MacDailyNews - Where Mac news comes first

Very true MDN re: Typhoid Mary. I used Virex back in the OS 9 days to make sure I wasn't passing along junk to the PC users on the network. Twice, I was the one who told PC users that they had a virus on their computers when it came in an attachment to me.

Is this vaporware? I can't see any Mac user wasting actual money on something like this.

@ Sarasota

"vaporware" is something promised-but never delivered..

According to this article, this has actually been released for Mac users--
But, on the other hand (like you said)-- I can't see very many Mac-heads lining up to buy it..

This is, "Hey Mac user, because you don't get viruses and Windows does, we want you to waste cycles so that if a virus passes through and doesn't affect you, you can still squash it to protect us."

Nov 05, 09 - 11:52 am Comment from: LeeSweet

Okay, can someone confirm? I've heard here and elsewhere that there are no Mac viruses (for many reasons, including Unix priv reasons). Then I read. Elsewhere I read there are 'a few' Mac viruses. So, which is it? (And I do know the differences between viruses and trojans and what needs social engineering, etc.).

Nov 05, 09 - 11:55 am Comment from: HMCIV

@MDN Take

Infecting others while staying immune is the entire point! We should be handing out blankets and flash drives!

No thanks- all set- thank you

LeeSweet,

There are no OSX viruses but there are Word macro viruses that, although they can't run when opened on a Mac, can be passed on by a Mac to PCs in infected Word files.

It's so efficient because it doesn't actually have to do anything €:

(How do you like my hamster-smiley?)

@ LeeSweet
There have been a few "proof of concept" trojans that affect the Mac .. but AFAIK -- there haven't been any actual viruses (for the Mac)-- since the adoption of OSX ..

Last I heard, there were only about 60-70 which would affect OS 9 (and below) -- but back then, WinDoze still suffered through tens of thousands ..

Nov 05, 09 - 12:02 pm Comment from: Ray

As far as the MDN take...I will be more than happy to run AV software as long as the cost comes out of the budgets of Windows users in the company and not mine. Running computers that are not so easily hacked IS the only solution.

just my $0.02

Nov 05, 09 - 12:04 pm Comment from: _Bill_

@Agree with your take
I totally forgot about Virex - rock on!

@Sarasota
vaporware = Phantom Game Console - who's HQ was on Longboat, no wait, 2 blocks from the Hollywood 20, no wait Longboat again - that's a good local example you can appreciate

this is a real product; MDM's take is right

Nov 05, 09 - 12:10 pm Comment from: Yours Smugly

What is this 'anti-virus' you're peddling? Has it got something to do with the swine flu?

Nov 05, 09 - 12:11 pm Comment from: TheConfuzed1

@ LeeSweet--

There were a few viruses for Mac OS 9 and earlier. There are none for Mac OS X, excluding trojans.

Nov 05, 09 - 12:11 pm Comment from: ron

Stuff it. Or maybe - Stuff IT.

@LeeSweet

There are no viruses that affect Mac OS X.

No viruses.

NO VIRUSES FOR MAC OS X.

There are none, zero, not a single virus, no viruses, for Mac OS X.

this makes me laugh.

LOL

"Animated Interface" doesn't sound very promising to me.

Nov 05, 09 - 12:27 pm Comment from: KingMel

"The release of Mac OS X made the interaction of multiplatform computers considerably easier and Mac computers have now become an integral part of many corporate and home networks. These unprotected [but secure Mac] machines are like open [that actually describes Windows PCs, must be a mistake ] gates through which malicious [Windows] programs can penetrate any [Windows] computer in a network which, in some organizations, could result in tens of thousands of [Windows] machines being affected.

Not needed now, but one day... The market share thing is not a myth. Many hackers say it's just not worth the time to only hit that many computers. Here are some other good quotes:

"There is no magic fairy dust protecting Macs. Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun."

The Mac's operating system will be an easier nut to crack once hackers start to focus on it. That is because it has a lot more code in it than Windows, leaving room for more vulnerabilities and bugs that hackers can exploit.

The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows.
It's more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn't have anti-exploit stuff built into it.

"When the malware authors put out something that's really sophisticated we are going to have a whole population that is really vulnerable."

Nov 05, 09 - 12:33 pm Comment from: KingMel

I don't see myself standing in line for this product. But it would be nice to have access to a high-quality option for Mac security software, should it be necessary.

My organization uses Symantec Antivirus and it can really slow down a Mac Pro. The Symantec Antivirus settings that the IT department imposed (and I can't change them) also radically slow down USB data transfers to/from a memory stick. My old Powerbook G4 (unencumbered by Symantec software) transfers files mush faster than my Mac Pro with Symantec.

Nov 05, 09 - 12:39 pm Comment from: Predrag

To be truly pedantic, there WAS a single trojan in the wild. It had spread through a file that contained iWork 09 and could be found on the peer-to-peer file-sharing networks. It changed permissions, activated some processes on startup, connected to a remote (malicious) computer and waited for further instructions. Approximately 20,000 Macs were infected (a rounding error, compared to millions of Windows that generally suffer from any single variant of any single trojan or virus).

A version of the same trojan for Mac appeared a little later, attached to Photoshop download (it was deployed when user launched the cracking applet). Its damage was somewhat smaller.

Two years ago, there was a proof-of-concept trojan that never made it out of labs. Last spring, there was proof-of-concept exploit of Safari's Java implementation that also never made it in the wild (Apple plugged it a few weeks later). The exploit was pretty bad, since it allowed attacker to lure user to a bad web-site and then use java vulnerability to execute code on the Mac with root privileges.

So, these few are about all there ever was in the (almost) 9 years since OS X came to be.

Nov 05, 09 - 12:41 pm Comment from: Predrag

And no, not even a single VIRUS was ever written for the Mac (definition of virus: code that automatically infects unprotected computer, then spreads itself to other computers on a network, without user intervention, as opposed to trojan, which requires user action, where user is lured to visit a site, or open/execute a file purportedly being something of value to the user).

Our company uses Kaspersky on its Windows machines and it's far less intrusive than Norton or McAfee.

Personally I use ClamXav, on the not-being-a-Typoid-Mary basis. It's fine, but good to know there's a quality alternative now should it be required.

@quantum

Your statements go against everything I've read about Mac security. I'm not expert, but let me give this a shot.

Thing one: Every application that runs in Unix has to run out of a library. Everything. There are not that many libraries, so not many places to hide.

Thing two: Admin permission has to be given for anything to install.

Thing three: Any virus can only access files and folders on the user account on which it's been downloaded. Users don't typically log in as admin, so it can't gain root access and damage critical stuff (I said I was no expert) in the OS.

Thing four: Macs ship with the firewall off, but all ports are closed. Any normal Mac on the internet is invisible and cannot be pinged. Turn the firewall on for even more protection (although I've read that Apple's firewall is pretty weak.)

Can you counter those four things in addition to the fact that Macs have been 100% virus free (that's not "mostly" or "pretty much - that's 100%) since OS X was released?

If I want to waste cycles, I'll install .

Nov 05, 09 - 01:16 pm Comment from: Me on this iSland

I was watching a consumer program on tv last week and it was discussing vulnerabilities of using free wireless networks in cafes, etc. The guinea pig was using a Mac and the infiltrators demonstrated getting into his mail on the same network and sent him an email using his details to show they'd done so; they then went on to block him from quitting/ending his session. Is this possible? If so, any suggestions on software available to make open wireless more secure?

Quantum
Thing five: troll!

MDN:

Respectfully, I have a major issue with your take - this is a case of not-appropriate-for-internet-use technology (Windows) being connected to the internet. Yes, its very common, but that doesn't mean its safe or wise.

Yes, there are partial bandaids for this inappropriate action - running AV, but why have two layers of bandaids and pollute the Macs with AV? To say nothing of purchase cost and cpu cycles (10-20% on Windows) as others have said.

Most corporations have elaborate firewalls that sniff out stuff, even blocking attachments, at some locations. And Mac users are supposed to run a 3rd bandaid?!

Why not put a bandaid layer on every router at every ISP, too? And every web server and every mail server? After all, they're more directly involved in delivering the payload.

The Typhoid Mary analogy doesn't match reality - the analogy is that people who are not Typhoid immune are swimming in pools of Typhoid bacteria - obviously the responsible thing is to be sure you're Thyphoid immune before you go swimming in the pool, and neither #1 go to the doctor (AV vendor) after each swim for a shot or #2 complain about an immune swimmer (Mac, Linux, Unix) who splashes Typhoid infested water on you

For non technical people: if your computer runs as the administrator by default (like Windows, including Vista, and unlike OS X, Linux, Unix) it is dangerous (although, to be fair, common) to connect to the internet. You really should use technology designed for internet use.

Not running as the administrator allows the operating system to disallow modification - its like having a locked bank vault - nobody gets in without a key. Running as the administrator is like not having a vault - everybody can go touch the money.

ha ha - that's 100% BS (or FUD), and you know it.

"The market share thing is not a myth"

Hmm, let me check... No, it's still a myth.

Real hackers - the skilled ones who actually accomplish things - have no interested in hitting a platform because of the size of its user base. They hack for the challenge and noteriety of it. As it happens, breaking OS X is an extreme challenge and pulling it off would make who ever did it an instant celebrity.

No amount of bullshit from vested interests you can quote, or amount of FUD you can deposite, will turn the fantasy that Macs have been invulnerable to viruses for some 9 years because of "security through obscurity" into anything resembling the truth.

To paraphrase a slogan... It's the Unix, stupid.

That's the real life "magic fairy dust" protecting Macs, along with the fact that Apple's software engineers aren't continuously asleep at the wheel.

It is, however, pretty amusing to read that Windows is so much "tougher" to exploit than OS X. How much denial does a person have to be in to actually believe that when out here, in the real world, Windows is still drowning under a deluge of malware while OS X is uneffected by it? The only Mac malware in 9 years, infact, have been a handful unsuccessful trojans.

And yet hacking Macs is apparently so "easy" because they lack the "anti-exploit mitigations" of Windows. Uh huh...

Nov 05, 09 - 02:40 pm Comment from: Zeke

I work in a Windows environment. I have had occasion to investigate the actual processing cost of the installed McAfee software on my work station running Windows XP Pro. The processing time cost is approximately 30%. This is because every file is checked every time it is manipulated in any way.

I use VPN to connect to my work accounts from home and elsewhere. I do so on a Mac. My Mac does not run any AV software.

I can see what Kaspersky’s strategy is here. They are counting on a scenario that says if they release Mac AV software and promote the Typhoid Mary strategy my IT department will REQUIRE me to install it, even though my Mac doesn’t need it. Whether I am forced to buy it, or my IT department provides it to me, somebody will be buying it. If neither of us wants to buy the AV software they will simply lock out my Mac, forcing me to use a PC, which will require Kaspersky’s software (admittedly stupid, but plausible).

In any event, they will have found a way to “market” their software to Mac users, who don’t need it, but will be required by corporate IT to use it anyway.

The real solution would be to require people to cease using products not designed for networking (Windows) on the internet.

Oh! And Quantum? Paid commentary on blogs is fairly transparent, even to the casual bystander. Try it elsewhere.

Isn't the real difference between Macs and WinBoxs and the real reason that WinBoxes CAN get viruses is because 'Admin' on a WinPC is 'Root' [Level 1 user]. It is ON by default — and that many developers create their software EXPECTING 'Root'.

On a WinPC — viruses implicitly HAVE permission to change the System Folder.

While on a Mac, 'Admin' is a [Level 2 user]. 'Root' [SuperUser] [Level 1 user] is turned OFF by default. And, making changes to the System Folder — while in Level 2 user — requires a password.

Nov 05, 09 - 03:51 pm Comment from: ron

Quant - um, you are such a ninny. The first hacker to infect a Mac with a virus that could replicate itself in the wild would be world famous overnight. Why don't you write one yourself, then you can come up into the sunlight, out of your mother's basement.

Just to pile on a bit, here:

Recall, please, that back in the days of OS 9, there were several virii that infected Macs. Not many, to be sure, but more than zero.

The size of the Macintosh user base has increased a bit since then. Perhaps by, say, an order of magnitude or two? Those new machines, over the last nearly 10 years, all running OS X, have been afflicted by how many virii?

And how many new virii have come out for Windows since then?

Yep. It's all about market share. uh, huh. You just keep repeating that, and maybe if you click your heels three times, you'll wind up in Kansas.

@quantum:
"There is no magic fairy dust protecting Macs. Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun."

Exploits, yes.

The problem is, people who write malware are not really interested in writing exploits and infecting single machines. Using exploits and infecting single machines are just means to an end, which is infecting other machines, building botnets and having the malware safely running, hidden on an infecting machine, all the time.

The latter part seems to be harder on Macs. If it weren't, malware writers would already attacking Macs en masse as "open flood gates".

Nov 05, 09 - 04:38 pm Comment from: Brau

Ahh, I just love the absurd mentality that Mac users should run AV software to protect Windows users who are too cheap to buy AV software themselves or too lazy to keep it current. Total BS. They deserve whatever they get, and if they don't like it ... they can pay a bit extra for a Mac, just like the rest of us did.

Cool. I will check this out when I get home. I love using Kaspersky's Internet Security when I must use Windows.

Nov 05, 09 - 08:11 pm Comment from: neomonkey

This is bogus. If there were malicious programs can penetrate any computer in a network, the Windows machines would already be infected, unless they had anti-virus protection, and if they did, it wouldn't matter if the Macs were carriers.

Well the link http://www.kaspersky.com/kaspersky-anti-virus-for-mac Takes us from New Zealand to Australia
no help at all and you get Not Found

The requested URL /kaspersky-anti-virus was not found on this server.
mmm no help for us

ClamXav +1
No reason to pay for this when such an excellent open and free (as in beer) solution is available. If you correctly do not want to be typhoid Mary in a mixed network, then just periodically scan using Clam. Clam ports are available for all major platforms and ClamAV is widely used by ISPs and enterprise networks. And did I mention that it costs nothing?

Kaspersky is the best anti-virus for a Windows box. It really works well and uses relatively little system resources (while running).

So, if you have a Windows box, use this one. I use it on my VMware fusion Windows XP VM. It does a very good job.

On the other hand, Kaspersky for OSX? I don't think so. No Antivirus crap on my beautiful OSX machines.

Having said that, I do use LittleSnitch to keep track of who's trying to get out. Yeah, I am a little paranoid. So what?

I have been running naked on the network for 25 years plus and no trouble yet.
The place where I work hasn't demanded me to put antivirus on my Mac yet.
Why should I spend money to protect someone else's Windows machine?