“In a widely aired TV commercial, a hip-looking dude personifying Apple products wipes the nose of a sickly businessman representing Windows PCs, and smugly declares Apple’s immunity to computer viruses,” Byron Acohido writes for USA Today.
Acohido writes, “But the ad belies an alarming shift in cyberattacks. Cyberintruders once bent on breaking into the Windows operating system are increasingly probing for vulnerabilities in popular software applications — and not just Microsoft’s.”
“Apple has issued patches for vulnerabilities 35 times since January 2005, including 12 this year. Seven have been to fix flaws in its popular iTunes and QuickTime digital media software. The most recent iTunes patch, issued June 29, plugs a security hole that could allow an intruder to execute malicious code. Apple turned down interview requests for this story,” Acohido writes.
“Apple and other software vendors are just starting to come to grips with security patches, says Scott Carpenter, director of security labs at Secure Elements. Unlike Microsoft, which has emphasized security since early 2002, Apple lacks a ‘well-developed process of notification and remedies,’ he says. ‘Apple’s message is, ‘You don’t have to worry about security with a Mac,’ but that’s just not true,'” Acohido reports.
More blah, blah, blah here.
MacDailyNews Take: Mac OS X. Virus-free for over 5 years and counting. Is it “smug” to state the truth?
Now, of course, nothing is perfect. Yes, certain applications, even some of Apple’s, have security issues that have to be shored up. Regardless of the platform you are doomed or privileged to be using, you should never download, install, and run applications from untrusted sources. If you adhere to that, on a Mac, you don’t have to worry about security today. Macs are vastly safer than Windows PCs because Mac OS X is inherently more secure.
What’s the real point of this B.S. article, Mr. Acohido? It seems like you’re trying to equate Apple’s security record with Microsoft’s horrendous ineptitude in that area. Why the FUD? Email info:
Did you ever wonder how much ad revenue USA Today receives from Microsoft and Microsoft Windows-dependent box assemblers? Off-topic? You decide.
By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious. More info: 114,000 viruses? Not on a Mac.
We now bring you our standard rehash of “Security Via Obscurity” mythbusting:
“Security via Obscurity” is a myth. Frankly, we thought we’d heard the last of it by now. But, here we go again: Mac OS X has zero (0) viruses. For over five years and counting. No Mac OS X users affected outside of a lab with old, non-updated Mac OS versions that they intentionally infected. Some in the press love to think “Mac OS X has viruses, too,” but they’re dreaming. It’s simply not true.
The idea that Windows’ morass of security woes exists because more people use Windows and that Macs have no security problems because less people use Macs, is simply not true. Mac OS X is not more secure than Windows because less people use OS X, making it less of a target. By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.
Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.
There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
Still not convinced? Try this one on for size: according to Apple last July, there were “close to 16 million Mac OS X users” in the world (even more today one year later) and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Finally, does this seem “smug” to you?
Direct link to video: http://www.youtube.com/watch?v=FxLdLBxHRkA
Related MacDailyNews articles:
McAfee expects 400,000 viruses by 2008 – July 06, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Mossberg: Is there a virus threat for Apple Macs? – May 11, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
Intel CEO Otellini: If you want security now, buy a Macintosh instead of a Wintel PC – May 25, 2005
Defending Windows over Mac a sign of mental illness – December 20, 2003
Challenge_
Pick 100 Windows PCs and 100 Macs at random from business, educational and institutional sites. Have a 3rd party scan them for Malware. I guarantee that 90+% of the PCs will have some active Malware. I can also guarantee that you will not find any Malware that affects Mac OS X on one single Mac.
I’d put big money on that.
It’s doable.
How about it MDN?
I’ve used Macs my entire life. Let me tell you something. Prior to OS X, the Mac OS was just as vulnerable to malware as Windows ever was. I did get several Mac viruses on a machine running OS 7.5. They were quite viscious. Once Copland came alone (that’s OS 8), things calmed down a bit.
Again, since 1995 the Mac OS has been a minority operating system. However, it still got virsuses. The only reason there were never major outbreaks was because of obscurity and also beacause most people didn’t use broadband. I think things calmed down when Copland came out because the operating system was finally PPC native and was using different applications that those virsuses were not written for. However, once OS X came out, the problem went away. OS X is a very secure operating system because Darwin is safe.
I think broadband connections are the main reason for this current viral outbreak on Windows machines. Before most people had broadband, the internet bandwidth was low and people were only connected a few hours a day. Apple was smart enough to see broadband networks coming along and embraced an operating system which protected the system itself from network activity. Microsoft hasn’t yet done this, and doesn’t seem to want to for whatever reason. I do not appreciate the statement that “macs don’t get viruses”. They certainly used to easily get them. Let’s change that to “macs don’t get viruses anymore” and I’ll be happy.
“In a widely aired TV commercial, a hip-looking dude personifying Apple products wipes the nose of a sickly businessman representing Windows PCs, and smugly declares Apple’s immunity to computer viruses,”
Am I the only one that thinks that apple did not make this claim in the commercial?
Watch the commercial again. Apple is claiming to be immune to windows viruses. There is a pretty big difference to what USAtoday is saying.
Poor reporting. What happen to fact checking.
MF
The problem is he can’t show any successful attacks on a Mac application yet.
So why does he start the piece by attacking Apple’s claims and end it the same way?
US Today?
Read by 5th graders and morons.
Redmond is really scraping the bottom of the barrel to find “journalist” to do hatchet jobs on Apple.
35 fixes for Apple, 278 fixes for Windows.
You make the choice.
So where do we download safe programs? Version tracker or similar? I wonder if they check every software for legitimate programers.
The commerical does not say the macs are immune to ALL viruses. It says they are immune to PC/WINDOWS viruses. That is the key. That is what people do not realize.
This article = pure crap, old crap, tired crap.
I sent an email to Byron…here’s his response
As I’ve told other Apple loyalists who’ve reacted strongly to my story,
I’m familiar with the historical metrics on vulnerabilities and
exploits, on the operating system side of things. I’m also familiar with
the arguments for why Apple’s Unix heritage makes the Mac operating
system arguably more difficult to compromise.
However, with regards to popular client-side apps like iTunes,
QuickTime, Norton Antivirus and others, I’ve heard substantive
descriptions of how the software development process at Apple and other
vendors lack security peer reviews.
That lack of security peer review in the code-writing process for
popular consumer applications — combined with the fact that
vulnerability “researchers” clearly have begun to turn their attention
to popular consumer applications delivered by third party vendors to run
on Windows (that includes the vast majority of iTunes/QuickTime players)
— is what’s pertinent here.
Just because there have been only a few exploits of Apple software that
we know of does not mean iTunes or Safari or Adobe reader or
Dreamweaver are inherently more difficult to breach. Nor does it mean
that popular consumer apps supplied by Apple, Adobe, Symantec, Veritas,
Computer Associates and others won’t become exploit targets in the near
future.
In fact, one could make a reasonable argument that exploits naturally
follow a rise in vulnerability research, and that we’re on the early
part of that curve. One can also make a reasonable argument that Apple’s
approach to patching is rather benign, especially in an environment
where the profit motive for online breaches has never been greater.
iTunes updates are a prime example; there is nothing currently in such
updates that indicate security patches are included. A user might well
forego the long update-downloading process assuming he/she is simply
opting out of more bells and whistles, and not realizing a critical
security hole may go unpatched. Adobe’s update process likewise does not
emphasize security patches.
My story was intended to illuminate for our readers how the world of
vulnerabilities and exploits is rapidly expanding and evolving. It was
intended to be forward-looking, not backward-gazing. I definitely will
continue to follow this issue and report how the curve plays out, going
forward.
Thanks for reading and taking the time to send me feedback.
Regards,
Byron Acohido
Mr. Acohido,
You should really know what you are writing about before you write. You will be slayed on this one not by overly sensitive Mac fans, but simply because of your overly zealous ignorance.
You see, there is a security update still available on Apple’s website for OSX 10.1.1. This update was released on 7/18/02. I would think that this fact would make you question Mr. Scott Carpenter from Secure Elements before you published his comments with your name on it. According to your story, Mr. Carpenter states “Apple and other software vendors are just starting to come to grips with security patches, says Scott Carpenter, director of security labs at Secure Elements. Unlike Microsoft, which has emphasized security since early 2002, Apple lacks a well-developed process of notification and remedies”.
I would challenge you to use your reporting skills to report on:
1) Exactly how many security updates Apple has released for Mac OSX,
2) Exactly how many security updates Microsoft has released for any of it’s operating systems,
3) Exactly how many viruses are currently affecting Mac OSX,
4) Exactly how many viruses are currently affecting any Microsoft operating system,
No matter what you write or believe, the facts speak for themselves. I would think you would of performed a bit of research for yourself as well. Your reliance on someone who clearly has an agenda in spreading misinformation for self advancement is lacking in journalistic integrity. It is interesting that you consider your article to be “forward looking” but you relied on “backward gazing” commentary from a self proclaimed “security expert” to support your story. Superior security is not the only reason “loyalist’s” are loyal to Apple and OSX.
Ignorance can indeed be bliss.
Dave Koenig,
Bath, Maine
My PC (yes I’m a pc user) was sending out emails on a schedule automatically one day, my virus email scanner (grisoft AVG) was trying to check those outgoing emails to a .nl address for virus, thats how I knew about this.
I had to install a software firewall on my box (Win XP) to stop this. How did that auto sending crap even get into my system??
Problems like this make me think Microsoft is made up of assholes that lick each other’s buttholes while at work. SOBs, you expect problems but this is fucked up.
My firewall (zonealarm) now says 18844 blocked intrusions, 158808 since installation less than 9 months ago. As I’m writing this, how many attempts at my PC?
… sorry left out, thats 158808 “access attemps” … :p
I was too tired and wrapped up in some other stuff to bitch slap this troll. Thanks for taking up the baton Dave.
Rock on Dave!
Looks like the cheque came through from Microsoft.
Embarrasing, clearly Microsoft sponsored, PR FUD.
“I’ve heard substantive descriptions of how the software development process at Apple and other vendors lack security peer reviews.”
Substative descriptions?! This is what this tool calls reporting?!?!
I’ve heard substantive descriptions of how the chassis design process at GM lacks testing for airworthiness…
//napoleon dynamite
Idiot!
//end napoleon
and way to go dave!
One thing I can tell you is that the writer’s argument is not stronger from the Secure Elements director’s statement. But Secure Elements is not just another security vendor trying to hustle product, the company is ALL LIES. They’ve been shipping product for several years and they do not have one satisfied customer. Period. Vaporware. End of story. Do your homework before dealing with these guys, and you will confirm this truth.