Comments on: Are Macs really vulnerable to hackers? http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers The latest in personal technology Fri, 29 Aug 2008 01:32:33 +0000 http://wordpress.org/?v=2.6.1 By: MAC User http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-203 MAC User Sun, 28 Aug 2005 18:06:49 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-203 received my first malware on OS 10.4.2 Tiger. Infected the web browsers. Anytime I went to google, it took me to another sight. received my first malware on OS 10.4.2 Tiger. Infected the web browsers. Anytime I went to google, it took me to another sight.

]]> By: Mel http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-202 Mel Thu, 24 Mar 2005 23:27:17 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-202 I have been using Macs since 1985, yes, twenty years. I'll never say that there isn't any malware for Macs, but I have never contracted so much as a Word macro virus on my Macs over the years. Yes, there have been a few; the one that probably spread the most was the Autostart Worm that infected a Mac that had the CD autostart enabled. It even got into a couple of commercial CD releases. But the Mac OS has never been as vulnerable as Windows and it appears that OS X is just as good in that regard. The argument that it doesn't get attacked because of small market share only plays when you talk about commercial malware. Zombie remailers are only good if you have a lot of them, and in relative terms there aren't a lot of Macs, so it's not profitable. However, I'm sure some malware author would love to earn his chops by being the first 1337 h4x0r to write a virulent Mac worm or virus. But it still hasn't happened. I had the same reaction as Mike to Symantec's self-serving press release - they're playing up a small number of isolated incidents to try to make a little more money. Intego tried the same thing last year. I still haven't bought any antivirus software and I don't plan to, especially when I read the complaints attached to every vendor in the field. When I see some real evidence that someone is having success breaking into Macs, I'll look for an open-source solution. I have been using Macs since 1985, yes, twenty years. I’ll never say that there isn’t any malware for Macs, but I have never contracted so much as a Word macro virus on my Macs over the years. Yes, there have been a few; the one that probably spread the most was the Autostart Worm that infected a Mac that had the CD autostart enabled. It even got into a couple of commercial CD releases. But the Mac OS has never been as vulnerable as Windows and it appears that OS X is just as good in that regard. The argument that it doesn’t get attacked because of small market share only plays when you talk about commercial malware. Zombie remailers are only good if you have a lot of them, and in relative terms there aren’t a lot of Macs, so it’s not profitable. However, I’m sure some malware author would love to earn his chops by being the first 1337 h4×0r to write a virulent Mac worm or virus. But it still hasn’t happened. I had the same reaction as Mike to Symantec’s self-serving press release - they’re playing up a small number of isolated incidents to try to make a little more money. Intego tried the same thing last year. I still haven’t bought any antivirus software and I don’t plan to, especially when I read the complaints attached to every vendor in the field. When I see some real evidence that someone is having success breaking into Macs, I’ll look for an open-source solution.

]]> By: Martin Hill http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-201 Martin Hill Thu, 24 Mar 2005 05:06:45 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-201 I'm afraid Symantec's widely reported marketing material is misleading and self-serving (it would after all be surprising for them not to attempt to encourage the development of new market segments in light of Microsoft's competitive entry into the AV market). Let's look at the statistics: Microsoft Windows: Viruses and Worms = 70,000+ (symantec.com) Spyware programs = 78,000 (www.pestpatrol.com) Burrowers = 40 (www.pestpatrol.com) 80% of PCs infected with spyware (webroot.com) Last year alone (www.pestpatrol.com): 500 new Trojans 500 new keyloggers 1,287 new adware apps Mac OS X: Viruses and Worms = 0 Spyware programs = 0 Adware = 0 Keyloggers = 0 Burrowers = 0 Trojans = 3 Rootkit = 1 Note that Trojans can't spread by themselves - they are bits of code that pretend to be something innocuous and need to be downloaded and opened by an authorised user. In the case of the three targeting Mac OS X, two are harmless while the third issues a rm -rf command if run by a user. Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself. Symantec's espousal of the theory of "Security through Obscurity" fails to explain the fact that the number 1 web server, open source Apache with around 69% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which comes in at only 21% marketshare (Netcraft.com). It also does not explain why the many flavours of Linux suffer from so many instances of malware despite having as small a marketshare as OS X. 37 vulnerabilities (mostly in open source components of Mac OS X) which were promptly patched by Apple does not constitute "increased attacks on OS X" as no attacks using any of these now closed vulnerabilities have been recorded. John Gruber has a useful article on why Windows suffers so much malware: <a href="http://daringfireball.net/2004/06/broken_windows" rel="nofollow">http://daringfireball.net/2004/06/broken_windows</a> However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 10 million+ OS X users out there - however, today is not that day. Mac OS X has been sitting untouched for 4 years now pretty much without blemish which speaks to a very impressive security story even if/when some effective malware appears. This is the constructive issue everyone should be writing about. Martin Hill Information Management Services Curtin University of Technology Western Australia I’m afraid Symantec’s widely reported marketing material is misleading and self-serving (it would after all be surprising for them not to attempt to encourage the development of new market segments in light of Microsoft’s competitive entry into the AV market).

Let’s look at the statistics:

Microsoft Windows:
Viruses and Worms = 70,000+ (symantec.com)
Spyware programs = 78,000 (www.pestpatrol.com)
Burrowers = 40 (www.pestpatrol.com)
80% of PCs infected with spyware (webroot.com)
Last year alone (www.pestpatrol.com):
500 new Trojans
500 new keyloggers
1,287 new adware apps

Mac OS X:
Viruses and Worms = 0
Spyware programs = 0
Adware = 0
Keyloggers = 0
Burrowers = 0
Trojans = 3
Rootkit = 1

Note that Trojans can’t spread by themselves - they are bits of code that pretend to be something innocuous and need to be downloaded and opened by an authorised user. In the case of the three targeting Mac OS X, two are harmless while the third issues a rm -rf command if run by a user.

Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself.

Symantec’s espousal of the theory of “Security through Obscurity” fails to explain the fact that the number 1 web server, open source Apache with around 69% marketshare has far fewer attacks (including viruses and worms) than Microsoft’s IIS which comes in at only 21% marketshare (Netcraft.com). It also does not explain why the many flavours of Linux suffer from so many instances of malware despite having as small a marketshare as OS X.

37 vulnerabilities (mostly in open source components of Mac OS X) which were promptly patched by Apple does not constitute “increased attacks on OS X” as no attacks using any of these now closed vulnerabilities have been recorded.

John Gruber has a useful article on why Windows suffers so much malware:
http://daringfireball.net/2004/06/broken_windows

However, no software can be perfect and it would be foolish to say there won’t eventually appear some malware targeting the 10 million+ OS X users out there - however, today is not that day. Mac OS X has been sitting untouched for 4 years now pretty much without blemish which speaks to a very impressive security story even if/when some effective malware appears. This is the constructive issue everyone should be writing about.

Martin Hill
Information Management Services
Curtin University of Technology
Western Australia

]]> By: Charles Gaba http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-200 Charles Gaba Wed, 23 Mar 2005 18:38:48 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-200 When discussing the security/hacking/virus/malware issue, it's very important to explain to people the difference between a *real-world* problem (virus, spyware, trojans, etc) and a *potential* problem (security hole/vulnerability). OS X has--at this moment, at least--ZERO of the former. Of the latter, it's my understanding that all of those 37 supposed issues were quickly & cleanly dealt with, just as pretty much all of Apple's occasional security updates do (unlike Windows updates, which generally take forever to release and often botch things up even worse than before). When discussing the security/hacking/virus/malware issue, it’s very important to explain to people the difference between a *real-world* problem (virus, spyware, trojans, etc) and a *potential* problem (security hole/vulnerability).

OS X has–at this moment, at least–ZERO of the former.

Of the latter, it’s my understanding that all of those 37 supposed issues were quickly & cleanly dealt with, just as pretty much all of Apple’s occasional security updates do (unlike Windows updates, which generally take forever to release and often botch things up even worse than before).

]]> By: Teejay http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-199 Teejay Wed, 23 Mar 2005 18:14:11 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-199 37? WOW... In the Windows world, they'll have that many between now...... ...and now :-) 37? WOW…

In the Windows world, they’ll have that many between now……

…and now :-)

]]> By: mnystedt http://pcmike.com/-2-2-2-2-2/are-macs-really-vulnerable-to-hackers#comment-198 mnystedt Wed, 23 Mar 2005 17:31:25 +0000 http://pcmike.com/uncategorized/are-macs-really-vulnerable-to-hackers#comment-198 I remember viruses back in the pre-X days, and there were some nasty ones around, but Disinfectant always took care of them :-) On OS X I've had no problems with viruses. I ran Norton AV for a bit and it detected one virus once, but it was a PC virus in an email attachment. It's a matter of time before we'll experience something more substantial on OS X in terms of viruses, worms etc. Sooner or later it'll happen. But in my experience Symantec's current claims are a bit much and not in line with reality. I remember viruses back in the pre-X days, and there were some nasty ones around, but Disinfectant always took care of them :-)
On OS X I’ve had no problems with viruses. I ran Norton AV for a bit and it detected one virus once, but it was a PC virus in an email attachment.

It’s a matter of time before we’ll experience something more substantial on OS X in terms of viruses, worms etc. Sooner or later it’ll happen. But in my experience Symantec’s current claims are a bit much and not in line with reality.

]]>