backtop


Print 107 comment(s) - last by Smilin.. on Dec 8 at 9:51 AM


Sadly, even Macs need to practice computer safety these days.  (Source: GameSpot)
Macs are not the virus-free playground they once were, says Apple

Most computer users take buying or otherwise obtaining antivirus software protection for granted as part of normal computer maintenance.  However, users of Apple's Macs, while being greatly in the minority compared to PCs for years have most gone with no virus protection.  Apple even supported this belief, through ads indicating that Macs don't get viruses.  And while Apple's software security-related patching rate is among the worst in the industry, for years Apple was mostly right; its computers just didn't get targeted in great numbers by malicious users.

Recently, however, Mac has been building up a slightly larger market share, thanks to multiple months in the number 3 computer retailer spot.  While PCs still greatly outnumber Macs, there are now many more Macs, and that spells trouble for Mac security.  This growing problem is exacerbated by Apple's poor patching as was demonstrated at a recent hacker convention, in which an Apple machine was easily compromised a full day before Linux and Windows machines could be.

Now Apple has recognized this new problem and for the first time is recommending its users install antivirus software.  A little notice popped up on its support website, entitled "Mac OS: Antivirus utilities".  In the page Apple states, "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Apple goes on to suggest three products -- Intego VirusBarrier X5 and Symantec Norton Anti-Virus 11 for Macintosh, both available from the Apple Online Store, and McAfee VirusScan for Mac.  Just three months ago Brian Krebs, who first noticed the notice and reported on it in Washington Post, bought a MacBook and was told by Apple employees that he didn't need antivirus software.

Similarly, Apple ads like this have long indicated that Apple is immune to viruses.

So what caused Apple to change its tune?  One major factor appears to be the rise in non-OS attacks.  While Apple's base OS is relatively secure, many of its programs, both Apple and third party have numerous vulnerabilities; among them Flash and Apple's Safari web browser.  Dave Marcus, director of security research and communications at McAfee states, "Apple is realizing that malware these days is targeting data, and valuable data exists just as much on an OS platform that is a Mac as it does on an OS platform that is Windows."

Apple is likely also conscious of the increasingly strong security from Microsoft, and its possible effect on its own users.  With Microsoft beefing up its patching system, adding more OS security layers, and offering free antivirus and malware protection for Windows Vista in mid-2009, hackers may turn to easier hijack Mac computers as a source of bots for botnets or other malicious schemes.

One type of malicious program Apple is particularly vulnerable to is password-stealing Trojans.  Explains Mr. Marcus, "The malware we see today is Trojans, password-stealing Trojans," Marcus said. "They are little apps that are dropped onto the machine to do something. They don't infect files and copy themselves. They are looking for specific information and they send that information somewhere else."

Several such Trojans have popped up, such as the AppleScript.THT Trojan, and another one that targeted Mac users searching pornographic sites.

Apple also has to worry about its adoptees -- Microsoft Office for Mac and Firefox for Mac, both popular targets of exploits.

While some, particularly Mac users may find Apple's new announcement surprising, Mr. Marcus says at the end of the day, it is merely an acknowledgment of reality.  He continues, "At the end of the day, they're (Apple is) advising people to be safe and take precautions.  That's a prudent thing to tell people in Web 2.0 world."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Hi I'm a MAC
By SuperFly03 on 12/2/2008 12:01:54 PM , Rating: 4
quote:
Omg just give it a break. The MAC is the safest type of computer to use. MSBlaster or MYDOOM, any one? What has Apple ever had which has brought nuclear power plant safety computers to their knees? Exactly.


Your ignorance and fanboism is astounding.


RE: Hi I'm a MAC
By brentpresley on 12/2/2008 12:05:13 PM , Rating: 4
MAC security is a JOKE.

The only reason they were secure in the past was b/c they flew under the radar of everyone.

Now that they are a prime target, chiefly b/c of the arrogance of their "fanbase", they look just as much like Swiss cheese as any other OS.


RE: Hi I'm a MAC
By kelmon on 12/2/08, Rating: -1
RE: Hi I'm a MAC
By King of Heroes on 12/2/2008 12:24:48 PM , Rating: 2
While you have a valid point here, it should also be mentioned you that also haven't seen the code and therefore can't audit it.

Given the incredible complexity of a computer operating system, I find it extremely hard to swallow that theres no significant weaknesses to be found. Just because we haven't seen them doesn't mean they don't exist (and yes, I admit that sounds silly). As OS X becomes more widespread, more and more of the unsavory lot are going to start cracking open these weaknesses for all to see.


RE: Hi I'm a MAC
By kelmon on 12/3/2008 2:39:39 AM , Rating: 2
Absolutely. This is the whole crux of the argument. No one commenting here actually knows how secure the Mac OS is, or Windows for that matter, because the code is closed. Given this no one really knows how many flaws there actually are and therefore, potentially, there could be no more flaws. Equally, there could be so many flaws in the Mac OS that we'd lose count. The point is that no one here actually knows so this argument that market share is the only thing that keeps these flaws, which may or may not exist, from being exploited is just stupid.

Until we start seeing these exploits, I am not worrying.


RE: Hi I'm a MAC
By jimbojimbo on 12/2/2008 1:43:38 PM , Rating: 2
quote:
So far there is absolutely nothing to worry about and this is all just rather pathetic scaremongering.
Keep thinking like that. That is exactly what the hackers want.


RE: Hi I'm a MAC
By 67STANG on 12/3/2008 12:57:50 AM , Rating: 4
LOL, guess they haven't heard the news....
http://www.pocket-lint.co.uk/news/news.phtml/13675...


RE: Hi I'm a MAC
By Smilin on 12/2/08, Rating: 0
RE: Hi I'm a MAC
By kelmon on 12/3/2008 2:46:37 AM , Rating: 2
Hahaha. That's funny. You took the word "retard" and removed the first couple of letters. What a hoot you must be...

The point, funny man, is that unless you audit the code you do not know how many flaws there actually are in total. I am very well aware that you do not need to see the code to find a vulnerability. Until you know how many flaws exist, and specifically the number of undiscovered flaws, how can you possibly state that Mac OS security is bad purely due to the market share when there is no evidence to support that assertion?


RE: Hi I'm a MAC
By Smilin on 12/3/2008 1:00:10 PM , Rating: 2
My point, not not-so-funny man, is that even with auditing code you still won't know how many flaws there are in total. In fact you are very unlikely to find flaws simply by looking at source code alone. If it were that easy then OS makers would just audit their code and the world would be a happy magical place just like in an Apple commercial.

Since your brain is wrapped around this "must have source code" line of thinking you seem unable to see that there is indeed evidence that Mac OSes are not secure.

Go look at recent hacking contest results. Go look at all the day 0 vulnerabilities in Apple OSes and other software.


RE: Hi I'm a MAC
By 67STANG on 12/2/2008 4:48:33 PM , Rating: 4
It's called "Security through Obscurity". That's all gone now....


RE: Hi I'm a MAC
By kelmon on 12/3/08, Rating: -1
RE: Hi I'm a MAC
By Headfoot on 12/6/2008 3:47:53 PM , Rating: 3
So did you read the article above?


"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer

Related Articles
Apple's Safari Security Woes
March 31, 2008, 12:22 PM
Microsoft Gets Cozy With The iPhone
March 26, 2008, 2:39 PM
MacBooks Get Hacked Within 60 Seconds
August 4, 2006, 12:46 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki