×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Game Theory, Antivirus Improvements Explain Rise In Mac Malware

Soulskill posted about 2 years ago | from the apple-blames-solar-flares dept.

Security 319

Sparrowvsrevolution writes "Four years ago, security researcher Adam J. O'Donnell used game theory to predict in a paper for IEEE Security and Privacy when malware authors would start targeting Macs. Based on some rough assumptions and a little algebra, he found that it would only become profitable to target Apple's population of users when they reached 16% market share. So why are we now seeing mass attacks on Macs like the Flashback trojan when Apple only has 11% market share? O'Donnell says it turns out he may have underestimated the effectiveness of the antivirus used by most Windows users, which now makes overconfident Mac users a relatively vulnerable and much more appealing target. Based on current antivirus detection rates, O'Donnell's equations now show that victimizing Macs becomes a profitable alternative to PCs at just 6.5% market share."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

319 comments

Hey Apple Users... (4, Funny)

pwnyxpress (2597273) | about 2 years ago | (#39746997)

How it security by obscurity treating you now?

Re:Hey Apple Users... (4, Insightful)

Samalie (1016193) | about 2 years ago | (#39747035)

Stupid people doing stupid shit with technology and getting viris outbreaks?

Yeah, that's confined to ANY particular OS.

Sorry, but if Linux had enough market share, they'd be targeted too. Computing is by definition insecure, because you'll always have stupid people doing stupid shit.

Re:Hey Apple Users... (4, Interesting)

Luckyo (1726890) | about 2 years ago | (#39747121)

Pretty much this. In most cases the weakest link is between keyboard and chair and chain is as strong as its weakest link.

Re:Hey Apple Users... (2, Funny)

Anonymous Coward | about 2 years ago | (#39747187)

Thank you, Captain Cliché, for pointing out the obvious and already stated!

Re:Hey Apple Users... (5, Insightful)

davester666 (731373) | about 2 years ago | (#39747447)

What's funny is that NONE of the anti-virus products blocked it, indicating just how useless their products are.

Re:Hey Apple Users... (4, Funny)

cpu6502 (1960974) | about 2 years ago | (#39747161)

So does Ubuntu Linux have 6.5% share yet?

Re:Hey Apple Users... (1)

jedidiah (1196) | about 2 years ago | (#39747297)

I wonder if the Atari ST or Amiga had 17% market share when either of them were fertile ground for malware infections.

Re:Hey Apple Users... (0)

Anonymous Coward | about 2 years ago | (#39747405)

I wonder if the Atari ST or Amiga had 17% market share when either of them were fertile ground for malware infections.

It was a complete different story back then. For one there was no need to target the user. Most malware was out to destroy your data and not stealing anything or simply to annoy you. Also the malware spread by itself and not with PEBKAC help.

Re:Hey Apple Users... (1)

ArhcAngel (247594) | about 2 years ago | (#39747533)

Depends on what you define as market share and what market you are referring to. Back then even though the PC was clearly pulling ahead the race wasn't entirely over. The Atari ST while never getting a foothold in the US was very popular in the UK.

Re:Hey Apple Users... (1)

cpu6502 (1960974) | about 2 years ago | (#39747757)

The Amiga did, at least during the 80s. Commodore 64 had greater than 50% market share and Amiga had half that. (After 1988 the IBM PCs became dominant.)

Re:Hey Apple Users... (4, Informative)

SJHillman (1966756) | about 2 years ago | (#39747205)

Linux does have significant marketshare in the server and smartphone arenas. Servers are generally more secure than desktop machines (not to mention better maintained), so there's naturally fewer points of vulnerability - this holds true for Windows servers as well. As for smartphones, I've seen a lot of articles about Android malware recently although I haven't personally encountered any.

Re:Hey Apple Users... (4, Informative)

Drinking Bleach (975757) | about 2 years ago | (#39747313)

Generally more secure, but Linux servers are still vulnerable, especially when they are neglected from being looked after. I have signed onto a company that kept a mail server running for years with no updates -- turns out that exim had a security vulnerability and there was a rootkit living on the system for at least a couple years. If the machine was being properly monitored, the chances of infection would be very low (keep on top of updates!), and it would have been detected rather quickly even if it did happen despite that first point.

I still don't know what the attacker gained but apparently it pays off enough to pry on mismanaged Linux servers.

Re:Hey Apple Users... (4, Insightful)

msobkow (48369) | about 2 years ago | (#39747461)

Servers are more secure than desktops in the Linux arena primarily because there is no idiot user sitting in front of the keyboard to click "Ok" when malware tries to install itself. Also, servers aren't typically used for surfing and downloading, so the malware doesn't get a chance to try to install itself.

Only once since I started programming in the late '70s have I seen a machine that was infected without the intervention of a user disabling the anti-virus or installing pirated/downloaded software. Once.

Re:Hey Apple Users... (3, Interesting)

ByOhTek (1181381) | about 2 years ago | (#39747273)

Yes, however, I think the GP just venting due to all of the "I have a Mac, so I'm immune to malware" and "Oh, they had problems because they used a PC, they should have gotten a Mac!" that has being going on for so long, even by some here on slashdot.

But, of course, you are correct, it is the user that is the biggest security vulnerability of a computer, in most cases.

Re:Hey Apple Users... (-1, Troll)

beelsebob (529313) | about 2 years ago | (#39747305)

The odd thing is, I've never actually heard anyone ever say "I have a Mac, so I'm immune"

Re:Hey Apple Users... (2, Insightful)

Anonymous Coward | about 2 years ago | (#39747339)

You should get out more.

Correct (-1, Troll)

SuperKendall (25149) | about 2 years ago | (#39747417)

What Apple Users say is:

1) There have been no viruses yet.
2) There are no (or now almost no) trojans in the wild that attack macs.

What Apple Haters say, is that all Apple Users claim they are "immune" from attacks, twisting the meaning of the above.

Even now, few Mac users would really be vulnerable to the Java based trojan that exists because it involves installing Java after navigating to a site that houses the trojan... it's not the same as being immune, but it does mean the risk of catching the trojan is low.

Re:Correct (5, Informative)

Anonymous Coward | about 2 years ago | (#39747553)

Actually, here is what Apple says:

http://www.apple.com/why-mac/better-os/#viruses [apple.com]

A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part.

Is this true? Yes, but only because the malware they are talking about was written specifically for Windows. It has nothing to do with the "built-in defenses in Mac OS X that keep you safe". It is at best disingenuous because the average user reads that to mean "Macs can't get malware".

Re:Correct (-1, Troll)

beelsebob (529313) | about 2 years ago | (#39747609)

No, the average user is perfectly capable of reading. They may not be computer literate, but they are literate. Apple makes a true, factual statement, somehow idiots like the root of this discussion twist that to a completely factually incorrect, stupid statement that no one has made.

Re:Correct (3, Insightful)

ByOhTek (1181381) | about 2 years ago | (#39747959)

Two examples I've ran into:

Limiting it to just people who have IT experience that I know:
(1) One person literally told me that it is impossible for a mac to get a virus.
(2) One has said that, since he uses Chrome and MacOS, he can't get malware, period.

That's maybe 10% of the MacIT people I've dealt with, the rest have been in the 'it is less likely' camp.
From the non-IT Mac users, it's closer to closer to half, that fall into one of those (or similar, change the web browser), categories.

Re:Hey Apple Users... (2)

N0Man74 (1620447) | about 2 years ago | (#39747567)

The odd thing is, I've never actually heard anyone ever say "I have a Mac, so I'm immune"

Perhaps not, but I can honestly say that I have heard, "But Macs don't get viruses, right?"

Re:Hey Apple Users... (1)

Higgins_Boson (2569429) | about 2 years ago | (#39747581)

The odd thing is, I've never actually heard anyone ever say "I have a Mac, so I'm immune"

I've heard that plenty of times from friends and family. But you are correct, it's not something ALWAYS stated.

Re:Hey Apple Users... (4, Interesting)

betterunixthanunix (980855) | about 2 years ago | (#39747347)

Sorry, but if Linux had enough market share, they'd be targeted too.

"Linux" is not one operating system. There are very secure distributions, and then there are distributions that are not so secure, and then there are distributions that can be secure if you stick to best practices.

Re:Hey Apple Users... (5, Funny)

Charliemopps (1157495) | about 2 years ago | (#39747509)

as stupid as windows user are... and I'll grant you they ARE stupid... Absolutely nothing compares to the apple market. There's a price to be paid for making your OS so easy to use that you don't even need to be smart enough to tie your own shoes to use it... namely, that your OS will attract all of the people not smart enough to tie their own shoes.

Now, I know all you apple "power users" are going to get all mad and scream "You're calling me dumb! I'm not dumb!" I'm not saying you're dumb... I'm saying all your friends are dumb... and you make bad technology choices... I'm sure you made a very smart, well informed decision when you chose the wrong operating system.

Re:Hey Apple Users... (1)

Lumpy (12016) | about 2 years ago | (#39747665)

Linux IS a Target, MOST internet servers are Linux, and Linux servers hold a lot of money in information.

But you see, they are such high value targets they do hacking to get into them and not a spray and pray virus.

Re:Hey Apple Users... (1)

Anonymous Coward | about 2 years ago | (#39747917)

Eh, my server logs are full of "spray and pray" stuff -- SSH dictionary login attempts, WordPress (etc) web worms, automated SQL injection scanning, and so on. I have no doubt this stuff is coming from various automated botnets and not dedicated hackers.

Re:Hey Apple Users... (5, Insightful)

WrongSizeGlass (838941) | about 2 years ago | (#39747137)

How it security by obscurity treating you now?

Security by obscurity was not the problem. Complacency was the problem.

Re:Hey Apple Users... (0)

Anonymous Coward | about 2 years ago | (#39747155)

This guy sounds like the UN Climate people, "hey we were wrong, but if we just keep tweaking the model well get it right, or at least make the data fit our model!"

Re:Hey Apple Users... (0)

Anonymous Coward | about 2 years ago | (#39747225)

He wasn't wrong, and he didn't teak the model or the data, the data changed over time. Specifically, the detection rate of AV software has increased significantly in the last 4 years. He used 80% then, which was the best estimate available at the time. The author of TFA found a recent study that showed a >93% detection rate and ran the same formula with the updated numbers. Also, the author of the original paper 4 years ago and the author of TFA acknowledge that the formula is oversimplified and only intended to give a rough estimate.

I don't understand. (0)

khasim (1285) | about 2 years ago | (#39747373)

How it security by obscurity treating you now?

Are you saying that Macs are not obscure now? Because, according to TFA, they only have 6.5% market share.

Or are you saying that they were never "obscure" but no one else had been able to compromise them on a mass scale because most Mac users did NOT run anti-virus software?

Or are you attempting to mock the person who's prediction failed and so he changed the numbers and assumptions until his prediction reflected the current situation?

Re:I don't understand. (1)

TheLink (130905) | about 2 years ago | (#39747587)

Read more carefully then you may understand more. The article AND summary say that Macs have 11% marketshare.

Re:Hey Apple Users... (0)

Anonymous Coward | about 2 years ago | (#39747805)

Things are just fine, but I never relied on obscurity. On my home Windows XP machine I don't run a virus checker either. I've only ever encountered a worm once on that machine -- and it was brought in from the machines at work which are supposed to have thoroughly-updated anti-virus software. I knew the worm had got in the moment I plugged in the USB drive (I was alerted because it tried to modify the registry startup locations so it would auto-start the next time, and I use StartupMonitor to watch for that sort of thing). I found out what worm it was, downloaded a removal tool specific to that worm, and it was gone. It didn't even survive for a reboot. Poor thing. After that I disabled autorun more thoroughly (oh, great, disabling autorun the Microsoft way doesn't *really* disable autorun unless you follow the CERT instructions) and updated all my flash drives to be resistant (fake autorun.inf directory). It's been years since.

I don't quite get the humor. I've still yet to encounter any OS X viruses at all. After some of the nightmare, multiple virus/worm infestations I've cleaned off friend's machines, invariably Windows boxes, the mere *existence* of a half-decent OS X virus somewhere after all these years makes me think "finally", but there's hardly a comparison in terms of the numbers of threats out there, and that's going to remain the case for a long time. Even so, now I can remind people that it doesn't really matter what virus checker you run, or what computer you are running, there's no substitute for basic security practices like running at reduced privileges, disabling autorun, monitoring some common worm hook-in points, and not automatically and stupidly running every e-mail attachment or downloaded file from warez or other questionable sites.

I expect plenty more OS X worms/viruses in the future, but I don't expect to need to do anything different from what I'm already doing. I certainly wasn't relying on obscurity as the solution before.

Re:Hey Apple Users... (1)

MightyYar (622222) | about 2 years ago | (#39747819)

How it security by obscurity treating you now?

It's actually been a pretty good strategy thus far. Even if I'd gotten this particular Trojan, my score would still be much lower in the Mac column than in the Windows column. I'll take the 20 years of virus-light computer use, thank you :)

The real question is, now that we have "caught up", are there any decent anti-virus packages for the Mac?

Still wrong (1)

Anonymous Coward | about 2 years ago | (#39747009)

So his equations show that he's still wrong, but differently. Good job!

Hogwash (2, Informative)

getto man d (619850) | about 2 years ago | (#39747011)

We all know it's due to momentary lapse in prayers to the Almighty Jobs.

Nay! (5, Funny)

Anonymous Coward | about 2 years ago | (#39747119)

Tis a feature, allowed by the Almighty Jobs as a test thy faith in Apple .. so only mayest the True Believers be granted the next iDevice.

Get a real computer (-1)

Anonymous Coward | about 2 years ago | (#39747015)

PC FTW.. Apple fanboys are eccentric, hybrid-driving limp wrists.

From The Top of my Head ... (1)

foobsr (693224) | about 2 years ago | (#39747029)

I would have guessed 5-15%. Well.

CC.

Re:From The Top of my Head ... (1)

ottothecow (600101) | about 2 years ago | (#39747279)

And honestly that's about as good of an estimate as you can make.

Maybe it makes sense that they wouldn't start actively targeting Apple until 11.6% market share, but somebody's got to be first and if you are a virus-guy and come across some big vulnerability that will allow you to rapidly infect a ton of machines...you go for it. Maybe he wasn't even targeting apple but stumbled across a vulnerability that would work and jumped on it.

Also, how much does one account for the purpose of the attack? If you are just trying to make more botnet drones it doesn't really matter if you target apple, but if you are trying to steal personal info, maybe there is some advantage to knowing that Apple users tend to be wealthier and may also be more likely to be trusting in their computer's security and leave things like account information in the clear (or if you broke into apple's keychain, you would have a goldmine since every computer uses it).

It Doesn't Matter (-1)

Anonymous Coward | about 2 years ago | (#39747031)

It doesn't matter what percentage malware authors start targeting Macs, they are immune to such things. Malware is a Windows only problem. Sheesh...

Re:It Doesn't Matter (2)

SJHillman (1966756) | about 2 years ago | (#39747099)

Which is why one of the selling points for Macs on Apple's website is that they're immune to "Windows viruses"

Re:It Doesn't Matter (1)

Haedrian (1676506) | about 2 years ago | (#39747223)

"PC Viruses" actually.

Which makes little sense, since Macs used to run on PowerPC machines.

Re:It Doesn't Matter (1)

SJHillman (1966756) | about 2 years ago | (#39747235)

As evidenced by their "I'm a Mac" commercials, Apple used the formula "PC = Windows based personal computer" even though Macs are /technically/ PCs as well.

Re:It Doesn't Matter (0)

Anonymous Coward | about 2 years ago | (#39747779)

As evidenced by their "I'm a Mac" commercials, Apple used the formula "PC = Windows based personal computer" even though Macs are /technically/ PCs as well.

Yeah, but pretty much everyone else does too. Heck, the original article does it! I see 5 posts on this page that are also referring to windows machines as PCs and Macs as Macs.

Re:It Doesn't Matter (0)

Anonymous Coward | about 2 years ago | (#39747749)

I'm a Mac user, but I have to call this one the way I see it. You, my friend, are an idiot. Malware is a computer problem, not a Windows problem.

EVERY MAC USER LISTEN UP....

MACS ARE NOT IMMUNE TO MALWARE.

I can't stand when mis-informed Mac users stand up here and say we are immune. You make the rest of us who have a clue, look like idiots. If you don't know what your talking about, don't add anything to the discussion. Just read and learn til you have a clue.

One factor frequently left out (5, Insightful)

MikeRT (947531) | about 2 years ago | (#39747049)

In all of the fights between Windows and Mac users over the disparity in viruses for both platforms, I've never seen a Windows user point out the fact that Windows is often used on infrastructure that is valuable to compromise. No major business runs their corporate infrastructure on Macs. No major sites with valuable data I know of are hosted on Apple hardware. What has changed with the marketshare is that now Macs are used by the upper-middle and upper classes extensively at work and at home. So even at 6.5% of the market, you're far more likely now to compromise a Mac with valuable data or access to it now.

Compromise a Mac today and you might get access to a corporate network, a richer man/woman's bank information, etc. That wasn't true 10 years ago.

Re:One factor frequently left out (4, Insightful)

SJHillman (1966756) | about 2 years ago | (#39747127)

So what you're saying is the fact that Apple overcharges for Macs is actually a factor in the increase in Mac malware? Oddly enough, makes sense.

Re:One factor frequently left out (0)

Gr8Apes (679165) | about 2 years ago | (#39747289)

In all of the fights between Windows and Mac users over the disparity in viruses for both platforms, I've never seen a Windows user point out the fact that Windows is often used on infrastructure that is valuable to compromise. No major business runs their corporate infrastructure on Macs. No major sites with valuable data I know of are hosted on Apple hardware.

Really? You must not read a lot of those types of articles, or at least not the same ones I've read. And, while there may be more windows systems in infrastructure than macs, in my experience that windows number is dwarfed by *nix systems.

Secondary note: there still aren't any "viruses" out there. It's pretty much trojans, although the FLASHBACK trojan could almost be called a virus in the way it operated.

What has changed with the marketshare is that now Macs are used by the upper-middle and upper classes extensively at work and at home. So even at 6.5% of the market, you're far more likely now to compromise a Mac with valuable data or access to it now.

Actually, I've been noticing in my particular area that the people with macs tend to be the higher ups in the corporate world, people like project leads and architects, CTOs, CIOs, you know, people with no access whatsoever to any valuable company assets. I started noticing this trend about 5 years ago, and the proliferation has been noticeably accelerating over the past 3 years. I suppose that increases the desirability of compromising macs even more, essentially proving the conclusion if not the methodology.

Re:One factor frequently left out (1)

Hatta (162192) | about 2 years ago | (#39747361)

What has changed with the marketshare is that now Macs are used by the upper-middle and upper classes extensively at work and at home

Apple computers have always been expensive. Even as far back as the Apple II, it was the high end 8-bit computer. Later, the Atari ST was based on very similar hardware to the Macintosh, but it did color, and cost half as much.

Re:One factor frequently left out (3, Interesting)

Tyr07 (2300912) | about 2 years ago | (#39747399)

I've frequently pointed it out to people.

I've told many 'smug' mac users that the only reason they're not getting viruses like PC's are is because it's not worth it. No one cares about your myspace profile or your doodle you did this morning.

Major businesses handling credit card information or valuable corporate information is ran on PCs, it has all the financial data and so on, hence the target.
As soon as macs become popular and worth while, they'll get viruses too.

And here we are.

Re:One factor frequently left out (2)

nine-times (778537) | about 2 years ago | (#39747799)

I've pointed that out before, here on Slashdot. You have a lot of businesses using Windows, not only for their infrastructure, but for the majority of their desktop/laptop computers. A lot of companies only do perimeter security, so once you get inside the firewall, you have a nice, ubiquitous, unprotected network to target, perhaps with hundreds of computers, and profitable data to steal.

If you target Macs only, you get what? Home users? The design department of a company? A lone executive, maybe? It's not merely whether there are more Macs or PCs, it's about where those Macs and PCs are.

Of course, I don't think it's just an issue of that, either. These things are more complicated than people like to believe.

Reversal from the 1980s (3, Informative)

concealment (2447304) | about 2 years ago | (#39747051)

Back in the 1980s, Macs were very tempting virus targets. They had multitasking operating systems at a time when the rest of us were running DOS or CP/M (although Amiga users and users of DOS multitaskers like DESQview had a small market share). Luckily this was before the internet, so the only real risk was downloaded software.

Re:Reversal from the 1980s (2)

Luckyo (1726890) | about 2 years ago | (#39747165)

You rarely if ever downloaded software in 1980s. Stuff was moved around on floppies and other magnetic media such as audio tapes for example. There was some stuff done over BBS but downloading stuff over slow analogue modems was a pain in the ass (I'm thinking 9600 baud and lower that was common in late 1980s).

Re:Reversal from the 1980s (1)

wmbetts (1306001) | about 2 years ago | (#39747241)

You aren't kidding. I'd download some stuff from bbses to use personal or to just put on my bbs, but the majority of the stuff I had for download was obtained from friends in person. My favorite part of the day in was recess / lunch where I'd get to swap disks.

Re:Reversal from the 1980s (1)

w_dragon (1802458) | about 2 years ago | (#39747311)

More like 2400 baud for the late 1980s. About an hour per megabyte. And yet there was a lot of downloading from BBSes. Things were a lot smaller then, and at least when you pirated some 10MB game you knew it had a fair chance of it running versus finding out that disk 7 of the split archive from the sneakernet was corrupted.

They were tempting because they were easy (1)

SuperKendall (25149) | about 2 years ago | (#39747449)

Back in the 1980s, Macs were very tempting virus targets. They had multitasking operating systems at a time....

But that was not why they were tempting. They were tempting targets because it was REALLY easy to spread a boot-sector virus on floppy discs, even when you didn't hand out the discs yourself you'd just include it on a floppy disc image of some game or utility that was being pirated and it would spread like wildfire from that person to all friends...

Re:Reversal from the 1980s (1)

Hatta (162192) | about 2 years ago | (#39747483)

Mac OS wasn't any more multitasking than DOS was. Programs like DESQview allowed you to switch tasks in DOS, which is done pretty much the same way as "multitasking" in Mac OS. Macs didn't support preemptive multitasking until OS X. The Amiga had it in 1985.

Re:Reversal from the 1980s (0)

Anonymous Coward | about 2 years ago | (#39747683)

You sound like a complete noob when you say "download software" and "1980" in the same sentence. 99% of viruses (not worms) in 1980 were created with the intention of floppy disks being the primary method of propagation.

Re:Reversal from the 1980s (0)

Anonymous Coward | about 2 years ago | (#39747835)

Back in the 1980s, Macs were very tempting virus targets. They had multitasking operating systems at a time when the rest of us were running DOS or CP/M (although Amiga users and users of DOS multitaskers like DESQview had a small market share). Luckily this was before the internet, so the only real risk was downloaded software.

False. Macs were more vulnerable to viruses back then, because mac floppy drives did not have eject buttons (like the pc and every other computer) - the floppy eject was under software control.

The mac would give you back your floppy disk when it was good & ready, not when you wanted it. As a result, it was much easier for viruses to find & infect files on floppy disks.

sigh (-1)

geekoid (135745) | about 2 years ago | (#39747071)

Different architectures, different engineering, different QA, control of the hardware.

Macs are more secure. That doesn't make the impenetrable. What it does do is give experts in the fields and excuse to hit it hard. It took a long time to get something.

No I don't own a Mac, but you can't just compare them as the same based on simply market share.

Re:sigh (3, Interesting)

SJHillman (1966756) | about 2 years ago | (#39747171)

How exactly is OSX more secure than Windows 7, assuming both are patched and not used by total morons that click Yes to everything?

Re:sigh (1, Troll)

Haedrian (1676506) | about 2 years ago | (#39747243)

I don't know about your definition of secure...

They have less DISCOVERED flaws that's true. But it doesn't mean there aren't many which can be discovered and exploited.

And quite frankly their virus-response is crappy. It took ages for them to patch something that Oracle had patched a while ago. I think that's the main issue here - they needed a fire lit underneath them, and even then they worked sluggishly.

only 11% now, but for how long (1)

Paul Pierce (739303) | about 2 years ago | (#39747085)

Perhaps the model wasn't off by much, rather the rate of mac growth being so high that 16% is already a guarantee with the current adoption/switch-over rate.

Re:only 11% now, but for how long (0)

Anonymous Coward | about 2 years ago | (#39747169)

The adoption rate really isn't all that high for Macs. They've been languishing between 6 and around 10% for a decade now. What they do have is a lot more attention because of Apple's success with the iOS devices.

Re:only 11% now, but for how long (0)

Anonymous Coward | about 2 years ago | (#39747321)

Unfortunately, most "Mac" sales are comprised of owners of older machines simply buying newer models. So it's not as rapid as you may like to think, and the switch rate isn't that high either.

The only people who switch are idiots anyway who got infected and believe Apple's lies about their machines being virus-proof after they've had a run-in with a Windows virus... which was likely caused by their own stupidity. The very same things will happen to those small numbers of people who switch for that reason.

Remember: You may be able to stop viruses, but you CAN'T stop stupid.

"Vastly oversimplified" (5, Insightful)

ledow (319597) | about 2 years ago | (#39747097)

He says himself that the equation is vastly oversimplified, and a small change in antivirus detection range changes the answer from 16 to 6%. That means the equation is all-but useless and pointless to try to "predict" anything except, apparently, in hindsight.

I could have plucked any number I liked out of the air and wrote a (reasonable) equation to make it come out with whatever answer I wanted, even basing it on "game theory" (which has very, very, very little relevance here, actually) - I could have done that even before I graduated in mathematics (including Game Theory) over a decade ago.

When enough Mac's exist to make it viable (and market share has little to do with it compared to "number of computers active on the Internet" of that particular model), viruses will target them. Guess what, same for every other platform on the planet. If someone miraculously sells a popular device based on MINIX that millions start buying, eventually someone will write a virus for that platform.

Seriously - don't give it the press.

Re:"Vastly oversimplified" (2)

Nidi62 (1525137) | about 2 years ago | (#39747261)

I could have plucked any number I liked out of the air and wrote a (reasonable) equation to make it come out with whatever answer I wanted, even basing it on "game theory" (which has very, very, very little relevance here, actually) - I could have done that even before I graduated in mathematics (including Game Theory) over a decade ago.

I'm curious to know what model in game theory he used. My experience with game theory from my Master's degree is political in nature, so the ones I'm most familiar with are the Prisoner's Dilemma and the Stag Hunt. Neither of these really apply in this situation. I can see what he's trying to say, that the combination of Apple's marketshare growing large enough while Microsoft's users average growing more security-conscious makes Apple that much more attractive of a target, I just don't know what game that would fall under.

Re:"Vastly oversimplified" (1)

Guru80 (1579277) | about 2 years ago | (#39747371)

Seriously - don't give it the press.

Ah I see...a card carrying member of the the "Macs are virus free" club. I somewhat agree with you until that line I quoted. Pluck a number out of the air and write an equation that predicts the number of Mac users that still adhere to the idea that Macs can't/won't get attacked by viruses...it's still absurdly high. As an example I asked 4 people I know who have Macs about their virus protection and 3 of them insist there is no need. Not that 3/4's of Mac users still believe that but way too many still do. As mentioned above, complacency is the problem.

Re:"Vastly oversimplified" (0)

Anonymous Coward | about 2 years ago | (#39747649)

When enough Mac's exist to make it viable...

You know that putting apostrophe and 'S' on the end of a word doesn't make it plural, right? It makes it possessive.

Just thought I'd toss that out there. It's almost like saying; "I have 10 apple's and you can't have any."

Re:"Vastly oversimplified" (2)

nine-times (778537) | about 2 years ago | (#39747837)

That means the equation is all-but useless and pointless to try to "predict" anything except, apparently, in hindsight.

Welcome to the world of soft science, where everything causes cancer and housing prices continue to rise without limit.

Winning formula (4, Insightful)

chepati (220147) | about 2 years ago | (#39747103)

Let's see what our wise men can come up with:

1) Write a "scientific" paper, make assumptions, use some "algorithm", predict event A
2) Wait
3) Observe empirical evidence
4) Revise initial paper
5) Bask in peer admiration

Did I miss anything?

Re:Winning formula (3, Insightful)

Haedrian (1676506) | about 2 years ago | (#39747269)

That's how Science works.

You build a model, you predict things, you test it. If it fails, you fix your model, you test it again.

Now we'll see how his next prediction holds and we can then judge his model

Re:Winning formula (0)

Anonymous Coward | about 2 years ago | (#39747687)

Exactly. Things said in the name of Science can later be declared wrong. Such things can't happen in knowledge systems such as Religion or Stubbornness. Thus, Science is flawed and weak. Case proven!

Re:Winning formula (0)

Anonymous Coward | about 2 years ago | (#39747823)

You missed a few parts:

6) Observe empirical evidence to evaluate accuracy of new model
7) Revise again
8) repeat process until predictions are accurate enough to model system with a high level of accuracy.

This is like grade school stuff. Please tell me that you really do understand how basic science works and are just trolling.

Re:Winning formula (1)

koreys (2047558) | about 2 years ago | (#39747915)

Let's see what our wise men can come up with:

1) Write a "scientific" paper, make assumptions, use some "algorithm", predict event A 2) Wait 3) Observe empirical evidence 4) Revise initial paper 5) Bask in peer admiration

Did I miss anything?

6) Profit!

Re:Winning formula (2)

belthize (990217) | about 2 years ago | (#39747951)

Wrong. In your example that's the equivalent of saying the Ideal gas law is:
PV = nRT + C where C is some constant and r is 8.3144621 J/mol K so the pressure
is (nRT + C)/V

A better example is claiming that the pressure P is (nRT)/V with a given value of nRT and V.

In the former case the model is simply wrong, in the latter case the model is right and has a given starting condition.

All they've said is now that the temperature has changed the pressure is P'. You could easily plot the necessary market share vs time as a function of typical AV accuracy and see more or less when there'd be a rise in OSX attacks.

Granted his model is overly simplified and has questionable powers of prediction but your analogy is frankly wrong.

That's nothing (1)

Anonymous Coward | about 2 years ago | (#39747117)

After the 2013 NCAA tournament is over, I will show you a formula I have that would have predicted ALL of the winners of each game! (Pardon the wait, but I may have to recalibrate my formula in light of whatever evidence shows itself in 2013.)

Anti-virus must be very effective then (1)

marcosdumay (620877) | about 2 years ago | (#39747129)

Since the number of hosts a virus will likely infest grows exponentialy with the share of the population not imune to it (until that share reaches somewhere near 25% of the hosts), those anti-virus should make infecting a Windows machine orders of magnitude harder.

As usual, the press article doesn't include the actual equations. So, it is impossible to know if the study took actual infection spread equations into account.

3 steps (1)

Zico (14255) | about 2 years ago | (#39747151)

Step 1: Get infected
Step 2: Get your shit jacked
Step 3: There is no step 3

Re:3 steps (0)

Anonymous Coward | about 2 years ago | (#39747287)

Step 1: Get infected
Step 2: Get your shit jacked
Step 3: Join the Bot-net de jour
Step 4: ...
Step 5: Profit!

There. FTFY. This is /. so you have to have a Step 5. :)

Urge to deny "overconfident" (5, Insightful)

Loopy (41728) | about 2 years ago | (#39747167)

While I realize there may be some outrage over the "overconfident" label, it does make sense in terms of learned behavior. More specifically, Windows users have known malware has been rampant for so long that:

A) they're used to having to use antivirus, firewalls and other "security" type apps

B) Windows has steadily improved its built-in firewall and anti-trojan features to combat real and perceived vulnerability

C) Windows-based PC OEMs and system builders install anti-virus by default and have for quite some time now.

I can't say whether Macs get a/v software by default but despite our joking about macs not being susceptible to malware, that view is held by far too many mac users. While it might be true statistically speaking relative to Windows, it is unhelpful in being a rightfully vigilant denizen of this wretched hive of scum and villainy we call the Internet.

Another explanation and a question (1)

david.emery (127135) | about 2 years ago | (#39747219)

Apple has dominated the high end of the -personal- computer market at least in the US, making it a more lucrative target for attempts to steal personal information.

On the other side, is there any way to measure how easy/difficult it's been to develop successful viruses on platforms, MacOS, Windows (XP, Vista, 7, 8), various Linux distributions, etc?

Failed to take into account value of targets (2)

LetterRip (30937) | about 2 years ago | (#39747233)

Probably failing to take into account the value of the targets compromised was the biggest flaw.

Since the average apple user will be far more profitable (apples are a luxury good and thus will have a higher percentage of wealthy users) to compromise than the average pc user, he needed to adjust the numbers downward to take that into account.

Bullshit aside.... (1)

Anonymous Coward | about 2 years ago | (#39747257)

I'm not a fan of ether company, but one partially successful trojan later... and now OS X is deemed the number one target? i'd still trust OS X more than Windows. The perceived statistics here seem overwhelmingly skewed on this topic recently.

Re:Bullshit aside.... (0)

Anonymous Coward | about 2 years ago | (#39747333)

Pride goeth before destruction, and an haughty spirit before a fall.

Re:Bullshit aside.... (0)

Anonymous Coward | about 2 years ago | (#39747561)

I'm not a fan of ether company, but one partially successful trojan later... and now OS X is deemed the number one target?

I don't see anyone claiming OS X as the "number one target". I simply see alot of "I told you so" because, many on Slashdot literally did predict that the Mac flying under the radar of virus authors would only last so long with them gaining market share.

In addition, your use of the term "partially successful" shows that you're a fan of one company over another as you're quite eager to diminish the fact that Apple's OS was broken into without permission of the end user. You may choose to try to divert the attention to Java or Oracle, but Apple maintained a leash over which versions were released through the Mac's system update, and were quite behind on security patches.

i'd still trust OS X more than Windows. The perceived statistics here seem overwhelmingly skewed on this topic recently.

The perceived statistics aren't being hampered by the Jobsian reality distortion field anymore. That is why they seem skewed. On /. it would be tagged "suddenOutbreakOfCommonSense". =D

frist 57op!! (-1)

Anonymous Coward | about 2 years ago | (#39747463)

fastes7-Growing GAY OpenBSD. How many

Informative Comments (0)

Anonymous Coward | about 2 years ago | (#39747619)

Thank you SlashDot for attracting intelligent commenters/users. After reading the blogs and comments on other sites, I had lost faith that there were any intelligent people left. Apologies for not discussing the subject in particular... just needed to say it.

Re:Informative Comments (0)

Anonymous Coward | about 2 years ago | (#39747783)

I'm with you, I used to think the Slashdot community had a clue, I'm starting to think otherwise.

Obscurity is over (1)

Anonymous Coward | about 2 years ago | (#39747659)

This is one of those things that drives me nuts. Everyone, learn your definitions.

From Wikipedia...

"A computer virus is a computer program that can replicate itself[1] and spread from one computer to another. The term "virus" is also commonly, but erroneously used, to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability."

Note the words REPLICATE ITSELF. To date, not Mac malware has done this. Drive by installs and trojans are out there, but it drives me nuts when people don't classify these things correctly. The generic term is Malware.

I am an Mac user (Mac Administrator to be exact), but I squarely put the blame on Apple for this latest trojan. Java was patched a month before the latest Flashback variant came out. If I was a malware developer, I too would go after Java on the Mac. Apple has always been lazy about issuing these patches after the Windows versions. Hackers then just reverse engineer the latest Windows Java patch and boom, you know how to exploit it on the Mac. Apple's fix, disable Java. Lazy.

Mac users, stop being smug about security. The point of this article is dead on. The only reason we we're not attacked before is because of Market share. It had nothing to do with the Mac being superior to Windows (although it is in other regards, had to throw the fanboy line in). Any OS is vulnerable to malware. More often these attacks are becoming targeted at stupid people. I personally have been concerned about the growth in the Mac market share because it was obvious these attacks would become more frequent.

Anti-virus would not have helped with Flashback, as it spread before any AV client would have picked it up. The best things you can do as a Mac user is:
1. Patch your machine regularily
2. Demand Apple get more serious about these kind of things. They are slowly moving there, but it is always better to be proactive. Mountain Lion with code signing will go a long way to protecting the lay user.
3. Think before you put your password in. If something doesn't look right, don't ok it.
4. Avoid sites that you don't know or trust.
5. Turn off Java except when you need it. This is the number one problem on the Mac as to my point above.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...