OSNews

You don't see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience
--------------------------------

So, the security vendor has never seen a virus for a mac outside of system labs that are working on expoilts? It contridicts is 2nd sentance a bit trying to blame it on market share...

Wonder when they will try and release a product

It's not like OS X is impossible to target, but it hasn't been a target. Now it is.

It is vulnerable to the same types of attacks as Windows is, but the difference is that in a default configuration, it's much more difficult to exploit because the default configuration is a little more secure.

It's only a matter of time before we see iLoveYou type worms that prey upon uneducated users.

Only time will tell, but this should come as no surprise. Besides, Symantec needs a new revenue stream :-)

D

I was begining to feel left out. I mean my roommates XP boxes have to be cleaned Daily, even with SP2's firewall, the Linux firewall at the entrance to your network.

One has this nice beuatiful IRC trojan, but since she refuses to clean out her machine because she says she runs McAffee daily (which she does) and it comes back clean that there is no problem.

I really wish I could live in denial like that. Come on guys write some good malware for OS X tooo.

switch back to OS9!

So, Symantec hasn't yet been able to actually infect anyone with their new viruses, but they do have them running in their labs? That's great... yeah...

How fast can a macosx virus/worm spread if you only have a 5% chance that the computer the virus wants to infect, is in fact running mac os x? That is presuming that the virus has a 100% success rate to infect a machine. It is more likely to start at 50%, and rapidly falling as time progresses. By the time that the virus has infected 4 machines, there will have been so much media attention, and apple security fixes, that the infection rate will have dropped to 0%.

To say it differently, the immune system of a mac may not be 100% effective (it is highly effective, but never 100%), but the general climate makes it very hard for a virus to propagate and infect.

Symantec has a vested interest in spreading fear about virusses, and selling their products to scared customers..

I am still waiting the virus and worms for Linux. I still remember Linux antivirus software and warning of linux virus on the net since 2001.

It is not that linux or even osx are not vulnerable to hackers (they are !!!). But I have yet to see virus/worms on the wild on those platforms.

So called "Security vendor" are such a band of liars that I often wonder if they are creating the virus/worm themselves.

Typical FUD from a vendor about to release a mac security product.

Looks like Symantec is trying to drum up some more business.

This is Symantec trying to drum up more business. They'll have us all installing software on our Linux desktops that does nothing. Oh wait, they do that on Windows as well.

Why ?

Because apple will plug the holes and it will make MacOS
better.

Windows XP has been forced to be secure with its almost weekly
updates. Which are automaticaly installed if you want.

Linux distros also have frequent bug fixes. Suse's Online
update is a good tool.

The hackers are forcing the companies to become more secure
and stable. So let them pick holes in MacOS 10.3 and let
MacOS 10.3.x be better.

Or perhaps Symantec have a product to sell to rich OS X users.

Full story at 11.

The subject line says all I need to say about this topic. ;-)

I think if Symantecs estimates are true, the linux (and Free/Net/etcBSD community should put a watchful eye to the matter. If MacOSX is truly the target of increased malware/virus efforts, this will surely swap over, since MacOSX is a FreeBSD at its core IIRC.

And system can be exploited if the users allow it to be. Every time an app tries to make a system change on my mac I have to enter an administrator password. This is the same security method implemented on most Linux distributions and is absolutely vulnerable to a stupid user who knows the password.

You can get clamav from Fink if you want to keep an eye on your files or scan your email.

By default, OS X seems much more secure than most Linux installations, and definitely more secure than XP's defaults. Even if you enable 'remote login' you're using ssh instead of telnet (good!).

Apple's also been releasing regular security updates. I'm glad I don't have to scan my iBook for adware and viruses every couple of days... I actually haven't touched my XP box in a couple of weeks (playing games on a GBA and PS2).

- chrish

//I mean my roommates XP boxes have to be cleaned Daily, even with SP2's firewall, the Linux firewall at the entrance to your network//

No offense, but your roommate needs some further education on how to lock down an XP box. I've been running XP Home since 2001 (with AVG AntiVirus (free) and Sygate PFP firewall (also free)) ... and I've had ZERO .. NADA .. NOT ONE virus or successful hack.

Does your roomie blissfully ignore common sense, and click on everything he/she sees on his/her screen?

Or perhaps you're exaggerating a bit ...

"They'll have us all installing software on our Linux desktops that does nothing. Oh wait, they do that on Windows as well."

This isn't entirely true. It does tend to slow fast computers to a crawl, and break email every two or three days. Though it is true that if you cannot make pop, smtp, or http connections your chances of getting spyware are vastly reduced.

It's weird that people are so quick to dismiss the message just because of the messenger. Frankly, if I were a virus writer, this type of attitude would thrill me. I mean, there was already the case of Mac OSX trojan a while back. The simple fact is that OSX is going to have vulnerabilities as well.

That's not a reflection of the lack of Apple's lack of quality, just a fact of life. Rather than dismiss the message because the messenger is trying to sell the product, at least realize that what they are saying is true: As Macs grow in number, they will increasingly become targets. Any belief to the contrary is delusional. The perfect example is Firefox: while Firefox may still be more secure than IE, the fact is people are starting to target Firefox to get around certain things Firefox has in place. Firefox is becoming a larger target.

Now, becoming a larger target doesn't mean people are going to hit you as easily as other targets, but it doesn't mean they won't ever try.

So while Mac users can still smile about a more secure OS, they shouldn't sit their and believe that they are immune from everything and anything.

How would it be the same as on Windows "ILoveU" ?

MacOS X is Unix-based, meaning if one user is dumb enough to let something pervade his machine (meaning, by clicking a fishy attachment), that will bring _his_ account down, and not the whole system (provided he's not logged in as root, granted.)


The rootkit they mention was a trivial bash script, as I can recall it, and needed the user launching it.

MacOS X is not exempt of security bypass, and surely will be targeted sooner or later; but I don't think you can parallel it with Windows as far as security is concerned (they're simply different concepts).

I join others' point of view: Symantec must have something up its sleeves for the Mac.

(On the other hand, Mac users may have to communicate more on the subject, without troll or flamewars: community spirit to draw attention from, or educate, the new users).

linux and BSD have, and commercial vendors don't: a central (or distributed) place to get apps, no other place , nothing from internet can be installed except from distros server...

that Macs are only less infected, because viruses spread less, take into account that many mac-heads' friends are also mac-heads (it's a virus!). So a kind of outlook virus would spread nicely.

Too bad that Mac OS X has tons less vulnerabilities than Windows, so this is just FUD und advertising from Symantec.

Then I could see the onslought of Malware coming into OS X, and if someone actually removed IE 6 and all its components Windows would be 60% of the way to being on par with OS X(at least on the side of perceived security)

Sorry samchi, it's not that simple on OS X. But it is on Windows 2000/XP.

Nope they are just ignorant. I can only tell them so much. They do have firefox, and netscape installed, but some of their favorite porn sites are IE only and IE /windows only. My Mac's IE can't connect.

My windows box has never been infected either. Of course I never use IE. With IE they don't have to click on anything to install trojan's. Active X does it automatically.

Yes I have told them about AVG (I use it)

Of course my Windows Box hasn't been booted in three weeks. For the first time ever in my life. I am keeping it just for games, and lately have been playing games on my Mac.

Is there a single known virus, trojan, or anything out there that works on OS X? And I don't mean that "let's take a program and paste the iTunes icon on it" thingy. I mean some honest-to-goodness actual trojan. I don't think so.

Symantec, wake me when the first actual virus/worm/whatever is out, instead of spreading FUD...

Couldn't be because Symantec is trying to gin up business by making unsophisticated users afraid of non-existent viruses? Nah, couldn't be that...

"No offense, but your roommate needs some further education on how to lock down an XP box. I've been running XP Home since 2001 (with AVG AntiVirus (free) and Sygate PFP firewall (also free)) ... and I've had ZERO .. NADA .. NOT ONE virus or successful hack.
"

haha you keep telling yourself that. You are basing "Zero" on what, feedback from your free antivirus program? a good trojan won't be detected trust me on that one. It is trivial to put something on an windows box that is not detected by virii programs.

Congratulations! Symantec You are the 978599 company to spew this complete utter fallacy. Welcome to the club de parrots you are now a member. Please leave your critical thinking skills at the door.

Let's get this out of the way once and for all/until the next parrot says the same thing shall we? Market-share has absolutely zero to do with Mac OS X being an inherently more secure computer operating system than any variant of windows. (besides a windows box not powered on) If market-share determines security then why does apache have more market-share as a web server than IIS yet fewer vulnerabilities by platform? I'll tell you why because better code determines security not market-share. I still fail to see why people cling to this "world is flat" idea that windows is more vulnerable because more people use it. I know I'm not that bright but I mean for me it was common sense the first time I thought about it. A steel door is more secure than a wooden one no matter how many more people have wooden doors. Lets face it! Windows is a balsa wood door. It is hideously insecure. I am able to currently code a web-page that can run cmd.exe and delete 5 critical system files on your XP box rendering it unbootable before you can react and exit the window. All you have to do is browse to said web-page. I am able to take full control of your windows box via trojans which btw can easily be downloaded automatically without you even knowing it. These fundamental design flaws have nothing to do with market-share.

I am the "pc/mac guru" to my immediate friends and family. I say that not to brag as it is a curse. My mission now is to switch them all to macs. I never ever get calls from the couple of mac users with problems besides general usage questions. I get almost daily calls from the windows users in my life and the people they know to clean their systems and put them back in "working" order. I now make money doing this on the side through word of mouth. I have yet to earn a dime fixing a mac box running OS X due to malware or viruses. The only people that believe OS X or linux aren't more secure than windows are users that have only ever used windows and are members of the parrot club. I have found that most people I ask whom own a mac in addition to a PC prefer the mac for usability and security. This is no accident. In order to make a really informed judgment you must do it through experience (touching live electrical outlets excluded). A lot of people out there bashing the linux or mac platforms have usually not used either. How can one respect their opinion?

Furthermore, market-share has nothing to do with so called windows hacker preference. This can easily be verified by joining any notorious hacker irc channel. join #pleaseownmewindowsboxen Try this experiment. Post that you have figured out how to take advantage of a remote windows exploit. haha you'll get no response or get kicked. Now let them know you have discovered a serious remote vulnerability in Mac OS X. I can tell you which one garners more response, and would garner more respect if true. The answer, OS X. The reason for the respect is quite simple. OS X is inherently more secure than windows and less trivial to compromise.

I've used Windows, Linux and now OSX. Still no virus in sight. Why? Because even if good AV software is nice to have, it's useless if you don't have the knowledge and commensense to what can infect your OS.

time to me to install a firewall on my linux system too...

who knows watz next??

Ooooh! A warning from the makers of anti-virus and security software for the Mac that Macs are increasingly being targetted!

Eek! I'll take a hundred copies of Norton Anti-Virus and whatever your firewall is called, STAT!

Usually only a small part of the bugfixes for your linux distribution is in any way related to security.

Attach an AppleScript that calls a bash script that curl's a rootkit from a website, exec the rootkit. Compromised.

Rootkits exists, and are constantly being fixed, but so long as they exist, this is not an issue. Bear in mind that it's possible to secure a Windows machine to not ran as admin as well, it's just not the default.

By default, OS X is more secure, but that doesn't change the fact that compromising a user account is the same as compromising the machine to most users, and further, once the user account is compromised, it's not a major effort to compromise the machine.

I'm saying that it's everybit as feasable. The difference is that OS X and Mail.app doesn't have the vulnerabilities that Outlook does, but it really isn't that hard to write an applescript that when run created a cron job for that user that sat there and every so often polled a remote site for a new message and then sent it to every user in the Address Book al using AppleScript.

Sounds alot like I Love You doesn't it :-). Social Engineering, and a compromised user account, no admin rights needed.

There's a problem with this premise. It assumes that Apple will handle the problems that have plagued Windows in the same way Microsoft has. I think Apple's brand/identity is centered around good design and innovative technology. They protect and covet that above anything else. So I doubt (very much) that Apple will let the situation get as out of hand as Microsoft has allowed.

I should mention that it would be equally easy to compromise Linux machines using a #!/bin/sh, the difference is that your average Linux user is going to have a clue, whereas your average windows user doesn't and it's 50/50 on the Mac Users, and even those with a clue might fail to see the trees for the forest considering they feel so protected right now.

I can't believe people are falling for the fear factor marketing trick, or that OSNews (still) does not do intelligent reporting. Who benefits from these problems? Vendors like... Symantec.

well i'm sure that leaves me some time on linux/ppc =)

If all malware developers had the out-of-the-box thinking that you exhibit, the world would be a safer place. Unfortunately that's not the case.

isn't Symantec telling us OSX is vulenrable to all kinds of attacks, the same as a investment companies recomending a stock for a company who they represent in consulting services?

who but AV companies really stands to profit from a possible osx virus plague?

The first macosx virus will look something like this:

From: Anti-Virus Company
To: you
Subject: Virus!

A virus has been detected on your system! Please forward this email to everyone you know who uses Macintosh computers. The go to the Finder, click on your hard disk ("Macintosh HD"), click on the Applications folder, and type command-delete.

This will erase the virus from your hard disk. Once you do that, go to the Apple menu, choose "Restart...", then click the "Restart" button.

Thank you for choosing <Anti-Virus Company Name>!

I just have issues with a company who sells anti-virus and firewall programs telling me to be afraid of security exploits and new viruses. I'd much rather hear this from Apple or a private research group. The fact that Norton can't successfully sell their suite for Macs is probably the reason behind such claims. I have my own firewall tools in place I don't need Norton to eat up my ram and clock cycles.

[/i]//I mean my roommates XP boxes have to be cleaned Daily, even with SP2's firewall, the Linux firewall at the entrance to your network//

No offense, but your roommate needs some further education on how to lock down an XP box. I've been running XP Home since 2001 (with AVG AntiVirus (free) and Sygate PFP firewall (also free)) ... and I've had ZERO .. NADA .. NOT ONE virus or successful hack.

Does your roomie blissfully ignore common sense, and click on everything he/she sees on his/her screen?

Or perhaps you're exaggerating a bit ...[/i]

No offense, but after having worked in a call center for the last six years, I can tell you from first hand experience that your typical user just doesn't understand security--worse, they don't care. It's almost like fishing for bluegills, the buggers will bite at a bare hook and you can catch the same fish several times a day. Seriously, they don't want to be bothered with security updates, firewalls, adware removal tools, etc...

Heck, if they could get away without having a password they would.

BTW--Your typical Mac user isn't any smarter.

BTW--Your typical Mac user isn't any smarter.

actually, there was some study done a few years ago that says Mac users are typically smarter than the typical Windows user.

OHHH. you meant cognizant. well I would agree with that.

Attach an AppleScript that calls a bash script that curl's a rootkit from a website, exec the rootkit. Compromised.

I have to do what now? That's pretty complicated. Why don't I just log-in as root, then step away from the keyboard? Ouch, you got me!

I am a diehard Mac user. I use XP at work but am happy to come home to my mac. I also think Symantec motives are at best questionable here. They want to sell stuff.

That being said, I think it is important to be honest about the security limitations of whatever system I am using. I want to know what the risks are. I'm not interested in a "brand X OS is better than brand Y OS" pissing contest. I just don't want some thug in Eastern Europe running up massive charges on the Visa card I used to by crap from Amazon.

There are some excellent security features in OSX that make it resistant to being an infection vector. However, OSX is vulnerable to privilege escalation bugs just like any other OS.

Here are some examples.

http://secunia.com/advisories/10440/

http://secunia.com/advisories/8062/

Granted these have been fixed but errors like this happen in any code base, even the uber security minded OpenBSD.

If a program or script that exploits such a vulnerability is attached to an e-mail and sent to a user who runs it, it could automagically gain root privileges on the machine and send itself to anyone in the address list with a .mac email address.

It is unlikly at this point but it is possible. I think that as OSX gains market share it is going to become more of an issue.

It's not like OS X is impossible to target, but it hasn't been a target.

Yes, it's not that it is "impossible to target". It is that its HARD to target. It is hard in the same ways that Windows are easy.

So, yes, virus like programs could exist for OS X. Nothing is impossible with computers. *Hard* though, is another thing.

Don't hold your breath though.

Oh, and Symantec is a virus-scanner company. Surely they can profit by making such claims, eh?

This is just the beginning of a marketting campaign. First they will scare you, then you will buy their software. Nothing more to it. It is standard practice to scare people into line, in marketting and politics - especially here in the US.

"You don't see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience,"

To the best of my knowledge, Mac OSX is built on top of BSD, which has been around for a long time and has a large userbase. So the quote above doesn't seem to be accurate to me. In fact, the UNIXes were around before Windows so hackers have had a longer time to build viruses and worms for it. Windows is an easier target for hackers, not only because it is the most prevalent OS out there, but also because MS makes it easy to infect a Windows machine with almost no user intervention. With the UNIXes and Linux, having the root password is almost always necessary to infect these machines. Of course, if you type in the root password for an unfamiliar program then you can cause damage. Symantec should be ashamed for this statement. The article clearly seems to want to promote FUD. If these vulnerabilities are out there, they could let Apple know so that they could be patched. But I guess that wouldn't make Symantec any money, huh?

This is why I HATE 3rd party apps that come with a "Vise" installer requiring your admin password to install. In OS X an admin user already has write privileges for /Applications and almost everything under /Library. There's simply no need for 3rd party software to need an admin password.

Oh yeah, I guess for Office 2004 the log file is written to the root folder. Lame.

But...we give 3rd party apps our password everyday, without question. Eventually everyone is going to be so complacent giving away his admin password that one day...boom...done.

At least Apple's PKG installers allow us to get a bill of materials prior to installation (even though simple filenames don't say much about what the code does).

We need to boycott these "Vise" installers. Refuse to give your admin password. Get developers on board.

The admin password is becoming completely meaningless in OS X, as its given away for the stupidest reasons.

Spot on.

//haha you keep telling yourself that. You are basing "Zero" on what, feedback from your free antivirus program?//

Er, no ... i'm basing that on the firewall logs after grepping for various scan attempts.

Please try harder to not be a dipshit.

// Seriously, they don't want to be bothered with security updates, firewalls, adware removal tools, etc...

Heck, if they could get away without having a password they would.//

I believe what you say ... but folks like that shouldn't be using computers in the first place. Unfortunately, they do. For newbies, I *always* recommend getting a Mac, just to steer them away from the issues you mention.

Unfortunately, I've no answer when they say, "But will a Mac run Half-Life 2?" Personally, I'm too vested in PC's to switch everything to a Mac ... and, as I said before, I just don't have the virii/spyware problems that a lot of folks have. But, I do try to make folks consider a Mac, at the least.

This is why I HATE 3rd party apps that come with a "Vise" installer requiring your admin password to install. In OS X an admin user already has write privileges for /Applications and almost everything under /Library. There's simply no need for 3rd party software to need an admin password.

I don't agree. Actually, I think requesting an admin username/password at that point is a decent enough security measure (and I believe it's the OS that requests it, not the installer. The installer just tries to do something that requires authentication, and the OS automatically asks for authentication, I believe).

First of all, it prevents programs from doing something dangerous without asking. You run a program, it tries to overwrite or erase something in a protected folder (anything other than your home folder), and the OS says, "If you really want to do this, you're going to have to authenticate first." So if you run a program expecting it to display something simple, and the OS prompts you for your username/password, you should be really suspicious.

Also, it's a hell of a lot better than Microsoft Windows habit of requiring you to log out as your current user and log back in as an admin to accomplish tasks. All that logging out and logging back in only encourages people to run their systems logged in as an administrator 24/7, which is where many of Windows' security problems originate.

This whole setup isn't even unique to OSX. A proper Unix box will have roughly the same situation, you run under a non-root login, and use root (or better yet, sudo) only when you need to accomplish something that requires it. So I'm not sure what your complaint is.

Under the table deal between Microsoft and Symanetec discovered to create malware for Mac OS X and spread FUD.

lol as long as there is software there will always be bugs. Some OS have been coded better some haven't. Some have better safeguards and some don't. But usability is very important. Hence XP will always be more popular and so will all future M$ products.

Before I spent 3k on a top of the line uber laptop, I thought of getting a Mac...and I saw other than being able to have security, and better programming apps, I get nothing out of it because I game as well. The day games run on the Mac with no problems and no performance hits, is the day I switch. My 2 cents.

OH and regarding spyware and viruses, yes XP attracts them like a magnet. You have to know what you are doing to be free from them. I agree that people who paid money for an OS should not be spending their time and energy trying to secure it. It should already come secure right out of the box. That is why I hope Longhorn turns out to be a good alternative to XP. I will just wait and see. In the meantime I am gonna stick with XP and my knowledge of how to wring everything out of it.

...you run under a non-root login, and use root (or better yet, sudo) only when you need to accomplish something that requires it. So I'm not sure what your complaint is.

Most installers, like Adobe Acrobat and MS Office, DO NOT need to accomplish something that requires it (your admin password). My complaint is that as we become more and more complacent giving it to anything every day, over and over, it loses its meaning.

If the admin password was asked for only when it was required (writing a log file to the root folder doesn't count IMO), then we'd take it more seriously, and avoid possible root kits in the future. The amount of shareware that requires it is a joke.

This is just Symantec trying to sell more of their shitty software and non-existent customer service.

"You don't see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience "

No. Pre-OSX version of the Mac OS had major virus issues and there are vastly more Macs out there now then there were then. Dumbass.

Symantec was, and maybe still is, selling anti-virus for Palm pilots which have never had a virus ever. Pathetic.

I'm not going to deny there is a level of FUD in this article. But we can't just shrug off the "potential" as a moot point. Someone commented that as soon as we know there is a problem Apple will just send out a patch. In at least one case it took over a month to get a partial patch to a "critical" issue and the complete fix was quietly introduced a couple months after that. See link regarding the first part of this, I apologize but I seem to have misplaced the link to the patch which finally fixed the real problem.

http://news.com.com/Apple+patches+critical+OS+X+flaw/2100-7355_3-52...

That is a fairly huge delay in dital time. One which Apple does not seem likely to do again but it is possible. Of course all operating systems have a time period were a problem is found but before a fix is sent out. So, this doesn't mean Apple is a bad choice in a security respect. Actually, their performance far exceeds Windows when it comes to getting patches out and being secure.

Anyway, the article is mostly FUD but there is a grain of truth in the fact that all operating systems are vulnerable in some respect. I think most people are probably correct in stating that this is a prelude to them announcing some hugely expensive OSX security tool. I just feel, with any luck, Apple will probably do a "good enough" job of getting the patches out in time for most of their users.

It's the "good enough" part where Symantec is planning on convincing people to not accept that.

Anyone else think this sounds like Symantec trying to expand their market? You wouldn't think they'd need it with all the Windows boxes out there, but who knows...

Seriously, I'd be hard pressed to find a reason to install it on OSX. There are basically no virii in the wild for it; plus Nortons is one of the most appalling pieces of software I've had the misfortune to use. It may be good at detecting virii, but I get quite sick of the way it sidesteps every control method Windows allows and leaves the user with no control over it.
Try "uninstalling" it; takes 3 reboots. Heck, it takes a reboot just to turn it all off...
I use the term "uninstalling" pretty loosely there, since it leaves random directories and registry keys everywhere.

Symantec will have to try harder than that.

No. Pre-OSX version of the Mac OS had major virus issues and there are vastly more Macs out there now then there were then. Dumbass
Ummmm.... over the last few years (in general), the userbase of Macintoshes has actually decreased slowly hasn't it?
There certainly aren't _vastly_ more than there were...

About a possible mass outbreak of viruses on other platforms, reminds me of Noah and the flood:

For 100 years, "Hey ya'll - it's gonna rain!" And when it did, people were caught completely off guard. Same with the Titanic, as people swore it could never sink ...

I'm not saying that a mass outbreak will ever happen on OSX, but if it does, I feel sorry for the people running with no firewalls and no virus scanners.

FYI: OS X has a firewall built in.

IMHO, most major "alternative" OS's will see spyware before they see viruses in the next while.

I seriously doubt we'll ever see a Linux or *BSD virus for the simple reason that it seems like every time one of these kids is interviewed who wrote the virus says, "Well, I talked to MS, they didn't seem interested in patching it, so I thought I'd show them what would happen if they didn't." With Linux and *BSD these kids find the hole and can patch it.

"About a possible mass outbreak of viruses on other platforms, reminds me of Noah and the flood:

For 100 years, "Hey ya'll - it's gonna rain!" And when it did, people were caught completely off guard. Same with the Titanic, as people swore it could never sink ... "

Except, the historical truth is, said flood never happened. Makes a fine warning fable, but a tough object lesson.

"Er, no ... i'm basing that on the firewall logs after grepping for various scan attempts.
"

haha you keep telling yourself that your winxp box is completely secure noob. I love users like you.

"I'm not saying that a mass outbreak will ever happen on OSX, but if it does, I feel sorry for the people running with no firewalls and no virus scanners."

I have to agree with you on this one. MacOSX comes with a click and run interface for ipfw but by default it is not on when it really should be. No reason not to run it and I roll my eyes when I hear fellow Mac heads say that Macs are IMMUNE to viruses.

I think Symantec products for OSX are slow and quirky but a virus scanner on any OS is not a bad idea.

Of course, Macintoshes are safer than Windows boxes.
But there is a difference between "safer" and "completely safe", and many people here overlook that difference.

There is a "safe mode" of operating under Windows: use anti-virus, install a firewall before ever going online, use anti-spyware tools regularly, and use a browser with less than 10% market share. Do that, and malware will target your ignorant brethren, and you'll be safe.

The spreading of viruses is a statistical issue. Apple is partly safer because of a more secure (NOT completely secure) OS, and partly because of the combination OS X/Safari, which makes it a "hard target": it costs lots of resources to find an apple online, twenty times as much as it costs to find a Windows machine.

Even if an Apple worm were to spread, it would be so slow that conscience about the worm would spread faster (at slashdot speeds), and the worm could be killed instantly.

Unless Apple users would consider themselves invulnerable, so that they could only stare in disbelief while their Apple mini towers came crashing down.

It is my belief that the Mac mentality could be the most severe threat to OS X. You'll only be able to keep laughing at Windows malware if you keep your guard up. Saying "My OS is secure" won't cut it. [See also: Microsoft's "Trusted Computing" initiative]

....to determine where, exactly, any OS/X viruses are coming from, because of the smaller numbers of machines.

Could this have anything to do with why the multi-billion-dollar anti-virus firms aren't getting anywhere with these products?

Take this question as you will. I'm basically a cynic, though.

...but I think you hit the nail right on the head. This may be why OS's like BSD are not being attacked by viruses. The people who run such systems tend to be much better at tracing the origins of the problem than the people who run Windows systems.

I'll always remember that post on alt.slack about the hacker who got fired from McAfee, not because he was talking to his old friends, but because he got *caught* at it by a reporter......