The Apple Mac OS X Malware Myth continues

“Continuing a non-story that will never die, Wired Magazine has an article about the threat of Mac OS X malware,” Carl Howe writes for SeekingAlpha.

“The whole Mac OS X malware story is one of those urban myths that just won’t die,” Howe writes. “For an ordinary consumer, it’s easy to think that since Mac OS X and Microsoft Windows both looks somewhat similar, that they must be similar underneath and exhibit similar vulnerabilities. Therefore, the reasoning goes, the difference in malware must just be due to market share differences.”

“The only problem is that it isn’t true. The two platforms have completely different business philosophies, architectures, and decisions behind them. And those differences matter when it comes to security,” Howe writes.

Howe explains, “Mac OS X remains a much tougher nut to crack for malware developers. Why? There are actually a lot of reasons, but I’ll stick with just my top three.”

Unlike Windows:
• Mac OS X users don’t run with administrator privileges
• Mac OS X has less spaghetti code
• Mac OS X mail doesn’t automatically run attachments
• Apple can actively manage and verify its hardware

MacDailyNews Note: Uh, Carl, that’s four reasons.

Howe continues, “Now I’m not saying that Apple has an invulnerable or even a ‘requires-an-MIT-Ph.D.-to-crack’ security system… But I think it’s important to distinguish between having two exploits on the roughly 50 million Mac OS X computers (the latest of which is actually a Trojan Horse, and not a virus) and the roughly 140,000 viruses extant for the hundreds of millions of Microsoft Windows computers worldwide. Two vulnerabilities don’t make an epidemic. And given that Mac OS X is a harder target to penetrate, I don’t expect those ratios to change dramatically any time soon.”

Much more in the full article here.

MacDailyNews Take: It’s always welcome to see someone advocating putting things in perspective, but that’s not what AV software peddlers, WIndows PC box assemblers, and the rest of the leeches stuck to the Windows ecosystem want people to hear, Mr. Howe. Increased Mac sales always result in increased Anti-Mac FUD. The sheep must be kept in the Windows pen, no matter the cost to reputations, reality, productivity, sanity, etc. Far too many have far too much invested in Microsoft Windows for them to stand idly by and let it all slip away due to a vastly superior solution from Apple.

25 Comments

  1. I’d like to hear more about the alleged deficiencies in the Leopard firewall. Is this a serious issue or not? Has anyone found any information from sources other than the security experts who made these claims? I am particularly concerned about the claim that the “block all connections” setting does not really do so.

  2. How can it be anything bad if the user has to enter the admin password twice after going to a site that says “Hey, download my software to watch this awesome movie”. That is a virus in the users thinking. Anyone could write a program that did harm if the user typed the password. That is like saying phishing sites are a sign that mac’s are just as bad as windows computers.

  3. If your worried about someone being foolish enough to give their admin password to every damm program that wants it, I suggest installing Deep Freeze.

    Upon reboot it will return the hard drive to the state it was frozen, regardless of what a user does.

    Of course files and such will have to be stored on external media for best results.

  4. I’d also like to have a knowlegable individual critique Leopard’s firewall I show no open ports on two sites that test firewalls, I don’t have sharing on, my computer is not networked, and I have a different passwod for root. Plus, I think I’m smart enough not to download anything from unknown sites.

    For most people, that should be more than enough. In any event, how is Leopard’s version different from Tiger’s?

  5. “I’d like to hear more about the alleged deficiencies in the Leopard firewall. Is this a serious issue or not? Has anyone found any information from sources other than the security experts who made these claims? I am particularly concerned about the claim that the “block all connections” setting does not really do so.”

    if i scan any of my machine, either with someone else probe software or just with stuff like nmap, even without the firewall on, i get nothing. zero. zip.

    the firewall doesn’t block things that you are intentionally running. if you want everything shut off, turn off the networking. it isn’t that hard to do.

    or as the help screen says:

    In addition to the sharing services you turned on in Sharing preferences, the list may include other services, applications, and programs that are allowed to open ports in the firewall. An application or program might have requested and been given access through the firewall, or might be digitally signed by a trusted certificate and therefore allowed access

    IMPORTANT: Some programs have access through the firewall although they don’t appear in the list. These might include system applications, services, and processes (for example, those running as “root”). They can also include digitally signed programs that are opened automatically by other programs.

  6. OSX users DO run as administrator

    Correct me if I am wrong, but the first user created MUST be admin. And I’d guess that 99.59% of OSX users use THAT admin user all the time.

    I’m not saying that this is inherently dangerous, I’m just trying to correctly state the facts.

  7. Howe explains, “Mac OS X remains a much tougher nut to crack for malware developers. Why? There are actually a lot of reasons, but I’ll stick with just my top three.”

    […]

    MacDailyNews Note: “Uh, Carl, that’s four reasons.”

    ————————————————————–

    “Just answer the five questions…”
    “Three questions.”
    “…three questions as best you can.”

    …or am I the only person who got mild Monty Python vibes from that one? ” width=”19″ height=”19″ alt=”wink” style=”border:0;” />

  8. I like this analogy for which OS hackers would rather attack:

    Would you rather have the girl that every other guy in town as had, or be known as the guy who got the pretty and smart girl whom no one has been able to touch, yet?

  9. >fatal: You’re right, but if you want to make changes to the system (say, start that trojan DNS controller), you have to type in your admin password. Working under admin account doesn’t automatically mean that you can do anything without knowing the password.

  10. “Would you rather have the girl that every other guy in town as had, or be known as the guy who got the pretty and smart girl whom no one has been able to touch, yet?”

    The better question, is would you rather go party with the 97 drunk college girls in the hope of getting lucky with one, or try your luck with the three fat ugly girls sitting in the corner pretending they’re superior to everybody.

  11. I usually takes a few weeks before the malware heralds have to pull a “Mrs. Latella”. The problem is that final results never gets any press. Apple needs to push this point in new ads and shove this fact down M$’s throat again and again and again….. OS X should become synonymous with virus free computing for home/family.

    Jusat my $0.02

  12. @Gabriel Good call! ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />

    And the Lord spake, saying, “First shalt thou take out the Holy Pin. Then shalt thou count to three, no more, no less. Three shall be the number thou shalt count, and the number of the counting shall be three. Four shalt thou not count, neither count thou two, excepting that thou then proceed to three. Five is right out. Once the number three, being the third number, be reached, then lobbest thou thy Holy Hand Grenade of Antioch towards thy foe, who, being naughty in my sight, shall snuff it.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.