Apple Quietly Recommends Antivirus Software For Macs 484
Barence writes "After years of boasting about the Mac's near invincibility, Apple is now advising its customers to install security software on their computers. Apple — which has continually played on Windows' vulnerability to viruses in its advertising campaigns — issued the advice in a low-key message on its support forums. 'Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.' It goes on to recommend a handful of products." Reader wild_berry points out the BBC's story on the unexpected recommendation.
Let the flame wars begin (Score:5, Insightful)
Does a Mac AV program really do anything? (Score:5, Insightful)
A good sign for Apple (Score:1, Insightful)
Re:A good sign for Apple (Score:5, Insightful)
1% of the market share would still make a valuable bot-net. Even 10% of this 1%. It translates into cash money. If it were easy, some people would have done it.
Re:Herd Immunity (Score:3, Insightful)
This doesn't apply. Macs are not an isolated community. They share data and documents freely with Windows systems, just as Linux systems do. The reason why there are fewer viruses for MacOS is similar to why there are fewer botnets that run on Linux servers.
Antivirus and antispyware protection is like putting buckets in the attic, instead of fixing the roof.
Re:Oh Shit (Score:5, Insightful)
You have strange ideas of trustworthy sources for 'facts'.
Re:a way to make money (Score:1, Insightful)
Why would it need privilege escalation? If there's a hole in some commonly enabled service that runs as root, that would take care of it.
Also, why couldn't a spambot just run in user space? Most people only ever use one account anyway.
Re:a way to make money (Score:5, Insightful)
I wish people would stop parroting this fallacy all the time. Market share has nothing to do with how easy it is to break into a system.
If you have something like windows where security is bolted on after the fact, and OS that was never meant to be a multi-user OS connected to the internet (all these were added as features later on and done poorly) then you will have a system that is much harder to keep secure.
UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.
Re:Herd Immunity (Score:3, Insightful)
"Herd Immunity"
You keep using that expression. I don't think it means what you think it means.
Re:A good sign for Apple (Score:5, Insightful)
Re:Admin user (Score:5, Insightful)
Well, that's the issue. You've been able to write software for Windows that allows for non-admin since 1999. My Documents, no user files in Program Files, non-admin logins, the whole nine yards.
But, of course, developers are lazy. They don't want to write proper software.
Can Microsoft force it? Of course. They tried it with Vista and UAC; pop up a little 'fuck you' every time a program does something the Windows 95 paradigm. And they got raked over the coals for it.
Re:a way to make money (Score:5, Insightful)
A way to make news. (Score:3, Insightful)
Agreed, however this is still news because the platform is under such control by Apple. They could quietly and easily put not only hardware and software in place. But implement more effective procedures in their software process to make security tighter. And we wouldn't be the wiser.
Re:a way to make money (Score:2, Insightful)
Second, I thought AV products don't "stack" well? Our PC tech here is constantly having problems with computers that come in and are running 2-4 AV software, and they're fighting like cats and dogs and crippling the system to where only a fresh install will fix it. From what I read on that Apple post, it sounds like Apple is encouraging you to install multiple AV software. And OS X already runs ClamAV doesn't it? Although I have yet to see such a thing get pushed out, I assume Clam can get updates via SoftwareUpdate? I seriously question where they're going by recommending you install additional (or possibly multiple) AV software.
I don't think they're recommending multiple AV installations on any given system, but rather a variety of AV programs being used by their user base at large. So, a virus writer will not be able to count on everyone having exactly the same configuration, and would have to plan to defeat a variety of AV programs if he wanted to ensure the effectiveness of his malicious code. This wouldn't be because all of them would be installed on a computer, but because any one of several would be installed, and he couldn't predict which.
ClamAV is included with Mac OS X Server (Score:3, Insightful)
Also, it doesn't appear that Apple is recommending that a user stack more than one AntiVirus package on a given system, rather, they are refraining from picking a single package so that the market is heterogeneous. This affords better protection to the herd as a whole. I agree the technical bulletin is a bit ambiguous on this point.
Re:a way to make money (Score:5, Insightful)
Why create a virus that only hits 7% of computers when you can hit one that hits 85% of computers?
Yeah. Why achieve the fame and glory of being the first to write a real Mac OS X virus? Why feel satisfied in crushing the worldview of every Mac fanboy in existence?
There's just no draw.
Re:a way to make money (Score:3, Insightful)
I think he neglects to mention an underlying assumption that no software is perfect, and given enough time and effort, the chances of finding a security flaw that can be exploited is greater than zero in ANY piece of software.
I don't believe this to be true if enough focus on security is made.
Software can be made secure at the expense of functionality. Now this doesn't ever solve the problem of local access, but if you made your OS into a glorified terminal server, you can prevent automated attacks by restricted what the user can do by default.
Of course the user might be hindered somewhat, but sometimes that is the price to pay.
Re:a way to make money (Score:5, Insightful)
Re:a way to make money (Score:3, Insightful)
Your absolute shows a lack of thoguht into the situation that is common in America (I am assuming that you're and American, me too).
Both "Market Share" and "Ease of Making the Virus" are reasons viruses get created. Both are factors into the equation, along with others I am sure. To say anything "will never come into the equation" is very short sighted and flat out wrong.
Re:a way to make money (Score:5, Insightful)
Also, virus writers are likely to stick to Windows for the same reason many users do, they already know it. Why spend the extra time learning a new OS to infect the minority when you can target the majority in much less time? That leaves you with so much more time to spend your pilfered moneys.
Re:a way to make money (Score:3, Insightful)
Why create a virus that only hits 7% of computers when you can hit one that hits 85% of computers?
Yeah. Why achieve the fame and glory of being the first to write a real Mac OS X virus? Why feel satisfied in crushing the worldview of every Mac fanboy in existence?
There's just no draw.
The 90s called andd they want their virus-writer stereotype back. In case you haven't noticed, these days big viruses get written for money - huge botnet herds and all that. Search for it on /. if you're really that new here. There is also stealing CC info, but I'd guess the guys writing browser exploits have at least the 2 neurons required to look at the stats of the browsers hitting the sites they infected to see what targets make more sense to code for. Once it makes sense financially to add detection and infection code for Macs, there's little doubt that it will be added. It's a 'free market' and it will behave as such.
So, for glory and fanboy crushing, no draw indeed.
Re:Symantec *IS* the virus (Score:3, Insightful)
Re:a way to make money (Score:4, Insightful)
All viruses require a reasonable level of market share to operate, because one of the principles they rely upon is a network effect, and you just plain cannot get a network effect without a decent market share. So marketshare is, very much, a pre-requisite for a successful virus. It's not the only one, but when people say "Mac OS X hasn't been attacked yet because it doesn't have enough marketshare", they're right. That's one fundamental reason. And unless you can show that any other reasons apply, it's likely to be the only reason.
This is called critical mass. The fact that there's a very healthy third-party developer market for OS X is strong evidence that it's reached a sufficient critical mass to attract virus writers. The fact that there are trojans out for OS X is strong evidence for such critical mass.
So, you must be wondering, why aren't there any actual viruses for OS X? It's because they're too damned hard to write. Trojans? No problem. Worms? Sure, but they won't be long-lived. Viruses, though, on OS X are a nut that's yet to be cracked.
People always like to bring up how most malware is meant to earn money, or that most people use Windows, so it's a bigger target. This only explains why OS X has less viruses than Windows. What it doesn't explain is why OS X has no viruses. You'd expect at least one or two, if for nothing else than the fame and to take Mac users down a peg.
The very least Apple could do is set Mac OS X up so that the installer actively discourages setting up the default user as an administrator.
You do not understand how Mac OS X operates. Admin accounts are not the same as the user Administrator or the group Administrators (on Windows), nor the same as root on Unix. They are basically equivalent to a Unix user in the sudoer's file. You have to enter your password to elevate your privileges, just like you do in Unix, and similar to what you have to do in Vista (although the OS X/Unix way is a bit more secure in that someone can't just walk up to your unlocked computer and start wreaking superuser havoc without your password).