Status on Mac oriented viruses?

[Puguni]

I remember about a year ago or so people were talking about how Macs were good because viruses were more catered to PCs, but is that still true now? I mean, with the iPod and iPhone paving the way to more Mac uses, I suspect more hackers are looking into this more developed market.

Excuse my naivety, I don't know much in this area.

[Jingo Jaden]

Hmmmm, well is getting bigger, and so the market will pay more attention to it. Mac's have a few viruses now that could potentialy damage their computers, and little defence to it as far as I know. Their new OS don't seem to be bringing in much security either. *At least from what I have seen*

I am guessing that mac will sometime soon release a security program to defend their computers in the future. Which hopefuly for the mac users will be free and easily accesable. Then later on follow with OS systems.

Still, the virus activity on the mac front is fairly minor at the moment, however that does not neccisarily mean it will not become major later on. A two diget annoumt of viruses now threatens a mac with *to my knowlegde* little protection against virus attacks. The pc has about 15000, but has protection for most of these in their newest OS system.

[Mr. SmartyPants]

*At least from what I have seen*

And we all know how much you've seen.

[Jingo Jaden]

And we all know how much you've seen.

Yes, in terms of the mac security I have failed to find a security program installed in their new OS.

http://www.apple.com/macosx/leopard/

It might exist in a previus OS, it might even be built in, but I have failed to spot it yet. I would expect to see at least basic security from viruses, even though there is not much virus activity yet.

Pretty much shortly summed up I just have not seen the virus protection system on a mac yet. And I am hopeing some other on this board have more knowlegde of that area. It is not criticism or posetive feedback, just shortly summed up what I have seen.

One thing is fairly sure though, if viruses tend to develop once inside the market. So hopefuly they will *or already have* security for the time beeing and short term future.

[Mr. SmartyPants]

Except that my iBook asks me to install new security updates nearly each month (And it's way less of a hassle and doesn't kill my freaken computer like WinXP's updates do).

Pretty much shortly summed up I just have not seen the virus protection system on a mac yet. And I am hopeing some other on this board have more knowlegde of that area. It is not criticism or posetive feedback, just shortly summed up what I have seen.

They have stuff like Norton for OS X.

[Jingo Jaden]

Well, that is bascily where some of the more advanced questitons comes into play. I know they have Norton for OS X, but I am not sure to what extent it deals with virus protection, virus spotting and virus cleanup. As for the security updates it is much the same, if the updates features protection/survailance and cleanup. I don't know much about the Norton versions the mac use, or the features of the security updates.

Hopefuly the security is already there, free with the updates and such. Perhaps Norton *Who is a bit demanding computer wise* have the security required. I don't know, last time I activly used a mac *for about 1,5 years* viruses did not even sligthly pose a threat to the computer I used. So I did not need to worry.

[Raiden no Kishi]

You won't find many viruses for Macs for a simple reason: Macs make up a rather small portion of the market. Windows-based systems are the rule ~ Macs are an exception. Ergo, hackers are more familiar with Windows-based systems, and can wreak more havoc if they make Windows users the targets of their jackassery. I'm on my second Mac and I haven't had any virus troubles at all. The reason there's little security is because there's essentially no threat. If no-one has any reason to shoot at you, you don't need body armor.

.rai//

[Etoh*the*Greato]

Windows are also more easily opened and tinkered with in terms of programming than OSX. Despite being based on one of the oldest still used OS's known to man, OSX is fairly closed to all but people very familiar with the system, and can be daunting to new would-be hackers.

[blkmage]

I personally don't buy the Mac has a smaller market share argument. Why? Just imagine the notoriety and infamy someone would get if they managed to write a devastating virus for the Mac.

No the reason the Mac doesn't have many viruses today is because it's based on Unix. Just the way Unix handles admin and user access alone is one of the main reasons why viruses don't spread on Unix systems. This ties in with the other reason, that is, pretty much everyone who doesn't know how to secure a computer properly is on Windows.

Most devastating viruses in the past spread because people open attachments and run binaries with access they shouldn't have. As a result, their system files get trashed and the virus sends itself to more people.

Unix is far more open than Windows. I mean, you have access to the source for the kernel, even for OS X, which is just a BSD variant. How much more access do you want? I think the difference is that Windows makes it easy for people to do stupid, dangerous things, which is not the same as making programming for it more accessible.

[Raiden no Kishi]

: : shrugs : :

Sure, that probably contributes to it as well. However, when you consider that a hacker's desire is to cause as much chaos as they can, it stil makes sense that they would target the most common type of computer. It's not an either-or.

.rai//

[Mr. Rogers]

I personally don't buy the Mac has a smaller market share argument. Why? Just imagine the notoriety and infamy someone would get if they managed to write a devastating virus for the Mac.

No the reason the Mac doesn't have many viruses today is because it's based on Unix. Just the way Unix handles admin and user access alone is one of the main reasons why viruses don't spread on Unix systems. This ties in with the other reason, that is, pretty much everyone who doesn't know how to secure a computer properly is on Windows.

Most devastating viruses in the past spread because people open attachments and run binaries with access they shouldn't have. As a result, their system files get trashed and the virus sends itself to more people.

Unix is far more open than Windows. I mean, you have access to the source for the kernel, even for OS X, which is just a BSD variant. How much more access do you want? I think the difference is that Windows makes it easy for people to do stupid, dangerous things, which is not the same as making programming for it more accessible.

Well said. The reason OS X doesn't have many viruses is because the operating system is built securely - on UNIX. The Linux and UNIX operating systems have been around for a very long time and how they work and how they are built are out in the open for anyone to see. Why don't you see many viruses? Because the operating system itself is very secure. You don't need a security program for it - the OS itself is secure.

[LorentzForce]

No matter how many people try, you can't exploit something that was designed to be unexploitable from grounds up, not on code level, but fundamental foundation and philosophy of the whole operating system.

Oh, mind you, it's still possible to write malware for *nix systems. However, it's split in two categories;

1) User's fault. System is as secure as weakest link, here being the users, which doesn't matter what operating system you use, it'll be insecure because of the stupid user.
2) Genuine bug in a program or a bad default settings that compromises security. These, odds say, the developers already know, and most likely is already fixed before you found out.

Point is, argument "it's not a big market" is silly. What's secure is secure, and that's that, and all "hackers" already know this.

[blkmage]

The easiest way to cause the most damage is to go for Windows PCs, because not only are they not designed with security in mind, they are also not secured properly by most. The way to cause the absolute most damage would be to go for servers, and for servers, the clear majority are Unix machines, which is another reason why a Unix virus that actually did some damage (trivial ones exist) would be huge news.

[Jingo Jaden]

Hmmm, about the only windows/unix consisting file in a pc is in the DOS section, which apparently is one of the pc's weaker points to strike *As far as I know*. Window's pc tends to be secure against most viruses that are not related to direct hacker attacks, which is on a whole other level than downloadable viruses which could potentialy damage ones computer. *This of course applies that the newest security updates are installed as well as the windows defender* As for security level's, the new viruses indicates that Unix opperation systems other than DOS also are vunerable to viruses. And it is rather early in the development of viruses on the mac front. I think it is highly likely to see a stronger development in that front unforunate as it may be. And security or security updates will also hopefuly be ready to defend. The pc front has been under virus bombardment for along time, so naturaly they are trying to keep up with virus development on their front. *Which is increaseingly becomeing more intense*.

Still, until I see a virus that could potentialy damage mac's on a large scale, I will not pull any triggers. Virus development on that front is highly likely to continue and expand, so hopefuly if one of those viruses ever gets released, mac will already have security enough to spot and make sure no damage occurs.

[LorentzForce]

There is no DOS on Windows NT kernels, only cmd.exe.

Unix isn't DOS. DOS isn't Unix either.

It's operating system, not operation system.

As I mentioned. Unix is highly secure, if made properly (as majority of Linux and BSD flavors).

Unix isn't just an operating system, it's a principle, and a bunch of philosophies on how an operating system should work.

Please don't spout nonsense, there's no "stronger development" of viruses on *nix system.

[blkmage]

DOS, which is simply another operating system like Windows or Unix, has been made obsolete for almost six years now, with the introduction of Windows XP. I think your confusion is associating any command line interface with DOS. Fortunately, most other popular command line shells are much more feature rich and secure than DOS.

The reason why DOS was so insecure was because it had lower level access to the system and no real security. This is also the reason why earlier versions of Windows were just as bad: because they were simply interfaces running on top of DOS, as much as they tried to hide it. That's why NT4 and its successors were so much more stable; because they did not run on top of DOS. Of course, because of this, that meant that all of the legacy hardware couldn't be supported by the new system, which is why we have the two streams of Windows for a while until they got unified into one with Windows XP.

Even though the NT kernel is much more secure than the old DOS model, it is still inferior to UNIX, which has been developed for industry use and has had almost forty years of engineering put into it.

[Mithrandir]

In the last 10+ years that I've been reading articles on this exact issue, I've found that many people like to be very vocal about this issue - despite the fact that they have little, if any, background writing worms or viruses. As a former virus author (DOS TSRs for whoever cares), I find this fact alternatively humorous and irritating.

It's always fun when people bring up this argument. It's almost a holy war for some people.

The windows people bash macs "It's small market share, that's all! if mac had more market share than windows, they would have more viruses!!!"

The mac people bash windows: "You've got more viruses. Nah nah nah nah!"

The fact of the matter is, Mac OS X is built on top of the BSD unix kernel. This makes it more secure AT INSTALL. Windows machines do not. The average time for hacking a windows XP system is shorter than the time required to install the OS and/or security patches. THEREFORE: If you install Windows XP on a machine that is directly connected to the internet, you have a greater that 50% chance of your computer becoming compromised by a virus or a worm. Mac OS 10.4 does not have this issue.

That being said, if you just download and install whatever programs you want, the chances are quite high that you'll eventually install a virus, worm, trojan horse or spy/malware application. Windows, OS X, and even UNIX will allow the superuser (administrator or root) to install any application they want. You might get a warning prompt that this could be a bad thing, but it'll let you do it, nonetheless.

Conclusion: Macs are more secure than windows computers - out of the box. Unless the user actually practices safe computing, though, it doesn't matter WHAT platform you use. Don't install anything you don't trust!!!

For the record, I've used both Windows and Macs for 10+ years, and I've never run across a macintosh virus or worm. I've run across (no exadguration) THOUSANDS of PC viruses, though.

I'm sorry, but I cannot agree with (or respect, frankly) ANYONE who trys to say that macintoshes are INHERENTLY no more secure than windows. It's simply not true.

[Jingo Jaden]

Hmmm, I think I found a name on one of the viruses that apparently caused some damage on a mac computer. Its called *The Opener*. Anyone got any info related to that? *The name was taken from an article*

[Mithrandir]

I'm not saying there are NO viruses for the mac, just that I've never really run across them outside of theoretical applications.

[Jingo Jaden]

Aye, I have used a mac for over a year, virus was not ever any of my consern. I am just thinking that if there is a way to infiltrate the mac virus wise, then it could intensify as time progress. Oh, and the question was not meant to go against the upper posts, I mean the mac has about 17 known viruses now I think, while the PC has over 15000. It is stupid to in a present sence compare the saftey in terms of virus activity, because the mac has just recently found viruses that can plauge their computers while the PC has been plauged by this for along time. I am just thinking that if they can, then it may problemise the mac more in the future. And hopefuly security that can prevent the viruses from entering the mac will be available, most hopefuly for free.

[blkmage]

The argument isn't that the Mac is more secure because there are less viruses that attack it. The Mac is more secure because it's been designed that way, whereas Windows was not. And so because the Mac is more secure, there are less viruses. And if I recall correctly, the majority of the viruses that attack UNIX require the administrator to do something ridiculously stupid to allow them to be infected, which is why virus protection for UNIX machines is unnecessary.

[Jingo Jaden]

Of course blkmage. I know that Mac was designed to protect against viruses. *which has been one of their main advantages for who know's how long* However, when I am hearing over articles about a virus that disables the mac firewall and causes alot of stir in a mac, then I am thinking that it will just be a matter of time before it intensifies and becomes worse. And if it does become worse, then I simply hope that the protection needed will be easily available.

[Bobtheduck]

Conclusion: Macs are more secure than windows computers - out of the box. Unless the user actually practices safe computing, though, it doesn't matter WHAT platform you use. Don't install anything you don't trust!!!

The third party. Thank you, Mith. Maybe this discussion will end on this note. Macs (and Unix) are safer but not bulletproof. Not always, but often the truth is closer to center.

[Jingo Jaden]

I agree with Bob there.

[Mithrandir]

Oh, and the question was not meant to go against the upper posts, I mean the mac has about 17 known viruses now I think, while the PC has over 15000. It is stupid to in a present sence compare the saftey in terms of virus activity, because the mac has just recently found viruses that can plauge their computers...

I'm not sure where you're getting your information, but I would strongly urge you to stop getting your information from that source. OSX is rather less vulnerable than older OSs, but THEY are where the real powerhouse viruses were. The idea that the mac has "just recently found viruses" is not one that I think you want to promote.

[Mr. SmartyPants]

However, when I am hearing over articles about a virus that disables the mac firewall and causes alot of stir in a mac

Didn't we just go over the fact that it's the actual operating system that's safe from viruses? I don't think presence or lack of a firewall really makes a difference.

[LorentzForce]

Notice that how such "viruses" rely on user opening it and/or typing in their user password to grant root access.

Dumb users cannot be avoided. Not even OpenBSD can protect you against stupidity.

[Jingo Jaden]

Didn't we just go over the fact that it's the actual operating system that's safe from viruses? I don't think presence or lack of a firewall really makes a difference.

That was apparently only one of the features. I will paste the article here.

***A malicious script that spies on Apple Mac users was discovered over the weekend. The malware, which has been dubbed 'Opener' by Mac user groups, disables Mac OS X's built-in firewall, steals personal information and can destroy data.

Security experts say these traits are common among the thousands of viruses targeting Microsoft's ubiquitous Windows operating system but are virtually unheard of amongst the Apple Macintosh community.

Paul Ducklin, Sophos' head of technology in the Asia Pacific, told ZDNet Australia that the malware, which Sophos calls Renepo, is designed to infect any Mac OS X drives connected to the infected system and it leaves affected computers vulnerable to further hacker attack.

Ducklin said Opener disables Mac OS X's built in firewall, creates a back door so the malware author can control the computer remotely, locates any passwords stored on the hard drive and downloads a password cracker called JohnTheRipper.

According to Ducklin, Opener tries to spread by copying itself to any drive that is mounted to the infected computer. This could be a local drive, part of a local network or a remote computer.

Most worryingly, according to Ducklin, this could be the start of a spate of malware that uses Mac OS X's scripting features against its users.

"The existence of Unix shells -- such as Bash for which Opener is written -- and the presence of powerful networking commands opens up the game a little bit for Mac users. It is no longer necessary to know about Mac file formats or executables you can write your malware in script and if you really wanted to you could probably write a portable virus that would run on many flavours of Unix (and Mac)," said Ducklin.

Chris Waldrip, president of the US-based Atlanta Macintosh Users Group, posted a detailed description of Opener on the MacInTouch Web site.

According to Waldrip, who admits the malware has him "a bit spooked", Opener seems to have started out with a "legitimate purpose" but has now been developed into a replicating piece of malware.

"I'm not sure how this could be guarded against," he said.

Mikko Hyppönen, director of antivirus research at F-Secure, said that viruses targeting the Macintosh system virtually disappeared in the late 80s.

"Things have been really quiet on Macintosh front, virus-wise. Back in the late 1980s, viruses used to be a much bigger problem on Macs than on PCs. We here at F-Secure used to have an antivirus product for Mac but discontinued it after the macro viruses died out," said Hyppönen.

Symantec said users of Norton AntiVirus for Mac OS X were protected as long as they had updated their signatures over the weekend. A spokesperson for the company said the relevant signature files had been available since Friday evening. ***

[Mithrandir]

So... No discussion of the attack vector? That may not be particularly relevant to the discussion at hand.

And I'm afraid I have to disagree with MSP on that firewall comment. Something you will learn in information systems is the value of layering your protection. The idea being that one level might be vulnerable to a specific attack, but you'll be protected by another level. Read Bill McCarthy's SELinux book (OR&A) for more information on that one.

[Mr. SmartyPants]

And I'm afraid I have to disagree with MSP on that firewall comment. Something you will learn in information systems is the value of layering your protection. The idea being that one level might be vulnerable to a specific attack, but you'll be protected by another level. Read Bill McCarthy's SELinux book (OR&A) for more information on that one.

Oy, thanks for the correction!