Munir Kotadia is a journalist who specialises in internet security - and he’s had enough of security experts continued refusal to simply admit Macs are more secure.
“Have you noticed the most popular laptop brand on display at any security conference?,” he writes, “In my experience Apple Macs seem to make up significantly more than the five percent usually attributed to them.”
It goes on from there, with his chat with Dmitri Alperovitch, McAfee's vice president of threat research, posted below. Read his report where he writes, “For years now I have heard security companies and analysts claim that Apple Macs are just as vulnerable as Windows and the only reason there is virtually no malware for the Mac is because it has such a tiny market share.”
but its true... why would you spend 6 months trying to target ~%9.5, when you could target over %90. but that doesn't mean apple cant do anything about it, they dont have to. if and when their market share goes up, so will there adherence to malware.
You really think there's no motivation to make a virus for OS X? Even when a trojan pops up, it's all over the tech news. Imagine the coverage if somebody actually made a widespread virus for Macs. Imagine how many Apple bashers would be creaming their pants.
And why does Linux have viruses? It's much less popular than OS X.
A lot of hacks are out there to make money, but Hackers themselves are usually interested in "Sh*ts, giggles and notoriety" - is the whole industry really telling us that Hackers cannot "be bothered" with the Mac platform? Or is the reality that as a platform it's just too difficult to do - that's not to say it's impossible, but it is way way more difficult than going after Windows.
@NoiseDamaged - that argument really doesn't hold water because EVERY other software field (financial, entertainment, games, productivity, social media, etc) produces versions of their software for Mac. Boxee, for example, led with a Mac version before porting to Windows. Many companies produce only Mac software.
It don't think we have to call Tim Roth in to see that this guy is lying. Can't blame him though, if you get a mac you don't have to pay him any money!
There is very nasty malware out there for the Mac. I've seen users ignore the risk, ignore protecting themselves because they think there is no security risk.
That is not true. Mac might be "safer", but that doesn't mean its totally safe. You still have to be careful. Snow Leopard even includes code to detect the two nastiest malwares in circulation.
- Don't run applications if you don't trust their source. Thats opening the door. Trivial to write software that harms your system or userid.
- Avoid logging in as administrator. If you do and run malware, it can compromise your entire system and you may not know it. Run as a user and you probably limit the damage to that userid.
- Use an outbound firewall like LittleSnitch and checkout any unusual outbound communication.
- Avoid applications which require admin userid/pw to install. There's rarely a need for it. Once you open the door the install could do anything and you may not know it.
What's interesting is that all the Mac malware that I'm aware of depends on social engineering to get installed: pirated software, free porn-video-codecs, etc. Nothing self-replicating exists that I've heard of.
I've been trialling iAntivirus on one Mac at work, and it has yet to find anything nefarious. I'm the admin of a small computer network at my office, and I've been trying to see if it's worth the performance issues to put it on all the Macs in the office. So far, it's not. We do have a gateway/firewall that scans all incoming traffic and blocks a lot of sites that cause problems (Untangle is awesome!), and that seems to have been the best investment in securing our office network.
I certainly don't take my network's security lightly, but I also am much more at ease knowing the entire network is Mac (and a little Linux) and not malware-prone Windows.
What's interesting is that all the Mac malware that I'm aware of depends on social engineering to get installed: pirated software, free porn-video-codecs, etc. Nothing self-replicating exists that I've heard of.
I've been trialling iAntivirus on one Mac at work, and it has yet to find anything nefarious. I'm the admin of a small computer network at my office, and I've been trying to see if it's worth the performance issues to put it on all the Macs in the office. So far, it's not. We do have a gateway/firewall that scans all incoming traffic and blocks a lot of sites that cause problems (Untangle is awesome!), and that seems to have been the best investment in securing our office network.
I certainly don't take my network's security lightly, but I also am much more at ease knowing the entire network is Mac (and a little Linux) and not malware-prone Windows.
I really don't understand this comment. Virtually all apps require logging in as an administrator to install. The adminstrator group has the rights to alter the standard directories (/etc, var/, /bin), files and permissions for a normally installed application. Maybe you mean install them in nonstandard directories? If there is a way to do this in general in Mac OS X with apps that try to install in standard directories, please elaborate. Fink, which installs Linux developed applications on a Mac, does this, but that is so it doesn't collide with files installed by OS X apps.
The most important rule indeed is do not install an application if you do not know or do not trust the source. I honestly do not know of a worm or virus in Mac OS X that does not require the user to give permissions to install it, or at least run the executable. The executable has all the rights the user who runs it does.
A non-admin user can make a new folder in his own account (same place is Documents and Music folders are) and name it Applications He can then install any apps he wants in there without requiring admin password. Even this new folder's icon will change to look the same as your global applications folder.
If you hear enough people say it, it must be true, right? I think people will simply repeat what other people say, if they hear it often enough, without doing reaserch for themselves. While an operating system is never going to be 100% secure, some are a lot more secure then others. Mac OS X is based on UNIX which was designed to be secure from the very beginning.
Windows started worrying about security too late in the game and finally started to impliment it in what, Vista? At least in the end user market anyway.
If you hear enough people say it, it must be true, right? I think people will simply repeat what other people say, if they hear it often enough, without doing reaserch for themselves. While an operating system is never going to be 100% secure, some are a lot more secure then others. Mac OS X is based on UNIX which was designed to be secure from the very beginning.
Windows started worrying about security too late in the game and finally started to impliment it in what, Vista? At least in the end user market anyway.
Hackers don't do things for monetary gain alone. People have been claiming Mac invisibility for years. That's a challenge that you'd think you're average 16 year old hacker wouldn't be able to resist. I mean, think of the street cred you get for making a wide spreading mac virus. Imagine the looks on all the faces of all the hipsters in the Mission district as their expensive computers fail one at a time like dominos. How could that be passed up if it was possible?
Apple even claims, on their website, "Yes, a Mac is 100 percent safe from viruses designed to attack PCs.And although no computer connected to the Internet is completely immune to all viruses and spyware, the Mac is built on a solid UNIX foundation and designed with security in mind." (http://www.apple.com/getamac/faq/).
Mac's are 100 percent safe from viruses designed for PC's. They never said anything about Mac viruses.
Anyway, I have several Macs, some are nearing ten-years-old and they work perfectly fine. Never had a problem with them before.
The topic of security is not quite understood. It is not the same that a computer is INFECTED or a computer is AFFECTED. Many Macs have viruses in their files, but since the MacOS don't understand the virus, they keep working for years because it is not AFFECTED, just infected.
A windows computer can have firewall, antivirus, patched, service packs, antyspywares and all those security programs, but still, BILLIONS of dollars has been lost because windows computer gets AFFECTED by some new virus or worm or security hole. That is a FACT (read the news, conflickter C, Natas, MichelAngelo, and so many virus that has hit computer and bring down entire systems.
SO that is the main security issue, FACT vs PROBABILITY. Which computer platform is more affected in a certain period of time in relation with it installed base? From every 10 windows computer, 7 has been affected, from every 10 Macs computer, just 1. That is a fact, not a probability.
I think you're right when you say the concept is not well understood. It is the virus that doesn't understand OS X, not the other way around.
I don't see how a Mac with a file that contains a PC virus would be considered "infected." It is the file that is infected, not the OS. An infected OS actually replicates and actively passes on the virus. The Mac would pass it on inadevertantly during normal operations.
Clamav basically is used to catch infected files and prevent them from being passed through unix type systems, most of which do not affect them.
"I don't see how a Mac with a file that contains a PC virus would be considered "infected." It is very easy, that is because Mac works in windows environment, so many people spread files with virus, and they both get to the Macs and the PC in the network, so they both get infected, but only Windows PC are affected by the virus. It's now clear enough for you? ;)
If he believes that "the only reason there is virtually no malware for the Mac is because it has such a tiny market share," then why is he wasting time and effort producing antivirus for it, as long as the market share is tiny? He's been doing that for the last 10 years - selling a product for which there is absolutely no use. But he claims no one can be bothered to create a virus for it? Yet he finds it economical to create an antivirus program for it? How can people buy this logic?
Delicious
Digg
StumbleUpon
Reddit
Facebook
Google
Yahoo
Comments
but its true... why would you
but its true... why would you spend 6 months trying to target ~%9.5, when you could target over %90. but that doesn't mean apple cant do anything about it, they dont have to. if and when their market share goes up, so will there adherence to malware.
You really think there's no
You really think there's no motivation to make a virus for OS X? Even when a trojan pops up, it's all over the tech news. Imagine the coverage if somebody actually made a widespread virus for Macs. Imagine how many Apple bashers would be creaming their pants.
And why does Linux have viruses? It's much less popular than OS X.
yes, but....
A lot of hacks are out there to make money, but Hackers themselves are usually interested in "Sh*ts, giggles and notoriety" - is the whole industry really telling us that Hackers cannot "be bothered" with the Mac platform? Or is the reality that as a platform it's just too difficult to do - that's not to say it's impossible, but it is way way more difficult than going after Windows.
Is there a link to the actual
Is there a link to the actual article? I'm missing it.
Yeah, early morning
Yeah, early morning forgetfullness - link is added.
@NoiseDamaged
@NoiseDamaged - that argument really doesn't hold water because EVERY other software field (financial, entertainment, games, productivity, social media, etc) produces versions of their software for Mac. Boxee, for example, led with a Mac version before porting to Windows. Many companies produce only Mac software.
It don't think we have to
It don't think we have to call Tim Roth in to see that this guy is lying. Can't blame him though, if you get a mac you don't have to pay him any money!
Let's see if I got
Let's see if I got this....
A security software vendor says that there are threats that target Mac users.
Yeah I trust him.
You have to be careful
You have to be careful though.
There is very nasty malware out there for the Mac. I've seen users ignore the risk, ignore protecting themselves because they think there is no security risk.
That is not true. Mac might be "safer", but that doesn't mean its totally safe. You still have to be careful. Snow Leopard even includes code to detect the two nastiest malwares in circulation.
- Don't run applications if you don't trust their source. Thats opening the door. Trivial to write software that harms your system or userid.
- Avoid logging in as administrator. If you do and run malware, it can compromise your entire system and you may not know it. Run as a user and you probably limit the damage to that userid.
- Use an outbound firewall like LittleSnitch and checkout any unusual outbound communication.
- Avoid applications which require admin userid/pw to install. There's rarely a need for it. Once you open the door the install could do anything and you may not know it.
Social engineering
What's interesting is that all the Mac malware that I'm aware of depends on social engineering to get installed: pirated software, free porn-video-codecs, etc. Nothing self-replicating exists that I've heard of.
I've been trialling iAntivirus on one Mac at work, and it has yet to find anything nefarious. I'm the admin of a small computer network at my office, and I've been trying to see if it's worth the performance issues to put it on all the Macs in the office. So far, it's not. We do have a gateway/firewall that scans all incoming traffic and blocks a lot of sites that cause problems (Untangle is awesome!), and that seems to have been the best investment in securing our office network.
I certainly don't take my network's security lightly, but I also am much more at ease knowing the entire network is Mac (and a little Linux) and not malware-prone Windows.
Social engineering
What's interesting is that all the Mac malware that I'm aware of depends on social engineering to get installed: pirated software, free porn-video-codecs, etc. Nothing self-replicating exists that I've heard of.
I've been trialling iAntivirus on one Mac at work, and it has yet to find anything nefarious. I'm the admin of a small computer network at my office, and I've been trying to see if it's worth the performance issues to put it on all the Macs in the office. So far, it's not. We do have a gateway/firewall that scans all incoming traffic and blocks a lot of sites that cause problems (Untangle is awesome!), and that seems to have been the best investment in securing our office network.
I certainly don't take my network's security lightly, but I also am much more at ease knowing the entire network is Mac (and a little Linux) and not malware-prone Windows.
Avoid apps that require an admin userid/pw to install?
I really don't understand this comment. Virtually all apps require logging in as an administrator to install. The adminstrator group has the rights to alter the standard directories (/etc, var/, /bin), files and permissions for a normally installed application. Maybe you mean install them in nonstandard directories? If there is a way to do this in general in Mac OS X with apps that try to install in standard directories, please elaborate. Fink, which installs Linux developed applications on a Mac, does this, but that is so it doesn't collide with files installed by OS X apps.
The most important rule indeed is do not install an application if you do not know or do not trust the source. I honestly do not know of a worm or virus in Mac OS X that does not require the user to give permissions to install it, or at least run the executable. The executable has all the rights the user who runs it does.
installing applications
A non-admin user can make a new folder in his own account (same place is Documents and Music folders are) and name it Applications He can then install any apps he wants in there without requiring admin password. Even this new folder's icon will change to look the same as your global applications folder.
Original article
Original article here: http://www.crn.com.au/News/159956,commentary-experts-in-denial-about-mac-security.aspx
If you hear enough people say
If you hear enough people say it, it must be true, right? I think people will simply repeat what other people say, if they hear it often enough, without doing reaserch for themselves. While an operating system is never going to be 100% secure, some are a lot more secure then others. Mac OS X is based on UNIX which was designed to be secure from the very beginning.
Windows started worrying about security too late in the game and finally started to impliment it in what, Vista? At least in the end user market anyway.
I'm not buying it either.
If you hear enough people say
If you hear enough people say it, it must be true, right? I think people will simply repeat what other people say, if they hear it often enough, without doing reaserch for themselves. While an operating system is never going to be 100% secure, some are a lot more secure then others. Mac OS X is based on UNIX which was designed to be secure from the very beginning.
Windows started worrying about security too late in the game and finally started to impliment it in what, Vista? At least in the end user market anyway.
I'm not buying it either.
Hackers don't do things for
Hackers don't do things for monetary gain alone. People have been claiming Mac invisibility for years. That's a challenge that you'd think you're average 16 year old hacker wouldn't be able to resist. I mean, think of the street cred you get for making a wide spreading mac virus. Imagine the looks on all the faces of all the hipsters in the Mission district as their expensive computers fail one at a time like dominos. How could that be passed up if it was possible?
Apple claims...
Apple even claims, on their website, "Yes, a Mac is 100 percent safe from viruses designed to attack PCs. And although no computer connected to the Internet is completely immune to all viruses and spyware, the Mac is built on a solid UNIX foundation and designed with security in mind." (http://www.apple.com/getamac/faq/).
Mac's are 100 percent safe from viruses designed for PC's. They never said anything about Mac viruses.
Anyway, I have several Macs, some are nearing ten-years-old and they work perfectly fine. Never had a problem with them before.
Problem: FACTS vs Problability
The topic of security is not quite understood. It is not the same that a computer is INFECTED or a computer is AFFECTED. Many Macs have viruses in their files, but since the MacOS don't understand the virus, they keep working for years because it is not AFFECTED, just infected.
A windows computer can have firewall, antivirus, patched, service packs, antyspywares and all those security programs, but still, BILLIONS of dollars has been lost because windows computer gets AFFECTED by some new virus or worm or security hole. That is a FACT (read the news, conflickter C, Natas, MichelAngelo, and so many virus that has hit computer and bring down entire systems.
SO that is the main security issue, FACT vs PROBABILITY. Which computer platform is more affected in a certain period of time in relation with it installed base? From every 10 windows computer, 7 has been affected, from every 10 Macs computer, just 1. That is a fact, not a probability.
Backwards
I think you're right when you say the concept is not well understood. It is the virus that doesn't understand OS X, not the other way around.
I don't see how a Mac with a file that contains a PC virus would be considered "infected." It is the file that is infected, not the OS. An infected OS actually replicates and actively passes on the virus. The Mac would pass it on inadevertantly during normal operations.
Clamav basically is used to catch infected files and prevent them from being passed through unix type systems, most of which do not affect them.
Of courso you don't see it.
"I don't see how a Mac with a file that contains a PC virus would be considered "infected." It is very easy, that is because Mac works in windows environment, so many people spread files with virus, and they both get to the Macs and the PC in the network, so they both get infected, but only Windows PC are affected by the virus. It's now clear enough for you? ;)
Antivirus
If he believes that "the only reason there is virtually no malware for the Mac is because it has such a tiny market share," then why is he wasting time and effort producing antivirus for it, as long as the market share is tiny? He's been doing that for the last 10 years - selling a product for which there is absolutely no use. But he claims no one can be bothered to create a virus for it? Yet he finds it economical to create an antivirus program for it? How can people buy this logic?
Post new comment