Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

One In Five Macs Holds Malware — For Windows

timothy posted more than 2 years ago | from the time-to-update-parental-advice dept.

Security 285

judgecorp writes "One in five Apple Macs is infected with malware, according to Sophos. But most of that is harmless to the Mac... it is Windows malware ready to be transmitted to the Windows population. Only one in 36 Macs has OS X specific infections."

Sorry! There are no comments related to the filter you selected.

Infected? (4, Insightful)

Rosyna (80334) | more than 2 years ago | (#39783167)

If the code never can run on Mac OS X, how can Mac OS X be infected? To Mac OS X, it'd just be a useless file full of some kind of data.

Re:Infected? (5, Insightful)

StoneyMahoney (1488261) | more than 2 years ago | (#39783201)

They may only be able to carry the germ without symptoms, but that still sounds like an infection to me.

Re:Infected? (3, Insightful)

Joce640k (829181) | more than 2 years ago | (#39783369)

...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

Re:Infected? (3, Interesting)

WrongSizeGlass (838941) | more than 2 years ago | (#39783749)

...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

I guess we'd have to attach it to an email and send it along to them. Since it's can't act on its own, and it isn't active on the system, it's just sitting there like any other file on my Mac.

Re:Infected? (0)

Anonymous Coward | more than 2 years ago | (#39783639)

If I'm carrying a vial of Ebola virus am infected with it? No. More to the point is the vial itself infected? No again.

Re:Infected? (5, Insightful)

ashpool7 (18172) | more than 2 years ago | (#39783699)

Contaminated would be a better word, since the viruses have no way to spread or affect the computer.

Re:Infected? (1)

dhaen (892570) | more than 2 years ago | (#39784081)

They may only be able to carry the germ without symptoms, but that still sounds like an infection to me.

You mean like all the Unix and MS mail and Ad servers out there? Where do you think those files came from? Are they "infected"? I've scanned scanned lots of Unix machines for Windows viruses. User folders always show something, though I wonder how many are false positives. It pays the Anti-virus vendors to show as many "other platform specific" positives as they can - it's a no-brainer.

Re:Infected? (4, Informative)

Anonymous Coward | more than 2 years ago | (#39783221)

In biological disease, there's a phenomenon called a carrier. For reasons unknown, the person is infected, but doesn't show any of the symptoms and never will. They are however able to infect others. As such, they are still considered infected. I think that's how the mac is considered infected.

Re:Infected? (4, Insightful)

ColdWetDog (752185) | more than 2 years ago | (#39783377)

In biological disease, there's a phenomenon called a carrier. For reasons unknown, the person is infected, but doesn't show any of the symptoms and never will. They are however able to infect others. As such, they are still considered infected. I think that's how the mac is considered infected.

Macs are the computer equivalent of Typhoid Mary [wikipedia.org] ?

This should go over well.

I'll just make some more popcorn.

Re:Infected? (-1)

Anonymous Coward | more than 2 years ago | (#39783905)

Did you think the computer illiterate would be anything else?

A network is only as secure as its weakest link. That's typically Apple users.

Re:Infected? (1)

Anonymous Coward | more than 2 years ago | (#39784159)

Did you think the computer illiterate would be anything else?

A network is only as secure as its weakest link. That's typically Apple users.

Microsoft made this mess, why are Apple users under some sort of an obligation to clean it up? Windows malware will not harm my Mac, if I hand some infected file over to a Windows user and his computer gets infected it's his own fault for not installing anti Malware software. FWIIW I installed an anti malware scanner on my Mac, dunno if it sweeps for Windows malware as well as the Mac malware, not that I care... much.

Re:Infected? (2)

gnasher719 (869701) | more than 2 years ago | (#39784153)

Macs are the computer equivalent of Typhoid Mary?

Totally invalid comparison. A Mac with say thousand potent windows viruses on its hard drive, connected to a network with Windows PCs, would not do any harm - because none of those Windows PCs would open any of those infected files.

Re:Infected? (3, Interesting)

masternerdguy (2468142) | more than 2 years ago | (#39783225)

Correct but it does indicate mac peeps aren't particularly careful about what they download or what sites they visit. This is going to cause them problems later when we see more mac malware.

Re:Infected? (4, Funny)

quasipunk guy (88280) | more than 2 years ago | (#39783415)

I'd wager the majority of the Windows malware "infections" are trojan exes from shitty porn sites.

Re:Infected? (1)

WrongSizeGlass (838941) | more than 2 years ago | (#39783773)

Correct but it does indicate mac peeps aren't particularly careful about what they download or what sites they visit. This is going to cause them problems later when we see more mac malware.

This is very true. Mac users generally surf the web with a complacent sense of impunity from malware.

Re:Infected? (4, Insightful)

jdgeorge (18767) | more than 2 years ago | (#39783233)

True - if it's inert, it's not really an infection. However, this is why you see Linux workstations running anti-virus software in an enterprise environment. It's not because your Linux system will get "infected"; it's so your Linux system won't inadvertently infect vulnerable systems.

Re:Infected? (0)

bemymonkey (1244086) | more than 2 years ago | (#39783237)

Who cares? The important part is: Let Macs onto your mostly Windows network and you might get a not so fun surprise...

Re:Infected? (2)

tripleevenfall (1990004) | more than 2 years ago | (#39783263)

If your Windows boxes are vulnerable to whatever the infection is, forcing these users to use PCs instead of Macs does not lessen your vulnerability, it increases it.

Re:Infected? (1)

bemymonkey (1244086) | more than 2 years ago | (#39783405)

Imagine that there are already tons of mostly-Windows networks out there ;)

Re:Infected? (1)

Anonymous Coward | more than 2 years ago | (#39783339)

That's a ridiculous misinterpretation. It makes sense only if the Windows machines are less likely to have an infection.

Re:Infected? (0)

cpu6502 (1960974) | more than 2 years ago | (#39783387)

Maybe we should force all Macs to be "vaccinated" so they can't share those viruses with other PCs.

Re:Infected? (1)

Daniel_Staal (609844) | more than 2 years ago | (#39784097)

This is probably what Sophos (an anti-virus provider) is hoping.

Re:Infected? (1)

Anonymous Coward | more than 2 years ago | (#39783533)

Who cares? The important part is: Let Macs onto your mostly Windows network and you might get a not so fun surprise...

No, the important part is Sophos is using this information to attempt to sell anti-virus products. But they can't be too direct about it because there's a clear contradiction here. If Sophos products could stop the malware, then the Windows PCs are already safe. The infected files stored in a Macs web cache aren't going to magically leap across the network, but even if they did, the anti virus software on the Windows machine should catch it first. If the AV can't stop the infection, then why buy any additional copies?

Re:Infected? (0)

LostCluster (625375) | more than 2 years ago | (#39783255)

There are two ways to put Windows on a Mac, Boot Camp and virtual machines which both put the full capabilities of Windows in front of the user and programs and therefore malware. Windows on a Mac requires antivirus and antispyware solutions just like any other PC.

Re:Infected? (1)

ewanm89 (1052822) | more than 2 years ago | (#39784043)

Wine attempting to be bug for bug compatible also has been known to run windows makes malware.

Re:Infected? (0)

Anonymous Coward | more than 2 years ago | (#39783267)

To quote " Macs will continue to serve as a transmission vector for viruses and Trojans so long as anti-malware software is not installed"
IE SOME code is being RUN on the machine they are themselves infected with a virus that is using the machine to transmit a virus into the windows network.

Re:Infected? (4, Insightful)

tlhIngan (30335) | more than 2 years ago | (#39783301)

If the code never can run on Mac OS X, how can Mac OS X be infected? To Mac OS X, it'd just be a useless file full of some kind of data.

The same way lots of people are infected with some very potent diseases. It's just they're immune to it, so they're really just carriers of the disease. Heck, isn't something like chickenpox able to hide for decades in people only to infect those who haven't had it yet?

Heck, I'd be the rates of Linux infection are the same - Linux is immune to practically all malware, but it certainly can be a carrier of them. Heck, if you think about it, Linux may cause the spread of it (via Linux-based email servers)

Re:Infected? (-1)

Anonymous Coward | more than 2 years ago | (#39783551)

You start sentences with "Heck" or "Hell" an awful lot.

Re:Infected? (3, Informative)

Daniel Dvorkin (106857) | more than 2 years ago | (#39783567)

The same way lots of people are infected with some very potent diseases. It's just they're immune to it, so they're really just carriers of the disease. Heck, isn't something like chickenpox able to hide for decades in people only to infect those who haven't had it yet?

Not really comparable. Carriers are still infected, in the sense that the pathogens can still reproduce inside their bodies; they just don't show any symptoms, presumably because their immune systems are capabable of keeping the infection at a subclinical level. Malware infections, OTOH, are, well, binary -- a system is either infected or it's not.

The "Macs" that are infected with Windows malware, it sounds like, are really Apple-branded machines running both OS X and Windows, through dual-booting or with something like Parallels. The only thing comparable in medicine would be if someone were a chimera of different species, vulnerable to two different sets of diseases and with two different immune systems to deal with them, and both the diseases and the immune systems switched places throughout the day. IOW, there's really no such thing.

Re:Infected? (1)

Anonymous Coward | more than 2 years ago | (#39783305)

Even if the code is windows only and not affecting the mac, the sheer force of numbers can bring the mac down. It's a bit like if you felt only papercut from an infection that killed someone else when it turned into necrotising fasciitis. It might not kill you, but thousands of papercuts will still take their toll. If the mac has been exposed and is carrying one infection lying in wait for a windows machine to appear on the network, then it's probably carrying dozens.

Re:Infected? (5, Informative)

phantomfive (622387) | more than 2 years ago | (#39783511)

After going through the links to find a better source [sophos.com] , I think I understand what happened.

The study comes from Sophos, with data collected from computers which downloaded their free anti-virus for Mac.

The most commonly found malware on the Macs was apparently fake antivirus scareware. My guess is that a lot of users saw the fake browser popup telling them a virus was found, and then clicked on it. This started a download which didn't run, but now they have a malware binary in their download directory that they can't use.

These are the people who downloaded free anti-virus from Sophos. No correlation.

Re:Infected? (1)

mallydobb (1785726) | more than 2 years ago | (#39783653)

semantics. I haven't read the article, but based on the summary they're talking about the Mac being a carrier, being able to pass along the "infection" but not adversely impacted by it itself.

Re:Infected? (1)

Anonymous Coward | more than 2 years ago | (#39783677)

I have a few dozen files containing PC boot-sector and MS-DOS executable viruses. Does that mean my Linux box is "infected"?

Re:Infected? No, contaminated. (1)

MROD (101561) | more than 2 years ago | (#39783783)

It's actually the wrong terminology.

The Mac system has been contaminated with the Windows virus, which, to use the "viral" analogue, doesn't have the correct DNA to infect the host.

In the same way that a farmer which has been handling sheep with Foot and Mouth disease can become contaminated and pass the infection onto another sheep the Macs which have been contaminated with the disease can potentially pass the infection on, especially if it's infected Microsoft Office documents.

Re:Infected? (1)

kurt555gs (309278) | more than 2 years ago | (#39783947)

Typhoid iMary.

Infected? (0)

Anonymous Coward | more than 2 years ago | (#39783173)

If it's Windows-only malware, what does "infected" mean?

Re:Infected? (2)

Tokerat (150341) | more than 2 years ago | (#39783315)

It's like being a carrier of an STD. Even though you're causing the disease to spread, you just make everyone else look like dirty whores by comparison.

Linux malware (1)

Anonymous Coward | more than 2 years ago | (#39783179)

It took me about an hour to track down and eliminate some windows malware running in wine. it turned my poor Linux box into a free p2p seeder for some freeium MMORPG. It ended up saturating my poor little cable modem until I clobbered it.

Re:Linux malware (0)

darkfeline (1890882) | more than 2 years ago | (#39783623)

Huh? Why would it take that long? Just rm ~/.wine, or sudo killall wine, and if all else fails sudo apt-get remove --purge wine or whatever your local package manager is.

Re:Linux malware (2)

jones_supa (887896) | more than 2 years ago | (#39784129)

Maybe he preferred a bit more discreet option than "nuking it from the orbit".

huh? (1)

Anonymous Coward | more than 2 years ago | (#39783181)

Only one in 36? Sounds like a lot to me!

Antivirus Software on a Mac (0, Flamebait)

StoneyMahoney (1488261) | more than 2 years ago | (#39783189)

It's always been a good idea to have a virus scanner on a Mac - at the very least, it's a courtesy to users of other platforms who may be more vulnerable to any infectious crap you may pick up without realizing.

Re:Antivirus Software on a Mac (3, Insightful)

tripleevenfall (1990004) | more than 2 years ago | (#39783295)

It's always been a good idea to have a virus scanner on a Mac - at the very least, it's a courtesy to users of other platforms who may be more vulnerable to any infectious crap you may pick up without realizing.

(I use OSX exclusively at home)

You want me to pay for an antivirus suite, or devote system resources to it all the time, as 'courtesy to users of other platforms'?

Nah. I'm good.

Re:Antivirus Software on a Mac (4, Insightful)

robinsonne (952701) | more than 2 years ago | (#39783385)

Unless you're a business, why would you pay for an AV suite in this day and age?

Unless you're running some old crappy Mac from 8 years ago, why would your big bad super duper Mac even notice the miniscule amount of system resources devoted?

You don't have a problem infecting other people's computers? Thanks a bunch!

Re:Antivirus Software on a Mac (1)

Samalie (1016193) | more than 2 years ago | (#39783537)

You know what? Stop surfing to fucking dodgy porn sites (or other dodgy sites of questionable content) and you won't get infected whether or not Mr. Mac up above runs antivirus software on his macbook pro.

Stop clicking on every fucking popup too.

Re:Antivirus Software on a Mac (1)

E-Rock (84950) | more than 2 years ago | (#39783849)

That's not true any more. Most of the infections we have to address at work are coming through the ad networks. A harmless site spinning content from a company that puts up anything where a check clears. Local radio stations are the worst with a little player surrounded by ads from various providers.

Re:Antivirus Software on a Mac (1)

tommy8 (2434564) | more than 2 years ago | (#39783863)

I surf porn sites all the time and I've never gotten a virus

Re:Antivirus Software on a Mac (1)

DamonHD (794830) | more than 2 years ago | (#39784035)

Infection via legitimate ad channels on respectable sites is not unknown.

Rgds

Damon

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39783671)

I have a mac at home and ClamXAV installed. it doesn't provide a resident shield, but does allow me to on-demand scan for windows malware on my mac. With regards to your system resources comment-- I tried installing ESET's antivirus product on my computer a year or so ago. it's not a brand-new box, but rivals current generation macbook pros. it slowed my computer to a crawl. I uninstalled it and my system went back to being swift. Antivirus companies don't know how to make a light malware shield on a mac.

Re:Antivirus Software on a Mac (1, Insightful)

tripleevenfall (1990004) | more than 2 years ago | (#39783789)

I don't use p2p, I don't use pron sites, and I don't use Windows or IE. Viruses aren't really a part of my life.

Don't ask me to pay for the shortcomings of the platform you've chosen.

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39784221)

hahaha, you made me giggle

Re:Antivirus Software on a Mac (1)

Anonymous Coward | more than 2 years ago | (#39784223)

I don't use p2p, I don't use pron sites, and I don't use Windows or IE. Viruses aren't really a part of my life.

Don't ask me to pay for the shortcomings of the platform you've chosen.

That's idiotic. For one example, Flashback relied on none of those things. Viruses and malware don't just come from porn sites or file sharing, and Windows and IE aren't the only pieces of software with vulnerabilities. So you don't use email? You never open attachments? You don't click on links, you manually type in every address you go to? You don't use flash drives? There's a countless number of attack vectors from a countless number of sources.

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39783597)

ClamAV is free and uses very, very little in the way of resources. On my ancient (1st gen Intel) Mac Mini, it's darn near unnoticable.

It not only protects those "other platform" but manages to keep away Mac-specific trojans and such while Apple takes its sweet time releasing a patch.

(also, captcha is "condom" - no kidding!)

Re:Antivirus Software on a Mac (2)

FranktehReaver (2441748) | more than 2 years ago | (#39783903)

Who said pay? There are plenty of free versions for Mac available that you do not have to pay for that work just fine. You can continue to stick your nose up and walk by everyone else but the fact of the matter is there are more malicious software files written today for Macs and it is exponentially increasing. Having a anti-virus/mal-ware software on the machine wouldn't hurt but rather add an extra layer of security on your machine. Why sit there in your armored car laughing at normal cars thinking your king of the world until a tank turns the corner and explodes your world and you sit there wondering wtf happened? Nothing is 100% safe but having nothing to detect the threats makes you 100% unaware of what is really happening on your machine. Security through obscurity is fine and dandy but I will add an extra layer of defense to my computer thank you very much.

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39783299)

A courtesy, yes, but on the other hand in my last 10 years using a Mac I never used an antivirus software, nor did I need to worry about it or keep it up to date. That comfort is nice.
FYI it has been years since I pirated software, which is the most obvious infection source. Slashdotters tend to hate the Mac app store, but it sure has brought the price down for many home-oriented mac softwares.
Yes, I realize, I may eventually get a virus and we'll see then what to do.

Re:Antivirus Software on a Mac (3, Interesting)

phantomfive (622387) | more than 2 years ago | (#39783309)

There are those who believe that having a virus scanner anywhere is a bad idea. Especially something like Symantec, which can slow your computer down more than many viruses.

Re:Antivirus Software on a Mac (4, Insightful)

w_dragon (1802458) | more than 2 years ago | (#39783469)

I'm not worried about the virus slowing down my computer, I'm worried about it storing kiddie porn on my computer, or stealing documents, or blowing a bunch of bandwidth for a DDOS attack.

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39783615)

Jeez people, Haven't you heard about HERD IMMUNITY! The weakest among us are vulnerable if you decide not to use whatever magic bullet this thread is about!

Re:Antivirus Software on a Mac (1)

Guppy06 (410832) | more than 2 years ago | (#39783901)

Avoiding anti-malware in order to "enhance performance" is about as rational and well-planned as avoiding condoms for the same reason, and generally produces the same results.

Re:Antivirus Software on a Mac (3, Funny)

phantomfive (622387) | more than 2 years ago | (#39783979)

Avoiding anti-malware in order to "enhance performance" is about as rational and well-planned as avoiding condoms for the same reason, and generally produces the same results.

A statement that demonstrates this point: "analogies are like nuclear weapons: you can use them to avoid making a good argument."

Re:Antivirus Software on a Mac (1)

Guppy06 (410832) | more than 2 years ago | (#39784219)

Whatever makes you feel better, just remember to pull out before the scripts load; that always works.

Re:Antivirus Software on a Mac (1)

bdabautcb (1040566) | more than 2 years ago | (#39784371)

Good analogy...

Re:Antivirus Software on a Mac (1)

TheNinjaroach (878876) | more than 2 years ago | (#39784273)

I like your analogy to condoms. I don't use them because there are better solutions to birth control. Same goes for anti-malware, you can avoid it altogether by making better choices when it comes to the software that you run on your computer.

Re:Antivirus Software on a Mac (0)

Anonymous Coward | more than 2 years ago | (#39783941)

From testing on Virus Total, most actual infections I've found are missed by two-thirds of the scanners.
Including major companies.
Virus signatures change so quickly that I wouldn't count on a virus scanner to protect you.

Good practices. Restricted accounts, keeping system up to date, using NoScript, using Linux and using a VM if doing anything possibly problematic, will keep you safer.
By the time your virus scanner is providing hits, it is probably already too late.

Re:Antivirus Software on a Mac (1)

mark-t (151149) | more than 2 years ago | (#39784239)

There's something fundamentally flawed with what amounts to using an elaborate grep command to ensure computer security.

Re:Antivirus Software on a Mac (1)

beckett (27524) | more than 2 years ago | (#39783455)

Sophos also recommends this. However, should one really sign up for a subscription of virus signatures for operating systems they don't use? I don't carry an Epi-Pen around just because I happen to be eating at a restaurant where other people might have peanut allergies.

You're free to run whatever software you'd like on your computer. However, this article is long on FUD, and as a fortunate side effect for Sophos, hundreds of thousands of mac users have downloaded their antivirus software. There is an inherent responsibility and conflict-of-interest in a researcher working in a for-profit company recommending their own software.

Re:Antivirus Software on a Mac (1)

Gr8Apes (679165) | more than 2 years ago | (#39783981)

Nah, no need, not even at a business level. Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.

All that aside, this article is extremely suspect - 1 in 36 macs were infected with malware? 600K macs estimated to be infected with flashback, the only really known problem malware at the moment. So that would indicate about 22 million macs according to the story. According to Apple's Q1 2012 [apple.com] results, they sold over 5 million macs just this quarter, meaning that this article is saying 25% of the macs out there were sold this quarter? Of course, Sophos sells "security" software, so is this a surprise?

Re:Antivirus Software on a Mac (1)

mark-t (151149) | more than 2 years ago | (#39784205)

It's always been a good idea to have a virus scanner on a Mac - at the very least, it's a courtesy to users of other platforms who may be more vulnerable to any infectious crap you may pick up without realizing.

Sure... when people who run other platforms that are more susceptible to viruses start paying me for the CPU time and other computing resources that the virus scanner must utilize on a system that *I* paid for.

Maybe it's time to get a new Mac (0)

cpu6502 (1960974) | more than 2 years ago | (#39783207)

Upgrade from my MacG5 and XP machines to one of the new 10.7 Macs, instead of Win7 so I don't have to worry about spyware anymore.

Re:Maybe it's time to get a new Mac (1)

Bobfrankly1 (1043848) | more than 2 years ago | (#39783293)

I'd mod this funny, but I'm out of mod points...

Passive carriers (4, Insightful)

sandytaru (1158959) | more than 2 years ago | (#39783231)

Isn't that like 90% of tuberculosis infections? Many people are infected, but only ten percent or so ever develop an active infection, and the rest of them never develop the diseased form at all.

Re:Passive carriers (4, Insightful)

oneiros27 (46144) | more than 2 years ago | (#39783467)

Yep. When I changed virus scanners a few years back, it found hundreds of infections on my system ... because I save my spam for when I need to train new filters.

The bigger problem is going to be people with infected files on a webserver that they're serving to the world ... JPEG exploits, word macro viruses, etc.

And it's compounded by the fact that some virus scanners don't bother scanning for older infections, so they can save CPU cycles & size of the virus definitions.

Re:Passive carriers (1)

Anonymous Coward | more than 2 years ago | (#39783585)

This isn't even about being a passive carrier. Its a distribution vector.

The title is quite misleading. Its like saying 1 in 5 pig farmers carry a virus that affects pigs but not humans. Being a distribution vector is in no way being infected.

News break! 1 in 5 winter breezes are infected with influenza!

Keep Spinning, Macinistas (0)

Anonymous Coward | more than 2 years ago | (#39783243)

When the computer stops running, just buy a new one. That's what you do now.

This is true. (3, Interesting)

Tokerat (150341) | more than 2 years ago | (#39783259)

I've run Macs most of my life, and recently backed up the entire contents of a machine to a Windows box with the space needed for the backup; close to a million files (app bundles contribute largely to this number), about 120 common-use files had various infections that Norton picked up.

Re:This is true. (3, Funny)

lennier1 (264730) | more than 2 years ago | (#39783549)

If even Norton picked up 120 infections imagine what a real scanner would've found.

Confirmation Bias - better title (4, Insightful)

Qwerpafw (315600) | more than 2 years ago | (#39783261)

One in five macs where people chose to install antivirus software have (inactive) Windows malware.

Which is a bit like saying "one in five cars brought to the mechanic get serviced for something." The survey is skewed due to the sample group - most Mac users never install any anti-virus software.

The only places I've seen it installed are on computers in corporate environments where there are already viruses being passed around commonly via email attachment, USB stick, and network drives. These places install antivirus on Macs so users don't forward a virus to Windows users - and it sounds like from this survey, that's with good reason.

Apple's Mail software (and Microsoft's Outlook for Mac) cache attachments locally on the user's disk, so it's very easy to "have" malware and viruses if you just receive email (even without opening it).

It's a bit ridiculous to claim they are "infected" however, and again, the sample group is not really representative. That said, I don't think Macs are in any way immune from viruses. Apple's iOS-like sandboxing and signed-app requirements would likely help OS X considerably in this regard, but of course every decision that increases security by removing control from the user also infuriates free/open software proponents and hackers. Think of jailbreaking iOS and how Apple patches security holes - this is maddening for people who want to jailbreak, but is ultimately an attempt to fix a potential infection vector.

Re:Confirmation Bias - better title (1)

mikael_j (106439) | more than 2 years ago | (#39783561)

Apple's iOS-like sandboxing and signed-app requirements would likely help OS X considerably in this regard, but of course every decision that increases security by removing control from the user also infuriates free/open software proponents and hackers.

Changes in 10.8 won't remove control from the user, any admin user (which for home users is the same as "the user" unless they asked a cousin or someone to set things up for them) can change the settings, it just defaults to "block unsigned". It's a setting, you can turn it up and only allow app store downloads and you can turn it off completely.

Re:Confirmation Bias - better title (1)

drinkypoo (153816) | more than 2 years ago | (#39783859)

They are infected, though they don't have any symptoms; they are still carriers.

Re:Confirmation Bias - better title (2)

Gaygirlie (1657131) | more than 2 years ago | (#39784293)

It's an infection only if the code runs. If the files just lie dormant somewhere and cannot run on the system at all then it's not an infection.

a marketing opportunity (1)

Anonymous Coward | more than 2 years ago | (#39783265)

study shows 1 in 5 macs have software they can't even run, because it is written for windows. get vmware / parallels and start running ALL the software already on your mac -- seamlessly!

More marketing ...... (5, Insightful)

King_TJ (85913) | more than 2 years ago | (#39783319)

The last sentence in the article makes their motives clear: “What Mac users really need to do is protect their computers now or risk allowing the malware problem on Macs to become as big as the problem on PCs in the future.”

Sophos simply wants to scare up some more business selling Mac business users their anti-virus software. (At least right now, home users can get it from them for free, at: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx [sophos.com] )

I'm in no position to challenge their numbers, but even "1 in 36 Macs" having a Mac specific infection seems awfully high to me. Maybe this last trojan horse that made the rounds pushed that number way up ... but I haven't encountered a single Mac that was infected yet, out of the ones my co-workers own (and always ask me for help with when they have problems), out of the ones we use at home, or out of the ones I support for clients in my side job. I don't think any of my Mac using friends on Facebook mentioned problems with it either.

Regardless? The concern of Macs harboring Windows malware is nothing new... That's been a potential issue for as long as I can remember. I recall the office running Norton anti-virus for the Mac on iMac G3 machines running MacOS 8.6 and 9.1, at one of my old jobs, just for that reason. They didn't want to accidentally spread an infected file they might have gotten via email to a Windows recipient.

The main reason Mac users stopped that practice, as I recall, was the really poor quality of most anti-virus packages when OS X came out. Apple even gave away copies of Virex for OS X to .Mac account holders at one time, and the software bogged down and destabilized the machines so badly, everyone I knew removed it in a matter of days!

Re:More marketing ...... (1)

masternerdguy (2468142) | more than 2 years ago | (#39783409)

I know someone who had that Mac trojan.

Re:More marketing ...... (1)

s.petry (762400) | more than 2 years ago | (#39784303)

Honestly, trojans are simple to create for any operating system. The hard part is getting users to run the install which actually infects the system.

Like with Linux, OS-X user space is protected from system space. non-root access means very minimum damage to a system.

Back about 15 years ago, I wrote a proof of concept virus for Unix. It modified user start up files to run, and just needed a port above 1024 on the network to listen for C&C. The amount of work it took was pretty incredible, but it's possible. You can't however run spam relays and such since those ports are protected. The only thing one could actually damage was world writable directory files and directories, and the user space that ran the code. A "System" was not a real target, unless that is, some poor sod went against best practices and did everything on the system as root. OS-X would be the same way.

The real thing that people try to do with AV for *nix and Mac is protect PCs from being infected. If a Mac user sent a Windows user a file that was infected, even though it did nothing on the Mac, it would be the Mac users fault.

This is the marketing game being played for 10+ years. More FUD increases that revenue.

Re:More marketing ...... (1)

Guppy06 (410832) | more than 2 years ago | (#39783939)

I haven't encountered a single Mac that was infected yet

Did you actually look, or do you simply equate "no complaints from the end-user" with "not infected?"

So... (0)

Anonymous Coward | more than 2 years ago | (#39783435)

What I just read is that Sophos is spying on me...

Best practices say: Run antivirus! (5, Insightful)

williamyf (227051) | more than 2 years ago | (#39783477)

No matter if your OS is Windows 5.x, 6.x, Mac OS X 10.x or GNU/Linux Kernel 2.4.x or 2.6.x. If your machine is a desktop run an antivirus.

You owe it to the rest of the world to exterminate viruses/trojans/malware, both the many (or few) that your machine is susceptible to, as well as those that, even though will not infect your machine, will be passed on to someone else... ...because YOU, saavy and enlightened slashdot user, did not catch and exterminated them.

Do it for the unwashed masses, that are clogging the pipes with port scans and attempts to infect, do it to have a tad fewer cheap viagra/penis enlargement offers in your spam folder... do it for the children!!!! :-)

If you "feel confident" (note the quotes) that your OS is "safe", that you use "safe practices", and the AV is a "Waste of resources", then fine, get an AV with a small footprint, both in system resorurces, and in $£¥€, and run it while you are sleeping, so it does not affect your daily work routine.

I am writing this fom Firefox 10.0.3 esr in a Mac with 10.6.8, and I am not scared at all about these developments, but, as safe practice, run ClamXav manually. I scan my machine and its external hard-drives every night, and scan smaller/unknown removable media every time it is inserted. ;-)

So, please my Linux and Mac OS X brothers and sisters, stop being a bunch of snobs, get on with the program, and run an antivirus. :-)

--

I'm blaming Paul Allen (3, Funny)

smitty_one_each (243267) | more than 2 years ago | (#39783505)

For the sake of variety.

And Windows has less than 1% infection rate? (1)

Drethon (1445051) | more than 2 years ago | (#39783523)

Just curious... [computerworld.com]

Error in summary. (1)

Annirak (181684) | more than 2 years ago | (#39783531)

One in five Apple Macs is infected with malware, according to Sophos. But most of that is harmless to the Mac... it is Windows malware ready to be transmitted to the Windows population. OnlyOne in 36 Macs has OS X specific infections.

FTFY. A 2.8% infection rate is pretty significant.

Re:Error in summary. (1)

6ULDV8 (226100) | more than 2 years ago | (#39783919)

75% of that 2.8% figure is the Flashback trojan. If they haven't patched or upgraded by now, they are not likely to do so.

Re:Error in summary. (0)

Anonymous Coward | more than 2 years ago | (#39784201)

75% of that 2.8% figure is the Flashback trojan. If they haven't patched or upgraded by now, they are not likely to do so.

Proof that Mac users are just as dumb as Windows users. It is only a matter of time before Mac machines are as riddled with malware as Windows machines.

Numbers skewed? (1)

FreshlyShornBalls (849004) | more than 2 years ago | (#39783657)

Only one in five? I'm guessing they got their numbers from Macs with Sophos installed. That should have made it a solid five in five.

Subject (1)

Hatechall (541378) | more than 2 years ago | (#39783673)

So 20% macs have infections on it that they have no reason to counter. Woo. A stat like how many would actually make it onto a system that would have a reason to guard against that virus would be an important stat to guestimate. If you assume there are hardly any windows machines with rudimentary enough security to accept the majority of these viruses to begin with - a story which would sync with known windows infection rates -, this becomes a nonstory. But this essential fact wasn't looked at, making this entire story worthless propaganda.

Apple's (0)

Anonymous Coward | more than 2 years ago | (#39783717)

(Apple's) market domination one way ot the other.

how do they know? (2)

jsepeta (412566) | more than 2 years ago | (#39783833)

I'm sure Sophos' sample size is too small to be of any use. Hardly anyone knows who Sophos is or uses their antivirus. I like it, but I haven't run AV on my Mac since moving to OSX 10.3 when Norton failed to make the jump in a timely manner. And I've never seen Macs on OSX brought down as hard as PC's on XP.

Don't forget, Malware & Trojans are a different beast than viruses. A lot of viruses can spread just by the fact that your Windows PC is connected to the same network as an infected PC. This does not happen to Macs with OSX, no matter how loudly Leo Laporte whines about it. Or Sophos.

Nothing really new... (0)

Anonymous Coward | more than 2 years ago | (#39783851)

... Mac's have allways been toxic to any windows-network, .DS_Store anyone...?

Where is this malware anyway? The browser cache? (1)

AC-x (735297) | more than 2 years ago | (#39783893)

I still can't decipher where exactly this malware is on OSX, I suppose it's just sitting harmlessly in the browser's cache?

Re:Where is this malware anyway? The browser cache (2)

93 Escort Wagon (326346) | more than 2 years ago | (#39784319)

I still can't decipher where exactly this malware is on OSX, I suppose it's just sitting harmlessly in the browser's cache?

Macs (and Unix boxes) might also harbor infected MS Office docs.

We had this problem a few years back - one of our end users repeatedly would get his box thoroughly infected. His group shared a workspace drive that was on a Linux box running Samba. He'd upload a doc that'd sit there, biding its time on the Linux box, until one of the other users grabbed it - then they'd either get a pop-up from their antivirus, or they'd get hosed themselves.

I'm not a Windows sysadmin, so I found the whole thing rather funny - but my Windows compadres didn't see the humor in it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?