Mac@Work Series: Part 5 – Security
Security on the Mac is a very controversial topic. There are the people that say Macs are immune to viruses which is completely not true. There are the people that say Macs are just as virus prone as windows but the target is smaller than the Windows base so hackers are hacking the bigger target. I think security on the Mac falls somewhere in the middle.
Hackers choose Windows machines because they are the low hanging fruit on the tree. There are ample ripe unprotected windows machines to spread viruses and they are the dominant machine by numbers in the market. This is the main reason that Macs are fairly safe. I would bet a talented hacker could write a virus to infect a Mac however the time and energy exerted would be far greater than writing them for Windows. Hackers, just like business people, will chase after the greatest reward for the least cost and effort. With the Mac base growing rapidly and Windows becoming more secure with Vista and Windows 7, some attention will likely be shifted towards the Mac in the coming years. Whether that equates to a successful virus will be determined in time.
There have been worms released in the Mac community. Months ago a worm was embedded in the latest iWork software that was shared through torrents. Anyone that downloads software illegally deserves to be infected in my opinion. There is also virus protection software available, however it’s hotly debated as to whether one needs to run it at this time. Some consider it a good protector for what could happen. My personal belief is that wise user behavior is the biggest deterrent for viruses. There are vulnerabilities in web browsers and operating systems that are patched all the time. To my knowledge the vulnerabilities still require the user to type in the administer password to allow the nasty virus entrance to the warm cozy confines of the mac hard drive.
This series is about my experience with the Mac at work and we chose at my work not to run virus protection on the Mac. For the companies windows machines we use an enterprise version from Symantec endpoint protection. That is controlled from a server that manages the virus definition files and will notify IT if a computer has issues or hasn’t been scanned for a while. I received a call from IT asking me to start up my Dell Laptop and run the virus protection scan so that it would be up to date recently. Its quite costly for a company to defend against viruses and I’m happy that I don’t need to participate in that process any longer, for now…
I would caution any Mac user to be very cautious about how you boast that macs are immune to viruses because once the target on the apple becomes big enough then viruses will be aimed at the target. Hopefully the recent and future advances in OS and browser security will continue to advance and make those attacks fail. So please make sure that your OS and all other programs are up to date, stay off the torrents, and clicking through sites wisely will reduce the likelihood of infection. Mac security and viruses is a story that is still being written and will never be complete.
The worm rumored to be included in those iWork 09 torrents never existed. All information pertaining to it came from a single Mac anti-virus company, who it appears was desperate for some business. Nobody ever reporting receiving a faulty iWork torrent, and no such torrents were ever discovered or removed.
Russ
The main reason for the small amount of virus on Mac is not only the comparatively small market quote, but also the comparatively more difficulties to attack. Thus transfer the attack focus from Windows to Mac will become worthless, and that situation wouldn’t change soon.
For example, “To my knowledge the vulnerabilities still require the user to type in the administer password to allow the nasty virus entrance to the warm cozy confines of the mac hard drive.” That’s true for Mac, but you don’t even have to bother with the password when you run into troubles on a Windows machine.
You’re ignoring a lot about how a UNIX system works, and that’s one of the main reasons that such OSs are mostly inmune to viruses.
I always think that those arguments about Windows getting more viruses than a Mac just because of the greater installed base are just BS. Don’t you guys remember that back on the OS9 times there where thousands of viruses and guess what? That was when the installed base where much smaller than now, and Apple was much less mainstream.
So, maybe it’s because black hat hackers doesn’t have a Mac to make a virus on OSX… BUT, it happens that from a goood, good time ago OSX can run on quite a lot of PCs, so that argument can’t be true anymore.
So then is because hackers are not interested on the Apple platform… Which is again not true, or haven’t you seen what happend on the Black Hat Conference just weeks ago? Even Mac OSX Mobile was targeted, so don’t give me the “there’s no interest” BS.
And do you know how many viruses are for the last kernel of linux? Isn’t just a coincidence that both systems (linux and OSX) are UNIX based? My guess is that we will never see real viruses on such systems, as a virus must be able to replicate itself, infect other computers without user permission, and make some damage. Troyans or other malware on OSX don’t and can’t behave like that.
I agree with NachX. If there are Mac OS X viruses in the wild the ONLY way they can be propagated is by the user and they cannot be automatically installed like in Windows therefore the very idea that Macs are vulnerable to viruses comes from social engineering not through a failing on the part of the OS.
60% of the web is run by UNIX based systems which means there is more market share for UNIX based machines to be hacked than people realise and yet there have been a total of 0% taken down by a virus on those machines. If they do get taken down it’s usually due to a virus on a Windows machine.
The security through obscurity notion is pure bollocks. Virus writers want their names out there for bragging rights so Mac OS X is a hugely visible target and yet no one has been able to write viruses for the wild that can take over machines like on Windows. It’s got nothing to do with marketshare it’s got everything to do with bragging rights and wouldn’t it make sense to shut those preachy Mac users up with a virus?
The only guy seemingly able to hack the Mac is that idiot Charlie Miller and he can’t even do that onsite, he has to spend months creating a hack and take that along to the Hacker Conference whereby two days later his efforts are largely thwarted by Apple releasing a security update which kills his ability to hack.
I think it’s a great move on Apple’s part. Let the hack get publicised, then patch it two days later. That way Apple looks as though it’s working really quickly while at the same time take ALL the wind out of Miller’s sails. Truth is Apple would have already had the patch in place and be doing it’s testing while Miller is trying to gain glory for himself.
Hackers would be better off NOT saying anything to the media and take control of machines on the quiet instead of publicising these hacks.
Just shows hackers aren’t that intelligent after all are they?