Technology commentator Bill Thompson responds to the feedback he received over his column suggesting that Mac users are too smug about computer security in his latest article for BBC News.
“The vehemence with which the Mac community greeted my modest suggestion that the security of Mac OS might not be absolute did not surprise me,” Thompson writes. “I wrote it because I’m a Mac user, among other things, and I worry that we do not take security seriously enough as a community. Despite what some people seem to think having read the piece, I don’t believe that Mac viruses already exist, and I think it’s very unlikely that they ever will. The security model in Unix-based operating systems like Darwin means that it is very hard to see how an infection could spread, even if an executable could be compromised. But viruses aren’t the end of the problem. There are lots of other malicious programs out there, and the Mac is vulnerable to some of them. If we ignore this then when an effective piece of Mac malware does emerge, many will be defenceless, and that will damage individual users and the Macintosh ideology.”
“Let’s deal with the bits that are weak in my article,” Thompson writes. “First, I mentioned that my broadband connection means I have to scan for viruses, but failed to point out that I scan my Windows desktop and my children’s Windows PCs. I don’t have anti-virus software for my Mac, and I don’t think I need it. I have never claimed there are Mac viruses out there, and I said in the piece that they are unlikely, but I should have made that clearer.”
“Several people asked me for examples of worms, spyware, keyloggers and even viruses for the Mac,” Thompson writes. “As I’ve said – let me say it again – there aren’t any viruses and I don’t think there will be. But spyware and keyloggers are written for Mac OS as for other Unixes, and could be installed on a compromised system by a worm or even by a Trojan that is installed with user permission.”
Thompson’s full backpedaling article, and quite a muddled mea culpa it is, here.
Advertisements:
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. $49.00.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related article:
BBC News Tech columnist: Mac users ‘too smug’ over security – January 16, 2006
hey ‘bottom line’
I suggest we put your US on notice and stop all of the following at OUR border:
bad brains
bad manners
bad foreign policies
oh – and start working on your trade deficit
Can we all stop this thread?
[Vigilance in todays world is a necessity not a choice. You can get mugged as easily online as you can in the street, at work, selling your car or anywhere else. So yes, vigilance is a standard requirement, but have to stress that any threat to Mac users is going to be one to one, an individual approach and acceptance, it will not be passed on in a VIRAL manner as happens every day of the week with Windows.
What I want to see is the clear truth that overall Macs are massively more secure than Windows PC’s. Full stop.]
Will a ‘tech journalist’ ever understand this? And then be absolutely clear when discribing it to the layperson.
There is a simple DIFFERENCE between ‘virus’ and ‘trojan/keyloggers’.
Less rancor from the MacJihad will ensue WHEN the ‘tech journalists’ report the difference. Education to the actual benefits (and potential dangers) of the ‘MacWay’ will enlightened all — the Macuser and the non-Macuser.
I think it’s good — but mostly necessary — to ‘get it right’. But, ‘get it right’ doesn’t mean ‘get it almost right’ or ‘get it good enough’ — hence the scathing backlash.
The ‘tech journalists’ need to ‘take pride’ in their ability to report all the facts CORRECTLY. And to take it on the chin when ANYONE corrects them. Even the idiots. Too many ‘tech journalists’ have the same thin-skin that they claim their readers do.
Maybe someone could hold a convention, where all the ‘tech journalists’ and MacJihad could actually speak to each other… and put it on video… for sale on iTMS.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
The ignorant smugness of the typical MDN reader really makes me cringe and feel embarassed to be a Mac user. It is clear that those who vilify Bill Thomson for his piece know precious little about computer security, and would rather close their eyes, put their fingers in their ears and chant “name a Mac virus” in a loud voice until anyone daring to point out that MacOS, like any other OS, has vulnerabilities, shuts up. Thomson is spot on, and the greatest security vulnerability of the Mac platform is the idiot in front of the screen. This is regularly demonstrated by the posters on this forum.
By way of example, interested readers should browse http://www.securemac.com/ amongst others.
I blame MDN.
I think that he makes a valid point. Mac users should feel good that they do not have to deal with all of the troubles that can plague Windows users. Smugness is a bad idea. Believing that something can never happen is a bad idea as well.
What’s so CRAZY is how personally attacked so many Mac users feel if somebody does not embrace the entire Mac experience. Who cares, much less why should any of us care? I am quite happy with the direction the Apple is moving. The press actually is looking at the Mac again. The computers are finally getting competitive price and performace wise again.
If somebody does not think, whether for real or imagined reasons, that the Mac is not the best computer, move on. Plenty of people are buying Macs. And to be honest, I don’t think I would be very happy if Mac OS had 30% market share.
So many people here are smug and elitist about owning a Mac and it is turning people off. Lighten up!!!
MW: river, as in “cry me”
Looks like alot of people have similar sentiments since about 5 comments were posted while I was typing.
“I don’t have anti-virus software for my Mac, and I don’t think I need it.”
Sounds like another one of us “smug mac users” to me!! So there was little or no point to the article.
How embarrassment.
I feel that the point where Bill made his major mistake in the original article was when he said –
“Mac OS may not have the gaping holes that let viruses spread, but worms, spyware and even keyloggers are out there.”
This was something which some Mac users challenged him to be specific about.
He responded with –
“There isn’t much Mac-specific malware apart from Opener, which disables the firewall and can destroy data, but there are many programs which attack Unix installations and these should be taken more seriously than they are by the Mac community. “
So basically he said there was the one trojan ( which hardly anybody ever saw ) and there are issues that may one day possibly get exploited. That’s not quite the same as saying that they are out there, as he originally did.
But when this story broke, I did try to tell you guys to be easy on him as he’s a recent switcher, he’s not hostile to Macs and still has much to learn. There is one thing you should note, he wrote this –
“… there aren’t any viruses and I don’t think there will be.”
In fact he more or less said it twice.
Now how often have you seen a computer journalist write something as clear and unequivocal in a mainstream publication ?
People who may be thinking of switching will read that and take notice when an independent journalist says that there are no OS X viruses and there are unlikely to be any either. That is a message that he might well repeat in future contributions.
Credit where credit’s due. He did have the decency to explain himself and to go some way towards correcting some errors. But the important thing is that he regularly appears on BBC programmes and next time he’ll be able to talk about Mac security and be accurate – all by himself.
hey ‘bottom line’
I suggest we put your US on notice and stop all of the following at OUR border:
bad brains
bad manners
bad foreign policies
oh – and start working on your trade deficit
Can we all stop this thread?
……………..
Let’s start at the bottom:
-Trade deficit: Uh, okay, we’ll buy your computers, they’re great.
– Foreign policy: Agreed worst administration since the one that caused us to rise up and kick the wussy Brits back across the ocean… oh and look what I just pulled out of W’s posterior… it’s Tony Blair, how’d he get in there?
– Bad manners: Only to arrogant retards that think ‘smug’ is a compliment.
Bad brains… hmmm, maybe we should go to your universities (soon as I think of one).
C’mon guys….haven’t we flogged him enough?
MDN Magic Word is ‘already’, as in enough already!
I am glad someone is pointing out the obvious, that one should always be vigilant; nevertheless, it just reads like FUD, when the argument is made so poorly. Get the facts straight. Get the risks straight. And, stop with the stereotyping. I mean, everyone who uses a Mac, isn’t a fanboy. I think that, more than anything, is why people are so annoyed.
*yawn*
Wake me when there’s something worth worrying about.
I believe the article by Bill Thompson was well written and a welcome call to alertness. Especially, I like to praise him for also responding on this forum called MDN, who do not exactly represent the pinacle in sophistication within the Mac community.
Like others I too do not believe that virusses will be a serious problem of the MacOS, if ever. But there is much more to security than just virusses.
One of these, and what I am really concerned about, is the home phoning of software in various sorts. Regardless of the motivations of those software companies who apply this, which in itself may be perfectly understandable, I believe very principally that the contents on a users computer are private to him/her alone. In other words, any use of these contents on your computer by software should take place with a question of consent to the user. And with this I do not mean a legally coined phrase somewhere deep down in a lengthy EULA, but a dialog window like that which appears when software wants to install itself. A conscious act should take place.
Sadly, out of the box the MacOS does not protect or warn with outbound traffic, and has no options otherwise to activate defensive measures either. Luckily, in this case there is a 3rd party program that does (Little Snitch), but I feel you should have protection against this with the help of the OS itself.
Anther example is by Apple with the recent iTunes. It scans the contents of your Music Library when playing a song, and sends it to their Music Store for fitting advertisements. However, you are not given a dialog box for your consent. Apple says they do not store this information, and I believe them. On occasion, these advertisements can alert you to an artist/group that you never heard of before but are glad to know now, so it even comes in handy sometimes. Nevertheless, to my mind this does not excuse the act of your Music folder being scanned and information send over unknowingly. A principle wrong can not be remedied by being harmless (or even usefull) in itself. Serious digressions often start with small, harmless steps.
So yes, alertness to all aspects that there are to security (of which virusses are just a small part) is very important. Nobody is safe, and articles encouraging this are needed and purposefull. Especially with the DRM-era on the horizon.
I believe the MDN take is misplaced and misjudged, and even an insult to the Mac community. That is, I still like to think that most of us are well reasoned, mature and open and polite in discourse. Especially when there are different points of view. But maybe I am totally wrong about that, as MDN and some of its readers are apparantly trying very hard to proof.
A simple test.
A PC with AV software, switched on and hooked up to the internet on broadband behind a firewall without the idiot behind the keyboard.
Beside it a Mac without AV software, switched on and hooked up to the internet on broadband behind a firewall without the idiot behind the keyboard.
The PC can be owned by the Russian Mafia, the Mac cannot. That is the bottom line.
Big Al – unfortunately untrue, if the idiot behind the Mac keyboard installed an application off the internet that calls home to the Russian mafia. Which would be easy to achieve. It is precisely this ignorance of the security of Macs that provides the vulnerability – thanks for illustrating my point.
Incidentally – a PC on broadband with firewall cannot be “owned” by the Russian mafia without user intervention. NAT firewalls used by broadband essentially hide the IP of the PC from the outside world, so they’re invisible to port scanners, etc.
Also, I’ve yet to find a PC or a Mac that doesn’t have a user, so I don’t follow your logic.
“maybe we should go to your universities (soon as I think of one).” This does ache for the riposte: “You’re American so of course you don’t know about the rest of the planet!”
MDN is becoming a blog. Indeed, it is becoming ‘MacDailyFoxNews blog’ with it’s inability to resist breaking up the news reports with its own comments.
When a Mac site descends to criticising a reasoned argument for caution and then has a go at undermining the writer with nationalistic nonsense it stops being credible and merges with the Net’s background hum of bedroom blogging.
Too bad because the original underlying principle of MDN was highly creditable.
Reality Check, you’ve got such an unfortunate name.
Just give up already, facts are facts and no amount of idiotic drivel can alter that.
If what you say is true, then why are so many PC’s owned by somebody other than the owner of the hardware? Come on, give me a straight answer, don’t deviate and start talking bout Macs, YOU seem to think that Windows is secure, and if you have a NAT firewall you are safe? Wow, what a blinkered world you live in.
http://www.windowsecurity.com/articles/NAT-Traversal-Security.html
“NAT, however, has traditionally suffered from a big shortcoming. It’s incompatible with Internet Protocol Security (IPSec), which is an increasingly popular way to protect the confidentiality and integrity of data while it’s in transit over an IP network. The solution is NAT Traversal, or NAT-T. However, there are security problems related to NAT-T – or are there? Microsoft is recommending that IPSec/NAT-T not be used to connect a Windows XP client to Windows VPN servers that are behind NAT devices, and XP Service Pack 2 changes the default behavior to prevent IPSec/NAT-T security associations to servers behind a NAT.”
Good old Windows, and poor old Reality Check, never checking the reality of the comments he posts.
Here, let me help you out of this losing battle you seem so intent to continue, go here where there are loads of boring farts who think like you: http://www.microsoft.com
Windows has been, is and probably will always be a risk to everyone. MillionDollarhomepage.com has been taken down for a week in a denial of service attack in an attempt to blackmail the teenage owner… those weren’t Macs taking it down, they were millions of PC’s*. Windows is a threat to everyone on the net – and Microsoft, Reality Check and all the others can do bugger all about it – except promote it and denigrate the Mac and its users.
Just switch to Mac.
*it seems they still are today..
Man this Mac community is like a a mass of swarming African Killa Bees.. I luv it he has been pacified!!! This jihad will go on