“Symantec’s claim that Apple’s OS X will soon attract more attention from hackers has been dismissed as nonsense, and worse,” Dan Ilett writes for ZDNet UK. “Symantec has sparked outrage by claiming on Monday that the operating system OS X was set to come under increased hacking and malware attacks. In its Internet Security Threat Report, Symantec said that Apple’s userbase was more likely to come under attack, citing Apple’s growing market share and the 37 vulnerabilities that were found in OS X last year — a trend it hinted would continue.”
“But ZDNet UK readers have rebutted Symantec’s claims in a series of angry responses, saying the security company was using marketing tactics of fear, uncertainty and doubt (FUD) to fuel its sales,” Ilett writes. “‘What a load of FUD,’ said one anonymous IT manager. ‘Anyone with the smallest sense of knowledge about any of these operating systems knows that the biggest issue with Windows security is the basic design flaws that it keeps dragging on from its past eras, to ensure compatibility.'”
Full article here.
Related MacDailyNews articles:
Symantec warns about Mac OS X security threat – March 21, 2005
“I think he meant that Windows is an easy target because Microsoft made great efforts to design Windows 95 with features that allow a programmer to write a program that can control all other programs in the computer (aka interoperability) in every way possible (sorta like Applescript with no limitations.)”
What I really meant was that PCs interconnect via e-mail and networking much more with each other than Macs do. Let’s say that both OS’s are equally secure, and that Windows still has 95% of the market to Apple’s 2%. If I want to write a virus that can only run on one platform and I want it to spread via an e-mail attachment, would I write it for the Mac or Windows? Even if I could write a virus to infect a Mac, there’s virtually no chance that it would spread via e-mail given the paltry market share. The virus would die as soon as it hit a PC, which is much more likely than hitting another Mac. It wouldn’t even be worth the effort.
Beeble – even if you (or I) could write a virus to infect a Mac (or indeed act as a “carrier” for both Mac and Windows), the thing that’s ultimately going to stop you are the facts that a) none of the Macintosh’s e-mail clients will allow code to run unchecked and b) that turning a Macintosh into a member of a “zombie” network is unlikely to be feasible unless the user is logged in as root or the user supplies the admin name/password combination to allow the the “zombie” code to be installed.
MCCFR, I understand what you’re saying but security is built around KNOWN methods of hacking. Hackers don’t operate that way, and anyone (even Jobs) will tell you that there’s no such thing as a totally secure system. If Mac ever got up to a worthwhile market share, believe me, they’d find a way.
Beeble, you are out of your league in understanding this issue.. Viruses have self replicating features that simply are not possible on a Mac because a ADMIN password is required to install/alter the core services of OS X. Some actions cannot even be enabled unless you go in as the root user.
Total opposite from XP/200X, where programs can go in and actively alter the system folder which can result in often catastrophic results.
If you understand that very basic fundamental difference, then you understand why a mac is simply not as vunerable as a PC, end of story.
My Mac’s ethernet cable is no more or less “connected” compared to Windows. It’s all about the virus magnet that plugs into it. Internet Explorer is not a browser, but a platform that executes code, more than likely by someone logged in by default as an administrator. Ditto for Outlook. ActiveX is a pox on mankind. THAT’S why the Windows world has 69,000+ WINDOWS viruses.
Even if the fallacy of marketshare is considered, there are still MILLIONS of Mac users connected to the Internet, but ZERO viruses. It’s not coincidence the big iron servers that run the Internet DNS are exclusively UNIX. Not a ONE Windows server.
Beeble, if you don’t like the Mac “cult”, if there is such a thing (remember the roots of the word fan, meaning enthusiast), then why are you writing in this “cult forum”?? Spend your time in MacMinute.com or branch out with MacPulse.com.
No one talks in MM and MP is just a headline aggregator. Right up your alley, I’d think.
One thing is clear: if the Malware Authors are ever to get some good Mac viruses/trojan horses/worms etc. happening, they will have to make a little investment: they will need to get a Mac.
Any old new Mac will do. A Mac mini would be good. Keep your monitor, keyboard, and mouse. They will plug right in if they are USB.
Welcome to Macintosh! Thanks for the market share!
Warning: Macs are habit forming. Use with caution.
I dropped Norton AntiVirus several years ago when they didn’t seem to be all that interested in the Mac platform after years of excellent support (didn’t they start out as a Mac company first?). That excellent support waned and so did my faith that they would actually be able to protect my OS X machine from anything.
Several others above have pointed out that all the hoopla is over vulnerabilities – that Apple patched, and quickly. Note that none of those vulnerabilities – not one – resulted in any damage to any computer that someone didn’t already want it to happen, just to see the result (and then some reported it to great glee in their best Chicken Little voice, screaming “The Mac has a SECURITY FLAW! RUN FOR YOUR LIVES!!!”
Not a single piece of malicious code has done a single PENNY of damage to any OS X machine, anywhere, to date. Not a single second of any man-hour has been lost to a virus-disabled computer running OS X. Not a single lost sale reported. Not a single second of waiting for an OS X machine to re-boot after being “sterilized” from any sort of “in the wild” code.
I will be absolutely shocked and amazed when that first verifiable virus, trojan horse or other malicious bit of code is able to do anything to my OS X machine, without getting my consent first. As far as I can tell, nothing can happen on my OS X machine in terms of installing any sort of program that will have that potential without first having my fingers do the typing.
Of course, that doesn’t mean I will stop using, and regularly updating, Virex…
Beeble doesn’t seem to have been around long enough to know what he is talking about. But give him (her?) time and I daresay he (she?) may learn enough to have a valid opinion.
In my experience (nearing 30 years) of computing, I’ve found even the pre-OSX (Mac OS) operating system to have a high level of security. In some ways Mac OS X is perhaps less secure (a pre-OS X Mac OS webserver was (almost?) impossible to hack without social engineering). Still, in totality, I have had more good OS X security experiences than with just about any other operating system (save VMS) whereas my experience with Windows “security” has been less than pleasant.
MW is these, as in these malware authors are continually attacking my low marketshare Mac OS X system with little (zero) success.
(Last attack [Sun Mar 20 02:21:22 2005] ).
“Symantec isn’t wrong. They’re just exaggerating.”
Bingo.
“impossible to hack without social engineering”
You mean taking the webmaster out to bars?
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Yup … and plying them with lots of alcohol …
And the next time you feel like buying into that whole “Windows isn’t less secure, it’s just more popular” argument, take an Analogy Trip and ask yourself these related questions:
1) How many worms, especially really nasty ones that ground the entire planet to a sludgy halt, have propagated by attacking and spreading via Microsoft’s web server software?
2) How many more web sites run the open source Apache software instead of Microsoft’s? And
3), now that you’ve established that Apache is loads more popular than Microsoft’s IIS (and always has been), how many crippling Apache worms have made the evening news in the past decade or so?
From CNET today: “Sophos reported earlier this week that Sober.P appears to turn off Symantec’s antivirus protection and the Microsoft Windows XP firewall, probably as a way of preparing computers to distribute spam and to spread itself wider.”
Maybe the Symantec people should move to Macs as well?