Technology commentator Bill Thompson responds to the feedback he received over his column suggesting that Mac users are too smug about computer security in his latest article for BBC News.
“The vehemence with which the Mac community greeted my modest suggestion that the security of Mac OS might not be absolute did not surprise me,” Thompson writes. “I wrote it because I’m a Mac user, among other things, and I worry that we do not take security seriously enough as a community. Despite what some people seem to think having read the piece, I don’t believe that Mac viruses already exist, and I think it’s very unlikely that they ever will. The security model in Unix-based operating systems like Darwin means that it is very hard to see how an infection could spread, even if an executable could be compromised. But viruses aren’t the end of the problem. There are lots of other malicious programs out there, and the Mac is vulnerable to some of them. If we ignore this then when an effective piece of Mac malware does emerge, many will be defenceless, and that will damage individual users and the Macintosh ideology.”
“Let’s deal with the bits that are weak in my article,” Thompson writes. “First, I mentioned that my broadband connection means I have to scan for viruses, but failed to point out that I scan my Windows desktop and my children’s Windows PCs. I don’t have anti-virus software for my Mac, and I don’t think I need it. I have never claimed there are Mac viruses out there, and I said in the piece that they are unlikely, but I should have made that clearer.”
“Several people asked me for examples of worms, spyware, keyloggers and even viruses for the Mac,” Thompson writes. “As I’ve said – let me say it again – there aren’t any viruses and I don’t think there will be. But spyware and keyloggers are written for Mac OS as for other Unixes, and could be installed on a compromised system by a worm or even by a Trojan that is installed with user permission.”
Thompson’s full backpedaling article, and quite a muddled mea culpa it is, here.
Advertisements:
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. $49.00.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related article:
BBC News Tech columnist: Mac users ‘too smug’ over security – January 16, 2006
He does have a good point. Even though we are enjoying the Mac experience quite unlike that of Windows, it is always a good practice to maintain vigilance when it comes to security.
I’m sure he meant well, but I have a hard time giving a pass on his unclear writing since he makes his living writing. If he is capable of rethinking what he put down on paper (or in pixels), he should be able to review and edit it prior to publishing.
There’s not much room for excuses in this area, especially when the topic he’s covering is an important one.
I do agree with one point he made, that being that Mac users are not immune from spreading a virus, etc. to others, even if it won’t infect the Mac. As Mac users, we can do our part to help keep viruses, etc. from spreading by using a little common sense.
You might also be interested to hear bright Bill talking on the radio too: wherein he says Apple is just like Microsoft copying others’ innovations..
The UK editor of MacWorld -Fanning- is on it too, who makes a poor effort of selling Macs. No mention of all the advantages of Mac over Windows…
Dear oh dear oh dear…
Download MP3 here: http://news.bbc.co.uk/1/hi/technology/1478157.stm
Give the guy a break. I believe his original article did state there were no viruses on the Mac. He writes an apology for any misunderstandings and you fault him for being “muddled”. Lighten up. He is right that the Mac community could become so certain about “no viruses” that it fails to take prudent precautions. This absolute requirement for “pure thinking” is what inspires the comments about “priesthood”, and all the other religious references to the Mac following.
Yep, just what I had expected.
“Let’s deal with the bits that are weak in my article” Typically I would have thought that’s what the editing stage is for. Writing for a market which isn’t technically minded and simplifying ideas in order to get a point across
is quite different from just not writing the truth to save going into detail.
It seems that the point he is trying to make, but not really conveying very well, is a valid one. If you can convince someone to enter their admin password somehow, then you can install whatever you want on their system. This would include key loggers, spyware, malware, etc. However, it’s not going to spread because each machine has to have its admin password entered before the malware will install.
I suppose the easiest way to do that would be to make the user think they are installing something worthwhile, or piggybacking on some worthwhile code install. Could be done, but its up the the user to know what they are installing.
huzzah, we’ve beaten another jourlanist speaking his mind into the ground
kent,
Priesthood? As in an organized religion? Hardly very organized but certainly dedicated. Faith beyond measure so to speak. That’s kind of a sad thought when you realize it is based on people and technology with no further gain. Science has always made for a poor religion.
His second article was more of a way to save face after getting blasted by so many Mac users, but his key points remain valid in my mind. Mac users are more secure, but we are not completely invulnerable. I’m glad her pointed out the White Paper on securing the Mac. It’s a good read. And taking the right precautions is never a bad thing.
However, I think he took some of the criticism personally, the last two paragraphs sound like someone who’s taking a bit of a defensive swipe at people…
In this article, I was speaking to an audience of Mac users of all skill levels, some of whom know nothing about computers. They need to understand that security matters to them just as much as it matters to Windows users.
I hope I achieved that goal, even if I did upset a lot of people who seem to feel that anything but fawning admiration for Apple is an act of betrayal by an apostate.
*emphasis mine
Up until the last paragraph, I was okay with him, but that last bit just irked me. I am not a fan of fawning admiration of ANY company, especially Apple. In my view, they do less to garner any serious criticism from me, but they do at some rare times make me wonder what the hell is going on. In the long run, they are a far better company, with a far better product than Microsoft and Linux, in my opinion. It isn’t perfect, but it’s as close as any OS I’ve ever seen in my 25 years of working with computers.
“tommy – huzzah, we’ve beaten another jourlanist speaking his mind into the ground”
So much for free speech and freedom of thought. The Mac community has become the 900 lb. gorilla when someone doesn’t agree with them. Amiga had a similar following, eventually people quit writing about them, they went away and no one cares.
The trouble seems to me we’re going to get a lot more people talking about the Mac – all with 2 minutes experience and trying to be ‘balanced’ and thereby making sure everyone gets confused.
The world needs more clarity (like Mac and OSx), and NOT more complexity (like Windows)…
The biggest threat the platform faces are malicious programs disguised as something else, most likely in the form of shareware. The ability of such a program to do damage outside of the system of the poor suckers who trust it and install it, are minimal.
<soap-box>
i think a lot of people, including some of us who frequent this place regularly, need to take a deep breath and decide what is really important in life.
so this writer may have said something that was not in agreement with everyone here. so what? i thought that he wrote a ‘measured’ article and, considering the treatment dished out, a remarkably restrained follow-up.
but that is my opinion, something we are all entitled to and something we can all express.
what’s next? how little does someone have to “move from the party line” to be heckled?
am i now to be the target for having blashpemous outbursts? in the words in cathering tate – “am i bothered? does my face look bothered? …etc etc”
</soap-box>
MW: decided – i decided to put my head above the parapet to see if there were any arrows flying toward me
…another effete back-peddling Brit from the land of Tony Blair.
I suggest we put the UK on notice and stop all of the following at the border:
bad teeth
bad food
odd looking women
bad analysis
wussy manners
football played by skinny people that can’t use their hands
I wrote and called him gay and a loser.
I feel much better now.
Signed,
Oppressor of anyone who doesnot believe Apple is God.
“Tommy – huzzah, we’ve beaten another journalist speaking his mind into the ground”
Not this one, mate. I don’t think there’s anything to be ashamed of in admitting areas where your writing isn’t as clear as it should be – the test of a piece is how it’s received by its audience, and sometimes what you think you’ve said doesn’t come across, or sometimes you simply miss a point. It is usually caught in the editing, but not always.
I’m a Mac user – writing this on my PowerBook – but I wouldn’t want to be called a member of the Mac community if the responses I’ve been getting over this piece were representative. Fortunately I know that they aren’t and I’ve been in the field long enough to understand how it goes. I first used a Mac in 1985 – rather than having ‘2 minutes experience ‘ – and I’ve been a Unix sysadmin and a professional programmer.
I know what I’m talking about, and I am quite convinced that there is a real danger of some form of Mac malware emerging and spreading rapidly simply because Mac users either think that they don’t need to worry about security or act as if they are somehow immune.
Now at least when anyone searches the Web for ‘mac security’ they’ll find an article that doesn’t just claim all is rosy. Mission accomplished
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
looser!
I’ve just read his article and all he can do is point out to 1 (one!) malware named Opener and then write “if a way around that protection could be found”, yeah do you note the if clause?
That’s the problem with those suckers, they want it so bad to take us to their winblow hell companion but all they can do is say “Hey! I found one! Now if you…”
Give me a break, the Unix model is inherently secure, besides, you must do some very stupid shit to compromise your system and that should be the point, in a basic winblow install, after a few minutes on the net your system is already compromised due to the inherently insecure piece of crap that winblows is, but that’s just not the case in the unix world and suckers of that ilk should stop trolling for page hits with that garbage.
His article is pure crap and I don’t believe for a second that he is a Mac user…
OS X has been out in the wild for more than 5 years now, look at its track record and compare it to the news we see everyday about winblows holes, patches and stuff.
Give me a break…
I too get annoyed with casual journalism on the BBC: their domestic stations frequently discuss securing PCs without any reference, even passing, to the current advantages of the Mac platform.
But we are vulnerable: for example, the SonyBMG DRM packages could have been loaded on Macs by the innocent user, assuming that a highly reputable company like Sony would never ask them to install malware. Fortunately these “enhanced” audio discs do not seem to have been released in any numbers in Europe, but the risk of a “social engineering” exploit is there. And if current trends continue, more Mac users will be grannies and other not very savvy users.
(And I know that the AV products at the time would not have blocked the SonyBMG malware, but it’s the sort of risk that could be real.)
Mac phishing scams will do it too for the iTMS
Credit where it’s due. Unlike many journalists who will respond to a “Mac attack” by simply dismissing every Mac user as a loony, Bill follows up his article with a reasoned amendment.
In case you haven’t worked it out yet people, we aren’t invulnerable. Those of us on MDN run Software Update, install the patches, use the latest OS, etc. But only a small minority of Mac users come to MDN, IGM, TMO etc. Bill’s article is for a much wider audience. He is reminding Mac users who may not be aware that having a Mac doesn’t mean you never have to worry about security. You have to keep it secure to be safe.
Compare that to some of the crap that real anti-Mac journalists spout, and you’ll realise just what an oversensitive bunch we’ve become.
http://www.channelregister.co.uk/2006/01/17/apple_phish/
Email fraudsters are targeting Apple fans in a change of tactic from standard phishing attacks. Commonly bogus emails that form the basis of phishing attacks pose as security messages from online banks in an attempt to dupe a tiny proportion of recipients, who happen to be customers of the bank, into visiting a bogus site on handing over account information.
I don’t believe there will ever be any severe threat of a remote exploit on a Mac. I’m referring to the worst exploits on Windows — read an email, visit a website, or hell, just connect to the Internet, and BAM!, you’re pwned.
However, no amount of security can protect against social engineering. If the Mac starts to get enough market share to become a tempting target, expect the bad guys to find ever more clever ways to trick users into entering their admin passwords.
MacDailyNews really takes Apple coverage too far – nearly every article ends with a comment that’s so anti everything and pro Apple it’s just dull to read…stick to the facts and please don’t bring in the personal jabs.
OK Bill Thompson, you get a vote from me for remaining standing and posting on this forum.
I don’t think (m)any of us are actually suggesting there is no threat just because we are a user of Macs for which there is no known threat to date.
Vigilance in todays world is a necessity not a choice. You can get mugged as easily online as you can in the street, at work, selling your car or anywhere else. So yes, vigilance is a standard requirement, but have to stress that any threat to Mac users is going to be one to one, an individual approach and acceptance, it will not be passed on in a viral manner as happens every day of the week with Windows.
What I want to see is the clear truth that overall Macs are massively more secure than Windows PC’s. Full stop.