OSNews

Did you not READ the final paragraph?

This is the final paragraph:

In what twisted beyond-the-looking-glass kind of universe can THAT be seen as "embellishing" OS X' security problems?

And as for Windows and viruses - yes, that is very much an outdated issue ever since Vista came out - almost three years ago now. There haven't been ANY major outbreaks since then of anything (except when people did not keep their computers up-to-date).

I like to abuse poor Thom as well (sometimes in fun) but I don't really think he was being over the top. While OS X has remained unscathed, the potential IS there because certain privileges are granted to the "admin" user, just like in Windows.

People rant about Windows security but the major reason why it is more open to problems is because of the elevated user privileges. If the system was locked down it would not be an issue... but that would raise OTHER issues with software products that apparently depend on elevated user privileges as well... I digress.

This article was about Mac OS X, not Windows. Thom should not have to make that comparison in his comments. Security vulnerabilities are security vulnerabilities.

I would rather have not read the flip comment about the new ads and the irony of the virus checking software, but hey, what can you do.

Although you are correct in saying that OS X Leopard and earlier are not up to date with regards to security features for the most part, OS X operates not quite as "admin" user - it is somewhere in-between Windows's free-for-all admin privileges and a more traditional Unix model. If you try to install files outside of the user's directory tree, or other directories where the user has write privileges, you indeed will get a password prompt from sudo.

Also, you can run as non-admin and most applications, unlike Windows, won't break if you do - but you'll be entering your password a lot more and not much additional real security will be there as a result. (See Vista's UAC for an example of why more is not better with regards to security prompts.)

I don't disagree... I think OS X is definitely more secure and less prone in that regard.

I do wish a solution was available to lessen raised priv dependencies on Windows. It never had to be that way once NT arrived - or so I believe. If an application really required privileged access to a system resource, that could be accomplished without granting general, elevated privileges.

I don't know... it is a bit of a mess now and would probably be a pain to change the way things are done now, for developers of huge products that have come to depend on that legacy weakness...

the few applications that do not work properly as a non admin can usually be made to work by changing security settings on the folders/files they are trying to work with.

I work every day, all day, in a non admin account on windows and there is no real difference between that and any other os i have ever used.

He pointed out the vulnerability to targeted remote intrusion. That doesn't mean he was also implying vulnerability to the more automated, "scattershot" security risks (EMail viruses, infected websites, etc). They're certainly related, but they're not interchangeable.



Okay, let's take an example from outside the computer world: the amount of break-ins in (most) rural areas is substantially less than in urban areas, even when measured per-capita.

Based on that, would you say it's reasonable to conclude that people in rural areas are just fundamentally more law-abiding? Or would you consider that to be an oversimplification because it ignores other factors like population density, the social dynamics of rural vs. urban populations, etc?

Okay Thom, I would hardly consider Windows viruses to be an outdated issue. I do a lot of IT work and I've seen a significant increase lately in malware infestations. While these may not have been viruses, per se, they are extremely invasive and disruptive and require work to remove. Not for the lay person. Frankly, I think you're delusional if you actually believe Windows Vista+ are somehow safe from infestation.

Vista was hated for its UAC, Vista had proved to be less prone to virus attacks. I am handling about 120-130 laptops in my office all of them running Vista, there have only a few (minor) virus attack complaints, also the Vista 64 bit version has proved to be even better. Vista has been my favorite Microsoft OS till now, adding network devices is easy, is much more secure that Windows Xp and Vista is anyday nore stable than Windows Xp. I am not a Microsoft fanboi, use Linux at office and Mac at home, but there is no denying that Vista (Windows 7 as I have heard) are step in the right direction for Microsoft.

Huh??

http://www.sophos.com/security/analyses/viruses-and-spyware/osxleap...


http://www.macworld.com/article/53737/2006/11/macarena.html

There are viruses for OS X. Please don't let the facts stand in your way.

@DrillSgt

Re: Leap-A and Macarena
At first, it they were a Virus... Then classified as a Worm. Then, a Trojan Horse. Regardless of the definition, they are both malware.

Although they were one of the first for the Mac neither of them can be classified as a virus as it is not self-replicating.

I would suggest that you not get the definition of a virus from a software development company who might want to simply sell you their software.

Edited 2009-08-25 22:52 UTC

You're really arguing semantics here. Whatever you choose to call it, would you want the stuff on your machine? I sure wouldn't.

If a close friend or family member were going to buy a Mac, I would tell them that just because it's a Mac does not mean that it's not vulnerable to viruses and malware. Regardless of how true (or not) that is, I'd rather people I care about to stay security-conscious, no matter what platform they're on.

Better to be safe than sorry, I always say.

Edited 2009-08-26 03:31 UTC

Because downloading something, by choice, installing it, and giving it your password, twice, is somehow as bad as a virus and not a trojan?

No security in the world can protect people that thoughtless.

There are no viruses on Mac that auto-install and and self-spread to other machines. The situation is in no way comparable to the Windows world where I am scraping rootkits and malware off of Windows machines (including Vista) all day long.

Cut the bullshit fanboi. Last statement was biggest pile of shit I heard in long time. Seriously all malware comes from users accepting installations of "Britney spears nude video" or other crap. And if you have UAC enable, like any sane person that doesn't read Mac fanboies crap does, Windows will do pretty much same as you said, and don't give that bullshit "Oh I need to type password" crap like you Mac fanbois always do. Just shows that Apple is finally accepting facts and doing something to offer active defense.

When you've got a way of potentially walking into many systems then self-spreading becomes less necessary for malware, but to think that a Mac is not capable of doing that is naive. Some of the demonstrated ways into a Mac have been trivially easy because of the assumptions that can be made once you get there. Take a look at the Mac and you find an alarming number of programs and services that simply run setuid.

I think a lot of people are going to be in for a shock.

Edited 2009-08-26 15:40 UTC

It has certainly been proved that there are some humdinger exploits in OS X out there just waiting to be exploited, unlike Windows or Linux. OS X just needs to become more attractive for malware writers on a large scale.

That sentence there is the usual cast-iron denial you get from nutcase OS X supporters.

There are some other security features Apple hardly talks about. At WWDC they announced Safari for Snow Leopard will have sandboxing of plug-ins, like Chrome. Also, a number of exploit prevention measures have been implemented, such as improved ASLR, "stack-smashing" type preventions for areas of memory besides the stack, and so on. Of course, most of these are available to people running Chrome and Vista already, but they should make hackathons much less embarrassing for Apple in the future.

Edited 2009-08-25 22:49 UTC

I guess their decision is to keep those sorts of details far from the end user and just tell them, "improved security". If you've seen an ordinary person roll their eyes when they start hearing technical details you can understand why Apple doesn't make the specifics of their security features on their marketing blurb.

WWDC was technically speaking a developer's conference. Apple other than commenting on the stability (which incidentally is a security improvement) improvement in Safari due to the plugin-sandboxing was *silent* on the security improvements in 10.6, and in fact has been totally silent in all of their marketing and announcements about Snow Leopard security until this week, when it got put into a corner of the "64 bits" sub-site where you read "details" of the 64 bit technology. They, on contrast, have far from been reticent about OpenCL, Grand Central, and 64 bit addressing. No, there's more to it than simply user-friendliness in what is, after all, a technological-improvements release.

Exactly, have to agree, it’s just detects the two known trojans when you try to mount a DMG—it’s not a background scanner and it’s asinine (and shows deep lack of technical understanding) from the pundits to think that from this screenshot.

Hmmm. That does seem to make some sense. I can't wait to get my copy!

Well, I would say it's neither ClamAV or a commercial scanner. If one is developering an operating system, as Apple is, there are far more efficient ways of detecting malware, than to license a commercial scanner, trust me. It will probably be a very lightweight library, part of CoreServices.

They contracted Symantic people to include the Audit(1) service in Panther, they pushed it out to BSD but they always say, "written by Symantic under contract by Apple" in so many words on the documentation of this. I suspect it was Symantic.

"I thought surely that they would scan for viruses instead of anti-viruses. ;-)"

Norton bloatware is more of a threat to my system than most viruses. There's surely a market for anti-virus scanning software

Reminds me of a girl I used to work with. She handed me a burnt CD of Norton's and asked "Can you install this virus on my computer?"

Does anyone else out there think Apple has included this feature, not so they can block real malware, but so when Rixstep discovers the next OS X security flaw and writes a proof-of-concept exploit, Apple can block it from running and therefore leave people in the dark about the flaw?

Maybe that was her pickup line?

Indeed, but is it bloatware of crashware? The last time I had Norton Utilities on my Mac (Mac OS 8.x?) was when they introduced CrashGuard, which crashed my system more than any other software.

McAfee and Symantec's marketing on the Mac platform hurts them already - NAV and McAfee have the well-deserved reputation to be even more shit on MacOS, of dying on OS updates, of hogging up the machine, of being late on library updates, and they sell the "hundreds of viruses" fear by making people thing MacOS classic viruses can still affect OSX, which is an entirely different system.

WTF are you talking about? Apple is NOT a monopoly, especially not in the PC market.
Almost every jurisdiction in the world treats monopolies differently.

Actually that's an interesting question MollyC is asking: how will this affect Symantec and McAfee? And what will the EU think or do about this?

1. Just like there's AVG Free for Windows, there is also a free tool available for Mac OS which I find rather charming (and which I use), called iAntiVirus. This may also affect their sales negatively.

2. Though virus definitions are OS-specific (which is your point in bold), I must remind you that the suites of Symantec and McAfee do also scan for the existence of viruses and malware that could affect Windows (e.g., to prevent you from sending infected emails).

3. If the speculations about involvement of either Symantec or McAfee were right, this may mean the question of which will have the main anti-virus share on the Mac OS platform would already have been settled, as technology from one of these parties is readily implemented.

4. Your rhetorical assertion that the EU protects Apple is ridiculous and misses ground altogether, especially in this case. Just like BOTH Microsoft and Apple have included a firewall in their OS, they are also both entitled to including anti-malware functionality. Personally, I even expect Apple to put in a fairly simple system and leave the market open for among others Symantec, McAfee and iAntiVirus.

There are two or three trojans for Mac OS. Symantec's and McAffee's Mac business is purely Fear-Uncertainty & Doubt. They sell a false sense of security and that's all. They scan for Windows viruses too, an area Apple would never cover, so I don't see this simple DMG detection in Snow Leopard affecting their bottom-line.

My feeling is that third party scanners are the parasitic program to be added in after the fact. I'd much rather a platform who's developers respond to viruses as "proof of concept" and correct the fault they exploit. I can accept an OS developer provided applet as part of that provided it demonstrates a better effective rate than third party addons or can be superseded by those addons if they prove better.

Still, it's more about correcting the vulnerability rather than getting into the addiction of relying on third party parasitic industries with "it's not our fault" thinking. I would have more easily accepted Windows properly designed requiring AV companies to write better software rather than backing off and allowing the kernel hooks to be added back in. I can accept osX shipping with included IDS also.

The rest of my platforms provide a long list of IDS available from the repositories so no reason to fault the first two for the same attribute provided it stands up under testing.

lol, Apple has a "monopoly" in making Macintosh computers in the same way that Blizzard has a monopoly in making World of Warcraft.

Really?:
http://www.edri.org/edrigram/number5.18/ec-apple-prices
http://www.edri.org/edrigram/number5.7/ituned-free-drm

Not many, but they had some issues with the commission. The antitrust office is quite an active one, and I don't think it has many friends.

Anyway, its common hearing people blaming EC and I can't understand why (yes I do but won't say). As an European I feel happy they kick anyone ass whenever it's necessary. In fact, the biggest benefit of being part of the EU is the tremendous work done on consumer protection laws -- from food and drugs regulations, mobile prices, get microsofty behaving....

... and the antitrust commiseration doing its job

Reminds me of how there are now worms that disable McAfee and Symantec anti-virus software before wreaking havoc. It is a symptom of having security as an add on rather than it being integrated right into the operating system itself. I have a feeling that how Apple does it is by having it integrated right into the way it handles the file so that it isn't possible by something to disable it without bringing down the whole OS - which would undermine a silent infection occurring behind the scenes.

Assuming that is indeed the case, it does carry a big downside: keeping the "list" of bad files up-to-date. Apple has a history of keeping things lingering around.

Windows Defender gets updated regularly in the background (in 7 at least, where Defender is an integral part of the OS), separate from the normal update cycle. Apple will have to do the same for this functionality to not only BE effective, but REMAIN effective.

Of course, this isn't an issue now, as said. There simply aren't any serious threats out there for the Mac OS right now.

I would hope they have realized by now (which their ads suggest) that one of their selling points is the (relatively) trouble free user experience on a Mac and put some resources into this.

A friend complained his machine (windows) was slow a while back. I did a netstat and saw some 100 connections to various smtp-servers. If he were on a Mac and the scenario was the same, I'm not quite sure he'd be the first in line to get another Mac.