“Apple can’t have it both ways. It can stay niche and relatively virus free or it can join the mainstream and enter the virus zone. Apple made the latter choice when it decided to move its Macintosh range of computers to the Intel chipset platform,” Stan Beer reports for iTWire. “Not only do potential hackers know the Intel platform well, but Apple’s choice to play in the Windows space has made it a target like every other PC vendor. However, Windows is not Apple’s only security problem. Neither is the growing evidence that even the Mac range’s native operating system Mac OSX is becoming an increasingly vulnerable target for malware purveyors.”
“The big problem for Apple would appear to be one of denial. Recently reported remarks of Apple’s senior vp of software technology, Bud Tribble, can attest to that,” Beer reports. “According to Tribble, Mac OSX is designed to be used without the need for firewalls or anti-virus software. That remark alone should ring alarm bells in the minds of all security conscious online Mac users.”
Full article here.
MacDailyNews Note: Apple’s obviously making a lot of people very nervous.
BTW, this article was intentionally posted from a Mac OS X machine that has never had the Firewall on in any version of Mac OS X and never had a virus or bit of spyware despite surfing the Web far and wide for over five years and counting. An aside: we thought you might like to know that one of MacDailyNews’ mainstay machines is a Power Mac G4 450 MHz (AGP graphics) with 1.12 GB RAM, an ATI Radeon 9000 Pro, and three fast hard drives (10GB, 80GB, 120-GB) that has run every version of Mac OS X from the Public Beta to its current Mac OS X 10.4.6 without the Firewall on to see if anything happens (nothing has so far). Few machines online that are operated by human surfers venture to as many web sites each day as this Mac. The machine is four months shy of turning seven years old, yet it is perfectly capable of running the current Mac OS X version and performs admirably, day in and day out, without a hitch. The machine has never been “wiped and restored.” Many of the posts you see on MacDailyNews come from this machine. The Mac is an example of many things: superior security versus Windows, high quality in both hardware and software, massive reliability, an illustration of the vast difference between installed base and market share, and — we’ll close with just four more words — Total Cost of Ownership.
[Disclaimer: In general, we recommend that you turn on your Mac OS X Firewall and use common sense by not clicking on unknown email attachments or downloading files from sites you do not know or trust.]
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Network World: Apple’s Mac OS X is significantly more secure than Windows – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
Minor security flaws found in Mac OS X – April 23, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Mac OS X clearly offers superior security over Microsoft Windows – March 02, 2006
Apple Mac OS X has a lot more vulnerabilities than Windows XP? – February 28, 2006
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
IDC: Apple Mac 2005 U.S. market share 4% on 32% growth year over year – January 20, 2006
Analysts: Apple Mac’s 5% market share glass ceiling set to shatter in 2006 – January 09, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – September 09, 2005
Joke of the month: Gartner warns of Mac OS X ‘spyware infestation’ potential – March 30, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
Not saying it’s impossible to write an OS X virus, but I’m sure it’s exponentially more difficult than writing a Windows virus. With unix’s user-based permissions system, I’ll believe an OS X virus when I see it.
Ooh! It’s another security alert. Run! Run for your lives.
It’s not so much exceedingly difficult to write a Mac OS X virus, but rather to write one that can spread without a user having to give it permission to install itself. But if you have to have user intervention for it to spread, then is that a virus? Viruses are supposed to be self replicating. It’s a question of definition. So if you want to write an anti-Mac article and make the claim that Macs are vulnerable to viruses, you need first to define (or redefine) the term “virus” accordingly.
Let me try the Stan Beer method of logic:
Despite leaps in safety technology (anti-lock brakes, front and side airbags and auto body’s designed to crumple around the cabin) todays cars are as dangerous and susceptible to explosions as ever because automakers insist on manufacturing drivable vehicles powered by combustible fuels.
How old is that Mac you have MDN – 450Mhz G4? You keep telling everyone to buy a Mac, but yours is about 7 years old.
You are not a Apple customer, you´re an antique collector.
LOL.
What does having an Intel chip inside have to do with viruses? Viruses infect software, not chips.
Repeat after me. “Its the OS syupid!” The move to Intel has nothing to do with virii, etc. You may know the proessor, but you still won’t be able to hack the OS code.
I’d also like to see a comparison of how fast Apple offers OS security updates when a vulnerability is discovered versus MS. I’d also like to see a cost comparison. Doesn’t MS charge for security updates?
MDN word “maybe”: Maybe this author is an idiot, and maybe he IS.
Sum Jung Gai: Grasshopper, you are wise indeed.
What’s with these virus stories lately? My wife forwarded me another one written last week that was about an “exploit” that was fixed months ago. Microsoft must be firing up the FUD-apult to defend against Apple’s coming ad campaign. Sad. Whatever happened to winning the battle on your strengths?
You know, this perfectly illustrates why I am a Mac user. Apple is run by a man who encourages us to “be a yardstick of quality”. Microsoft is run by a man who stands for nothing but the almighty dollar. Regardless of the how good each specific Apple product is, I’d follow someone like Jobs over someone like Gates any day. Microsoft is bad for your soul.
Vie Russ,
Can’t you read?
MDN explained very clearly, “The machine is four months shy of turning seven years old” and the Mac is just “one of MacDailyNews’ mainstay machines.”
I apologize if English is not your native language.
And where is that ad campaign we were promised?
You can contact Stan Beer at stanbeer@itwire.com.au
He’d love to hear from you. Also, you can participate in his online poll, “Would you use a Mac without a firewall and anti-virus protection?” The results may surprise you…
Yaaaawwwwwnnn…
We now return you to your regularly scheduled programming.
Need more information here.
Is this alleged statement from Bud Tribble a direct quote? Or is this guy paraphrasing?
I mean, I wonder if Bud’s actual comment was more like: “OS X has good enough security out of the box that even if you run it without a firewall and antivirus software, you won’t get overrun with malware.”
Or was it more like:
“OS X is INVINCIBLE! Bwa-ha-ha! We don’t need stinking firewalls! We designed OS X to run without firewalls, and if you try to put one on, it won’t work. We don’t recommend or support firewalls”
See the difference?
Ooooo… I’m so SKARED! My Mac is going to be virus infested! Oh, please, Mr. Virus Man, don’t infest my Mac! Oh whatever shall I do! I’m just a poor ignorant Mac user, don’t hurt me Mr. Virus Man! The sky is falling! Apple’s stock is falling! Steve Jobs is self-replicating – maybe he’s a virus! It’s a vast conspiracy! McAfee, take me away! I’ll pay anything … ANYTHING… Just save me from myself and this horrible MacVirus experience. OH NO.. my Mac just slowed down. Was it a hiccup.. or a virus? Shh… be vewy vewy qwiet.. we’we hunting viwuses… hahahahaahhahaha.
Oh wait, recently regularly scheduled programming has been all about running Windows on Macs.
On second thought, let’s keep talking about viruses on Macs.
Jooop, the reason why people says Apple is going to be more vulnerable now with Intel has its roots in a partial truth but as usual pundits and technical journalists misinterpret the issue.
The culprit lies on how buffer overflows (a weakness in the OS code) do operate: they succeed to put instructions into the stack which, being executable in Intel (limited support for non-executable stack): the hardware instructions do not differentiating between data access vs execute, so anything readable to a process as data is executable by the process as code: bingo, virus instructions are run.
In Windows the stack is executable.
OS X supports non-executable mappings on platforms where the hardware allows it. This happens with the Intel Core Solo and Duo. The support is there: Process stack and heap mappings are made non-executable by default when you are on OS X. This makes exploiting potential buffer overflows harder.
No compile-time option is needed to enable this software support, it’s always available.
If you run Windows, well, virus business as usual.
This makes for people writing articles touting Apple being more vulnerable in Intel now. So yes, it has to do with the OS software but the exploit is a limited support on i386 family. OS X exploits the Core Duo capabilities. I wonder why Windows does not even try: maybe they have part of the OS that rely on having the stack executable so they can’t do that and have to keep the vulnerability. Windows does that and other things in order to work. It is a catch-22 in Redmont: either they make Windows more secure – but then it stops working properly – or they keep it in a workable state but then it is prone to attacks.
To give headaches to those poor MS engineers.
Virii is not a word. Nor is penisii.
I was carrying around this pentium chip in my pocket and I caught a cold – I guess that viruses do attack the chip..
apple uber alles !
When are you guys going to quit your fantasy that you can have both? A Mac running on intel = a boon to all those virus, spyware, adware, and other invasion software makers. And, get ready to wipe and restore on frequent basis.
Apple is a hardware and tunes company that really doesn’t care about its own OS anymore.
What advantage is it to you to be the company’s biggest FUD promoter?
I have anti-virus and firewall protection on the Intel iMac (and not one of the PC-ports either, I go with native Mac architecture from Intego) — I’ve maybe had one or two virus definition updates since I installed it a couple of months ago (shortly after I brought the machine home and got it set up).
My dad-in-law has McAfee on his PC, and gets new virus definitions practically every week.
Again, it’s not the processor, but the OS…Linux machines have been running on the Intel platform for years, how many Linux virii are out there? Or maybe how many successful Linux virii are out there — that’s why some businesses have seriously been looking into enterprise versions of Linux.
Look, there are risks out there in the online world — but unless you unplug your computer from the Internet and just stick to playing Freecell all day, those are risks you have to take. But you can minimize those risks by (1) practicing safe surfing (not going to questionable sites), (2) install a basic anti-virus software, and (3) use a platform that’s more stable and less prone to virii.
since it first came out….
No virus nor malware no nothing. Did not bother to install any anti-virus sw or the firewall.
A firewall is used to monitor the traffic on opened ports for specific applications. OS X defaults with all ports closed: no need to turn on the firewall, the ports are not listening.
Different issue if you start opening ports for specific tasks: use the firewall then. Otherwise who cares, OS X is not listening. Heck, is not even *visible* without a single port responding to external traffic. Even ping does not work.
Capish now?
Intel is not a platform, it’s a microprocessor. Where do these people come from?
than the endless chicken little FUD from people seeking hits and selling AV software and services is the overly smug attitude that many people running OS X have about security. Anything as complex as an OS is bound to have exploitable weaknesses, some are just more difficult than others. Windows, the greatest kludge of an OS ever sold, is an anomaly and should not be used as a baseline of what is possible.
The danger is in being unprepared. Many Mac users are just asking for a catastrophic loss of data by not following prudent security and data safety protocols. Lose your HD due to equipment failure or some future exploit without a backup and you could lose your entire iTunes library, potentially as big an investment as the computer it sits on. That is just plain stupid. Back up your data. Think of all of the time you have invested on your photo, video, music and other files. Time= money.
Having an AV program available for recovery is the smart thing to do and is available for free. ClamX AV is available ( not UB yet, but close ) and runs well on PPC Macs.
http://www.markallan.co.uk/clamXav/