MacDailyNews - Where Mac news comes first

not a shocker.... symantec wants revenue back from Mac people, but nobody wants their product. Not our fault.

A bunch of angry Mac sycophants disagree with an expert in OS security. I agree...not a shocker.

Considering how quickly Apple plugs any holes, they have good reason to be loyal adherents to the Mac platform. On the other had those from the Windows aisle are very quick to derisively dimiss Mac users as sychophants for promptly pointing out inaccuracies in reporting. (I suppose so that they have more time to plug the gaping holes in Windows )

I don't doubt that the Mac will draw more attention from hackers - but it is one thing to "attack" a system, and quite another to have your attack be successful. Because of the way the Mac OS is designed I don't think hackers will be much more successful than they have already been.

As Apple increases its market share, we're going to see a lot more of this.
There are an awful lot of people out there whose livelihoods depends on patching up Windows in one way or another.

People whose livelihoods are threatened get nasty.

beeble, face it, even with 90% market share, there will never be a Code Red, Melissa, or I Love You virus for OS X.

Macs did have bigger marketshare previously - and in the more vulnerable OS 9 and earlier, yet they didn't get much attention from hackers and virus writers then. So why now Symantec? If marketshare is the key, why now, when they have even less than previously? Just because it's growing? But it's still less.

There were 37 vulnerabilities. Let's reiterate: VULNERABILITIES. The truth: Mac is more secure than Windows. The truth you are all missing: Mac can still have vulnerabilities.

You're right, we will never be plagued by the millions of viruses and malware that Windows users are. But to claim that we will never be plagued by ANY is WRONG. The vulnerabilities are fewer (so there will be fewer attacks), but they will come...

Symantec isn't wrong. They're just exaggerating.

"Beeble, face it, even with 90% market share, there will never be a Code Red, Melissa, or I Love You virus for OS X."

We'll see. Most malware on the PC relies on naive users opening e-mail attachments. Viruses are spread because of the massive interconnectivity of PCs to each other, something Mac just doesn't have yet. You could say that the tiny Mac marketshare is a built-in firewall for Mac users. If that changes in any substantial way, then not only will Mac's high profile attract more malware authors, but the interconnectivity from one Mac to the other will also increase.

That's just a reality of modern computing. But the more Mac sycophants continue to insist that such a scenario is virtually impossible, the more Mac users will be vulnerable to attack.

An interesting quote from Symantec in the mentioned article:

"We've found that one of the recent emerging security concerns is around Mac OS X. No Internet user, regardless of which operating system they use, is 100 percent immune from attack. People should not be scared, but they should make sure they are secure."

But it seems that Symantec isn't concerned enough to let anybody know what it is.

But I'm sure their product will plug the hole!...

In my opinion, the real issue is that Windows PC's run from a DOS platform. So long as that's the case, there will always be kids (and they are almost exclusively kids) writing PC viruses, if only because DOS is terribly easy to learn and can do an incredible amount of damage to a system. UNIX (the Mac base) is inherently much more difficult to master, and thus a much less palatable target for the average hacker.

this, of course, is only my opinion...

An excellent rebuttal commentary written by ZDNet columnist in Australia is found here:

http://www.zdnet.com.au/news/security/0,2000061744,39185501,00.htm

The writer justifiably pegs Symantec for insulting the intelligence of people who buy Macs, rightly points out that 37 Mac OS X vulnerabilities pale in comparison to the 17500 flaws found in Windows during the same time period, and astutely questions Symantec's motives.

It's a good, short read which gets to the point and really sticks it.

I've never understood why by ZDnet's international properties, most notably Australia, love to hammer Apple.

More FUD and hater columns from a Microsoft shill in the media.

Beeble: nice argument, but actually fallacious and illogical.

Let's start with "most malware on the PC relies on naive users…". Well, it's true that a lot of viruses and worms spread through e-mail, you completely choose to ignore the adware/spyware that just installs itself because you made the mistake of visiting a site that has pimped itself to earn a few bucks. Does the Macintosh suffer from spyware/adware? No - because Apple didn't release an OS in which the browser (whichever) could be subverted by simply loading some HTML.

So onto the next argument, "viruses are spread because of the massive interconnectivity…". Utter horsepuckey. Domestic/lone SoHo PCs are no more interconnected than their Macintosh equivalents. They might have a modem or some sort of broadband connection, but their only real interconnectivity (same subnet) is probably to a printer, and even that's more likely to be USB than anything else.

Here, the protection is simply down to the fact that OS X protects itself with a great firewall that ships with everything turned on as opposed to anything before Windows XP SP2, which either shipped with a compromised firewall or with no firewall whatsoever.

In truly interconnected businesses that are well-run (like BP), anti-virus definitions are available to the e-mail servers and desktop/laptop clients on a near immediate basis which means that these companies often sail through the worst virus/worm instances. The ones that don't have their act together - like a certain tobacco company I could name - get screwed and land up having to take down network links at the router in order to stop propagation.

Another problem for Windows users is that too many of them are a) cheap. b) opportunist and c) too stupid to live. If you're intellectually challenged enough to load Kazaa on your system, you deserve everything you get and if you believe that installing an illegal copy of Office, Doom or whatever piece of virus-laden freebie software you've located on some P2P network is a good idea, you get exactly what you deserve.

So the actual problem with Windows is a) the operating system, b) the applications and c) an enormous percentage of the users. Apple may have the same problem with the user base (c), but because they dealt properly with (a) and (b), the point is moot.

Did you really read the article in the link?

It's a pro-Apple article. The problem is Symantec, not ZDNet. Besides, it was ZDNet UK which came out with the original report, not Australia. The gal in Australia who wrote the rebuttal is "spot on".

I don't know why anybody would listen to or care about anything Symantec has to say after they dropped Mac support for Norton Utilities.
W.W.

"Viruses are spread because of the massive interconnectivity of PCs to each other, something Mac just doesn't have yet."

Silly me. *I* figured that virus authors, like other break-in artists, simply plied their craft wherever it got results, and avoided places where it didn't... places too hard for them to break into.

Beeble (cough), this may come as a shock, but... Macs do actually have the ability to connect to many devices, including other Macs, and even (when they really really have to) to Wintel gear. We surf the web, share files, and can even dress ourselves. Heck, some of us don't even use AOL anymore.

Maybe you could enlighten us by explaining what "massive inteconnectivity" means*. Because if "massive connectivity" means... the part that gets me all the spyware, malware, pop-ups and ... viruses, then... I'll stick with whatever kind of connectivity it is that my Mac has already. But thanks anyway.

*While you're considering your definition, you should know that Apple has pioneered a number of the "connectivity" standards that allow your PC to be able to connect to anything at all, massively or otherwise.

Beeble,

You are completely missing the boat, with your assumption that increased market share will attract viruses and malware to the Mac platform.

As someone who's had way too many friends who were hard-core hackers, I can unequivably tell you that 80% of the hackers out there who are targeting the wintel platform do so, not because it has 90%+ of marketshare, but because they wholeheartedly _hate_ Microsoft, Gates and the culture of intimidation, theft and utter mediocrity that they stand for and represent. Period.

"More FUD and hater columns from a Microsoft shill in the media."

Now there's an ironic statement, considering this site is little more than hater columns and Mac shilling.

Reporter: "Sir Edmund, why did you climb Mount Everest?"

Sir Edmund: "Because it was there, and I could!"

Reporter: "Beeble, why have malicious coders worldwide written 68,736 known destructive viruses, Trojan Horses, and worms for the Windows operating system?

Beeble: "Because it was there, and they could!"

Get a grip, B. Windows is little more than a Model-T with a new coat of blue and green paint. Until it is rewritten FROM THE TIRES UP, it will continue to cough, sputter, and break down, leaving its users shaking fearfully in the middle of a dusty, dirty road.

(Oh, and by defending Mr. Gates and his offerings so vehemently, are YOU an M$ sycophant?)

Beeble said:
"Viruses are spread because of the massive interconnectivity of PCs to each other, something Mac just doesn't have yet."

I think he meant that Windows is an easy target because Microsoft made great efforts to design Windows 95 with features that allow a programmer to write a program that can control all other programs in the computer (aka interoperability) in every way possible (sorta like Applescript with no limitations.) The problem is, Microsoft forgot to include any basic security precautions (apparently they didn't realize that computers would one day be connected to an internet.) Subsequently, the programmers that mainly utilize the interoperability features are the virus/ad/spy-ware writers. Interoperability is a feature that Microsoft built in!
A good programmer can make a Windows machine do some "cool" stuff because of the interoperability built in.
A bad guy can make a Windows machine do all sorts of "bad" stuff because of the lack of security built in.

Apple has near 70% market share in some segments yet zero viruses - how come symantec? Unix is also the predominant OS for internet servers, yet again - why no big virus infections there symantec? Answer: becuause all the viruses are on Windows stupid! Market share is just something analysts look at.

No admin password no viruses. You just can't add anything to Mac OSX without the admin user name and password. Unless you give it away or they hack it some how. That's the only way a virus could get in and we all know they can't. There has yet to be one virus for OSX that has been actually proven to be real.

Beeble -- add his name to the roster. The few, the proud, the so pathetic that they hang out in MDN just to tell how much we suck.

Ron, Sputnik, NoMacForYou. They come and they go. But wouldn't life be so much more boring without them?

"(Oh, and by defending Mr. Gates and his offerings so vehemently, are YOU an M$ sycophant?)"

I wasn't defending Gates. I wasn't even defending Windows, just reiterating why Windows was more prone to virus attacks than ANY other OS.

I know the Mac sycophants tend to think in terms of Us vs Them, but for the vast majority of us, the computer is just a tool, not some cult where everyone who isn't a member is a moron.

In fact, I love the Mac itself. I use it all the time for my work and am getting my own soon to run FCP.

But I HATE the cult thing. It's disheartening that I can't come to a site like this and just get news without being bombarded by hatred of Windows or illogical/irrational defense of everything Mac. MDN is like the Rush Limbaugh of computers.

"I think he meant that Windows is an easy target because Microsoft made great efforts to design Windows 95 with features that allow a programmer to write a program that can control all other programs in the computer (aka interoperability) in every way possible (sorta like Applescript with no limitations.)"

What I really meant was that PCs interconnect via e-mail and networking much more with each other than Macs do. Let's say that both OS's are equally secure, and that Windows still has 95% of the market to Apple's 2%. If I want to write a virus that can only run on one platform and I want it to spread via an e-mail attachment, would I write it for the Mac or Windows? Even if I could write a virus to infect a Mac, there's virtually no chance that it would spread via e-mail given the paltry market share. The virus would die as soon as it hit a PC, which is much more likely than hitting another Mac. It wouldn't even be worth the effort.

Beeble - even if you (or I) could write a virus to infect a Mac (or indeed act as a "carrier" for both Mac and Windows), the thing that's ultimately going to stop you are the facts that a) none of the Macintosh's e-mail clients will allow code to run unchecked and b) that turning a Macintosh into a member of a "zombie" network is unlikely to be feasible unless the user is logged in as root or the user supplies the admin name/password combination to allow the the "zombie" code to be installed.

MCCFR, I understand what you're saying but security is built around KNOWN methods of hacking. Hackers don't operate that way, and anyone (even Jobs) will tell you that there's no such thing as a totally secure system. If Mac ever got up to a worthwhile market share, believe me, they'd find a way.

Beeble, you are out of your league in understanding this issue.. Viruses have self replicating features that simply are not possible on a Mac because a ADMIN password is required to install/alter the core services of OS X. Some actions cannot even be enabled unless you go in as the root user.

Total opposite from XP/200X, where programs can go in and actively alter the system folder which can result in often catastrophic results.

If you understand that very basic fundamental difference, then you understand why a mac is simply not as vunerable as a PC, end of story.

My Mac's ethernet cable is no more or less "connected" compared to Windows. It's all about the virus magnet that plugs into it. Internet Explorer is not a browser, but a platform that executes code, more than likely by someone logged in by default as an administrator. Ditto for Outlook. ActiveX is a pox on mankind. THAT'S why the Windows world has 69,000+ WINDOWS viruses.

Even if the fallacy of marketshare is considered, there are still MILLIONS of Mac users connected to the Internet, but ZERO viruses. It's not coincidence the big iron servers that run the Internet DNS are exclusively UNIX. Not a ONE Windows server.

Beeble, if you don't like the Mac "cult", if there is such a thing (remember the roots of the word fan, meaning enthusiast), then why are you writing in this "cult forum"?? Spend your time in MacMinute.com or branch out with MacPulse.com.

No one talks in MM and MP is just a headline aggregator. Right up your alley, I'd think.

One thing is clear: if the Malware Authors are ever to get some good Mac viruses/trojan horses/worms etc. happening, they will have to make a little investment: they will need to get a Mac.

Any old new Mac will do. A Mac mini would be good. Keep your monitor, keyboard, and mouse. They will plug right in if they are USB.

Welcome to Macintosh! Thanks for the market share!

Warning: Macs are habit forming. Use with caution.

I dropped Norton AntiVirus several years ago when they didn't seem to be all that interested in the Mac platform after years of excellent support (didn't they start out as a Mac company first?). That excellent support waned and so did my faith that they would actually be able to protect my OS X machine from anything.

Several others above have pointed out that all the hoopla is over vulnerabilities - that Apple patched, and quickly. Note that none of those vulnerabilities - not one - resulted in any damage to any computer that someone didn't already want it to happen, just to see the result (and then some reported it to great glee in their best Chicken Little voice, screaming "The Mac has a SECURITY FLAW! RUN FOR YOUR LIVES!!!"

Not a single piece of malicious code has done a single PENNY of damage to any OS X machine, anywhere, to date. Not a single second of any man-hour has been lost to a virus-disabled computer running OS X. Not a single lost sale reported. Not a single second of waiting for an OS X machine to re-boot after being "sterilized" from any sort of "in the wild" code.

I will be absolutely shocked and amazed when that first verifiable virus, trojan horse or other malicious bit of code is able to do anything to my OS X machine, without getting my consent first. As far as I can tell, nothing can happen on my OS X machine in terms of installing any sort of program that will have that potential without first having my fingers do the typing.

Of course, that doesn't mean I will stop using, and regularly updating, Virex...

Beeble doesn't seem to have been around long enough to know what he is talking about. But give him (her?) time and I daresay he (she?) may learn enough to have a valid opinion.

In my experience (nearing 30 years) of computing, I've found even the pre-OSX (Mac OS) operating system to have a high level of security. In some ways Mac OS X is perhaps less secure (a pre-OS X Mac OS webserver was (almost?) impossible to hack without social engineering). Still, in totality, I have had more good OS X security experiences than with just about any other operating system (save VMS) whereas my experience with Windows "security" has been less than pleasant.

MW is these, as in these malware authors are continually attacking my low marketshare Mac OS X system with little (zero) success.
(Last attack [Sun Mar 20 02:21:22 2005] ).

"Symantec isn't wrong. They're just exaggerating."

Bingo.

"impossible to hack without social engineering"

You mean taking the webmaster out to bars?

Yup ... and plying them with lots of alcohol ...

And the next time you feel like buying into that whole "Windows isn't less secure, it's just more popular" argument, take an Analogy Trip and ask yourself these related questions:

1) How many worms, especially really nasty ones that ground the entire planet to a sludgy halt, have propagated by attacking and spreading via Microsoft's web server software?
2) How many more web sites run the open source Apache software instead of Microsoft's? And
3), now that you've established that Apache is loads more popular than Microsoft's IIS (and always has been), how many crippling Apache worms have made the evening news in the past decade or so?

From CNET today: "Sophos reported earlier this week that Sober.P appears to turn off Symantec's antivirus protection and the Microsoft Windows XP firewall, probably as a way of preparing computers to distribute spam and to spread itself wider."

Maybe the Symantec people should move to Macs as well?