Join Early Retirement Today
Closed Thread
 
Thread Tools Search this Thread Display Modes
Any Virus issues on Macs?
Old 10-31-2007, 11:06 AM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Any Virus issues on Macs?

No virus, spyware or malware on Macs?

Seems that every time someone posts about considering an Apple computer purchase, or posts about a virus issue, the Mac/Windows virus debate comes up. I thought, why not tackle the issue in a separate thread, rather than piecemeal and disjointed in other threads? So here goes:

Topic - virus & spyware (malware) on Macs. Let's not get into OS usability, hardware likes/dislikes, or cost. Leave those for other threads. Just malware issues here. Competition is good. But FUD and misinformation does no one any good.

I stay in contact with Apple news and Apple forums. I have never heard of, and can find no evidence of anyone on Mac OSX actually being infected with any malware that caused any damage. Ever. Zero occurrences. I am aware of a single Trojan Horse that was reported in 'the wild', but it didn't spread far, and it did no damage ( OSX/Leap-A - Mac Guides ). Almost no one I know runs any virus protection at all on their Macs. Those that do, use it to keep from unknowingly passing Windows malware in files they send to their Windows clients.

The usual 'explanation' given by the anti-Mac crowd is that Macs aren't any more secure than Windows, the relatively low market share of Macs just makes them unattractive targets for malware. Two ways to look at that:

1) Non-technical view: OK, so what if the only reason is the lower market share? Macs aren't going to overcome Windows in numbers any time soon, so by this reasoning, Macs should continue to not be a target for malware. What could be simpler?

2) Slightly more technical view: It just does not add up. It could explain fewer malware events, but not near zero. By that same logic, there would be no web browsers, no office suites, etc for the Mac. And why did over 5000 developers show up for Apple's WWDC in 2007 if no one writes for the Mac? FUD.

Also, about 1 of every 15 computers on the net are Macs. Not exactly 'rare'. And iPhones are running OSX, so now there is even more exposure to the web.

Market share for browsers, operating systems and search engines

Also, remember that most Mac users run no virus protection at all. Think about that. If Macs really had such poor security, wouldn't the malware writers actually target all those unprotected Macs? I mean, if you were a car thief, and you could identify that one out of every fifteen cars in a parking lot was sitting there with the doors unlocked and the keys in the ignition, wouldn't you go after those unlocked cars rather than spend time learning how to disable the alarms in the other cars? So why don't Macs have an inordinately higher proportion of malware, considering all the reported vulnerabilities, plus the lack of virus protection software? Shouldn't Macs be getting hit worse than Windows?

Sure, a virus COULD hit the Macs tomorrow. No one I know is in denial of that. That's one reason I keep a backup clone of my system. But I've been warned about that every month in 2003, 2004, 2005, 2006 and 2007. In that time, Mac owners got scolded, but not infected. But how many Windows home users have *actually* been impacted with security issues in that time? How many hard drives wiped? How many passwords grabbed? How many CPU cycles stolen? How many hours wasted tracking the problems down?

If anyone wants to counter this information with real examples of infections of Macs in 'the wild' that did some damage, or refute my logic, I'd like to hear about it. And not just some blogger's rants on the theoretical possibilities, just facts of actual damaging exploits.

I don't think that some 5-plus years of no malware damage on OSX can be attributed to just dumb luck, or just a numbers game. I suspect that not all 'vulnerabilities' are created equal.

Bottom line: While certainly no guarantee, I think that it is reasonable for anyone considering a Mac to take the solid history of no malware problems on OSX into consideration if they have any concerns about malware on their system. As they say, the proof of the pudding is in the tasting.

-ERD50
__________________

__________________
ERD50 is online now  
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 10-31-2007, 11:16 AM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
"I ran across the road 25 times naked with a bag over my head and nothing bad happened. But I bought the bag for $30 from a guy in a black suit, so I think i'm good for another 25 runs"

Or how about "I've been taking 10% from my portfolio for the last ten years and still gaining ground. The proof is in the pudding!"

I've written operating system code for two major commercial operating systems. The mac operating system has plenty of vulnerabilities and opportunities for malware, trojans, viruses and worms. It is no more or less 'safe' than any other operating system. This is not the ruminations of someone who has no clue about what he's talking about most of the time, but a bonafide expert in the matter at hand.

Mac OS enjoys a small market share. The majority of owners are children, the elderly, artists, musicians, and people who want to impress others with how much they spent on their computer. Not a reasonable target for weeks to months of development time to target with a piece of code. Little return for the investment when the windows environment is dominant in business and productivity users.

Plus theres no "coup" in wiping out a bunch of eighth graders computers when you can knock over half the fortune 500.

If you want a virus proof system via obscurity, install one of the more obscure linux distributions. You'll have just as many good apps, it'll run faster and on less hardware than windows or mac os, and its free.

At least you wont get ripped off by paying extra for something you arent getting.

It'll be a bad day when some miscreant decides he's had enough of the pompous and wrongheaded claims and writes a worm for the Mac OS. Hardly anyone has any protection software and with this most recent upgrade, most wont even have a firewall enabled. It'll be quite a wipe out.

ERD, the entire class at bridgewood middle school, and the members of the band Fake Baby Head can all commiserate together.

Deep apologies to any mac users who arent complete buttheads. Its a nice computer. But it is what it is and isnt what it isnt, and its overpriced for what it is.
__________________

__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline  
Old 10-31-2007, 11:18 AM   #3
Thinks s/he gets paid by the post
twaddle's Avatar
 
Join Date: Jun 2006
Posts: 1,378
Results for '"os x"'
__________________
twaddle is offline  
Old 10-31-2007, 11:35 AM   #4
Moderator Emeritus
Rich_by_the_Bay's Avatar
 
Join Date: Feb 2006
Location: San Francisco
Posts: 8,827
I use both Mac and Windows heavily.

I find the consistency and intuitiveness of the Mac OS world allows me to be more productive and to have a much briefer learning curve for new apps. I think it's not so much the OS that matters as it is the interface culture that has evolved in the Mac development world.

My Macs have proven more reliable than my windows machines, anecdotally, and the repair costs probably make the Mac cost premium moot. Consumer Reports considers the Mac to be very reliable.

Sometimes the cuteness of the interface is distracting but often it is ingenious and time-saving.

CFB, I'm not sure whether being a former OS-level programmer makes it easier or harder to see the ups and down for the average user. Sometimes that in-depth technical knowledge causes you to de-emphasize things that may contribute a lot to the typical users' experience. Glad we have both to choose from.

Anyhow, it's only a contest for Apple and MS. I prefer the Mac for 99% of what I do.
__________________
Rich
San Francisco Area
ESR'd March 2010. FIRE'd January 2011.

As if you didn't know..If the above message contains medical content, it's NOT intended as advice, and may not be accurate, applicable or sufficient. Don't rely on it for any purpose. Consult your own doctor for all medical advice.
Rich_by_the_Bay is offline  
Old 10-31-2007, 11:40 AM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Yes Twad, Cert and other agencies keep finding problems, Apple keeps fixing them, yet the users continue to believe that they never existed.

New Safari Flaw, Worms Turn Spotlight on Apple Security

Vulnerabilities galore, and actual worms in the wild doing damage.

Rich, I have nothing bad to say about the mac, other than it being overpriced for what it is, and concerns regarding users who claim the product is something that it is not. I have owned both. There is nothing in the product hardware content of a mac that makes it superior to a top tier windows pc, which usually sells for less. There were usability and benefits to the operating system 5-10 years ago. I believe that independent analysis currently rates Windows and OS X as roughly equal in intuitive nature and ease of use.

I take issue with someone asking what they should buy and having them told to pay extra for a mac because the hardware is better, its easier to use, and its virus proof. Its not any of those things unless you're already a mac user, in which case what you know will be easier and more intuitive to you.

But lets call this for what it is: a user asked for help with a windows problem and he got a taunt from a guy who wanted to do some trolling. It was neither helpful nor factually accurate. Now he's just seeking to further the trolling activity.

If nothing else, there is no discussion we can put together here that hasnt been washed over a hundred million times on a hundred million discussion forums over the last 20 years.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline  
Old 10-31-2007, 11:49 AM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by cute fuzzy bunny View Post
"I ran across the road 25 times naked with a bag over my head and nothing bad happened.
Except that if we took millions of people, and sent them across the road we would see some damage wouldn't we?

But there are millions of OSX computers on the internet, and no damages. So the analogy is pretty flawed, isn't it?

As I always say, the malware issue could change tomorrow, but running across the street was always dangerous, is dangerous, and will be dangerous tomorrow. There is no history of it being safe.

And maybe you should check the demographics of Mac users. Since you are always wining about how expensive they are, I think you would find the average buyer to have above average disposable income (OK there's a set-up for you). Seems the password grabber spyware writers would like that target.

You still fail to answer the question. If the vulnerabilities are so bad, why no exploits?

-ERD50
__________________
ERD50 is online now  
Old 10-31-2007, 11:53 AM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
So giddy in your excitement to respond to a little attention, you seem to have trouble reading...
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline  
Old 10-31-2007, 12:01 PM   #8
Thinks s/he gets paid by the post
twaddle's Avatar
 
Join Date: Jun 2006
Posts: 1,378
Mac OS X rootkit surfaces
__________________
twaddle is offline  
Old 10-31-2007, 12:02 PM   #9
Thinks s/he gets paid by the post
ladelfina's Avatar
 
Join Date: Oct 2005
Posts: 2,713
ERD50.. do a forum search on "hairball". (sorry CFB!)
__________________
ladelfina is offline  
Old 10-31-2007, 12:03 PM   #10
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by cute fuzzy bunny View Post
... and actual worms in the wild doing damage.
.
Really? All I saw was this :

Quote:
No attacks that target the hole had been identified
I already covered the Leap-A attack. It never got far at all, and did no damage - not a real threat to the OSX community at all.



Any chance we can follow my original request, and keep this topic limited to malware, not cost, percieved UI advantages, hardware, or other Mac topics? Those are fine to discuss, I just thought it would be good to hit the malware issue on this thread, as it exists today.

-ERD50
__________________
ERD50 is online now  
Old 10-31-2007, 12:10 PM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by twaddle View Post
twaddle, thanks for bringing it to my attention. I do have a vague memory of that. I guess I did forget about it, and failed to find any references to it due to how rare it was. From that link(bold mine):

Quote:
Opener (AKA Renepo-A) is a shell script that can't be installed without admin privileges. It isn't spreading. A thread on Macintouch reports an isolated example of a Mac user finding Opener on their system, which prompted a brainstorming session about the nature of the malware on the forum. The interest focused on the hacker tool in the Mac community is largely generated because of the malware's rarity value.
I think the key there is 'an isolated example' of 'a' Mac user....

I'm guessing the Windows world would be very glad if the expressions 'isolated example' and 'interest ... largely generated because of the malware's rarity value' applied to their OS of choice

-ERD50
__________________
ERD50 is online now  
Old 10-31-2007, 12:11 PM   #12
Thinks s/he gets paid by the post
twaddle's Avatar
 
Join Date: Jun 2006
Posts: 1,378
I think bunny already covered it pretty well. If you're a blackhat, and you have a choice of exploiting a vulnerability in:

a) The zillion linux boxes connected fulltime to the net as servers
b) The zillion windows boxes
c) The few mac boxes

Exploits are hard to write. Which will you spend your time on?

BTW, google for "os x" exploit and you should find a few.

Techworld.com - Mac OS X security myth exposed
__________________
twaddle is offline  
Old 10-31-2007, 12:22 PM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by twaddle View Post
I think bunny already covered it pretty well. If you're a blackhat, and you have a choice of exploiting a vulnerability in:

a) The zillion linux boxes connected fulltime to the net as servers
b) The zillion windows boxes
c) The few mac boxes

Exploits are hard to write. Which will you spend your time on?

BTW, google for "os x" exploit and you should find a few.

Techworld.com - Mac OS X security myth exposed
The actual contents of that article from 2004 say that the vulnerabilities in OSX 'could be exploited'. But in reality, they haven't have they?

As I said in my 'non-technical' answer in the OP - so what if OSX isn't getting hit because it is too small of a target? That still means that OSX users have not had to deal with malware problems, and the problems caused by the protection software. Isn't that a good thing?

I still think unprotected boxes would be an easy and attractive target, even if they are smaller in number.

-ERD50
__________________
ERD50 is online now  
Old 10-31-2007, 12:27 PM   #14
Thinks s/he gets paid by the post
twaddle's Avatar
 
Join Date: Jun 2006
Posts: 1,378
Yup, as bunny mentioned, that's called "security through obscurity." Works great until it doesn't.
__________________
twaddle is offline  
Old 10-31-2007, 01:09 PM   #15
Thinks s/he gets paid by the post
Rustic23's Avatar
 
Join Date: Dec 2005
Location: Lake Livingston, Tx
Posts: 3,624
Most MAC users are happy being Mac users, PC users happy as PC users, Dem's happy as Dems, Re pubs happy as Re pubs, Liberals happy liberals, conservators happy conservators, Texans happy Texans (except for chiggers), and I don't know of many that have changed the minds of others. There do seem to be a few trolls out there that like to try at the expense of the rest of us.
__________________
Rustic23 is offline  
Old 10-31-2007, 01:15 PM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
I think the key message is "pay extra for a mac, and hope to god it doesnt get more popular"?

Apples demographics show that mac users are predominately republican males over 55 who use the machine for email and light web surfing. The bulk of the remainder are children under the age of 15. So much for that "cool, creative 20-something" image that apple keeps trying to push...

This is one of those southparkish

1) hack mac machines
2)
3) Profit.

Since it seems that some folks like to develop opinions based on limited knowledge and evidence, lets have a primer. Hackers do what they do to:

a) harness a lot of machines to use as an agent for spamming or spewing advertising
b) steal financial information from large databases
c) steal passwords from people to their financial institutions
d) "stick it to the man" by breaking bill gates' stuff and hosing corporate systems
e) build street cred by performing d) on a spectacular basis

So in order:
a) not helpful, there arent enough macs to harness and why bother since its just as easy to do it on windows and get 45x the machines in tow
b) nobody runs large financial database on mac machines
c) the majority of people have pc's, and most of the users of macs arent doing anything that one could steal for profit, see (a)
d) "stick it" to grampa and your little sister? Not cool.
e) see (d) and (a)
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline  
Old 10-31-2007, 01:20 PM   #17
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by twaddle View Post
Yup, as bunny mentioned, that's called "security through obscurity." Works great until it doesn't.
I understand that, and it's one of the reasons I started this thread. To get a better understanding of that idea, by having it challenged in an open format. I appreciate the responses I've received.

It just seems to me, and heck - maybe I got it wrong here, that the Mac just isn't 'obscure' enough to explain why the attacks are as rare as they are. Just last quarter, 2.2 million more Macs went online, and another million iPhones (also OSX with web access). It might be 'obscure' percentage-wise, but wouldn't all those millions of unprotected systems just look like sitting ducks... if the vulnerabilities were so easy to exploit?

That leads me to think that it is not just the 'obscurity' factor, but something else. I don't know of any way to prove or disprove that, but maybe a post here will trigger something.

And, if it has 'worked' up till now, what would cause it to stop 'working'?

Actually, many in the Mac community dreaded it when Apple started advertising the virus issues in the 'I'm a Mac/PC' ads. There was a concern that that would just draw attention to Macs, and trigger a 'contest' to violate them. But it STILL didn't happen. That leads me to think that OSX is a tougher nut to crack than it appears to many. Now, I could put up links to people with a pretty sound case for why that should be, but I know that will just start a torrent of other references saying it ain't so. That's why I'm trying to stick to facts - why so very few and so very impotent attacks so far?

-ERD50

PS: CFB - how can it be 'just as easy' to attack a Mac/Win if most Macs run zero virus protection? Shouldn't MAcs be far easier? Are you saying the Windows virus protection does no good at all?
__________________
ERD50 is online now  
Old 10-31-2007, 01:49 PM   #18
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Quote:
Originally Posted by ERD50 View Post
iPhones (also OSX with web access)
Also incorrect. Iphones use a samsung ARM core, and OSX only runs on intel and powerpc architectures. It is unlikely that Apple spent a brazillion dollars porting OSX to a new platform when there are tons of operating system products for the ARM that would be readily available.

But that branding stuff can get a little bit wild at times...
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline  
Old 10-31-2007, 02:17 PM   #19
Thinks s/he gets paid by the post
 
Join Date: Jun 2006
Posts: 1,666
Quote:
Originally Posted by ERD50 View Post
... but wouldn't all those millions of unprotected systems just look like sitting ducks... if the vulnerabilities were so easy to exploit?
I don't think anyone said they were easy to exploit, just that the vulnerabilities exist and continue to pop up from time to time, just as with other OS's.
In addition, while 'most' Mac users may not use virus protection (I have no information to refute this with), I strongly suspect there are more unprotected Window machines than unprotected Macs. The people that wish to cause damage don't care about percentages, just the pure numbers.

Quote:
Originally Posted by ERD50 View Post
And, if it has 'worked' up till now, what would cause it to stop 'working'?
IF security through obscurity is the only thing contributing to MACs not getting malware/virus, then it would stop working when more MACs vulnerable to being attacked than Windows machines are vulnerable to attack.
This would occur either if a greater percentage of Window machines have virus protection or the MAC marketshare grows to the point where the number of vulnerable Macs surpass vulnerable Window machines.
__________________
"We do not inherit the earth from our ancestors, we borrow it from our children.
(Ancient Indian Proverb)"
Zathras is offline  
Old 10-31-2007, 02:35 PM   #20
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by ERD50 View Post
iPhones (also OSX with web access)
Quote:
Originally Posted by cute fuzzy bunny View Post
Also incorrect. Iphones use a samsung ARM core, and OSX only runs on intel and powerpc architectures. It is unlikely that Apple spent a brazillion dollars porting OSX to a new platform when there are tons of operating system products for the ARM that would be readily available.

But that branding stuff can get a little bit wild at times...

Apple seems to disagree with you.

Apple - iPhone - Tech Specs
Quote:
Operating system

* OS X
Macworld Expo: Optimised OS X sits on 'versatile' flash - iPod/iTunes - Macworld UK


Quote:
The iPhone is running an optimised but full version of OS X that weighs in at “considerably less” than half a GB, according to Apple vice president of worldwide iPod marketing Greg Joswiak.
So, you infer that they are just applying a marketing name to 'OSX'? Possible, but if they didn't port the OS from PPC to Intel to ARM, what did they do? I would think a port would be easier than starting with and maintaining a whole new OS, and then porting Safari, etc to that.

I haven't seen anything to counter that it is OSX at any of the iPhone hack sites, or anywhere. Got a credible link? I'd be interested to see that it was different.

I guess we will know for sure when they release the SDK for iPhone in February, 2008.

-ERD50
__________________

__________________
ERD50 is online now  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IMPORTANT - New Virus Alert! Andy R Other topics 1 08-14-2007 06:27 PM
Computers -- Not PC vs Macs John Tuttle Other topics 9 03-02-2007 10:13 AM
Storm Worm~ Virus mickeyd Other topics 4 01-23-2007 01:29 PM
virus and firewall programs-freeware poboy Other topics 1 03-11-2006 10:09 AM
How many of you techies believe that Virus Protection Software..... Cut-Throat Other topics 29 10-05-2005 03:26 PM

 

 
All times are GMT -6. The time now is 05:49 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.