Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security Businesses Apple

Mac Users Blast Symantec ... Again 141

An anonymous reader writes "Once again Symantec has spouted FUD about Mac OS X ... perhaps in an attempt to make more money as Microsoft pushes its own security products? A commentary on the issue entitled "Symantec 'scare tactics' don't rattle Mac users" says Symantec's latest Internet Security Threat Report continues to voice concern for the security and stability of the Mac operating system, Mac OS X in particular. However, there isn't proper evidence to back this claim. Also from the story, readers are asked: Do Mac users think they are immune to security problems or is Symantec and others fishing for a new revenue stream? Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"
This discussion has been archived. No new comments can be posted.

Mac Users Blast Symantec ... Again

Comments Filter:
  • That is not to say that there _will_ be as many threats, but let's not kid ourselves here. There will be viruses written for and holes exploited on MacOS X. It's just a matter of time and then the whole house of cards will come crashing down. If Symantec's products didn't suck so bad on the Mac, I'd go ahead an pick it up -- just in case...

    --mike
    • Real threats will only occur once Apples market share has risen significantly and even then I dont think there will be many. Putting it into perspective, i've used macs since I was 8 (1991) and i've never had a virus on any of them, or at least never knowingly had a virus as i've never had to buy a virus scanner. I don't think it's time to worry.. yet.
      • i've used macs since I was 8 (1991) and i've never had a virus on any of them

        I think I saw an nVir infection, and maybe Scores as well. That was back in, umm, I think ’89 or so.
        • Yep, I remember those. Finder 6.08 around then, passing floppies between people at college, and actually my old Mac was infected quite a number of times back then. I remember my first Mac virus, don't know the name- suddenly the keyboard went all haywire, keys pressed would output completely different characters. I went to the college bookstore's computer department and let the clerk know about it, he goes 'Here- use this' and handed me a copied floppy with an anti-virus app on it. But they were mostly har
          • by superpulpsicle ( 533373 ) on Monday October 03, 2005 @12:13PM (#13705521)
            Does anyone else believe there are only so many "real" viruses out there? The rest are engineered by the virus scan companies?

            For example you install Symantec norton antivirus. It detects something as a virus. Let's say you DON'T clean or quarantine it, and just install norton.

            Now install McAfee antivirus. It may not even detect that same virus at all. Assuming both scanners are all updated, how can a virus count in one software and not the other.

      • I've never had a virus infection on my own personal computer. (X86; DOS, Windows 3.1, Windows 95, Windows 2000, Windows XP).

        But if you think that means I don't run an anti-virus program on it you're wrong.

        I don't run anything on my Mac. Until such time as the threat is higher than theory there is no point.

        I have no doubt that a virus of significant threat will appear on the OS X platform one day. Until it does I have no reason to think any particular implementation of anti-virus software would be effective
    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Monday October 03, 2005 @07:16AM (#13703108)
      Comment removed based on user account deletion
    • by Anonymous Coward
      So long as there's no real threat out there, I'm not going to worry about it.

      And once there is a threat, I'm going to look to Apple first before possibly considering purchasing a symantec product.

      I'm sure that someday there will be this worm or virus that infects a large portion of the Mac community and causes havoc on a never before seen scale, but Symantec can't respond quickly enough to protect me from the *big one* anyway.

      I believe that buying anti-virus software for the Mac now is akin to buying magica
    • by spir0 ( 319821 ) on Monday October 03, 2005 @05:44PM (#13708147) Homepage Journal
      There is one problem I see. Regardless of what may come in the future, Symantec are currently using deceptive tactics to lure people into buying their software. They are lying to Mac users. Shouldn't they be trying to earn our trust? On Windows computers, I won't use Symantec products because I don't trust the company.

      It's that simple.
    • I was laughing ay Symantec's ad in one of the Apple magazines only this weekend, as it does indeed use scare tactics. Given the lack (i.e. zero) of OS/X viruses, who actually knows if it will do it's job if the time comes? I think there is a perfectly legitimate market for AV tools on Mac (and Linux) - simply being a good citizen and not passing on infected mails (even if they could not infect your machine) helps everyone. It would be far better to focus on that angle (a solution to a problem that exists)
  • Errrr (Score:5, Insightful)

    by scenestar ( 828656 ) on Monday October 03, 2005 @07:13AM (#13703090) Homepage Journal
    Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"

    Apple would be retarded if it followed any of MSFT's security policy.
  • Semantec Panicing (Score:5, Insightful)

    by TheRaven64 ( 641858 ) on Monday October 03, 2005 @07:32AM (#13703171) Journal
    Semantec, I would imagine, has three nightmares:
    1. Users all switch to platforms without security problems.
    2. Microsoft makes Windows Vista secure.
    3. Microsoft includes AV and a decent firewall with Vista.
    This is a counter to the possibility of option one.

    On the Mac, as with most other platforms, there are periodically vulnerabilities that allow arbitrary code to be run. These are generally patched quickly, making them a poor vector for attack (except amongst the uptime-is-a-measure-of-masculinity crowd, who refuse to reboot for security patches). The only convincing things they have are things like opener. Opener itself is nothing more than a bash script - it runs, and if you run it as root then it will disable the firewall, etc. and run a server people can connect to. Of course, you then need some kind of social engineering attack to persuade people to download it, run it, and enter an admin password. This is, of course, possible - just find some stupid people. The problem is that a virus scanner won't do anything to protect you against this kind of thing.

    • by coinreturn ( 617535 ) on Monday October 03, 2005 @07:45AM (#13703230)
      This is, of course, possible - just find some stupid people. The problem is that a virus scanner won't do anything to protect you against this kind of thing.

      Maybe Semantec should start selling stupid people scanners. Unfortunately, the scanners would go nuts in their own PR department.
      • Thats exactly what they ae doing: "Selling stupid people scanners" ie Selling (virus) scanners to stupid people. Oh wait. You meant that some other way...

    • except amongst the uptime-is-a-measure-of-masculinity crowd

      Jeez, you don’t have to look directly at me when you say that, do you?
    • Re:Semantec Panicing (Score:5, Informative)

      by 99BottlesOfBeerInMyF ( 813746 ) on Monday October 03, 2005 @10:13AM (#13704239)

      The only convincing things they have are things like opener.

      Opener is a generic trojan, nothing special about it. Trojans have been somewhat effective vectors for years on many platforms. Right now someone could craft a sneaky trojan and use it to attack os x users. That said, it is unlikely, and it is even less likely such an a attack would be effective. First, Pretty much any way the user gets the trojan they will be notified that it is an executable. This means the social engineering has to pass it of as such. Second, unless it is a cross platform trojan, it will not propagate itself, thus it will only effect a small portion of the user base. Third, in order to do much useful, the user will have to enter their admin password, which will make some people suspicious of it. Fourth, there is disproportionately large number of security people using OS X, increasing the speed and likelihood it will be discovered, documented, and mitigated. Fifth, pretty much all OS X users run auto updating of their system, allowing security fixes for a given trojan to be rolled out to all users, not just those running the latest OS's. Sixth, Open source tools like ClamAV already function just fine on OS X, meaning Apple could turn around a trojan detector for a given trojan in very little time. seventh, many OS X users do not run as admin users and thus cannot perform many useful operations themselves (non-admin accounts are usable and local privilege escalations are non-trivial). Finally, while all of these stumbling blocks for a successful trojan can be overcome, it would take a great deal of motivation, which will not be financial due to the small number of machines that will be compromised compared to the relatively easy and profitable target that is Windows.

      I'd also like to argue that there are a great many things that could be done to make OS's in general less susceptible to trojans. BSD Jails and virtual machines are a great step towards making trojans harder to implement. Properly implemented ACLs, with a good, understandable GUI, built into the OS, and with a well thought out series of defaults could make trojans very, very hard to pull off. I think this will eventually be done, but has not really happened simply because there is not a strong incentive. Windows has a monopoly and so many other security problems that there is no reason for them to implement such a system. Linux distros and UNIXes have implemented some protections, but for the most part they are not well tested or easy to use because the demand for them is so small. Apple has the talent to create this type of system, but customers don't want it since they are not generally under attack. These will materialize and become usable when something takes significant desktops from Windows, or when MS successfully creates a basically secure OS, and then has to address the proliferation of trojans that results.

    • uptime-is-a-measure-of-masculinity

      YES!

      exciter root # uptime
      18:18:07 up 421 days, 4:24, 3 users, load average: 0.00, 0.00, 0.00

      exciter root # uname -a
      Linux exciter 2.4.23_pre8-gss #1 Fri Dec 12 17:51:50 CET 2003 i686 Intel(R) Celeron(R) CPU 2.10GHz GenuineIntel GNU/Linux
    • Of course, you then need some kind of social engineering attack to persuade people to download it, run it, and enter an admin password. This is, of course, possible - just find some stupid people. The problem is that a virus scanner won't do anything to protect you against this kind of thing.

      Also that nothing is immune to stupidity, not even virus scanners. If someone is stupid enough to be convinced to run arbitrary unknown code from an untrusted source, there's a good chance that they can be convinced t

  • psymantec (Score:3, Interesting)

    by FidelCatsro ( 861135 ) <fidelcatsro@gmaDALIil.com minus painter> on Monday October 03, 2005 @07:58AM (#13703302) Journal
    With their crystal ball are managing to see some ghosts in the machine , I don't believe in ghosts .Show me hard evidence or flutter off

    OS X's stability is absolutely , in all the time i have been running the system I have had one crash (The Crash was my fault ) , The finder has restarted itself a few times which i believe has lost me a sum total of 60 seconds working time .
    The only times I have had programs that were unstable was when i was using Beta versions of things.

    Security has also not been a problem , It automatically runs the system update regularly if you don't do it yourself . The worst that could happen is someone passes you a dodgy installer which runs some sort of server but that's not OS X's fault .

    OS X is up there with the best *NIXs in these regards .

    Symantec I believe has been using classic mac OSs (someone should tell them that 10 is a bigger number than 8) , They were buggy and full of holes .

    OS X is not perfect by any means and has had its fair share of patches , But I could say with confidence that it could go toe to toe with linux in these areas .
    • Re:psymantec (Score:5, Insightful)

      by MyDixieWrecked ( 548719 ) on Monday October 03, 2005 @09:22AM (#13703844) Homepage Journal
      OS X's stability is absolutely , in all the time i have been running the system I have had one crash (The Crash was my fault ) , The finder has restarted itself a few times which i believe has lost me a sum total of 60 seconds working time .
      The only times I have had programs that were unstable was when i was using Beta versions of things.


      how much software do you run? How much do you actually do with your computer?!

      I've had Adium, illustrator 10, illustrator CS, photoshop CS, MPlayer, Safari (many, many times), iTunes, Word, Filemaker Pro, InterfaceBuilder, Bittorrent, and Quake3 (repeatedly) unexpectedly quit on me.

      Having a program die is not a reflection on the stability of OSX, but the programming of the application. Application crashes are usually caused by unexpected things happening in memory (accessing a freed block of memory or memory that doesnt' belong to the app)... eg: bugs.

      I've had dozens of kernel panics in OSX, although most of them are attributed to bad hardware or bad drivers or earlier versions of X. OSX beta and 10.0 panic'd pretty often. Jaguar was quite solid and panther was even moreso. My G5 panic'd the first time I booted it, but when I called for support, they said that the machine may have just had some processor calibration issue, but if it panics again to give them a call (it's been 2 months an no panics).

      Anyway... the only real market I see for symantec for OSX users is system diagnostics and filesystem repair. Maybe even support for trojan protection. I don't think it would be that difficult to have something that looks for certain "bad things." It could protect from malicious scripts and even user error. It could stop a beginner user from typing the 'rm -rf /' command or running an applescript that formats the drive. It could ship with tighter default security settings, but allow fine tuning like "I know what I'm doing on the commandline" or the like.

      i don't understand why they didn't do that already.
      • Re:psymantec (Score:5, Interesting)

        by phillymjs ( 234426 ) <slashdot.stango@org> on Monday October 03, 2005 @12:04PM (#13705435) Homepage Journal
        Anyway... the only real market I see for symantec for OSX users is system diagnostics and filesystem repair.

        Too bad they gave up on that market by killing Norton Utilities for Mac a couple years ago. Of course, that product peaked at version 6 and started stinking up the place after that. IIRC, it was never updated for OS X, either-- the most they did with it was make it OS X aware, so it wouldn't screw something up while trying to "fix" something that OS X needed a certain way.

        Pity, that. I used to swear by NUM back in the day. These days, I rely on Cocktail, DiskWarrior, and Data Rescue X. Not that I need them very often.

        ~Philly
        • Re:psymantec (Score:3, Informative)

          yeah, the couple of times I've had HD problems in OSX (caused by a failed powersupply in a firewire drive... screwed the disks up somehow), I was able to fix it by rebuilding the b-tree from the commandline. I haven't even needed any diagnostics....

          but it would be nice to have. just in case. =P

          we still reply on Norton at work, here, since we still have a single OS9 machine (for streamline and the occasional Jaz/zip disk that comes in). The machine occasionally won't boot or gets a system error and we need t
        • Too bad they gave up on that market by killing Norton Utilities for Mac a couple years ago. Of course, that product peaked at version 6 and started stinking up the place after that. IIRC, it was never updated for OS X, either-- the most they did with it was make it OS X aware, so it wouldn't screw something up while trying to "fix" something that OS X needed a certain way.

          Norton Utilities does exist for OSX. Unfortunately, they don't keep up to date on it to make sure it supports Apple's latest OS, so it

      • Anyway... the only real market I see for symantec for OSX users is system diagnostics and filesystem repair.

        Frankly, I feel like Symantec has pretty well given up on their "Utilities" products. Norton Disk Doctor used to be a great product. Much better than the utilities that came with the OS. But now, run Norton Disk Doctor in Windows on your boot drive, and it'll tell you that you need to restart. When you restart, it'll run a chkdsk. I don't mean, "It'll run the Symantec equivalent of chkdsk", I me

  • by Deanasc ( 201050 ) on Monday October 03, 2005 @08:01AM (#13703317) Homepage Journal
    I think the fact that both the hardware and OS come from one vendor makes the Mac far more stable hence secure. Microsoft has to get windows to work with Intel and AMD chipsets that are jammed into boxes made by hundreds of different manufacturers. Add into the mix a backwards compatability problem where software written in the 1970's is expected to still work and you've got a recipe for buffer overruns and all the demons they bring forth.

    That doesn't mean the Mac is more secure it just means that there are less windows for worms and virii to crawl through. Oh wait, I guess that does make it more secure.

    • Microsoft has to get windows to work with Intel and AMD chipsets that are jammed into boxes made by hundreds of different manufacturers.

      Several Open source OS Like Linux, NetBSB and FreeBSD works on a even wider range of hardware. I don't think that make them more insecure, if anything it makes them more secure because the hacker / virii writer can't assume x86.
      • Yes but the Linux brand doesn't gaurantee operability with those boxes the way Microsoft does. There will be boxes out there that can not run your choice of Linux, NetBSD or FreeBSD. Maybe the box will run one or two but not all three. Maybe another configuration will run run all three but then it's not the same box.

        Anyway, this is a moot point as we're discussing consumer electronics meant for people who don't want to do the maintanence that goes into getting any of the linuxces to work.

        • Even so, I've never heard of a case (computers or real life) where monoculture is good for security. Maybe the Mac with OS X will prove me wrong although I doubt it.
          • I think you just hit the nail on the head; Our systems need to be diverse However, we need standards for our systems to interoperate. In that sense, we need monoculture in our data transmissions, right?

            I think that's the exact reason why we should maintain a strong difference between our data and our programs. DirectX and Excel macros are probably good examples of this going wrong.
          • Monoculture=Bad
            That's not to say having Sub-cultures is bad. Having small groups of Consistent culture in an enviroment of diverse cultures isn't going to offer a greater threat level. Indeed it maybe useful, allowing the sub-cultures to develop strong Imune systems, as they will be tried and tested, and will develop in ways that may make them incompable with threats from other sub-cultures.

            So relating that to a computer perspective. Apple build Mac's and control the hardware and OS, then build in other def
  • by foniksonik ( 573572 ) on Monday October 03, 2005 @08:51AM (#13703645) Homepage Journal
    I'll be getting some x86 Powermacs this coming summer.

    My only security concern comes from not knowing how many threats out there are based on CPU vulnerabilities that don't affect PPCs but do affect x86 based CPUs.

    Will it soon be as easy to port over viruses, trojans and worms to OS X as it will be to port games and other apps?

    Otherwise I have no worries... Apple stays on top of security issues and doesn't have the back log of known vulns that windows has. In addition, many of the vulns that could affect OS X would also affect Linux/BSD so OS X gets the benefits of those communities watching for problems/patching problems as well.

    • by GaryPatterson ( 852699 ) on Monday October 03, 2005 @09:00AM (#13703709)
      Malware targets weaknesses in an operating system, not a processor.

      A virus that hurts Windows will be ineffective against Linux, even though they run on potentially the exact same hardware.

      OS X will have the same weaknesses and strengths on x86 as it does on PPC, so you can rest a bit easier. If you're still not sure, get the final PPC revision Macs, and wait for a year or two before going to x86 Macs. You'll know all about any issues by then.
    • Um...not really. A CPU only executes very simple instructions like "pull this chunk of memory to a register" and "add this register to that register" and "set the program counter so we can jump to this location in the program." It's usually up to the compiler to get anything useful (for most people) and easy to program to run on that. Even then, the compiler (most languages) is going to generate code that will only run on that cpu. Why? The instructions are just a bunch of ones and zeros, not for loops
  • by GaryPatterson ( 852699 ) on Monday October 03, 2005 @08:54AM (#13703663)
    ... so they need to convince us there's a market.

    Just like drug companies that release a cure for a disease you'd never heard of, just after 'credible' reports appear in the media showing that most of the poopulation suffer from it.

    It's a scare tactic, pure and simple.

    However, there is a small sting in the tail - Mac users have little to nothing to worry about today. Tomorrow may be another story entirely.

    Just because a virus hasn't been written doesn't necessarily mean it's impossible to write one. There's a creeping feeling in the Mac world that we can't be touched by malware just because we're using Macs. That's a dangerous attitude in the long run.

    Mac users need only take advantage of the built-in security, plus enable a few options.

    The Firewall should be on by default, but clicking the 'Advanced' button reveals an option for stealth mode. That's always a good idea. In fact, while you're there, turn firewall logging on and come back to read the log in a week or two. That'll highlight any attempts at breaking in.

    Keep the administrative account around, but use a non-admin one for day to day tasks. There's no reason not to, and it forces a password check before any files outside the user's directory are altered.

    Turn off the option to open 'safe' files after downloading in Safari.

    There's a guide from the US NSA out there somewhere that's heavy going, but shows what good security looks like. Read a site like http://www.securemac.com/ [securemac.com] once in a while to pick up a few tips.

    Mac users needn't be as worried as Windows users should be, but a few ounces of prevention still go a long way.
    • Just like drug companies that release a cure for a disease you'd never heard of, just after 'credible' reports appear in the media showing that most of the poopulation suffer from it.

      More like drug companies trying to sell vaccinations for a disease that doesn't exist yet.

  • of course (Score:1, Interesting)

    Of course mac users wont be used to viruses and other "infections" we've never really experienced any so it feels like we're invincible. The thing is that we just dont realize that someday, there will be some jackass (or team of jackasses >.< ) that decides "hey, i think i'm gonna make every newspaper and online news headline all over the us", and he's going to write a damn good mac virus. and you know what, we will go nuts because we've never seen it before.
  • by kannibal_klown ( 531544 ) on Monday October 03, 2005 @09:04AM (#13703734)
    OS X is by far my OS of choice. Sure I use Windows and Linux for different things, but when it comes to ordinary stuff as well as some cross-platform development I love my Powerbook. It's more stable and secure than my windows box and more pleasant to use than my Linux box.

    That being said, one day it will hit the fan. Someone will write a really bad virus or find a big exploit and keep it on the down-low until they release it on a large scale. It will hit us, it will hit us hard.

    It will be like a family living in a gated community where there's no crime. Feeling safe they never bother will any security system or guard dog. Then one day they all wake up to find their 1st floor completely raided of all valuables. The initial shock to Mac users will be the same (all-be-it less devastating than seeing your tv and stereo gone) . After being safe for so long and not having to worry about it will hit us really hard.

    I don't bother running Virex, nor do most people I know. But I know one of these days I'm gonna pay for it.
    • by porcupine8 ( 816071 ) on Monday October 03, 2005 @09:49AM (#13704035) Journal
      It will hit us, it will hit us hard.

      Eh, I think it will hit a few people hard. But (unless Mac marketshare magically soars to 30%+ or something) by the time it manages to propagate very far, Apple will have had plenty of time to release a patch. I mean, I only know of a couple other people I email with Macs. Assuming I even used Mail.app (I use webmail, so it would be hard for the virus to send itself through me), that means that if I got the virus from one of them, I would probably only infect one or two more people - not like the dozens at a time that a Windows virus is sent to. Until/unless Macs become *way* more popular, any virus will move so slowly that it will be caught before it manages to infect the majority of Macs.

      Though, yes, it will suck for those of us who are hit early.

    • by razmaspaz ( 568034 ) on Monday October 03, 2005 @10:47AM (#13704634)
      I don't bother running Virex, nor do most people I know. But I know one of these days I'm gonna pay for it. The problem with Virex, as with all Virus scanners is that in the nightmare scenario you describe Virex isn't gonna know about it until you already have the virus. And if someone does do all that stuff, and does screw your Mac...they will likely also find a way to disable your recovery and virus downloads anyway. Against a fast moving virus, yesterday's definitions are useless. So if the virus protection can't help you, why bother paying for it? Most of the major problems on windows are worms now anyway. Following the guidelines of someone like securemac.com should be plenty.
    • It will hit us, it will hit us hard.

      It already hit hard over fifteen years ago. Mac OSX is based on UNIX. UNIX had its security crisis a long time ago. That's why Mac OSX is more stable, and less vulnerable to attacks that take advantage of ownership and permissions problems that are par for course in microsoft operating systems.
    • It's more like being in a brick house with a thousand blowing wolves running around. It doesn't matter if they all blow at once, it's a brick house! Is susceptible to other attacks that know one is trying yet? Possibly, but Symantec's wolf traps aren't going to help with a completely new style of attack.

      And even if Mac's share got up to 50% if the difference is still Brick vs. Straw then it will still be more profitable and easier to just go after Windows users.
    • To extend your analogy (a lot) - yes, we don't have security systems or guard dogs, unless you have your standard OSX firewall up or something like LittleSnitch active. But we're still far far better at having the company who sold us the building keeping coming back and strengthening the mortar, thickening the walls, and generally making it Difficult for people to break in. I was going to put something about strong windows, but that seems out of place. And hey, even the paintwork looks nice.

      And that inbuil
  • Symantec = Trojan (Score:4, Informative)

    by Anonymous Coward on Monday October 03, 2005 @09:16AM (#13703804)
    I once bought a used Mac with pre-installed Symantec Software...

    It was the worst crap I have ever encountered in my life, including Windows 2.x! The stupidity and uglyness of it is so enormous that the United Nations should ban it because it could easily pass as a crime against humanity. You would'nt believe it until you saw it... messing up a whole filesystem, bringing system performance to a grinding halt, fucking up the *nix part of OSX so badly that it is absolutely unusable. Oh, and of course you need a third party patch to uninstall it, and even with that patch it's a pain to go through and it still leaves some parts of OSX broken.

    What kind of person must one be to program such a huge pile of shit? Compared to the braindead molluscs at Symantec, Microsoft looks like a Mensa con. There is only one Malware for the Mac and its name is Symantec. Works like a classical trojan: You install it because the programmer makes you believe it does something useful. But once you've done so, it begins to weak havoc all over the place and there is no way you can get rid of it except for major system surgery. Oh man, only thinking about that my HD was once infested with that dreck makes me puke!

    The real danger for the Mac world is that these imbecile wankers are successful with their bloody scare tactics and get some ignorant management to believe their dirty, fucking lies. If then that management forces their employees to install Symantec "antivirus" dirt all over their Mac network, they might get stability and usability down to a point where they could just as well run Win95 on overclocked Pentium I Boxes with 16 MB of RAM.

    • So you're saying it might not be a good buy? Please, tell me what you really think.
    • Re:Symantec = Trojan (Score:2, Interesting)

      by gitchel ( 858517 )
      Well, I might not have been QUITE as acerbic in my review, but I do have to agree with the spirit of this post. When I came back to the Mac from several years owning only PCs, I purchased very few software packages for my G5. I intended to use primarily shareware and free programs. I did purchase Symantec Anti-Virus, though. It had worked so well on the PC side, and caught so many viruses. Well, it's been a year since I flung the CD into the trash, so I can give many details, but it was awful. The auto fu
  • It's true that OS X is more secure than XP normally, but there's one thing that worries me - stupid developers who make users type in their admin password for no good reason.

    There are so many application installers out there that make the user type in the admin password that users are in the habit of providing it whenever the dialog box appears.

    This opens the door for a socially engineered virus/trojan horse - one that politely asks the user for permission to infect the system.

    Really. Why do developers insist on providing windows-style installers when all you have to do is drag the app to the right folder and let go?
    • by poopdeville ( 841677 ) on Monday October 03, 2005 @10:22AM (#13704311)
      Really. Why do developers insist on providing windows-style installers when all you have to do is drag the app to the right folder and let go?

      Because you can't just drag some Applications over. Those installers put files in directories a normal user can't touch.

      • Are there any applications that need that access by necessity? I can't think of one off the top of my head.
        • The only thing I can think of off the top of my head would be something that needed to install a kext, which is pretty rare ... Preference panes, frameworks, Input managers, and the like can all be installed user-specifically in ~/Library without needing admin.
        • I can think of one. (Score:4, Informative)

          by phillymjs ( 234426 ) <slashdot.stango@org> on Monday October 03, 2005 @11:53AM (#13705323) Homepage Journal
          Acrobat.

          It actually is installed via a drag and drop into /Applications. On its initial launch, it asks for a password because it puts other stuff elsewhere in the system, the files necessary for the "Adobe PDF" printer to be created, for one.

          Microsoft Office does it that way, too, drag and drop install followed by supplemental stuff (fonts, etc) installing itself on initial launch.

          ~Philly
          • I don't know if you've noticed, but OS X has the *built in* ability to print to a PDF. There is no need for Acrobat to duplicate that ability, nor to silently install Safari plug-ins.
            • I don't know if you've noticed, but OS X has the *built in* ability to print to a PDF. There is no need for Acrobat to duplicate that ability...

              For me, no. For my clients, who do design work and need more robust PDF creation and editing capabilities, Acrobat is the only way to fly. But thanks for speaking to me as if I were a noob, I really appreciate it.

              ~Philly
              • by NatasRevol ( 731260 ) on Monday October 03, 2005 @02:34PM (#13706785) Journal
                Yes, Acrobat is more feature rich than the OS.

                But please explain why it need to have the admin password to install it. Is there anything in Acrobat that is system wide, moreso than something like Office would provide? I really don't think so, but would love to be enlightened.

                More likely, it's Adobe being lazy with programming and making things easier on themselves rather than proper and secure programming techniques. Remember, if there's a bug in their application at a system level, it could represent a real security hole because of the way the installer works.
          • I'm new to the Apple world (just got my iBook a month ago), so I don't know all the ins and outs yet. Could you explain what the point of Acrobat is when I can already print to PDF and read them easily with OSX?
            • by greed ( 112493 )
              Apple's viewer (Preview.app) doesn't handle some PDF constructs; though some of that might have been resolved in Tiger.

              Adobe Reader has better zoom modes and stuff like that; I use "Fit Width" a lot, and Preview.app just doesn't cut the mustard.

              PDF Forms don't work in Preview.app either. Not that they work all that well in Reader for Macintosh. Some PDFs don't render correctly in Preview, but they're fine in Adobe Reader, and so on. (Shading and blending I think were the main areas of trouble.)

              On the gen
            • Some people apparently use Acrobat because it can handle PDF forms and a few other rarely-used PDF features. However, I prefer to use PDFpen when I need advanced PDF features. It's a good Mac-only app that doesn't modify your system at all.
      • Name one regular app that *has* to have admin access to install correctly. For that matter, name a regular app that *has* to have an installer instead of just using drag-and-drop.

        For example:

        * why does a screen blanker like Freefall come as a .pkg file?
        * why does a game like diablo II use a special installer app?

        And those are just two examples laying around in my archives directory.
        • Re:Nonsense. (Score:3, Informative)

          by Jeff DeMaagd ( 2015 )
          I think any game that uses SDL, because the SDL framework needs to be installed to /Library/Frameworks.

          I do agree that too many applications seem to need a special password, I wish there was an easy way to expose in a decipherable manner exactly what it does that claims to need it.
          • I hadn't heard of SDL before you mentioned it, so I did the google thing.

            But even so, frameworks don't have to be installed in /System; I have any number of apps installed in my ~/Applications folder that contain frameworks within their .app folders.
            • Other than drivers NOTHING should be installed in /System. This is what /Library is for. You can install frameworks in two places:

              /Library/Frameworks
              ~/Library/Framworks

              If the library is not being installed as a framwork, then it should be part of the application bundle. In fact, you can even make it so that a framework is part of application bundle.

              The nice thing about frameworks is that they can include multiple versions of the same library and generally include the necessary C headers, so that d

              • I meant /Library; although I've seen plenty of dain-bramaged code that drops stuff in /System/Library, too. Developers seem to think that since it's already got all that stuff in it, they should just put their stuff there, too.
          • I think any game that uses SDL, because the SDL framework needs to be installed to /Library/Frameworks.

            machine-name-deleted:~ dg$ ls -ld /Library/Frameworks/
            drwxrwxr-x 5 root admin 170 Aug 30 09:53 /Library/Frameworks/

            So... uh... no. Anyone in the admin group should have the ability to add contents to /Library/Frameworks.

      • Those installers put files in directories a normal user can't touch.

        Why do they need to be put in those directories then? OS X is pretty standard. Why can't the devs just work around that and keep all the files in the drag and drop executable. I'm not looking at it as just a security issue, but if I wanted to uninstall a OS X app, I just expect to trash it and then delete the prefs and I've removed all traces of it. When an installer puts files willy nilly all over the system it's rather hard to clean up af
        • I've been confused about this too. The drag and drop method of install is fantastic. It's easy to install, easy to uninstall, and makes the whole process seem to make sense. I would think that keeping apps modular and self contained might have a couple security benefits beyond the obvious ease of installation/uninstallation. So why can't developers manage it?

          Someone mentioned Acrobat. Ok, I can understand Acrobat installs a virtual printer, but why do the rest of Adobe's apps need an installer? In my

      • Most of the time it is due to Lazy Developers. Developing more complex applications tends to get more difficult to make while keeping it self contained. It is similar how beginner developers feel the urge to use Goto and Global Variables. Sure there are some cases where you may need to use an Admin access to install a program. But for 99% of the apps out there it can be done by just dropping the file.
  • by amichalo ( 132545 ) on Monday October 03, 2005 @09:55AM (#13704084)
    Symantec is trying to sell a product that doesn't really apply in the Linux/OS X environments.

    I'm not saying Viri and Worms don't or couldn't exist on a *nix platform. What I am saying is that security patches are released within the same timeframes as virus updates, so why not just set your box to auto-update those patches and skip the Anti-virus software route all together?

    On other vendor's [microsoft.com] platforms, there are both a greater frequency of attacks and longer delays between patches (probably due to the shear number) so Anti-virus software serves a market there.

    So it isn't hubris that the Linux and OS X are imune, it is that the OSS community and Apple work quickly to patch any vulnerability ASAP.
  • Do Mac users think they are immune to security problems

    Many may, but in general... no more than Windows users, many of whom think that because they have antivirus software they don't need to worry about security.

    Really, this is a straw man. It's like someone in California chiding someone in Darwin for not being prepared for an earthquake or mudslides.
  • by Anonymous Coward
    Is the following assertion fair and accurate:
    "It is easier to secure OSX against malicious intrusion at least partly because administrators have more extensive control over the OS and the applications that run on it."
    Microsoft just doesn't seem to like making security easy to do, without buying something. Heck, I can't turn off popups in IE unless I get a third-party add-on. Safari - no problem. Not trolling, but I am curious - I only use M$ at work and I *hate* it, but I am also not a sysadmin, so I can't
  • by Anonymous Coward on Monday October 03, 2005 @11:06AM (#13704838)

    Symantec, does indeed need to create fear of threats where there aren't any. They sell an anti-virus for Palm OS [symantec.com] even though most Palms don't connect to anything. They cite an actual TWO threats discovered in the wild in 2000.

    Symantec's business smodel is to get US$29 or so per year from EVERY computer on the planet. They can't let any platforms go "un-taxed."

  • by richg74 ( 650636 ) on Monday October 03, 2005 @11:10AM (#13704889) Homepage
    Although I don't use a Mac / OS-X, and therefore can't really comment on the technical issues here, I do think this brings up something about Microsoft's near-monopoly that isn't always sufficiently understood.

    Because Windows is so pervasive, and because it has some obvious flaws, particularly in the security area, we have a whole "symbiotic" culture that has evolved around MS. That culture includes firms like Symantec and NAI/McAfee, as well as application vendors like Intuit. All of these have a strong vested interest in keeping the near-monopoly status quo, even if something else might ultimately be more in their customers' interest.

    You can then have clueless journalists (as well as, of course, the vendors' coin-operated "think tanks" and "research firms") talk about "industry consensus" and similar nonsense.

  • by javaxman ( 705658 ) on Monday October 03, 2005 @12:22PM (#13705624) Journal
    If someone is interested in researching what vulnerabilities are patched in a particular Security Update, it's easy to do- there's a knowledge base article attached to each and every one. In the software update information for the security update, there's a link to this page which lists them all [apple.com] and from there you can get a specific description of everything included in that update. here is the current one [apple.com].

    So, really, they have a rating system, but it's not dumbed-down. If you know enough ( or *think* you know enough ) to read through all of this and decide "hey, none of that really matters for me, I don't need this update", then you at least have a detailed idea of what you're passing on. Otherwise, you should probably apply all of these updates and patches anyway... maybe waiting a few days to see if anyone reports serious issues with it if you're extra paranoid about stability.

    Since we all have different operating environments and practices, a strict rating scheme is a little meaningless. If you don't use Mail, a "Severe" rated patch that only patches Mail might not matter to you... really, you need to look at the description if you care about such stuff.

    And what's this talk of OS X stability issues? Pu-leeeze. Maybe if you're running 10.1. Anything past 10.2.3... any instability is likely to be hardware ( likely memory) in cause.

    %uptime
    10:20 up 133 days

    If it weren't for updates this thing would never get shut down...

  • by Warlock7 ( 531656 ) on Monday October 03, 2005 @12:31PM (#13705693)
    No OS is immune from exploits.

    Symantec shouldn't just be pointing out how many exploits have come to their attention, they should be providing evidence to support their position. Things like, how many exploits became full blown threats to the security of OS X. None.

    They should be providing details about how their NAV(Norton Anti-Virus) software has changed over the past several iterations to deal with this pervasive threat. It hasn't.

    Currently Symantec is using the same software, without any significant changes, since the release of OS X, that's no significant changes or enhancements, zero, zilch, nada, for over three years, but they're still happy to sell you a new version for $70+ and come out and make wild claims about how you too are unsafe. When what the consumers are really unsafe from is bad business practices and corporations that are willing to try and scare you out of your hard earned cash.

    Why is this happening? Money, greed, avarice and lying.
    • Currently Symantec is using the same software, without any significant changes, since the release of OS X, that's no significant changes or enhancements, zero, zilch, nada, for over three years,

      Yeah, and Symantec used to offer Systemworks for Macs but I just checked in Apple's store and couldn't find it so I then went to Norton's website and it wasn't listed there either.

      Falcon
      • by Warlock7 ( 531656 ) on Monday October 03, 2005 @02:22PM (#13706690)
        Yep. They should've pulled Systemworks on version 2.0, which was simply a repackaged version 1.0 with a couple of extra third party programs to "round it out". Version 1.0 and version 2.0 were identical except that they added Dantz Retrospect Express Backup and Aladdin Spring Cleaning and called it version 2.0. I've boycotted their products ever since.

        They actually had a version 3 at one point, it's still on their site [symantec.com]. And they even have the nerve to sell it with NUM, which they discontinued for the Mac, what, last year...

        To be used at the owner's expense...
        • Yep. They should've pulled Systemworks on version 2.0, which was simply a repackaged version 1.0 with a couple of extra third party programs to "round it out". Version 1.0 and version 2.0 were identical except that they added Dantz Retrospect Express Backup and Aladdin Spring Cleaning and called it version 2.0. I've boycotted their products ever since. They actually had a version 3 at one point, it's still on their site [symantec.com]. And they even have the nerve to sell it with NUM, which they discontinu

  • by kevin lyda ( 4803 ) * on Monday October 03, 2005 @01:15PM (#13706099) Homepage
    "Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?"

    Yes, because when I think "secure software," I immediately think of Microsoft.
  • Symantec's products, in my experience, create a lot of instability in Mac OS X and are very difficult to thoroughly remove. They also create a lot of unnecessary conflicts that can disable services you were using if you don't know how to go into all the kernel extension and other system folders to eliminate the software. I know OS X isn't the most secure OS in the world, but I would prefer to go without third party security than use Symantec's products, until and unless they learn how to make their produc
  • Wrong question (Score:3, Informative)

    by lpangelrob ( 714473 ) on Monday October 03, 2005 @01:49PM (#13706393)
    Do you think Apple should start following Microsoft's model by rating vulnerabilities and patches?

    That's probably the wrong question. Being such a large company, you have to assume they rate vulnerabilities and patches -- it's almost impossible to produce high-quality software like OS X without rating patches.

    The question is whether or not to release the information to the public. I can't imagine that doing so would be practically useful. If you already know what the vulnerability is, without rating it, you have a better leg up on understanding its severity, and you likely have sources of alternative workarounds until the official patch.

  • Numbers (Score:3, Insightful)

    by thebdj ( 768618 ) on Monday October 03, 2005 @02:11PM (#13706582) Journal
    Something a few other people have mentioned, I believe, that is quite important to the idea of Mac's and virii is the number of Mac's in use. See with Windows there simply are sheer numbers of machines to replicate and distribute any bug and in more then 9 out of 10 cases, the next machine it finds is running Windows and the worst of M$'s problems extend throughout multiple operating systems.

    The problem for a virus with a Mac is the lack of replicating fodder. There just simply are not enough machines to find in order to properly replicate the virus. It would have to be somehow cross platform in order to guarantee its own survival. There is also the 'ego' side of virus writing, which if it truly exists, means that anyone writing a widespread virus is doing it to show off. It is their idea of a thrill to watch millions of computers crippled and tons of news coverage. The problem is a Mac virus would be little more then a blip on the radar.

    Yes, Symantec is probably seeking some revenue; however, I really doubt they need to fear anything M$ puts out with Vista. I mean we are talking about a company that thus far has been unable to create a very successful Firewall and cannot secure their web browser. Besides, it is M$...how long before someone finds the viscious hole in any virus scanner they write...then your virus program can delete all sorts of fun stuff, all in the name of virus protection...
    • Re:Numbers (Score:5, Informative)

      by argent ( 18001 ) <(peter) (at) (slashdot.2006.taronga.com)> on Monday October 03, 2005 @05:10PM (#13707935) Homepage Journal
      Something a few other people have mentioned, I believe, that is quite important to the idea of Mac's and virii is the number of Mac's in use

      It's not near as important as Microsoft's astroturfers argue.

      Back in 1997 when Microsoft opened up the Active Desktop/Content/whatever security hole, the infection rate I saw on Windows boxes went through the roof in a matter of months. This was not accompanied by anything like the same kind of increase in Windows installations... it was clearly caused by a specific action that Microsoft took, and one that they have yet to undo... and this has a much bigger effect on the prevalence of Windows viruses than the market share of the OS.
  • by Val314 ( 219766 ) on Monday October 03, 2005 @03:12PM (#13707080)
    Pretty much every Windows PC i've got to repair was filled with Ad/Spyware that caused the problems
    Those Apps are installed by the user. (well some of them are installed by exploiting IE flaws, but most of them are bundled with apps that a user installed)

    Nothing stopps Spyware Authors to write Mac Versions to mess up Mac OS X.
  • And the solution is? (Score:5, Interesting)

    by mlewan ( 747328 ) on Monday October 03, 2005 @11:31PM (#13710054) Homepage Journal
    It is not difficult to see that there may be security holes in MacOS X that can be exploited. It is not difficult to see that one should try to protect oneself against exploits.

    However, why on earth would one think that Symantec is the solution to the problem? If there is a known problem, Apple will patch it. If it is an unknown problem, Symantec cannot fix it.

  • I was a loyal Symantec user and used their product religiously on my PCs and Macs, knowing that sooner or later something ugly would rip through the Mac community. When I renewed a license on the Mac side the license they gave me didn't work. I emailed customer service twice and still received no response. When I read the fine print, the license must be applied within a month of being issued or it does not work. I did that, and followed all of their installation directions, but no luck. The lack of res
  • by chia_monkey ( 593501 ) on Tuesday October 04, 2005 @05:40PM (#13717521) Journal
    There's a big difference in the sources where people get their virus news. On the Windows side, you see it in trade journals, on news sites, even on TV when there's a big virus making Windows machines crap out left and right. Yet...you only hear about Mac viruses from companies (Symantec?) who are trying to make a buck. Maybe when I read about Mac viruses in InfoWorld or some other news source I'll be mildly concerned.
  • by grouchofan ( 921134 ) on Friday October 07, 2005 @08:26AM (#13738749) Homepage
    I found a serious one when I was doing some testing prior to the implementation of Mac OS X 10.3. As far as I know, this issue still exists despite my reporting it to BOTH Symantec and Apple... (I believe Symantec did something about it in their latest version, though I haven't had a chance to test it yet... but I know OS X would still allow the problem in 10.4.)

    The scenario goes like this: Create a cron task to update Norton AV for Mac from the command line. Log off the system. Unplug the network cable. Wait for the cron task to fire. Norton tosses up an error box indicating that it couldn't update itself. This error message appears OVER the login screen, along with an Apple menu that shows you logged in as the administrator user who setup that cron to update Norton. Even without logging in you have limited access to OS X as AN ADMINISTRATOR!

    (I discovered this little "hiccup" when I'd configured Norton to auto-update and found that our network had experienced a problem overnight when the update was scheduled to take place. Imagine my surprise to come in and find a machine with an administrator's Apple menu accessible and no one logged into it!)

    Personally, I think applications shouldn't be able to display GUI elements if the user initiating those applications isn't logged in at the moment, and certainly not if NO ONE is logged in.

    For slightly more information on how to update Norton AV 8.0 and 9.0 from the command line and via cron, see: http://mikesalsbury.com/mambo/content/view/115/ [mikesalsbury.com]

This restaurant was advertising breakfast any time. So I ordered french toast in the renaissance. - Steven Wright, comedian

Working...