Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats?

“Apple Macintosh users could be making themselves less secure by installing Symantec’s flagship anti-virus application,” Munir Kotadia writes for CNET News.com. “The Mac is arguably more secure than Windows for a number of reasons, including its Unix-based architecture, default password protected administration rights and lower market penetration. Mac users have not had to face any new virus threats for a number of years.

“Symantec’s latest security vulnerability highlights the fact that introducing complex code into a computer system makes that computer less secure,” Kotadia writes. “While researching this article, I asked several security experts if Mac users are more or less secure once they install Norton Antivirus. Most, such as Jo Stewart-Rattray, director of information security at Vectra Corporation, said users would be safer with NAV installed: ‘This is a glitch — a flaw, just as we see in the PC world.'”

“This time I’m afraid I have to disagree,” Kotadia writes. “As the owner of a Powerbook I am faced with a dilemma. Do I pay AU$118.15 for a flawed ‘security’ application that is designed to protect me from threats that do not seem to exist; or do I take sensible precautions like keeping my computer behind a firewall and staying up to date with OS X patches? For now anyway, instead of spending my money on a copy of NAV for OS X, I will be buying a big round in the pub.”

Full article here.

Advertisements:
The New iPod with Video. The ultimate music & video experience on the go. From $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.00.
The New iMac G5. Built-in camera and remote control. From $1299. Free shipping.
Apple USB Modem. Easily connect to the Internet using your dial-up service. $49.00.

Related MacDailyNews articles:
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Symantec details flaws in its antivirus software – March 30, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Symantec warns about Mac OS X security threat – March 21, 2005

24 Comments

  1. I use the free ClamXav antivirus app. just to make sure I don’t pass any Windows viruses in redirected emails along to my PC buddies.

    Otherwise, why worry?

    Oh yes, have a great New Year everyone.

  2. Maybe this is Symantecs way of drumming up business. Write code that opens up OSX and then offer the solution with new upgrades.

    Gee, I wonder if they have a hacker department tucked away in the bowels of their office building.

  3. No one really knows how secure OS X is. Too many use the very generalized statement “no OS is totally secure” as some sort of logic to back up the statement “someone will eventually breach OS X security”. While OS X probably has flaws, it is a function of time that will determine if someone will be able to find any.

    And it is not a matter of how many users are using the Mac OS(security via obscurity), but how many people WANT to hack into the Mac OS.

    This is much like finding a quarter glued to the sidewalk somewhere in downtown Chicago…

    – How easy is it for any particular individual to locate the coin?
    – Is it simply too daunting of a task for most people to consider taking on the challenge?
    – What value will come from finding the quarter, and is it worth someone’s time and effort to look for it?
    – Are seekers further discouraged from the quest because Apple has a good reputation for finding their own quarters before any one else does, and either removing them or relocating them?
    – Is there less motivation because Apple’s OS is actually helpful to users, thus not breeding the fuel of contempt that seems to drive many hackers of MS Windows?

    The probability of anyone finding the elusive coin, a Mac OS X flaw, is primarily based upon how many people are actually looking for it. It is not the number of users of a system that determines it’s likelihood of discovery, but the number of hackers. Even if Apple had as many users as Microsoft, there will be far fewer people with a desire to break in and destroy a perfectly good system, a system that serves them well.

    Far fewer vulnerabilities multiplied by far fewer seekers makes for an exponentially more secure system. Granted, OS X not perfect, but I am very comfortable with the probability being so heavily weighted in my favor.

  4. Why? Simple. Paranoia. It’s what makes Wall Street so exciting.

    Hey, and just because you’re incredibly paranoid doesn’t mean people aren’t actually out to get you.

    Those incriminating wiretaps of you with your “poker buddies” and the one with your “girlfriend” are already on the way to becoming a best-selling podcast.

    How else are we going to pay off the national debt? National monuments on eBay?

    People pay because they are told to pay. That’s explains Windows for the most part.

  5. Well, if you’re going to piss away your money, buying beer in a pub is a lot more fun than wasting your money on NAV for Mac. This guy has his priorities right.

    No Mac is completely safe. If your password is something simple or obvious, if your password is on a sticky note on your monitor or written on your desktop blotter, if you left your front door unlocked, there are ways your Mac can be owned.

    However there will probably never be a mass infection of a big percentage of all Macs on the internet. Propagation to other Macs is a big problem for virus writers.

    That kind of damage is just going to happen to Microsoft products.

  6. If someone has issues with their Mac, one of my first questions is: Do you have any anti-virus software? If they say yes, of course I say get rid of it, it’s only hogging resources and/or mucking things up in general.

  7. Mike,
    I do not buy the obscurity myth argument here. OS X has ZERO viruses in the wild. Zero. 0. Zilch. None. Now surely there is SOME qualified loser out there somewhere who would love to bring Apple’s vaunted invulnerability crashing around its knees, and be renowned as the first virus writer to take down OS X. The media and every Windows apologist out there would eat it up, and there HAVE to be enough PC weenies out there who hate Apple enough and would love to see a virus start wiping out Mac hard drives.

    I’m not saying obscurity doesn’t help, but let’s change your analogy a bit. Instead of a quarter, let’s make it an engraved invitation to be on Jay Leno. A lot more people are going to be looking for this thing, not because they’ll be any wealthier, but because of the prestige. Any five-year-old it seems can hack a Windows box, but how cool would you be if you hacked the most secure commercial OS ever, and be the first to do so after much hoopla that this thing is impenetrable? I’m thinking that reason alone has a lot more hackers making the attempt than we think.

  8. “Mac users have not had to face any new virus threats for a number of years.”

    We also haven’t had to face any OLD virus threats. (Not unless you buy an OLD used Mac that runs a totally different OS than today’s Macs.)

    0 new + 0 old = 0 viruses ” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> or spyware, or worms.

  9. (stands)

    “Hello, everyone. My name is Tempus.”

    (crowd…) “Hi, Tempus!”

    “I have been NAV free for three years and my life has never been better!”

    (scattered applause)

    “I used to have both Norton Anti Virus and Norton Utilities on my Mac G3 and it didn’t make my life better or easier or less complicatated. In fact, it was just the opposite! But as soon as I learned the error of my ways, walked away from the Symantic stuff and got myself a newer Mac with OS X I quickly realized that not only could I live without the Symantic stuff but that I didn’t need it altogether! And things have been looking up ever since!! Thank you. (sits down)

    (crowd…) “Yay, Tempus!!”

  10. I’m sure the trolls are going to give me a hard time for this statement, but, I take offense to the term “OS X ‘patches.'” Should’nt be “OS X update” and “Windoze patches”?

    Hit me with your best shot!

  11. Mac users are better off without Microsoft and Symantec, these two companies are not even worthy of a dime from us.

    Sony would be as well, because of Sony/BMG rootkits on music cd’s, but it’s a division problem resulting from a failing buisness model.

    Don’t buy M$ or Symantec period, Sony is on probation until the PS3 comes out.

    Buy more Apple gear and give it to friends.

    I bought more than 20 iPods and a iMac G5 this holiday season.

  12. HR, I don’t think Mike was using the Security through Obscurity myth as the complete basis for his argument. He was saying that there are fewer hackers out there looking to mung up the OS X works. Windows hackers are a dime a dozen, and there are probably about 10 script kiddies for every 1 Windows hacker. But how many malicious OS X hackers are out there? That’s a very good question. This has nothing to do with how many Mac users are out there, (in a previous post I said that there could be anywhere from 10%-16% of home users using Macs based on stats gathered from BoingBoing.net, AT&T, and a National software developers group) but rather how many people actually want to cause problems on OS X. I think the ratio is MUCH smaller for OS X. Script Kiddies don’t exist yet on OS X mainly because they depend on someone else developing malicious code, and so far, no one has done that. Plus, he makes a good point about mucking up an OS that works better than any other. Why would a hacker decide to ruin an OS even HE/SHE sees just works better? Aside from the notoriety of “being first” to infect the OS…there’s not much else to shoot for.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.