This week Walt Mossberg’s mailbox contained a question about security software for Macs. Mossberg writes a weekly tech Q&A column for The Wall Street Journal.
Reader’s question: There’s been a lot of press lately about increased virus activity on the Macintosh platform. Should Mac owners now be running the same kinds of security software that Windows owners use?
Mossberg’s answer: There is no sudden security crisis on the Apple Macintosh platform. In fact, for average Mac users, there isn’t a security threat of any significance, at least not yet. It is laughable to compare the real, massive and burdensome security problems on Windows with the largely theoretical security problem on the Mac… As of today, there have been exactly two documented, successful pieces of malicious software — viruses, trojan horses, worms — that affected users of the Mac OS X operating system, since it was released in 2001. And these two failed to spread much, affecting probably a few dozen people, and doing no harm. I expect there to be a small number of additional Mac viruses this year.
By contrast, there are over 100,000 reported viruses for Windows, some of which have affected millions of people and have done significant economic damage. As for spyware, I know of no documented cases on Mac OS X, while there are certainly thousands on Windows. These Windows viruses and spyware can’t run on the Mac operating system, even on Macs powered by the same Intel processors used by Windows PCs… Security firms are saying that the discovery of these vulnerabilities in the Mac has increased sharply lately. They say that based on past patterns, this should yield a sharp increase in the number of Mac viruses in coming years. But even a ‘sharp’ increase could well mean under 50 viruses by 2008. So my advice to Mac users is that at the moment, I see no reason to buy and run security software, which is in itself costly and can degrade your computing experience… Just turn on Apple’s built-in firewall and relax. There is one exception: If you are running Windows on one of the new Intel Macs, you are just like a Windows user, and you must run Windows security programs when using Windows.
There is more in Mossberg’s full answer here.
[Thanks to MacDailyNews Reader “Whit” for the heads up.]
[Newsweek magazine calls Mr. Mossberg “the most powerful arbiter of consumer tastes in the computer world today.” Time magazine calls him “the most influential computer journalist.” And Rolling Stone calls him “the most powerful columnist in technology.” The Washington Post declared Mr. Mossberg “one of the most powerful men in the high-tech world” and “a one-man media empire whose prose can launch a new product.” And the New York Times calls him a “protean critic of the new economy’s tools.” Mr. Mossberg was awarded the 1999 Loeb award for Commentary, the only technology writer to be so honored.]
MacDailyNews Take: It’s nice to see the truth beginning to come out via reputable sources.
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
G Spank,
No, people think Mossberg is being paid because Apple has paid jounralists in the past.
FACTS: Giveme 5 persons afeccted by a virus in a mac, and I can give you millions of users and companies affected by windows viruses. THAT IS A FACT, not a opinion.
STATISTICS: there are more windows users, that is why there are more people affected…WRONG.
100% of windows users must have anti virus protection to survive inthe internet and almost any network, also, they need to pacth their computers in order to make it work safely.
There are only two users off the 4% Mac market affected by Mac viruses, and that was not a critical problem since the virus did not affected files or the OS.
But what does FUD stand for?
Unfortunately, Walt is one voice in a sea of FUD being generated now. It’s a shame, but ignorant “news” editors need to fill space and will print just about anything without questioning the motives of the story supplier.
Even so, that question sure sounds like a softball tossed by Apple’s PR department. The answer is still true none-the-less.
somebody buy that man a club sandwhich!
F.U.D. = Fear, Uncertainty and Doubt.
Thank goodness someone is speaking the truth about viruses or lack thereof on Mac.
http://getkickedoffaplanewearingthis.blogspot.com/
In the whole world, there is no malware author who can write code that will jump from the Windows side of a Mac to the Mac side?
Code cannot “jump”. Period. Code is written for a specific platform. There is no such thing as an application that will run on both OS X and Windows. So-called “cross-platform” apps have to have specific versions written for each OS.
I suppose the Windows malware could carry a Mac “payload”, but there would be a huge problem installing it: the Windows side of the Mac can’t even see the Mac side, due to the different formatting of the hard drive partition.
To iknowI’manidiot: FUD is an acronym for “Fear, Uncertainty and Doubt”.
Interesting article at: http://en.wikipedia.org/wiki/FUD
IknowI’manidiot..
Wikipedia is your friend here:
http://en.wikipedia.org/wiki/FUD
Apparently, I’m not so wrong.
Time for we in the Mac community to remove our heads from the sand, quit believing everything that comes from the mouth of Steve, and face reality – Macs don’t “just work” and Macs are not immune from attacks. Maybe not so much so right now, but are headed for the intensive care ward.
Thanks all
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Give it a break Johnny the Troll, Johnny the Wart…whatever.
Your attempt to garner consent by capitulating to a less extreme position is too transparent.
Johnny: You are wrong. Not for saying that we need to be aware, but for the extent to which you are crying hysterical over it.
Mac users by and far DO NOT have their heads in the sand. And we are also not afraid. I have not met one single Mac user who believes OS X is “invulnerable”. I have not met one single Mac user who thinks we’ll never had a single piece of bad malware. You assertion that Mac users for the most part are being naive is a naive assumption in and of itself.
Mac users that I know are not as worried about problems from malware because we are, for the most part, up to speed on what can and cannot affect the Mac. We read articles and disseminate information from many sources. Some we throw out because there is obvious FUD or bias. But I seriously doubt there will be a widespread attack that takes out a large portion of Macs, sending them, as you put it, to the Intensive Care Ward.
Will there be successful malware on the Mac? Someday, yes. Soon? Unknown, but it is unlikely. Should we listen to the McAfee’s of the press and start freaking out about the 228% increase in Mac vulnerabilities? Hell no. That statistic is twisted to make it look worse than the Windows problems of late.
Take it easy, chill out a bit, and chew over the data before you start running around screaming like Chicken Little.
Johnny asks:
In the whole world, there is no malware author who can write code that will jump from the Windows side of a Mac to the Mac side?
Answer: Not yet. First off, the Windows executable can’t even READ the Mac partition without extra help at this point. And if Apple follows true to its form (have YOU been PAYING ATTENTION, JOHNNY?) then Leopard will integrate access to Windows in such a way as to make it even less likely that viruses will be able to “migrate” or harm the Mac.
But we’ll just have to wait and see, won’t we?
In the mean time, your FUD is just that. FUD. Complete speculation and fearmongering based on nothing concrete. Because if you were to use history as a guide, and Apple’s past design work in software, you would have no reason to suspect the “floodgates” are opening soon.
And to put the answer to your question another way: Even if there was some malware author who could write some code that would harm the Mac side, this would not constitute a “floodgate opening”.
Now if Apple had just released the beta version of “Virus Bait” which allowed Macs to natively execute Windows “.exe” files and added Internet Explorer-compatible vulnerabilities into Safari, then you could rightly warn us about the coming onslaught.
Sorry, dude. You can keep dreaming and trolling.
DakRoland
Thanks for a reasoned reply.
This forum seems to be full of Steve’s blind faithful who scream FUD or TROLL anytime anybody questions the accuracy of Apple’s marketing machine.
I am not either FUD or a TROLL, but they are the reason we can’t get the quality Apple claims because so many are willing to buy less than is promised. Result: I have to suffer because of their being such poor consumers.
If we all demanded Apple deliver what they promise, then we would get it. Instead, we get less, far less, and sometimes, crap.
Johnny Troll wrote:
Let me be sure I understand what I am hearing:
In the whole world, there is no malware author who can write code that will jump from the Windows side of a Mac to the Mac side?
The answer to that is probably not. The code would have to contain:
a) Windows malware – to infect the Windows side
b) bridge software – to find and move something to a partition it can’t see
c) code that will run on the OS X side
This would apparently be easier than writing code that would infect the Mac side since the bridge software would bypass all OS X security. The bridge software, though, may be the deal breaker.
BTW: Mossberg was NOT wrong in saying those two were ‘successful’. They infected several users each. They were not very successful, but successful just the same.
Still more good publicity about Apple. In the Wall Street Journal no less. Still the stock drops.
How is Steve Job’s health these days?
My Mac has about as much chance of getting a virus as I do of contracting bird flu – IOW none.
The flu isn’t about to cross the species barrier, nor is the virus going to switch different.
DLMeyer: “Do not run User tasks from an Admin account”
I’ve heard this said before, but no onw has explained why this is a problem? What is a user task? If I’m running a user task (non-administrative work, I presume) then why am I vulnerable? If I’m running admin tasks, am I still vulnerable?
Why, Daddy why?!!?
” width=”19″ height=”19″ alt=”cheese” style=”border:0;” />
Hey,
Is john an idiot or am I missing something.
JOHN, WHERE IS “IT”
Mac OSX has been out for years, you mean not ONE person has been able to write a maliciuos virus?
Answer is not yet and waiting.
If it can be made why hasn’t it happened yet?
We’ve had the new Intel macs out for a few months now and a couple of guys were able to hack windows onto a mac, but where is the virus?
No doubt it’s easier to do than rewriting windows to work on an Intel mac.
What a teen dope.
wow, guys.
intense argument.
John’s just trying to get y’all going…
he’s got the hang of it, haha.
————————————————–
throw your peecee out while there’s still time…
“How much do you think Apple pays him to publish these stories? “
It’s not a “story”. It is an answer to a question. It is also all true. People pay for half-truths and misleading information to be published.
John Parsons:
You’re right. You are the only person in the world to have ever considered the possibility. Oh, how I hate myself for not being as wise as thou art. That said, your “are you paying attention” comments do not really relate to the answer that Mossberg gave, which is about running OSX only. His answer does not deal with what might or might not be in Leopard or speculate about the implications regarding viruses.
Why pay for security software now? So that after someone writes an OSX virus and it does its damage, I can scan from another drive and confirm what caused the problem? That’s damage assessment, not security.
“It is laughable to compare the real, massive and burdensome security problems on Windows with the (largely*) theoretical security problem on the Mac…”
Sums it all up for me!
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
* just another journalist form of “virtually” to hedge his bets, I myself would replace it with “totally”, dude.
John #*$#&$**@^#?
You just come across as the “Nostradamus of Apple Insecurity.” Lots of doomsday claims, little to work with, and won’t go away.
It would seem to me that a correctly coded Windows virus could bridge over to the Mac partition. There are progams on the Windows side that let you use Mac formatted drives. It would seem a Windows to Mac Bridge virus could screw your file system. But what use would this be to today’s virus writers, who are more interested in making money off infected users than just creating havoc?
However, I’m not a OS tech, but I’ve seen articles from acknowledged security techs who say this won’t happen.