“I would like to discuss some important issues regarding Mac OS X and security. Let’s start with the hot-button issue of Mac OS X viruses. Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X. I see some of you raising a hand or two, wanting to ask me some ‘but, what about…’ types of questions. Indeed, in February of this year, when OSX.Leap.A was discovered the news headlines declared that it was the “First ever first ever virus for Mac OS X!” Long before the digital ink dried on those simplistic and sensational headlines our Security Response team had determined that OSX.Leap.A was a worm, and not a file-infecting virus. Our Security Response Web site explains the differences between viruses and worms. Basically, viruses are designed to infect files within a single computer, while worms are designed to spread from one computer to another,” Todd Woodward, Security Response Researcher, Symantec Corp., writes.
“Before you think that this is starting to look like an advocacy piece for Mac OS X, please remember that Mac OS X has been tested by worms, Trojan horses, rootkits, and other various security vulnerabilities. Most recently, in the wake of Apple releasing Mac OS X and Mac OS X Server 10.4.7 updates, Symantec released a high severity advisory through our DeepSight Threat Management System for all versions of Mac OS X 10.4.x prior to 10.4.7. Shortly thereafter, proof of concept code was released publicly which triggered a Category 1 threat advisory for OSX.Exploit.Launchd,” Woodward writes.
Woodward writes, “From the 30,000 foot viewpoint of the current security landscape, these Mac OS X security threats are almost completely lost in the shadows cast by the rocky security mountains of other platforms. However, no operating system is without imperfections, and no computer connected to the Internet will ever be 100% immune from attack. As Apple Computer points out: ‘A Mac running with factory settings will protect you from viruses much better than a PC, but it’s never a bad idea to run extra virus and security software.'”
Woodward, “As I tell my internal and external customers alike, just because there are no file-infecting viruses that can affect Mac OS X now, that doesn’t mean there won’t be a really nasty one released in the next five minutes. The likelihood of that happening is comparatively low and could be debated ad nauseam, but as Benjamin Franklin said: ‘A little neglect may breed great mischief: for want of a nail the shoe was lost; for want of a shoe the horse was lost; and for want of a horse the rider was lost.'”
Full article here.
[Todd Woodward is based in Springfield, Oregon, and plays a leading role at Symantec in facilitating the secure growth of the Macintosh platform in the SMB and Enterprise markets. He has 15 years experience in the telecommunications industry and was a pioneer in the field of Consumer Health Informatics. Prior to joining Symantec, Todd worked in Apple Computer’s professional support operations, and has been extensively heralding the innovative uses of Mac OS X in Internet data centers and Enterprises since Mac OS X Server 1.x was released in 1999.]
MacDailyNews Take: Excellent article. Following in Sophos’ “you catch more flies with honey than with vinegar” footsteps, eh, Symantec? If so, smart PR move; keep it up. Regardless of the reason(s), more of this level-headed and factually-based information from Symantec would definitely be welcomed.
Now if Symantec could just somehow get certain so-called “tech journalists” to also convey the facts, too, by giving carefully-constructed and considered quotes to the media, we’d really be cooking with gas. It’s probably just a dream, though, as writers with an agenda can always twist a quote to suit their needs. Still, we can hope.
Related articles:
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Symantec warns of new proof-of-concept ‘trojan horse’ for Mac OS X 10.4.6 – June 30, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple releases Mac OS X 10.4.7 Update – June 27, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction – May 25, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Finally someone got something right.
MW “ill” as in all this FUD was making me ill.
The anti-virus software currently has cure only for known viruses. So, as the MAC does not have any known viruses, why should I buy AV software? Just to be a good citizen and not to pass around the infected files to PC friends?
As Rumsfeld said: There are four kinds of information (viruses):
1. Known Knowns (current AV software provide cure for only this category).
2. Known Unknowns (I know that there are no viruses for Macs.)
3. Unknown knowns (I know that there will be a virus for Vista, but don’t know when it will happen. But, I know it will exist, it is only a matter of time.)
4. Unknown Unknowns (Who knows what we will see tomorrow, the world might come to an end. There will be a virus for Mac tomorrow.)
Say, who was that dumbass on this site a week or so ago who tried to defend the “OS X has viruses too” with some kind of silly dictionary definition?
Oh yeah: “Webster”!
Webster, oh Webster . . . where are you now, oh Webster? Hiding under your student dictionary somewhere? Man, but you must be terribly full with all that crow you’ve had to eat!
Or are you STILL smarter than Symantec in this area?
clamxav
A good article. Still – doesn’t their AV software make one’s Mac LESS secure. Anyone know if that small, little problem has been fixed? Symantec has a long way to go to repair their creditability.
Peace.
It was the turd that claims a trojan is the same thing as a virus. He can believe that all he wants. All I know is I have never run anti-virus software on my Mac a single time ever and I’ve never had one incident of any kind of malware yet….
MDN Magic Word: “through”, as in, “We are ‘through’ with Windows, forever!”
We are also through spreading FUD about OS X and virii, worms, lizards, snakes, etc., and other unwelcome vermin.
Webster, oh Webster. . . . Or are you STILL smarter than Symantec in this area?
The problem is that every Macite is smarter than Symantec every time the company blows it out about Macs needing its anti-virus crapola that not only is superfluous but keeps alive the memory of its hose-your-system Disk Doctor horror that was so bad even Symantec couldn’t fix it. So “Webster” can still argue that Symantec’s definition is wrong because everything Symantec does and says is wrong; why argue otherwise in this instance? All that aside, “Webster” is wrong.
Regarding that so-called blog: I wouldn’t trust Symantec to give the correct time of day, for the reasons stated above. I’m suspicious of that blog entry; the writer is a creature of Symantec; I doubt he could write anything without the company vetting it. Perhaps Symantec is trying to plug its credibility gap that is ever-widening, now among an increasing number of Windows users, too.
Something’s brewing. Maybe Symantec is feeling a reversal of fortune or maybe it’s the first of a PR push leading to a new product for Mac after abandoning it (except for its useless anti-virus software), and it wants to peddle the notion, “See, Mac users? We know the truth, after all. So trust us.”
Whatever the reason, it’s ulterior.
Nice piece of PR. The reason for this is to get on the side of the mac users. Then when they do need an anti-virus program, they will remember “Symantec was good to us when no one else was.”
Personally, I will never buy another Symantec product because they abandoned us long ago. Even McAfee abandoned us. When firewalls come with software upgrades for anti-virus for the network with packages ONLY for PC end users. Why? When McAfee had a perfectly good piece of software for the Mac?
Intego is the only company that has been on Apple’s side since they started. If you want good anti-virus software (now or when that time comes) get Intego software. They have stand-alone anti-virus programs, and security suites, for geekier users. (I do not work for Intego, just experience with the products)
http://www.intego.com/products
http://www.intego.com/isb/ (security barrier suite options)
The most expensive suite is $150. The only reason I post this is because I have used their product on an XServe, and the UI is clean and easy to use and do software updates.
Of course the real question from some of us who have been “level-headed” all along is, What was with all the ridiculous hype in the first place?
While I appreciate the part of the article shown by MDN, why is it only now that a Symantec voice is heard (aside from the next horrible “vulnerability”, one of the most misunderstood techno-terms running around today)? So the hoopla has died down, now a balanced, real-world perspective is given by an “inside” professional source that no one will really take notice of. Certainly not to the degree generated by the “bad press”.
Heaven knows that if a computer could really be 100% virus free, and the manufacturer could get the general public to believe it, it could make an enormous difference in non-users converting to that “new” platform. But alas, now the damage has been done and the folks lighting the fires can come out and admit that it was really just logical and understandable precaution that was at work. And of course, lets please make sure that we understand that the tone of the article is not to advocate Mac OS X – Clearly we would not want that to happen, even accidently. (I wonder if Symantec researchers are careful to express that qualification when talking of Windows.)
My reactions to this article are:
– Too little too late
– I was never more or less concerned than I should’ve been
– This whole beating-the-small-computer-maker thing is getting very very old. And obvious.
– Taking Windows away from Windows users is like pulling a syringe out of a druggies arm. (Ok, that doesn’t have anything to do with the article.)
The most annoying piece of software I’ve ever had on my Mac was Norton Antivirus. The IT department forced it on me before they’d let me on the network. It took forever to dig all those files out and delete them… All I can say is, I’m glad I don’t actually need crap like that.
<i>writers with an agenda can always twist a quote to suit their needs>/i>
As they say in the school yard: “It takes one to know one”
Or “Aint that the pot calling the kettle black!”
Why should I fall for this cr@p? Buy their koolaid “just in case”? Screw that. I will never buy Symantec or McAfee software. Feed the bear and all you do is pull away a stump.
Fall – As in fall of the mac bandwagon and you deserver them raping your wallets.
Thank you Symantec researcher, now tell us something we Mac users DON’T know.
“.just because there are no file-infecting viruses that can affect Mac OS X now, that doesn’t mean there won’t be a really nasty one released in the next five minutes.
FUD.
A really nasty Earth-destroying asteroid might be discovered in the next five minutes too. Is that a reason to live in fear?
Symantec should sell astroid impact insurance just in case.
Since antivirus programs only protect against known viruses, as some people pointed out earlier, what do Mac antivirus programs do?
And as a side note: I have a PC with Avast antivirus (which is free for home users), and I have never gotten a virus on this computer, which I’ve owned for three years.
When Apple starts to run anti-virus software on their own in-house computers or they officially advise in the use of such software, then I will, too.
…but, I don’t ever see that happening. If some nasty does show, Apple will deal with it like they always have, quickly put out a software update.
Anti-virus software is for lazy-assed and incompetent companies that are unwilling or unable to repair the flaws inherent in their own software.
As the author of the article, I’d just like to respond generally to some of the comments here with a few simple bullet points:
* This isn’t a PR piece. It comes out of our Security Response organization, not marketing or public relations.
* I volunteered to write it and the continuing series that will follow on Mac OS and security. It’s not a part of my job responsibility.
* Other than general legal, journalistic and content rules and guidelines, Symantec has shied away from dictating content or subject matter to me.
* My only agenda is to shine a light on Mac OS X and security issues in order to educate internal and external customers, the Mac OS X community in general and hopefully spread virally (pun intended) to “tech journalist.”
* Although the articles I’m starting with relate to the Mac OS X market as a whole, my focus will move closer towards the very specialized small- medium- and large-sized Macintosh enterprise markets where endpoint security is not optional.
* Most of the points raised in the comments above (good, bad and indifferent) have already been responded to with follow on articles that I started writing weeks ago, and have helped me plan future articles. Keep the comments coming!
* I would encourage anyone and everyone who has a positive, negative, constructive or general comment to email the feedback address set aside for the blog: securityresponseblogs@symantec.com
Thank you!
It was a decent article except for the last two paragraphs, which assume that running av software provides protection against future threats. It doesn’t, so the analogy does not apply.
If a nasty OS X virus were to be released, downloading the lastest av software and the latest definition files would hardly take longer than just downloading the definition file. Until that becomes necessary, it’s better to keep your Mac busy doing productive work than scanning every file on your drive.
Todd Woodward can defend his article and his motives all he wants, but the reality is, he is on Symantec’s payroll and is writing under Symantec’s auspices. The public’s trust of Symantec, certainly among Mac users, is equal or perhaps less than that afforded Microsoft.
Symantec is flogging a dead horse. Former customers’ personal experiences with Symantec’s products, including hosed systems because of deeply flawed products, then abandonment for the sake of a quick buck, or even a fit of pique when it took its ball and went home, speaks much louder than feel-good puff pieces directed toward an online audience far less naive and far more suspicious than I believe Symantec realizes — which wouldn’t be at all surprising.
As well as employing Mr. Woodward, Symantec employs FUD verging on untruths to sell its products, and that FUD is far louder and has a broader reach among Mac users across the board than Mr. Woodward’s focused epistles online.
If his blog entry serves no other purpose, Symantec could use its responses here as a barometer to measure how far the company has fallen in esteem since it began removing features from its utilities suite long before the demise of System 9, until there were none left whatsoever for System X. Except, of course, an expensive and particularly invasive program that owes is existence to the fabrication that Macs are susceptible to the effects of Windows viruses, and the untruth, as NO_AV_INSTALLED points out, that Symantec has a crystal ball and therefore provides protection against future threats.
Symantec has made its bed. It knows well enough how to lie in it.
clamxav
That bears repeating.
http://www.markallan.co.uk/clamXav/
A free, open source virus scanner for Mac OS X that works very well.
Notwithstanding that, it’s nice to see Symantec climbing down off their high horse a bit.