score:5, Informative)
Re:Um huh? Apple has always recommended protection (Score:5, Funny)
Hell they even gave it away with old .mac accounts. And apple support always had lines saying to use protection. How is it all of a sudden new? They have been saying to use protection for YEARS now.
Very true.
And I've been ignoring the recommendation for years now. Guess which AV app I'm going to install today.
That's right. None. Running an AV program on a Mac makes about as much sense as using a rope to tie down your car every time you park it in your garage.
Parent
Re:a way to make money (Score:5, Interesting)
Maybe the Mac has starting to reach that point where virus writers and security aficionados have enough a base to target their efforts?
Perhaps, but I am still waiting to see a real "virus" that hits MacOS. There's been a few trojans (such as the one mentioned in TFA), but nothing that qualifies as a virus yet as far as I know. It is likely much harder to write a real virus (rather than a trojan) for MacOS than Windows as you'll need to find a privilege escalation exploit (need I say, without local access) in one of the standard services first, all of which tend to be pretty robust and having a core that comes from the open source and Unix worlds... as far as I know, there aren't any such exploits known right now.
Trojans can of course still be fairly nasty, as there's a lot of stupid users in the world (of any OS)
Disclosure: I do use MacOS X as my primary OS at home, but I'm definitely not a "fanboy" (I also have Linux systems at home and use primarily Windows at work - I consider myself "OS agnostic").
Parent
Re:a way to make money (Score:5, Informative)
Macs definitely are susceptible to malware, as the recent DNS trojan has demonstrated. Any app that asks for and gets your admin password is going to play with your computer, that's pretty hard to beat.
Viruses, and worms in particular, do covert, automated spreading. Worms are able to exploit on-by-default network services remotely in the background. (we just had a new one announced yesterday! affects xp AND vista, good lord you'd think they'd learn by now!) Viruses require the ability to circumvent LOCAL security, and get their hooks in the system and replicate locally without user interaction/permission. OS X (and unix in general) are designed from the ground up with this in mind, and have always been far less vulnerable to these two issues.
I don't see this changing anytime soon, just due to the differing design philosophies inside the two systems. From the start of OS X, apps didn't just have free access to do as they pleased, they were restricted by a security model, and learned to develop in OS X under these restrictions, being forced to learn good coding practice. Windows started in the wide open, and their devs got used to it, before they realize the scope of their mistake and tried to close the doors. The devs refused to stop writing apps that just "oh lets just assume we have full write access to the entire hard drive" etc. and so MS has had to go very slowly to avoid completely destroying their established software market. That's hard to overcome.
Even today I can count on one hand all the mac apps I've ran into that either (1) have to be installed while logged in as an admin, or (2) will only run properly (or completely) when logged in as an admin. And I count those developers as idiots for not knowing what they're doing and just assuming they have privs. Until Windows software approaches these numbers, I don't think we can call the Windows security model "fixed".
There are two things that most interest me here. First, Norton has been considered anything from "bad" to "poison" to OS X from the get-go. It's been known to create a wide variety of system problems, and in most cases, when OS X is misbehaving, and they admit they are running norton, the first advice they get is to remove it. (and "good luck removing it" to boot) Symantec has been of little help there, their first "removal tool" was 300+ lines of terminal commands, and still didn't completely uproot it. Their current removal tools are more effective and user-friendly though. So to see Apple RECOMMEND norton is something of a shock. I don't know of a single person in any of the mac support forums that recommends anything for Norton besides uninstalling it.
Second, I thought AV products don't "stack" well? Our PC tech here is constantly having problems with computers that come in and are running 2-4 AV software, and they're fighting like cats and dogs and crippling the system to where only a fresh install will fix it. From what I read on that Apple post, it sounds like Apple is encouraging you to install multiple AV software. And OS X already runs ClamAV doesn't it? Although I have yet to see such a thing get pushed out, I assume Clam can get updates via SoftwareUpdate? I seriously question where they're going by recommending you install additional (or possibly multiple) AV software.
Parent
Re:a way to make money (Score:5, Informative)
I don't see this changing anytime soon, just due to the differing design philosophies inside the two systems. From the start of OS X, apps didn't just have free access to do as they pleased, they were restricted by a security model, and learned to develop in OS X under these restrictions, being forced to learn good coding practice.
There is another common stupidity that many Mac developers seem to have that still persists from the Classic days. Many OS X devs still act as though the user installing the app is the only one on the system. A good example is Adobe Reader. EVERY user that runs Reader for the first time will be pestered to enter an administrator password the first time the software is run. The only workaround is to copy some preference files into every home directory on the system and if there is an update to Reader then that has to be done again. Yeah, yeah, I know just use Preview but things like that happening are common. It isn't OS X' fault. There is provision for system wide app settings; it's just that OS X devs tend not to use them the way Windows devs assume everyone is an administrator.
Parent
Re:a way to make money (Score:5, Insightful)
I wish people would stop parroting this fallacy all the time. Market share has nothing to do with how easy it is to break into a system.
If you have something like windows where security is bolted on after the fact, and OS that was never meant to be a multi-user OS connected to the internet (all these were added as features later on and done poorly) then you will have a system that is much harder to keep secure.
UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.
Parent
Re:a way to make money (Score:5, Insightful)
Parent
Re:a way to make money (Score:5, Informative)
UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.
Oh, this just makes me laugh. Operating system the first Internet worm ran on? UNIX. It wasn't until the mid '90s that people started saying 'UNIX Security' without laughing.
Parent
Re:a way to make money (Score:5, Interesting)
Look at AROS [sourceforge.net]! It has no security whatsoever, not even memory management between processes, so despite only having a hundred or so users, it must have zillions of virusses. But, of course, it DOESN'T. So far as I'm aware, nobody's bothered to write one, and it's unlikely any AROS virus would actually be effective.
All viruses require a reasonable level of market share to operate, because one of the principles they rely upon is a network effect, and you just plain cannot get a network effect without a decent market share. So marketshare is, very much, a pre-requisite for a successful virus. It's not the only one, but when people say "Mac OS X hasn't been attacked yet because it doesn't have enough marketshare", they're right. That's one fundamental reason. And unless you can show that any other reasons apply, it's likely to be the only reason.
It's frankly hilarious that Unix, on which the first worms operated, can be held up as some system that had security built-in from the start. It's also untrue that Windows, that is, the operating system known as Windows today, was "never meant to be a multi-user OS connected to the internet". Unless you're talking about Windows Me and its predecessors (98, 95, 3.1, et al), then that's completely false. Current versions of Windows (XP, Vista, 2003, et al) are derived from Windows NT, which was designed, from the beginning, to be "a multi-user OS connected to the internet".
In fact, Windows NT and its successors have a more advanced security model than Unix, allowing more than a separation of users and groups.
The issue with Windows is two fold. First, marketshare. And second, an over complex user-environment where too much functionality is available on the "user" side of the security wall. Both of these issues affected Unix up until the mid nineties, where its disproportionate share of Internet nodes and the amount of stuff running as the default user (which in Unix was root, which also happened to be the account with the most rights.)
There's little reason to believe that Mac OS X is protected from viruses by anything other than its low market share at this point. There's not a large enough group of users for network effects to take over. It is not an inherently secure operating system. The default user is generally set up with administration privileges, and it just takes a buffer overflow or other ordinary vulnerability in a client application like a web browser plug-in for a virus or worm to have complete access to the user's files, and enough access to be able to modify many of the applications the user is likely to run.
Fundamentally, Mac OS X has the same problem as Windows, and the same problem the "run-everything-as-root" Unixes did in the eighties and early nineties: too much functionality available to the default user. To fix this, you need to change the model somewhat. The very least Apple could do is set Mac OS X up so that the installer actively discourages setting up the default user as an administrator.
Parent
Re:Multiple antivirus products? (Score:5, Informative)
Having multiple products deployed mean that the virus programmers have different applications to circumvent. But that's multiple products on different machines-- you wouldn't expect one user to run all of the anti virus products on one machine.
Parent
Re:A good sign for Apple (Score:5, Insightful)
1% of the market share would still make a valuable bot-net. Even 10% of this 1%. It translates into cash money. If it were easy, some people would have done it.
Parent
Re:A good sign for Apple (Score:5, Insightful)
Parent
Re:Oh Shit (Score:5, Insightful)
You have strange ideas of trustworthy sources for 'facts'.
Parent
Re:Herd Immunity (Score:5, Interesting)
Indeed. Just look at Linux. It had a great security record up until the start of this decade. Then, once it gained a lot of popularity on servers, we started to see millions of infected Linux servers, linked together in botn...
Oh. Well damn. It seems that despite being the near ideal target for virus-writers (always on, very fast links, powerful hardware), the most popular server platform on earth doesn't have a major virus problem. Huh. Maybe an OSs security record isn't directly linked to its popularity...
Parent
Re:Admin user (Score:5, Insightful)
Well, that's the issue. You've been able to write software for Windows that allows for non-admin since 1999. My Documents, no user files in Program Files, non-admin logins, the whole nine yards.
But, of course, developers are lazy. They don't want to write proper software.
Can Microsoft force it? Of course. They tried it with Vista and UAC; pop up a little 'fuck you' every time a program does something the Windows 95 paradigm. And they got raked over the coals for it.
Parent