Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Quietly Recommends Antivirus Software For Macs

timothy posted more than 5 years ago | from the wear-your-rubbers dept.

Security 484

Barence writes "After years of boasting about the Mac's near invincibility, Apple is now advising its customers to install security software on their computers. Apple — which has continually played on Windows' vulnerability to viruses in its advertising campaigns — issued the advice in a low-key message on its support forums. 'Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.' It goes on to recommend a handful of products." Reader wild_berry points out the BBC's story on the unexpected recommendation.

Sorry! There are no comments related to the filter you selected.

a way to make money (4, Interesting)

Bizzeh (851225) | more than 5 years ago | (#25958635)

is this a scare tactic for apple to push some payfor software and get people to buy it. or have apple started to loose confidence in their operating system? or even worse, do they know something we dont? are they expecting an attack?

Re:a way to make money (4, Interesting)

bytethese (1372715) | more than 5 years ago | (#25958685)

It does sound like a possible "setup". Macworld 2009 debuts new AV software? Who knows. Maybe the Mac has starting to reach that point where virus writers and security aficionados have enough a base to target their efforts? After all, Mac does seem to be gaining market share year by year.

Re:a way to make money (5, Interesting)

YttriumOxide (837412) | more than 5 years ago | (#25958865)

Maybe the Mac has starting to reach that point where virus writers and security aficionados have enough a base to target their efforts?

Perhaps, but I am still waiting to see a real "virus" that hits MacOS. There's been a few trojans (such as the one mentioned in TFA), but nothing that qualifies as a virus yet as far as I know. It is likely much harder to write a real virus (rather than a trojan) for MacOS than Windows as you'll need to find a privilege escalation exploit (need I say, without local access) in one of the standard services first, all of which tend to be pretty robust and having a core that comes from the open source and Unix worlds... as far as I know, there aren't any such exploits known right now.

Trojans can of course still be fairly nasty, as there's a lot of stupid users in the world (of any OS)

Disclosure: I do use MacOS X as my primary OS at home, but I'm definitely not a "fanboy" (I also have Linux systems at home and use primarily Windows at work - I consider myself "OS agnostic").

Re:a way to make money (0)

Anonymous Coward | more than 5 years ago | (#25958957)

Disclosure:

Or do you mean "disclaimer"?

Re:a way to make money (1)

stickystyle (799509) | more than 5 years ago | (#25959027)

Disclosure is the correct word, look it up.
I did but hitting Apple-D on my Mac keyboard :-P

Re:a way to make money (3, Interesting)

CFTM (513264) | more than 5 years ago | (#25958981)

I don't know why you want to wait, it will happen in time. This is not meant as a critique of Apple in anyway, I am of the belief that over a long enough time frame, with enough market penetration, Mac viruses will become more common. It's not that Macs are inherently that much more stable, rather the market penetration is such that it makes more sense for people creating malicious viruses to focus on the PC instead. Why create a virus that only hits 7% of computers when you can hit one that hits 85% of computers?

I also would wager that the Mac OS is probably a bit more secure than Windows, because well, it's Windows...that being said if there's enough code there will be mistakes that can be exploited that's the nature of the human element.

Re:a way to make money (0)

Anonymous Coward | more than 5 years ago | (#25959069)

Sorry for posting as anon.

Unix like operating systems do not need AV software other than to parse files for other OS's such as windows. Least user privileges limits any potential spread of malware.

I don't know wjhy apple have said this, it looks like they have bitten the poisened apple of the AV industry.

Good old fashioned common sense should still apply

Re:a way to make money (0, Flamebait)

postbigbang (761081) | more than 5 years ago | (#25959501)

That mentality is just what virus writers are looking for.

Re:a way to make money (5, Insightful)

mario_grgic (515333) | more than 5 years ago | (#25959175)

I wish people would stop parroting this fallacy all the time. Market share has nothing to do with how easy it is to break into a system.

If you have something like windows where security is bolted on after the fact, and OS that was never meant to be a multi-user OS connected to the internet (all these were added as features later on and done poorly) then you will have a system that is much harder to keep secure.

UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.

Re:a way to make money (5, Insightful)

deraj123 (1225722) | more than 5 years ago | (#25959459)

Except the GP didn't say that it was easier to break into the system - he said that more people are going to try. I think he neglects to mention an underlying assumption that no software is perfect, and given enough time and effort, the chances of finding a security flaw that can be exploited is greater than zero in ANY piece of software. While this assumption won't always be true, it's completely reasonable for us to make it when considering the security of our systems - for we don't really have any way of disproving it for any particular piece of software.

A way to make news. (2, Insightful)

Ostracus (1354233) | more than 5 years ago | (#25959573)

Agreed, however this is still news because the platform is under such control by Apple. They could quietly and easily put not only hardware and software in place. But implement more effective procedures in their software process to make security tighter. And we wouldn't be the wiser.

Re:a way to make money (4, Informative)

TheRaven64 (641858) | more than 5 years ago | (#25959539)

It doesn't when you're talking about manual attacks, but it does for automated attacks. Compromise one Windows machine, and it's trivial to find a load more Windows machines to attack. Compromise one Mac, and it's much harder to find the next Mac to attack.

UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.

Oh, this just makes me laugh. Operating system the first Internet worm ran on? UNIX. It wasn't until the mid '90s that people started saying 'UNIX Security' without laughing.

Re:a way to make money (1)

yachius (1348219) | more than 5 years ago | (#25959575)

Market share may not have anything to do with the ease of breaking into a system, but it certainly makes it a desirable system to break into.

Market share + flaw = exploit

A coder trying to build a bot-net most definitely cares about market share, as does anybody who is profiting from compromising computers (spyware/adware).

Re:a way to make money (3, Funny)

Anivair (921745) | more than 5 years ago | (#25959577)

You're wrong. Market share has everything to do with how easy it is to break into a computer. They are, in fact, directly proportional. the easier it is to break in, the bigger your market share. Just ask Debian.

Re:a way to make money (5, Interesting)

squiggleslash (241428) | more than 5 years ago | (#25959615)

I wish people would stop parroting this fallacy all the time. Market share has nothing to do with how easy it is to break into a system.

Look at AROS [sourceforge.net] ! It has no security whatsoever, not even memory management between processes, so despite only having a hundred or so users, it must have zillions of virusses. But, of course, it DOESN'T. So far as I'm aware, nobody's bothered to write one, and it's unlikely any AROS virus would actually be effective.

All viruses require a reasonable level of market share to operate, because one of the principles they rely upon is a network effect, and you just plain cannot get a network effect without a decent market share. So marketshare is, very much, a pre-requisite for a successful virus. It's not the only one, but when people say "Mac OS X hasn't been attacked yet because it doesn't have enough marketshare", they're right. That's one fundamental reason. And unless you can show that any other reasons apply, it's likely to be the only reason.

If you have something like windows where security is bolted on after the fact, and OS that was never meant to be a multi-user OS connected to the internet (all these were added as features later on and done poorly) then you will have a system that is much harder to keep secure.

UNIX on the other hand was designed from day one to be networked multi-user OS, and security and separation of concerns was there from beginning.

It's frankly hilarious that Unix, on which the first worms operated, can be held up as some system that had security built-in from the start. It's also untrue that Windows, that is, the operating system known as Windows today, was "never meant to be a multi-user OS connected to the internet". Unless you're talking about Windows Me and its predecessors (98, 95, 3.1, et al), then that's completely false. Current versions of Windows (XP, Vista, 2003, et al) are derived from Windows NT, which was designed, from the beginning, to be "a multi-user OS connected to the internet".

In fact, Windows NT and its successors have a more advanced security model than Unix, allowing more than a separation of users and groups.

The issue with Windows is two fold. First, marketshare. And second, an over complex user-environment where too much functionality is available on the "user" side of the security wall. Both of these issues affected Unix up until the mid nineties, where its disproportionate share of Internet nodes and the amount of stuff running as the default user (which in Unix was root, which also happened to be the account with the most rights.)

There's little reason to believe that Mac OS X is protected from viruses by anything other than its low market share at this point. There's not a large enough group of users for network effects to take over. It is not an inherently secure operating system. The default user is generally set up with administration privileges, and it just takes a buffer overflow or other ordinary vulnerability in a client application like a web browser plug-in for a virus or worm to have complete access to the user's files, and enough access to be able to modify many of the applications the user is likely to run.

Fundamentally, Mac OS X has the same problem as Windows, and the same problem the "run-everything-as-root" Unixes did in the eighties and early nineties: too much functionality available to the default user. To fix this, you need to change the model somewhat. The very least Apple could do is set Mac OS X up so that the installer actively discourages setting up the default user as an administrator.

Re:a way to make money (1, Insightful)

Anonymous Coward | more than 5 years ago | (#25959039)

Why would it need privilege escalation? If there's a hole in some commonly enabled service that runs as root, that would take care of it.

Also, why couldn't a spambot just run in user space? Most people only ever use one account anyway.

Re:a way to make money (1)

bytethese (1372715) | more than 5 years ago | (#25959045)

OS-nogstic? :) I too use OS X at home and am certainly not a "fanboy" either. I too use Windows at work and have several virtual machines on my Mac (nature of the beast for my grad work). I agree with you regarding the difficulty in virus writing for the MacOS platform vs trojans. Unfortunately, there's more dumb people than darwinism can efficiently select out.

Re:a way to make money (5, Informative)

v1 (525388) | more than 5 years ago | (#25959235)

Macs definitely are susceptible to malware, as the recent DNS trojan has demonstrated. Any app that asks for and gets your admin password is going to play with your computer, that's pretty hard to beat.

Viruses, and worms in particular, do covert, automated spreading. Worms are able to exploit on-by-default network services remotely in the background. (we just had a new one announced yesterday! affects xp AND vista, good lord you'd think they'd learn by now!) Viruses require the ability to circumvent LOCAL security, and get their hooks in the system and replicate locally without user interaction/permission. OS X (and unix in general) are designed from the ground up with this in mind, and have always been far less vulnerable to these two issues.

I don't see this changing anytime soon, just due to the differing design philosophies inside the two systems. From the start of OS X, apps didn't just have free access to do as they pleased, they were restricted by a security model, and learned to develop in OS X under these restrictions, being forced to learn good coding practice. Windows started in the wide open, and their devs got used to it, before they realize the scope of their mistake and tried to close the doors. The devs refused to stop writing apps that just "oh lets just assume we have full write access to the entire hard drive" etc. and so MS has had to go very slowly to avoid completely destroying their established software market. That's hard to overcome.

Even today I can count on one hand all the mac apps I've ran into that either (1) have to be installed while logged in as an admin, or (2) will only run properly (or completely) when logged in as an admin. And I count those developers as idiots for not knowing what they're doing and just assuming they have privs. Until Windows software approaches these numbers, I don't think we can call the Windows security model "fixed".

There are two things that most interest me here. First, Norton has been considered anything from "bad" to "poison" to OS X from the get-go. It's been known to create a wide variety of system problems, and in most cases, when OS X is misbehaving, and they admit they are running norton, the first advice they get is to remove it. (and "good luck removing it" to boot) Symantec has been of little help there, their first "removal tool" was 300+ lines of terminal commands, and still didn't completely uproot it. Their current removal tools are more effective and user-friendly though. So to see Apple RECOMMEND norton is something of a shock. I don't know of a single person in any of the mac support forums that recommends anything for Norton besides uninstalling it.

Second, I thought AV products don't "stack" well? Our PC tech here is constantly having problems with computers that come in and are running 2-4 AV software, and they're fighting like cats and dogs and crippling the system to where only a fresh install will fix it. From what I read on that Apple post, it sounds like Apple is encouraging you to install multiple AV software. And OS X already runs ClamAV doesn't it? Although I have yet to see such a thing get pushed out, I assume Clam can get updates via SoftwareUpdate? I seriously question where they're going by recommending you install additional (or possibly multiple) AV software.

Re:a way to make money (0)

Anonymous Coward | more than 5 years ago | (#25959289)

"... nothing that qualifies as a virus yet as far as I know... you'll need to find a privilege escalation exploit (need I say, without local access)"

two questions -
1. I always thought that a virus (by definition) had local access. If you're talking about network attacks, wouldn't that would be a worm? There are certainly viruses that are neither trojans nor worms (eg. embeds itself in other executables).

2. Windows-based antivirus programs usually work based on a database of signatures. If there are no viruses out there to put in the database, wouldn't the AV program be pointless?

Re:a way to make money (0)

Anonymous Coward | more than 5 years ago | (#25959343)

It does sound like a possible "setup". Macworld 2009 debuts new AV software?

It would surprise me as Apple said the following:

Apple encourages the widespread use of multiple antivirus utilities [...]

It's not probable that they make their own soft if they start saying that everyone should buy another one.

But for the virus question, it's true that there haven't been many viruses yet on anything but Windows, but don't forget that MacOS and Unix have another type of users which will maybe not click on every button on the internet.

Re:a way to make money (1)

tyler.willard (944724) | more than 5 years ago | (#25959599)

...is likely much harder to write a real virus (rather than a trojan)...as you'll need to find a privilege escalation exploit...

That's not really correct. All a virus is is a self-replicating program that infects other files or programs. There's no need for privilege escalation. Granted, that would protect system files from infection (which is good) and perhaps make the virus less dangerous; then again, infecting docs (e.g. macro viruses) and executables in your home directory would still suck. Also since viruses and worms are often conflated (worms being self-replicating programs that only create copies of themselves) it doesn't necessarily follow that a worm would require privilege escalation.

...all of which tend to be pretty robust and having a core that comes from the open source and Unix worlds... as far as I know, there aren't any such exploits known right now.

Come on...having a Unix pedigree is indeed a large improvement but lets not forget where the "root" in "rootkit" comes from.

Re:a way to make money (1)

Geoffrey.landis (926948) | more than 5 years ago | (#25958925)

is this a scare tactic for apple to push some payfor software and get people to buy it

No, it's just common sense. Macs are not immune to viruses, and it's wise to keep up to date.

Re:a way to make money (0)

rallymatte (707679) | more than 5 years ago | (#25958937)

is this a scare tactic for apple to push some payfor software and get people to buy it. or have apple started to loose confidence in their operating system? or even worse, do they know something we dont? are they expecting an attack?

Well, probably not something that specific, but they might have seen an increase in exploits and such for Mac OS X and would like to be on the safe side. Cover their asses legally.
And it seems pretty likely that they would be targeted more and more, as more and more Macs are being sold.
I very much doubt that there is one single "attacker" out there that they're worried about, or that they're actually think their OS is rubbish all of a sudden.

Re:a way to make money (0)

Anonymous Coward | more than 5 years ago | (#25959079)

Well, probably not something that specific, but they might have seen an increase in exploits and such for Mac OS X and would like to be on the safe side. Cover their asses legally.

Oh, you mean like Microsoft has been held legally responsible for the widespread dissemination or viruses and botnots. Right! Send me a retainer of USD1,000,000.00 and we'll talk.

It's in the Details (3, Interesting)

jDeepbeep (913892) | more than 5 years ago | (#25959429)

If you follow the apple store link in TFA, it's interesting to note the description for the first product (Intego VirusBarrier X5) says this:

Now that you've installed Windows on your Intel-based Mac, you're vulnerable to a whole new range of security threats: Viruses, spyware, adware, and hackers are all waiting to compromise your Windows setup. No matter if you're running Windows in Boot Camp, Parallels Desktop, or VMWare's Fusion, it requires Windows-specific protection. VirusBarrier Dual Protection is the answer. It provides security for both Mac OS X and Windows, ensuring that you'll have total protection for both operating systems.

Multiple antivirus products? (-1)

Anonymous Coward | more than 5 years ago | (#25958641)

Multiple products is the dumbest idea I've ever heard. Well, unless you want it to take half an hour to have a 50% chance of opening your Word document as all three of your antivirus programs fight over it.

Re:Multiple antivirus products? (5, Informative)

Geoffrey.landis (926948) | more than 5 years ago | (#25958903)

Not multiple antivirus products on the same machine!

Having multiple products deployed mean that the virus programmers have different applications to circumvent. But that's multiple products on different machines-- you wouldn't expect one user to run all of the anti virus products on one machine.

Not suprised (3, Funny)

SchizoStatic (1413201) | more than 5 years ago | (#25958643)

Well what do they expect they start to get a larger market share they start to be the target of more blackhats.

I'm sure there is a side deal with the AV comps (-1, Troll)

y86 (111726) | more than 5 years ago | (#25958661)

Hey, if our sales go up by 10% we'll float you a $50,000 hold back check.

Welcome to modern sleazy business.

Re:I'm sure there is a side deal with the AV comps (1, Troll)

BradleyUffner (103496) | more than 5 years ago | (#25958739)

Hey, if our sales go up by 10% we'll float you a $50,000 hold back check.

So basically the cost of 2 new mac books?

[rim-shot] Thanks folks, im here all week.

Re:I'm sure there is a side deal with the AV comps (0)

Anonymous Coward | more than 5 years ago | (#25959165)

I don't think Apple would put a price on the reputation of their OS? Seems shortsighted.

Oh Shit (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25958669)

Is this the end of Microsoft or is Steve Jobs lying again to make it look like someone actually give a crap to take the time to code a virus for their system?

Re:Oh Shit (0)

TheP4st (1164315) | more than 5 years ago | (#25958811)

Re:Oh Shit (4, Insightful)

Aphoxema (1088507) | more than 5 years ago | (#25958979)

You have strange ideas of trustworthy sources for 'facts'.

Re:Oh Shit (1)

TheP4st (1164315) | more than 5 years ago | (#25959467)

Doh! I completely misread the post as "take the time to code a antivirus for their system?"
But if Mcafee and Symantec perform on Macs as they do on Windows I reckon that I weren't completely off target.

Sophos (5, Interesting)

gammygator (820041) | more than 5 years ago | (#25958689)

I've been running Sophos on both my Macs for a year or so... Not so much because I felt I needed them... but because I come from the PC world and felt nekked without an AV program... and my work covers the license costs which made the decision a no brainer.

Interestingly enough... to date, they have only detected MS based viruses.

Re:Sophos (4, Interesting)

gEvil (beta) (945888) | more than 5 years ago | (#25958875)

Interestingly enough... to date, they have only detected MS based viruses.

When I ran a lab of Macs several years ago, we ran AV software on all the machines. It was mostly there to strip out the Word macro viruses that students would bring in from their home computers. I'm not aware of the software catching any viruses that could actually have done anything to the machines themselves.

Re:Sophos (3, Interesting)

SaDan (81097) | more than 5 years ago | (#25959517)

The only Trojan I've ever seen for Mac was in a Word document macro years ago. The payload was empty if you opened the file on a Windows system, but on a Mac system it would try to wipe the drive.

Re:Sophos (1)

vertinox (846076) | more than 5 years ago | (#25959107)

I use ClamX. In fact I ran it last night though I wonder if it only looks for windows specific viruses.

As precaution I usually look at what programs are set to automatically start up and the file sharing security.

From my understanding, the only Mac viruses are really just trojans which manually have to be run instead of just browsing to a webpage and then being hit with it.

Re:Sophos (1)

TheRaven64 (641858) | more than 5 years ago | (#25959601)

I'd be interested in buying Mac Antivirus software if any of the AV products for the Mac could point to a single Mac virus that they could prevent, or a single Mac security flaw that they provided a work-around before Apple fixed. The second is a lot easier than the first, but I don't see it in any adverts. With 10.5, Apple introduced a nice syscall interception framework and with 10.6 I expect to see it used by default for a lot more things (it already prevented an mDNS vulnerability being exploitable on 10.5).

Let the flame wars begin (5, Insightful)

m0s3m8n (1335861) | more than 5 years ago | (#25958695)

Yes Apples can get malware (general term) if you are a complete dumb ass. Until self-propagating zero-interaction attacks appear, leave me alone.

Re:Let the flame wars begin (0)

Anonymous Coward | more than 5 years ago | (#25959427)

Most all malware originates between the keyboard and the chair.

I don't need a virus to affect my system (5, Funny)

Shivetya (243324) | more than 5 years ago | (#25958697)

I have Quicktime.

Does a Mac AV program really do anything? (5, Insightful)

grapes911 (646574) | more than 5 years ago | (#25958717)

Don't those AV programs mostly scan for Windows viruses on the Mac so you don't pass around those viruses to Windows users?

Re:Does a Mac AV program really do anything? (4, Informative)

FictionPimp (712802) | more than 5 years ago | (#25958883)

That is what I always thought, in fact looking at clamXav it appears to only scan for windows viruses.

Re:Does a Mac AV program really do anything? (0)

Anonymous Coward | more than 5 years ago | (#25958915)

Don't those AV programs mostly scan for Windows viruses on the Mac so you don't pass around those viruses to Windows users?

I remember about a decade ago MS Office implementation on the mac was good enough that Macro virus would run. Fortunately, the file structures were different enough that they wouldn't do much, but at the same time we could also point out how the Macs structure made trojans more effective, and we'ver alreaqdy seen how OS X's Unix underpinnings and x86 architecture make it vulnerable to stuf old MacOS & 68k macs shrugged off

Re:Does a Mac AV program really do anything? (1)

Golias (176380) | more than 5 years ago | (#25959503)

Don't those AV programs mostly scan for Windows viruses on the Mac so you don't pass around those viruses to Windows users?

I remember about a decade ago MS Office implementation on the mac was good enough that Macro virus would run. Fortunately, the file structures were different enough that they wouldn't do much, but at the same time we could also point out how the Macs structure made trojans more effective, and we'ver alreaqdy seen how OS X's Unix underpinnings and x86 architecture make it vulnerable to stuf old MacOS & 68k macs shrugged off

(Psst. The Mac file system is still different from what either Unix or Windows uses. But shhh! I'm really enjoying reading all this concerned hand-wringing as I continue to run my Macs on-line 24/7 with no AV software installed.)

Old document (5, Informative)

Anonymous Coward | more than 5 years ago | (#25958731)

This story is just wrong. That document is several years old. Apple advises to install security software since years. They just added new names for recommended software products and therefore updated the issue date on the document.

Re:Old document (1, Funny)

Anonymous Coward | more than 5 years ago | (#25959129)

so what you are saying is that i shouldn't have forwarded this article to every smug apple advocate that i know?

shit.

Herd Immunity (0)

TheFlyingBuddha (1373717) | more than 5 years ago | (#25958745)

The only reason macs have been able to get away with claiming such great security records (statistically) is herd immunity. They are insulated by being a minority which has different 'resistances' amongst the herd of PC users. As they gain market share, they become a bigger target. I've been telling people this forever but looks like Apple is ready to deal with it at least.

Re:Herd Immunity (3, Insightful)

Anonymous Coward | more than 5 years ago | (#25958969)

This doesn't apply. Macs are not an isolated community. They share data and documents freely with Windows systems, just as Linux systems do. The reason why there are fewer viruses for MacOS is similar to why there are fewer botnets that run on Linux servers.

Antivirus and antispyware protection is like putting buckets in the attic, instead of fixing the roof.

Re:Herd Immunity (1)

AvitarX (172628) | more than 5 years ago | (#25959097)

I assume the roof in that metaphor is the user?

Because running a Trojan is something people do, downloading and installing malware usually is too.

The "this file came from the internet" warning could help, and the "enter your password" warning may also, but in the end, if someone wants to do it, you need AV software to stop them.

Re:Herd Immunity (1)

CFTM (513264) | more than 5 years ago | (#25959035)

To add to your statement, I also think they're protected by the fact that if you're taking the time to right a piece of malicious code you generally want it to have the greatest impact possible. Why cut out 80% of the market by finding something to exploit on the mac? Seems like a lot of work to get oneself in to a niche market.

Re:Herd Immunity (1)

YouWantFriesWithThat (1123591) | more than 5 years ago | (#25959363)

i agree with what you are saying, but i think you mean 94%. because as far as i can tell apple market share is hovering around 6%. that is based on actual units sold, not a page view metric. every % that i have seen that is higher is not based on real numbers but an extrapolation of site visits.

if anyone has firm numbers reflecting a different market share, i would be interested to see it.

Re:Herd Immunity (5, Interesting)

maztuhblastah (745586) | more than 5 years ago | (#25959181)

The only reason macs have been able to get away with claiming such great security records (statistically) is herd immunity.

Indeed. Just look at Linux. It had a great security record up until the start of this decade. Then, once it gained a lot of popularity on servers, we started to see millions of infected Linux servers, linked together in botn...

Oh. Well damn. It seems that despite being the near ideal target for virus-writers (always on, very fast links, powerful hardware), the most popular server platform on earth doesn't have a major virus problem. Huh. Maybe an OSs security record isn't directly linked to its popularity...

Re:Herd Immunity (1)

deraj123 (1225722) | more than 5 years ago | (#25959579)

I could be wrong on this, but it seems to me that as a virus writer it would be much more lucrative to target desktops of average home users (who seldom have a clue what they're doing) than to target servers run by admins who supposedly know what they're doing and are paid significant sums of money (and thus spending a significant amount of time) for the sole purpose of keeping these systems running properly.

Re:Herd Immunity (2, Insightful)

TheMeuge (645043) | more than 5 years ago | (#25959379)

"Herd Immunity"

You keep using that expression. I don't think it means what you think it means.

Re:Herd Immunity (2, Informative)

UnknowingFool (672806) | more than 5 years ago | (#25959553)

The only reason macs have been able to get away with claiming such great security records (statistically) is herd immunity.

I think that's a bit of faulty reasoning. For though Macs are a small percentage of the computers, they still represent millions of consumers. If that reasoning was correct, since Macs and Linux represent X% of users, they should be getting X% of viruses. By their nature they don't get viruses mainly due to the nature of their OS that programs can't autorun without permission. As demographics go, they also represent more affluent consumers. So more likely Macs will be the targets of malware as opposed to viruses.

Anyone know? (1)

gEvil (beta) (945888) | more than 5 years ago | (#25958775)

I noticed the "Old Article: 4454" string on the page. Anybody have any idea what the old knowledge base article used to say? And what era it was from?

Re:Anyone know? (1)

Golias (176380) | more than 5 years ago | (#25959587)

Noooo! Don't give up the game! This whole discussion is proving to be a terrific honey-pot for identifying anti-Mac platform bigots! And here you had to go and ruin it by pointing out that the "news" story isn't actual news.

Oh well. This is slashdot. There will be more.

A good sign for Apple (1, Insightful)

elrous0 (869638) | more than 5 years ago | (#25958793)

Actually, in a way, this is a good sign for them. It means that they're getting enough market share for the virus and malware writers to actually give a shit.

Re:A good sign for Apple (4, Insightful)

Yvanhoe (564877) | more than 5 years ago | (#25958955)

Stop this myth. It has more to do with ease of attack than market shares. There used to be (I don't know the numbers these days) more than 50% of servers on various unix. Still close to no virus there (and, I believe, none active).

1% of the market share would still make a valuable bot-net. Even 10% of this 1%. It translates into cash money. If it were easy, some people would have done it.

Re:A good sign for Apple (1)

gad_zuki! (70830) | more than 5 years ago | (#25959255)

>There used to be (I don't know the numbers these days) more than 50% of servers on various unix

Malicious users dont spread viruses on servers, they root them via known vulnerabilities or weak password. No one is sitting at a production servers downloading poker programs and opening attachments from strangers. These are completely different strategies for compromising a box. There's no shortage of rooted boxes out there.

The point is still valid. OSX has been targeted by malware developers recently, starting with that fake video player that is still making the rounds. Most likely the malware developers are seeing OSX as an untapped market. Apple knows this is a threat and is doing the sensible thing. Expect more of this malware.

Re:A good sign for Apple (1)

JasterBobaMereel (1102861) | more than 5 years ago | (#25959327)

The market share myth - is a myth

Most used Webserver - Apache
    But Webserver with the most Virus attacks was always IIS (It has improved due to the bad publicity) ...and Apache on Windows always had more flaws than Apache on other platforms, according to the writers of Apache due to the security flaws in Windows

If, as is generally thought, OSX has 1% of the market then it should have 1% of the Viruses, but it has only ever had a handful of viruses and all of these not found in the wild anymore? Since the vast majority of OSX systems do not run anti-virus they should be an obvious target.. and still there are few if any viruses ...

Malware however is another story and can (and does) affect all systems, but does not require antivirus, but does require the system to be properly configured and secured and may require anti-malware plugins for the browser ....?

Also, (1)

nitsnipe (1332543) | more than 5 years ago | (#25959389)

as a young geek, the internet has taught me that security through obscurity is pointless.

Re:A good sign for Apple (4, Insightful)

elrous0 (869638) | more than 5 years ago | (#25959391)

Very few virus writers target servers, Unix or otherwise, because they're generally not admined by some grandma in Albany who will open an exe file sent to her by a stranger with the subject heading "I love you."

Duh (1)

El Lobo (994537) | more than 5 years ago | (#25958837)

Their user base is raising, so virus makers are now on track.

On the university I work for, a whole data lab was infected with what was identified as OSX.Trojan.PokerStealer, which turns on SSH access attack from outside. How the computers were infected, I really don't know, but next week every mac in the lab was proudly running a new copy of Norton Antivirus for the Mac.

a necessity (5, Funny)

Anonymous Coward | more than 5 years ago | (#25958907)

Well, duh... With the Apple CEO engaging in the unhygienic practice of peeing on all the hardware before it ships, no wonder users are being advised to get some sort of protection against pathogens.

Or was that the Mapple CEO... meh, they probably all do it.

What? Viruses in my OSX box? (0)

Anonymous Coward | more than 5 years ago | (#25958913)

It's more likely than you think.

Makes sense in heterogenous networks (4, Informative)

bomanbot (980297) | more than 5 years ago | (#25958943)

Well, aside from the fact that this Apple support document is not exactly brimming with information, using an antivirus program on a Mac makes perfect sense in a mixed environment with other operating systems.

Although your Mac may be safe from the vast majority of malware stuff circulating right now, it can still spread them around and infect for example the other Windows machines on the network (those Microsoft Office macrovirus infections are a good example).

Also, with all the nice virtualisation programs available on the Mac and BootCamp, it makes sense as a Mac user to be more aware of potential malware problems , although then the antivirus solution should be inside that environment, I think. Also those antivirus programs open up a whole other can of worms, because those antivirus companies are splendid examples of honesty and efficient programming, as we all well know :)

Bullshit..... (0)

macyrlivyed2 (1396251) | more than 5 years ago | (#25958965)

Whoever wrote this story is talking about something that they have no knowledge of. Apple does not recommend ANY anti virus software anywhere in their support forums. Go see for yourself.

Re:Bullshit..... (1)

Mascot (120795) | more than 5 years ago | (#25959089)

I did. They do. I'm clearly missing your pun. Mind clarifying it for me?

Great, lets slow the OS even more! (0)

Anonymous Coward | more than 5 years ago | (#25958999)

OS X is already kind of "chunky" when it comes to performance. It's even worse if you enable all that search indexing crap. Then you're going to pile AV scanning software on top of it? Nice.

Admin user (1)

javacowboy (222023) | more than 5 years ago | (#25959009)

Isn't the main problem with Windows security, and thus the spread of viruses on that platform, due to the fact that Windows users run as root by default? Since Mac users must enter their password anytime they or a program attempt to write to system directories, isn't the Mac platform largely safe from viruses?

I'm not bashing Microsoft. If Microsoft could find a way to force all third party software developers to make their programs run from non-admin users, I'm sure they would have made users non-admin by default by now.

Re:Admin user (0)

Anonymous Coward | more than 5 years ago | (#25959161)

If Microsoft could find a way to force all third party software developers to make their programs run from non-admin users, I'm sure they would have made users non-admin by default by now.

Is that supposed to be a joke? Because I'm pretty sure that's what all this cancel/allow stuff in Vista is about, isn't it?

Re:Admin user (0)

Anonymous Coward | more than 5 years ago | (#25959299)

Mac users run as "root" by default. Or to be more precise, by default, a password isn't needed to run things as "root". If you're joe virus on a default Mac, you can do whatever you want.

Re:Admin user (4, Insightful)

SuiteSisterMary (123932) | more than 5 years ago | (#25959407)

Well, that's the issue. You've been able to write software for Windows that allows for non-admin since 1999. My Documents, no user files in Program Files, non-admin logins, the whole nine yards.

But, of course, developers are lazy. They don't want to write proper software.

Can Microsoft force it? Of course. They tried it with Vista and UAC; pop up a little 'fuck you' every time a program does something the Windows 95 paradigm. And they got raked over the coals for it.

Legal Protection (1)

mario_grgic (515333) | more than 5 years ago | (#25959043)

This has more to do with the protection from law suit from clueless users who might get some virus or whatever installed and claim "what, you have not told me I need an anti-virus software".

But in all seriousness, I would never ever, ever install any kind of anti-virus crap on Windows, let alone non-Windows OS. Those things are more taxing and costly (as in CPU and disk arm cycles) than a virus :D. I have used Windows for decades and never had a virus, and I sure as hell won't be installing anti-virus software on my Macs now.

Re:Legal Protection (1)

drquoz (1199407) | more than 5 years ago | (#25959607)

How do you know you haven't gotten a virus if you don't have antivirus software? If you've used Windows for decades, I can pretty much guarantee you've gotten one at some point. I can't recall getting one myself in probably three or four years, but to say I've never gotten one would be an overly pretentious lie.

question... (1)

apodyopsis (1048476) | more than 5 years ago | (#25959049)

Because of the better inherent security in the operating system model is true that mac/linux is probably safer from direct attacks on the OS but is just as prone to browser attacks and social engineering attacks?

I mean, when root privilege is required to affect the core system this should inherently be safer then Win32 where everybody is an administrator.

Disclaimer: Feel free to flame me to a crisp on my lack of knowledge, but I'll make it clear that I am not an expert in computer security and I am interested in a genuine answer about how vulnerable Linux is compared to Windows.

From what I can tell of the article Win32 is hit hard because it is the softer more numerous target, but as Linux takes hold it will become a more attractive target. But because everybody has the source code presumably this means more eyes scanning for errors and potential security risks fixed faster?

New Commercials? (-1, Troll)

TheNecromancer (179644) | more than 5 years ago | (#25959063)

So when can I expect to see a new Apple commercial, apologizing to the Vista guy for ripping about the lack of security of MS's operating system?

Maybe one where the Vista guy is dressed in his kingly garb, and the Mac guy bowing on one knee before him. I'd then expect the Vista guy to whack the Mac guy on the head with his scepter. Take that, Apple!

"Apple Quietly"?? (1)

jhalstead (919360) | more than 5 years ago | (#25959065)

What is up with all of the "Apple Quietly" articles? Search for the phrase in google, you'll see what I mean.

Re:"Apple Quietly"?? (2, Funny)

Bearpaw (13080) | more than 5 years ago | (#25959473)

Any information release by Apple that doesn't occur during a Special Event seems to be suspect.

("In other news, Steve Jobs quietly blows his nose. Will this fuel more concerns about his health?")

If you listen carefully... (4, Funny)

scubamage (727538) | more than 5 years ago | (#25959087)

...you can hear the heads of a million fanboys going poof!

Re:If you listen carefully... (1)

ettlz (639203) | more than 5 years ago | (#25959111)

That's the great disturbance in the reality-distortion field. I bet the Organas were Mac users, too.

My campus requires it (2, Interesting)

tecker (793737) | more than 5 years ago | (#25959135)

The college I attend actually requires all mac users to install Symantic Corporate to be allowd on the network. Their justification is that this will prevent WINDOWS virus from passing through macs and then hitting the Windows boxes as the mac users send them on. We have a good security team and I can understand why they would want to do this.

As macs are being used in Enterprise environments they can harbor virus infected files silently before going back into the network. One computer that missed new definitions can be taken down when that file gets passed to it. Its up to you but if you are in Enterprise situations you better comply.

As for multiple AV systems, that is retarded. They will fight for resources and cause performance to be brought down. Just pick one and run with it. If you want.

Um huh? Apple has always recommended protection (5, Informative)

falcon5768 (629591) | more than 5 years ago | (#25959183)

Hell they even gave it away with old .mac accounts. And apple support always had lines saying to use protection. How is it all of a sudden new? They have been saying to use protection for YEARS now.

Lawyers? (1)

javacowboy (222023) | more than 5 years ago | (#25959195)

Somebody on AppleInsider brought up this very interesting point:

http://forums.appleinsider.com/showpost.php?p=1344735&postcount=13 [appleinsider.com]


I agree.

There are no shortages of bottom feeding trial lawyers looking for a meal at Apple's treasury.

Think of the liability, if Apple wasn't cautioning users about security and the steps they should consider, when someone finally cracks OSX, and OSX malware finally breaks into the wild.

This is just smart business.

Apple and "security theatre". (1, Redundant)

argent (18001) | more than 5 years ago | (#25959209)

I am increasingly annoyed by Apple's following Microsoft in "Security Theatre" techniques like the Leopard "OMG you downloaded that file from TEH INTERWEBS!" dialogs, but this is going too far.

Antivirus software does not make any difference to the virus writing process. It can only detect and block existing exploits. Until there ARE active exploits in the wild all it can do is cause time and data loss through false positives.

Quietly? (0, Troll)

halcyon1234 (834388) | more than 5 years ago | (#25959237)

So, Apple, you have something to tell us?

geh ammprpmp sm

I'm sorry, I didn't catch that. A bit louder please?

Get a vmrs smmmr

It sounds like 'get a...' One more time, please, for everyone to hear.

..... get a virus scanner...

'Get a virus scanner'. So all this time you convinced us to use you bareback because you were 'safe' was just a lie?

Not always...

Oh that's right, I forgot. You invited Windows into our boot. You said we'd all be safe together. But didn't I warn you that when you boot with Windows, you boot with everyone Windows has ever had contact with? And that's a lot of people. So when did it happen, hmm? When I was taking care of all the little iPods we have together? Who mounter whose file system, hmm? No, don't touch me. I can't look at you right now.

Ok here is the truth. (0)

Anonymous Coward | more than 5 years ago | (#25959271)

Yes. Mac's (not apples m0s3m8n) are getting a bit more of the market share then they were a few years ago. As it turns out most of the viruses that occurs in OS X occur in the few applications that are developed by Microsoft. The only incidents that have occurred have been in Bootcamp,Parallels and Office.

Another thing-the software that Apple supposedly quietly recommends? I looked for over 30 minutes on the site and I couldn't find one reccomendation that was made by Apple.

There are anti-virus demos on the website for promotional purposes, none of which were developed by Apple.

Mac's may need anti-virus software in the future, but as for right now they are 100% secure.

its about the dominant os (0, Flamebait)

circletimessquare (444983) | more than 5 years ago | (#25959301)

as apple gains market share, more virus authors will target it, until its penetration rate is equal to windows, which only has the penetration rate it has because of its popularity

if windows were an obscure os, its marketers would trumpet its low virus rate as a feature

likewise, if linux gains more popularity, it will be targetted, and exploited, at the same rate as windows is now

cue the linux and apple zealots who think their os is somehow more inherently secure than windows

exploits are just as much about social engineering, and the security of the programs that run on top of the os, as they are about the os. in such a way, advertising better security in one os versus another is a misnomer

Re:its about the dominant os (1)

Tony Hoyle (11698) | more than 5 years ago | (#25959435)

As others have stated that's a total myth and is simply not true.

Apple has about 10% right now, so by your theory 10% of viruses should be for OSX. Number of viruses in the wild? Zero.

Boasting? (1)

cunamara (937584) | more than 5 years ago | (#25959305)

"After years of boasting about the Mac's near invincibility..." I've been a Mac user for over 22 years. While I have heard many of my fellow Mac users boast about the lack of viruses and other malware for Macs- mainly out of ignorance or just to taunt Windows users- there have been Mac viruses in the past (e.g., nVIR) and there will be Mac viruses in the future. I've always been concerned that complacency regarding Mac malware would eventually result in heinousness once some bad actor sunk their teeth into it.

The result of these years of complacency is that there are no good Mac antivirus applications. There are some passable ones and there are some awful ones. One of the better ones is ClamXAV but it is only as good as its virus definitions.

Get a grip (1)

actionbastard (1206160) | more than 5 years ago | (#25959307)

This is not news. Apple has always recommended that users of its products run anti-virus software. The reason that this got 'amped-up' was because Brian Krebs at the Washington Post 'noticed' the Apple Support document while trolling around their site enjoying the new, harder to use, design layout. What he failed to notice -and mention in his blog- was the article was modified from an earlier one that said basically the same thing. It's prudent for Apple to have been saying this all along so as to avoid any liability. To use the old /. saying, "Nothing to see here; move along."

comparing AV products (0)

Anonymous Coward | more than 5 years ago | (#25959549)

Can anyone offer feedback on the relative quality of the 3 AV products in TFA and also ClamXav [clamxav.com] (which is free)

I run a manual scan with ClamXav about once a decade. So far it hasn't ever found anything. Seems like a good product, but I don't really know.

Not a technology problem (1)

SCHecklerX (229973) | more than 5 years ago | (#25959561)

Viruses and trojans (as opposed to worms) are a user stupidity issue. You can't fix that with technology. For a computer to be useful, it needs to run programs that the user launches. Trying to put something in the way to analyze whether what that user wanted to do is not what the user wanted to do is never going to be successful.

of course, things like MSIE make things bad, as the user has no control over what is going on with the software they run. But that is a problem with a single piece of software that is used as a propagation tool. Surely, the problem should be solved THERE. Same goes for office software with built in interpreters.

Even a not-so-savvy user can avoid infections without running AV (which, IMHO is an infection of its own), simply by using software that does not have the vectors in the first place.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?