Linked by Hadrien Grasland on Sat 25th Jun 2011 08:55 UTC, submitted by John
Mac OS X "Using a Mac may certainly be a safer choice for a lot of people as despite being vulnerable they are not targeted. However this is not the same as Macs being secure, something Eric Schmidt erroneously advised recently. I may be able to browse impervious to malware on a Mac at the moment, however I personally would not be comfortable using a platform so easily compromised if someone had the motivation to do so. In this article I address just why OS X is so insecure including the technical shortcomings of OS X as well as Apples policies as a company that contribute to the situation."
Thread beginning with comment 478598
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: At least safer than
by pantheraleo on Sat 25th Jun 2011 20:37 UTC in reply to "At least safer than "
pantheraleo
Member since:
2007-03-07

Btw name 1 virus or worm for Mac OSX.


- OSX.Leap.A (Worm that propegated through iChat)

- Exploit.Evilgrade.A (tricked OS X into downloading fake updates, which were trojaned).

- Worm.OSX.Tored.A (Worm that propegated through Mac network shares and through Apple Mail).

Those are three that I am aware of without even looking very hard. None of them achieved very wide spread infections because they could only propegate through Macs. And since Macs were not very popular yet when they were creagted, many infected Macs searched in vain trying to find another Mac that they could infect.

But I have now given you three examples of Worms on OS X).

Edited 2011-06-25 20:40 UTC

Reply Parent Score: 3

RE[2]: At least safer than
by Alfman on Sat 25th Jun 2011 21:15 in reply to "RE: At least safer than "
Alfman Member since:
2011-01-28

pantheraleo,

"Those are three that I am aware of without even looking very hard. None of them achieved very wide spread infections because they could only propegate through Macs."


I always thought that the argument was (simply) that macs were less of a target for malware authors due to small market share.

However it never occurred to me to think that even when the mac os is targeted by viruses, those viruses will have more trouble than windows viruses in randomly finding more targets. The lack of targets would help retard mac virus propagation.

Reply Parent Score: 2

RE[2]: At least safer than
by Jennimc on Sat 25th Jun 2011 23:41 in reply to "RE: At least safer than "
Jennimc Member since:
2011-06-22

[q]Btw name 1 virus or worm for Mac OSX.


- OSX.Leap.A (Worm that propegated through iChat)


Sorry, Leap.A was at best (worst?) Malware. (not a worm or virus)


- Exploit.Evilgrade.A (tricked OS X into downloading fake updates, which were trojaned).


This exploit toolkit was a low threat-level multiplatform exploit tool that allows it to take advantage of poor upgrade implementations by injecting fake updates. (not a worm or virus)

- OSX.Leap.A (Worm that propegated through iChat)


Sorry, Leap.A was at best (worst?) Malware. (not a worm or virus)


- Worm.OSX.Tored.A (Worm that propegated through Mac network shares and through Apple Mail).


This is the only example where you have a point and even this worm had flaws that made it highly unlikely to be seen in the wild.

Edited 2011-06-25 23:45 UTC

Reply Parent Score: 1

RE[3]: At least safer than
by Alfman on Sun 26th Jun 2011 04:32 in reply to "RE[2]: At least safer than "
Alfman Member since:
2011-01-28

Jennimc,

"Sorry, Leap.A was at best (worst?) Malware. (not a worm or virus) "

Wasn't Leap.A this the virus which propagated through a jpeg decoder vulnerability? The executable payload was run whenever the remote user's thumbnail was displayed, at which point one's own jpeg thumbnail became infected. Why doesn't that qualify as a computer virus to you?



"This is the only example where you have a point and even this worm had flaws that made it highly unlikely to be seen in the wild."

It sounds funny to me to hear people downplay security vulnerabilities in this manor. If researchers successfully write a working proof of concept virus, but it is never released into the wild, then I'd still argue that it should still be considered evidence against a platform's security.


Look at recent security updates for OSX.

http://support.apple.com/kb/HT4723

"Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution"

This is one of many arbitrary code execution vulnerabilities mentioned. Hopefully this is fixed now, but I can guaranty that there was some mac chap somewhere boasting mac os as invulnerable, even though this was wrong. The lack real world attacks, if anything, demonstrates a lack of motivation.

No operating system has a perfect track record. Don't deny it, just fix it and move on.

Reply Parent Score: 3

RE[3]: At least safer than
by pantheraleo on Mon 27th Jun 2011 17:32 in reply to "RE[2]: At least safer than "
pantheraleo Member since:
2007-03-07

Sorry, Leap.A was at best (worst?) Malware. (not a worm or virus)


Ah. Another Mac fanboy who either doesn't want to admit it was a worm, or doesn't know what the definition of a worm is. Leap.A took advantage of a JPEG decoder vulnerability in iChat as others pointed out. And propegated by sending itself to other people in your iChat contact list. So yes, by definition, it was a worm.

This exploit toolkit was a low threat-level multiplatform exploit tool that allows it to take advantage of poor upgrade implementations by injecting fake updates. (not a worm or virus)


It was a worm because one of the fake updates that it was possible to inject through it was the exploit tool itself, which would then turn the infected Mac into a fake update server that could infect other Macs. Again, it meets the definition of a worm.

This is the only example where you have a point and even this worm had flaws that made it highly unlikely to be seen in the wild.


It was seen in the wild. But as I said, not very often because Macs were not very common in the wild. It mostly infected corporate networks that had a lot of Macs running on them.

Reply Parent Score: 2