“Apple can’t have it both ways. It can stay niche and relatively virus free or it can join the mainstream and enter the virus zone. Apple made the latter choice when it decided to move its Macintosh range of computers to the Intel chipset platform,” Stan Beer reports for iTWire. “Not only do potential hackers know the Intel platform well, but Apple’s choice to play in the Windows space has made it a target like every other PC vendor. However, Windows is not Apple’s only security problem. Neither is the growing evidence that even the Mac range’s native operating system Mac OSX is becoming an increasingly vulnerable target for malware purveyors.”
“The big problem for Apple would appear to be one of denial. Recently reported remarks of Apple’s senior vp of software technology, Bud Tribble, can attest to that,” Beer reports. “According to Tribble, Mac OSX is designed to be used without the need for firewalls or anti-virus software. That remark alone should ring alarm bells in the minds of all security conscious online Mac users.”
Full article here.
MacDailyNews Note: Apple’s obviously making a lot of people very nervous.
BTW, this article was intentionally posted from a Mac OS X machine that has never had the Firewall on in any version of Mac OS X and never had a virus or bit of spyware despite surfing the Web far and wide for over five years and counting. An aside: we thought you might like to know that one of MacDailyNews’ mainstay machines is a Power Mac G4 450 MHz (AGP graphics) with 1.12 GB RAM, an ATI Radeon 9000 Pro, and three fast hard drives (10GB, 80GB, 120-GB) that has run every version of Mac OS X from the Public Beta to its current Mac OS X 10.4.6 without the Firewall on to see if anything happens (nothing has so far). Few machines online that are operated by human surfers venture to as many web sites each day as this Mac. The machine is four months shy of turning seven years old, yet it is perfectly capable of running the current Mac OS X version and performs admirably, day in and day out, without a hitch. The machine has never been “wiped and restored.” Many of the posts you see on MacDailyNews come from this machine. The Mac is an example of many things: superior security versus Windows, high quality in both hardware and software, massive reliability, an illustration of the vast difference between installed base and market share, and — we’ll close with just four more words — Total Cost of Ownership.
[Disclaimer: In general, we recommend that you turn on your Mac OS X Firewall and use common sense by not clicking on unknown email attachments or downloading files from sites you do not know or trust.]
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Network World: Apple’s Mac OS X is significantly more secure than Windows – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
Minor security flaws found in Mac OS X – April 23, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Mac OS X clearly offers superior security over Microsoft Windows – March 02, 2006
Apple Mac OS X has a lot more vulnerabilities than Windows XP? – February 28, 2006
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
IDC: Apple Mac 2005 U.S. market share 4% on 32% growth year over year – January 20, 2006
Analysts: Apple Mac’s 5% market share glass ceiling set to shatter in 2006 – January 09, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – September 09, 2005
Joke of the month: Gartner warns of Mac OS X ‘spyware infestation’ potential – March 30, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
^ ^ ^ ^ ^ TROLL ALERT ^ ^ ^ ^ ^
This is basically a Mac site and we all know what FUD is being passed around. The problem is that Windows readers are believing it simply becasue they don’t know any better.
Somehow, the word should be getting on PC sites and letting them know that the assholes writing these articles have no clue and that Mac users DONT have the problems that are being written about.
I dont know how to do it. Coming from a Mac user it just would seem like a religious thing, but switchers may have better luck with the uninformed, misguided, brainwashed Windows users.
McFly….You’ve never hear of penisiillin? It was made to cure virii
Silly!
Re: PowerMac G4 AGP – I also have one that is still in daily use. It is running 10.3.9. Never reinstalled anything in 6 years. Sits behind a router (hardware firewall). No Anti Virus software installed.
I also run a B&W G3. Sits behind my company firewall running 10.3.9. I have ClamXAV to scan the downloads folder. No viruses found yet.
My home computer is a 15″ Al Powerbook. I found a virus once when scanning the Home folder with ClamXAV. It was in the Virtual PC hard disk image. I had to wipe out Virtual PC and reinstall. Life goes on.
Thats 3 computers, 1 Windows virus and 10 min spent to reinstall Virtual PC in the last decade of Mac use.
Attn: MDN…
“A Mac running on intel = a boon to all those virus, spyware, adware, and other invasion software makers.”
please name one, just one virus, that attacked an intel chip. Any virus will do, just please name ONE virus that went after the chip.
You’ll find that you can’t. It’s the OS stupid.
Please…. pretty please…. in the future would you get a clue before commenting on the mac platform, or anything about computers in general again?
Attn:MDN just drank the last FUD from MS spin doctors:
It’s not Windows, the culprit is Intel. You’ll see, now that Mac is on Intel it will be as vulnerable as Windows. It’s INTEL fault, not US, IT”S INTEL, NOT WINDOWS, WE ARE THE GOOD GUYS. Now, just get Vista, the new standard in OS security….
UHHOAMMM, wait, didn’t you say it was Intel fault?
AHHAHAHHAHAHHHAHAHAHHAHHAHAH
And they troll around saying Mac users drink Kool-aid.
MS Windows users: get real. Just once in your life, just get real.
As already pointed out by McFly (and ignored by Buster) The plural of virus is viruses…
“Nor is penisii.”
Wasn’t that a Leon Uris sequel? Or a medical condition describing when one eye swells up with just a small opening?
ITWire is an outfit in a class similar to that of the Enderle Group. They are utterly unprofessional, with an agenda that does not go beyond making money for themselves. Do not help them.
virii is used among crackers and hackers.
The less frequent variations viri and virii are virtually unknown in edited prose, and no major dictionary recognizes them as alternative forms.
The word virus has no classically attested plural form in Latin. In antiquity the word had not yet acquired its current meaning. It denoted something like toxicity, venom.
To my knowledge there is probably a couple of Mediaval alchemy tomes that use virii speaking of various venoms, but Latin scholars deny it as it never occurred in Latin text but in its singular form: virus.
The english correct form is nonetheless viruses.
I will remain complacent and worry-free and lacksadaisacal in my security practices while using my Mac. What’s the point of worrying about all this crap if I don’t have to? Worrying is for Windows users. Until someone actually proves there is a real threat for my Mac, I will remain smug and unfazed by the whole thing. If it means I lose data because of it, then it’s the price I pay for not having to worry about it until it happens.
kerrin: “MDN explained very clearly, “The machine is four months shy of turning seven years old” and the Mac is just “one of MacDailyNews’ mainstay machines.””
Yeah, their other computers are between 10 and 15 years old. (And we don´t want to even discuss that Windows machine sitting in the other room for games….)
LOL.
The level of ignorance floating around is quite high
Assumption: That processors don’t have anything to do with OS security.
Fact: Processor do indeed have design flaws that show up later and can cause exploits in the operating systems. For example the hyperthreading exploit in the Pentium 4’s. These flaws can show up later and have to be worked around in the OS. The Core Duo’s so far in the short time out have racked up almost as much design flaws as the entire Pentium 4 line. Since Mac’s now use the same processors as PC’s this gives hackers a greater chance of exploiting these flaws without having to buy a Mac box with different processors. (Mac OS X is running on generic PC’s via a hacked copy and has been updated right along with the updates)
Assumption: That there are almost no viruses for Mac OS X automatically means there are no exploits currently available for Mac OS X. There are trojans, driveby installs, application exploits etc.
Virus require a host with a weak immune system to propogate. Mac OS X is better at being a hostile host because Apple usually fixes the holes in a timely matter verses Microsoft that usually doesn’t or can’t because of legacy code requirements.
Looked on the iTWire site this came off just now, theyve got another story:
“MAC OSX security in tatters, Firefox holes grow: SANS”
LMAO, OS X’s security’s in tatters? Takes the piss. Take a look at windows, you fool! This ones by the Beer Man too.
Yep, it’s the same thing over and over again. Luckily, there are still some security people out there who really understand the real problem. Go SecurityMonkey, go!
Seahawk,
Thanks for the insight. I had a hard time understanding your writing, but through the miracle of re-reading I was able to put most of it together. The bottom line seems to be that, there are bad things lurking in dark places (like the Intel chip for instance), but, as you outlined the inner workings of the OS vs. the chip, OS X does indeed make it reasonably difficult for low lying executibles to – um – well – execute.
In your post you also posed a question as to why MS doesn’t run in non-executable mode like OS X does. I think the least imaginative of us can come up with at least two or three important reasons why MS doesn’t change the MO of their OS.
An finally, I really appreciated your summation regarding MS Windows and how they have essentially painted themselves into a corner. Run in non-executable mode and have an even more squirrely OS, or keep things they way they are so Users have something to work with, but have to suffer with the side effect of viruses, and malware.
That sums it up nicely. Well done.
Al Jazzoo
most of those flaws exploit 8-bit instructions available on i386, or 16-bit instructions. Or even older instructions as decimal float instructions.
You need an OS using those.
OS X does not have any of the above in its instructions. So yes, Intel chip, even the Core Duo carries archaic instruction sets that Windows use and hackers/crackers exploit. But you do need the OS to make use of those.
OS X essentially can make without the legacy past Intel is forced to carry so that Windows does run on its chips.
And as a final post for the day, let me say that, as a long-time Macintosh User and supporter, I TAKE VIRUSES VERY SERIOUSLY. I prove that everyday by avoiding the Windows platform at all cost, whether running on Apple Intel or other Intel, and by using a Macintosh for my extremely diverse computer needs as I have done for over 20 years now.
If ten quantifiable, killer viruses come out for Mac tomorrow, lucky folks using Macs will still be years behind Windows for number and severity of viruses.
Peace my children.
Al Jazzoo “(Mac OS X is running on generic PC’s via a hacked copy and has been updated right along with the updates)”
That is not going to be useful. That version of OS X that run on Pentium 4 based Macs made available to developers as *preview* at WWDC is not the same as OS X you buy today. That OS X would not install in today’s Macs, nor today’s OS X would install on the Pentium 4 Macs of the time.
Was the only OS X supporting BIOS (hint…)
So hackers have nothing at hand, really.
i cannot take anyone seriously whose last name is Beer. puhleeeaze.
What the Mac needs is a good FUD firewall, or something that will automatically slap “IT professionals” silly. Mostly, they are “professional” in name only. Really, what kind of “computer professional” is actually willfully ignorant of an entire computer platform? If you were a doctor, would it be OK to say, “Sorry, I missed, the training about the lungs.”
Little Snitch is better than a firewall. It alerts you to exactly what’s trying to get in (or out) and on what port, and gives you the choice to accept or deny. More of a spybot thing I suppose, but that’s the biggest danger I see.
Anti-virus software has to have virus definitions to look for, and if there are no viruses, there are no definitions. Makes no sense.
I think Stan was drinking a bit too much of his last name before he staggered over to write this “article”. Apple isn’t perfect, but I think Stan is the one who needs to get his head out of the sand…
seahawk, haven’t heard from you in awhile
I have been wondering when you were going to show up again to provide some intelligent technical explanations!
Their very first statement is assuming that Apple’s security record is a result of Security Through Obscurity, which it isn’t.
Their whole argument is fubar.