Canadian TV, Computing and Home Theatre Forums banner

Status
Not open for further replies.
1 - 15 of 15 Posts

·
Member #1
Joined
·
47,683 Posts
Discussion Starter #1
Q: Is there a Mac OS X virus loose on the Internet?
A: Technically, no. As far as I know, no Mac OS X virus has ever been detected in the wild. But there are other kinds of Mac malware out there that you should know about.
Story.

We've been talking for years that if Mac sales volumes go up then hackers could turn their eyes to Apple.

While the number of issues is minuscule, I think it bears repeating that Apple users should be vigilant.
 

·
Registered
Joined
·
3,022 Posts
In a way, Apple's resistance to viruses (technical vulnerabilites) could make it more susceptible to malware (social vulnerabilities).

That is to say, Mac users are less paranoid about security and that makes them a more attractive target to phishing scams.

One effective countermeasure would be to not run in Administrator mode, but to have a separate user level account for day-to-day use. Even that won't stop Grandma from typing in her credit card number, though.
 

·
Registered
Joined
·
3,368 Posts
To paraphrase Charlie Miller (who would know): Macs are less secure but safer than PCs because they aren't targeted as frequently. Windows is very secure because its an OS that has been battle tested unlike any other.

But increasing Mac market share will change all that. Given enough attention I'm sure one day Safari's long list of security vulnerabilities will no longer be an embarrassment for Apple.
 

·
OTA Forum Moderator
Joined
·
24,867 Posts
Mac OS X has always been under attack. This has not stopped, and it is not new. Fundamentally it is a very secure OS, and so the emphasis must be on educating the user.

Mac OS X users need to employ a web browser and email service that has the highest/best safety ratings for weeding out malware, spam, and other such junk. Regarding the stuff that unfortunately gets through, users in this day and age are increasingly more savvy about taking care, but bad stuff can still happen when users are not well informed.
 

·
Member #1
Joined
·
47,683 Posts
Discussion Starter #5
Posts removed. This is not a Apple vs. Windows ****** thread.
 

·
Registered
Joined
·
7,131 Posts
The core/kernel of OS X, which is based on FreeBSD, is probably very secure (at least the original FreeBSD code is.) The browsers and other software added by Apple are less so. Internet browsers, any of them, are notorious for being insecure. Mail programs and office software aren't much better, especially if they support scripting, executing attachments or HTML.
 

·
Registered
Joined
·
3,368 Posts
The core/kernel of OS X, which is based on FreeBSD
No, not really. They both shared the Mach kernel, but the rest of the OS is so different from FreeBSD/Open BSD I don't think you can say one is based on the other.

A similar analogy would be like saying Android is based on webOS because they both use a Linux kernel.
 

·
Registered
Joined
·
7,131 Posts
Mach was originally developed on and incorporated into BSD years before OS X was worked on. FreeBSD has a completely open and unencumbered distribution model so it is a popular source of code and features for companies like Apple and Microsoft. Whether it was "borrowed" directly or by some other means (less likely due to more restrictive copyrights on other sources), FreeBSD is still the version of BSD that is closest to the original BSD source and can be considered to be the basis for OS X.
 

·
OTA Forum Moderator
Joined
·
24,867 Posts
Consumers: OS X is very safe from Viruses - Here's why!

Remembering that this thread deals with "viruses" (check the title) let's ditch the notion that consumers are at any particular virus risk by using Mac OS X. When the experts tell you that you are safer from viruses on OS X that on that other big consumer OS found on PCs they are correct and you can be confident of that.

Here's why: computer viruses only exist when and where they are allowed to have a purpose by a host operating system. When you opted for an Apple OS X computer you escaped using that other company's operating system, which continues to allow viruses to affect it after decades of their existence. Need proof of that?

Consumers need only look at the computer software marketplace to see that no corporation makes or distributes anti-virus products specifically to thwart OS X viruses. Got that? I'll repeat it just to be sure: there are NO anti-virus products that guard against OS X viruses. Nobody has found a way to make money on such a product, for obvious reasons. Imagine that... a huge, profitable computer anti-virus industry does not make any products that guard against viruses that attack OS X. One pretender trying to enter the field recently claimed something to the effect that "if an OS X virus is ever found, we'll be there to guard against it"... what a hoot! :D

But wait, you might say, you've checked and there are indeed anti-virus products that run on OS X. True, but those products are simply for situations of file sharing. It would be crummy to have a PC user send you a virus-tainted file that does nothing to your OS X machine but which infects another PC down the line if you share it further. For IT departments running Linux and/or Unix and/or mainframes the situation is the same: there is no direct need for anti-virus products for those OSes either, but we take steps to protect that other company's PCs nevertheless.

Beware of being bamboozled. All too often the fact that OS X computers are safe from viruses is smeared over by competitors with all-purpose, catch-all cries about "security". Indeed, the article linked in the first post is classic scare mongering - the lurid title was seemingly calculated to improve the writer's employer's online visit count. Don't let that nonsense alarm you, and don't fall for their line that your OS X computer is supposedly weaker or inferior to their PC product. Keep your OS X computers up to date, use safe practices such as Firefox, Opera, and Chrome web browsers and other reliably strong software, and say goodbye to viruses. :)

To summarize, consumers can be proud of their decision to avoid viruses by going with Apple computers running the OS X operating system.
 

·
Registered
Joined
·
3,368 Posts
Mach was originally developed on and incorporated into BSD years before OS X was worked on. FreeBSD has a completely open and unencumbered distribution model so it is a popular source of code and features for companies like Apple and Microsoft. Whether it was "borrowed" directly or by some other means (less likely due to more restrictive copyrights on other sources), FreeBSD is still the version of BSD that is closest to the original BSD source and can be considered to be the basis for OS X.
OS X evolved from NeXTSTEP not directly from BSD, and the amount of shared code is very very small compared to the amount of code that is not shared. I'm just saying that because so little is shared, suggesting that BSDs excellent security record should somehow translate to a great OS X security record wrong, because that is not what we see. There is a difference between safe and secure. Mac OS X may be safe while it has a small market share, but compared to Windows it isn't very secure.

When Charlie Millar was asked:

Q: Why Safari? Why didn’t you go after IE?

A: It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.

It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it.
source

Macs are safer because they are not targeted as often, but they are less secure when they actually are targeted for attack. The possible financial gain of creating a Windows based exploit is much higher because of the higher market-share, and that incentive is what is driving most of the black hats. According to a Google employee I talked to, Google was a victim of a spear fishing attack that exploited OS X weaknesses so the statement that "it never happens" to OS X is just wrong. This was the attack that was purported to be executed by the Chinese government over a year ago.

The suggestion that OS X users just don't need to worry about security is misleading and dangerous.
 

·
Registered
Joined
·
7,131 Posts
No operating system is 100% secure and probably never will be. As noted, a lot of the attacks target application software, like browsers, so the OS is irrelevant to some extent. Viruses on the MAC and OS X. Yes it's possible and it happens.

I have a slightly different angle on the targeting aspect. Hackers make money from viruses and other malware. That's because the infected systems are used for activities like sending spam and identity theft. No one system is targeted because it is significantly less secure. It's targeted because that's where the most money can be made. If MAC OS X was on 90% of the desktops use by inexperienced computer users, who are most vulnerable to socially engineered exploits, it would be targeted as well.
 

·
Registered
Joined
·
626 Posts
These are my rules for safe computing on the Mac (should be true for Windows Vista/7 as well.) I email it as a reminder to friends and family every once in a while (especially when a new rogue piece of malware has been discovered) to remind them of what not to do.

BEWARE of web sites that pop up windows on your screen or display a warning telling you that your computer is infected with a virus. It is fake and is designed to trick you into installing their fake antivirus program.
BEWARE of web sites that pop up windows on your screen or display a warning telling you to install something so you can view the content of the web site. This is very common for sites that contain videos but won't play them unless you install a player program. If the video doesn't play using the Flash player already installed on your computer or the built-in media player it is most likely a rouge web site set up to fool you into installing malware.
DO NOT install programs from untrusted sources.
DO NOT click on file attachments in an email, even if it looks like it came from someone you know, unless you were expecting a file from them.
DO NOT click on links in an email that will take you to a web site, even if it looks like it came from someone you know, unless you were expecting to receive that link from them.
DO NOT send humour/joke emails to people that contains an attachment or a web link that requires them to click on the file to launch it or click on the link to visit a web site. This brings that person's guard down and puts them at risk of infection if they should received a forged email claiming to come from you in the future. It is trivial to send emails that have a forged 'FROM' address to make it look like it came from someone you know. DON’T BE FOOLED! The promise of a laugh is not worth the headache you will have trying to deal with malware that you were tricked into installing on your computer.​

The Mac is a very safe computer environment but it is only as safe as the person behind the keyboard makes it!

One reason I discourage the installation of anti-malware on that Mac is because following those simple rules should keep people safe from malware but mainly because if a pop-up or warning should try and scare the person into thinking that they are infected it is obvious that it is fake.

I also install the 'ClickToFlash' extension for the Safari web browser. Not only does it keep the myriad of Flash animations from playing on my screen as I visit web sites but it is a good preventative measure against rogue/infected Flash programs.
 

·
Registered
Joined
·
7,131 Posts
And that goes for any computer, smart phones, PDAs, and tablets, not just the MAC.
 
1 - 15 of 15 Posts
Status
Not open for further replies.
Top