“As a long serving citizen of the Internet I have, in my time, accumulated membership to a number of email groups. It was in one of these groups that I first heard reports of a virus (Leap.A) that had started to infect Apple’s Mac OS X operating system. I was not surprised that this had happened; in fact I was quite taken aback that it had not happened before! But I was flabbergasted by the response of the Mac Mafia to this news. The assumption that something is infallible is at best naive and at worst stupid; it can only invite trouble.”
Mac users are really doing themselves a disservice by refusing to confront the problem. Is it possible to keep an OS virus free forever? Probably not, but I’d hate to see the Mac community get to the point where they have to aknowledge the problem because more and more malware infects their machines.
You’re telling me …
I used to hate Macs simply because of the zealous Mac users, frothing at the mouth with Apple marketing propaganda. Then I switched to a Mac, but I have yet to be afflicted with this illness. I look at things realistically.
Mac users have *many* inbred and fallacious beliefs that they spew repeatedly. There is, of course, the whole thing about viruses and malware. There are the ones about security and UNIX. There is (recently talked about here) the su vs. sudo debate. Oh, there’s a good one about HFS+ and fragmentation/defragmentation as well.
All in all, it can be summarized as “Mac Mafia bullshit”. It’s good to ignore it. 🙂
You keep talking about HFS+ and fragmentation, can you show some evidence of degraded performance due to fragmentation on an HFS+ volume? Please do.
Anyway, the “article” was pretty pathetic. The third category is really right. It’s a so what virus like most Windows virii. It preys on the weak minded (much like lotteries and most other forms of gambling) by getting them to do something stupid and then using that against them.
The virii which aren’t ho-hum are the ones like Sasser and Blaster. Oh, and there were some really nasty telnet and smtp virii (actually worms) back in the early 90’s and late 80’s I believe.
A virus becomes a big deal when it becomes a big problem, for users (the majority of the vocal Mac group). It’s a big deal for administrators immediately. And it’s a big deal for programmers, often, before anyone else ever hears of it (if they work on the affected project).
I think that as an administrator he misses the point: The people who think it’s no big deal think so because they don’t manage other people’s computers. They know how to prevent it for themselves, do, and don’t care beyond that until it becomes worthy of talking about on NBC Nightly News.
> You keep talking about HFS+ and fragmentation, can you show some evidence of degraded performance due to fragmentation on an HFS+ volume? Please do.
You don’t need evidence — you just need some logical thinking.
In this universe, physics dictates that the time taken to seek to 2+ locations on a disk will always be more than the time it takes to seek to only one location. Oops, there’s your performance degradation.
Fragmentation is simply a reality of *all* file systems designed to work with sequential storage mediums.
“I used to hate Macs simply because of the zealous Mac user”
Funny, I dropped linux for that …
…truth is that your XP box is more likely to be harmed by Norton/McAfee than you Mac is to be harmed by a virus.
http://news.zdnet.com/2100-1009_22-6048709.html
I don’t understand why we keep seeing articles about a problem which could exist but doesn’t actually exist. What there aren’t real problems to deal with. I think this is simply people looking for website hits.
Macs have ACLs. ACLS work against viruses. Macs have a working Sudo method rather than administrative accounts, again works pretty well for viruses. They aren’t impenetrable and if the cracker community went after Macs in a hardcore way they would do a lot of damage. But they aren’t and so right now its a story about nothing. Why write about a problem that might happen?
Because fear-mongering is how consultants and bankers make money, silly pleb.
Because fear-mongering is how consultants and bankers make money, silly pleb.
You also gotta love the fact there is an ad for an anti-virus package for mac right next to the headline.
Way to miss the point of the article.
Macs have ACLs. ACLS work against viruses.
As a Mac user, I hate to break this to you, but Windows NT had ACLs long before OS X (Tiger was the first version to have ACLs). NT’s ACL feature is also much more accessible (under Tiger Client, you have to use chmod to manipulate ACLs). I doubt many OS X desktop users would benefit from ACLs in its current form.
Macs have a working Sudo method rather than administrative accounts, again works pretty well for viruses. They aren’t impenetrable and if the cracker community went after Macs in a hardcore way they would do a lot of damage.
Technology is not the problem here. The biggest security problems facing OS X are social engineering attacks and they feed on this kind of complacency.
NT’s ACL feature is also much more accessible (under Tiger Client, you have to use chmod to manipulate ACLs). I doubt many OS X desktop users would benefit from ACLs in its current form.
You’re correct on both counts. Be aware, though, that ACLs in Leopard will not require opening a shell to manipulate.
As for your second point, any household with multiple users sharing one box (think family) will benefit strongly from ACLs. The average user is a hell of a lot more likely to understand user-based permissions than having to invent groups for each application and manually administrate those groups’ members. What it lacks is a comprehensible interface, and Windows’ is good but has room for improvement.
(…) But they aren’t and so right now its a story about nothing. Why write about a problem that might happen?
I’m thinking exactly the same. Why bother writing this dumb articles about possibility of some asteroid crashing into Earth, let’s wait until this happens and then we’ll think about how we could have prevented this.
I’m too sleepy to respond to rest of the Mac propaganda.
Macs have ACLs. ACLS work against viruses. Macs have a working Sudo method rather than administrative accounts, again works pretty well for viruses.
Windows has similar mechanisms. ACL have been in NTFS since I don’t know when, and “runas” is pretty much the same as sudo:
http://www.microsoft.com/resources/documentation/windows/xp/all/pro…
Both Windows and OS X create default user accounts with administrative rights, while still requiring extra effort to modify essential system files (if you modify the wrong file, Windows will automatically restore back an original copy, ask anyone who changed uxtheme.dll).
Edited 2006-03-23 19:00
From the article:
But surely the most significant reason that there are so many viruses for Windows is because the vast majority of the world uses Windows.
That is the author’s main premise here, and it has been disproven before. Yes, marketshare is a factor in the presence of malware for a platform, but it is not “the most significant reason”. If that were true, then Windows will never be able to be safe and secure, as it has an overwhelming lead in marketshare, and OSX, Linux, etc. will be much more secure by comparison. And that is just not true.
If his point was that “no users should EVER consider themselves to be secure because they use Product ABC”, then I would find myself agreeing with him much more. I wish that this would have been the message he was trying to drive home, instead of just touching on the point that no OS is ever 100% secure.
If that were true, then Windows will never be able to be safe and secure,
Windows will never be safe and secure. This is a reality.
…and OSX, Linux, etc. will be much more secure by comparison. And that is just not true.
They ARE more secure.
Edited 2006-03-22 20:36
Windows will never be safe and secure. This is a reality.
Not true. In general, any statement that uses the terms “always” or “never” are seldom true. Your statement falls perfectly into this category.
Windows can be set up very securely. In the past, the defaults were rather insecure, but much of this has been fixed. XP brought decent user separation for logins. XP SP2 brought in decent firewalling. Much of the other security problems are users running as root, not updating, and doing other poor practices.
I am a *nix & Open Source kind of guy, but it isn’t fair to throw mis-statements around.
and it has been disproven before.
That’s misleading. It can’t be disproven until OSX has the marketshare windows does. I think what you meant is that there is no proof and can’t be proof that such a thing is true unless it happens.
You already have your disproof. Microsoft IIS versus Apache. Apache has two thirds of the server market and IIS has less than a third.
Now go look up Secunia advisories marked severe for both platforms and come back here with the hackneyed “Ugly girl doesn’t get the STDs” argument.
OS X isn’t impenetrable, but it’s built off a core OS which prioritized multiuser security first instead of tacking it onto the existing OS (like OS 9 or Windows).
I run as a non-admin user without software installation privileges and keep an admin account solely for installing software. This should be the rule for every OS, but only one OS is plagued with a large amount of software which cannot be run in anything except administrator mode, games included.
There’s a big difference. IIS still has a significant market-share.
You already have your disproof. Microsoft IIS versus Apache. Apache has two thirds of the server market and IIS has less than a third.
Now go look up Secunia advisories marked severe for both platforms and come back here with the hackneyed “Ugly girl doesn’t get the STDs” argument.
Um.. what?
http://secunia.com/product/1438/
IIS6 has been out since 2003, and I don’t see any highly critical vulnerabilities there. IIS6 has actually proven itself quite robust so far. It has not, AFAIA, been affected by any major exploits like 4.x and 5.x were.
I stand corrected on IIS6 and apologize for jumping the gun there.
I remain by my deconstruction of “Ugly girl doesn’t get the STDs” as a Microsoft talking point on security through obscurity.
Attacking Apache is far more lucrative than attacking IIS.
Many people earnestly announced that due to the quality of the programming of Mac OS, it was impossible for Macs to get viruses.
We shouldn’t go quite that far here in the Linux camp, but I empathize with the sentiment.
Whenever people warn me about a virus, I always say, “I use Linux.” Then I often have to translate it to “I’m not affected by viruses.”
Maybe one reason that Linux has so few security problems is that to use Linux, you can’t just go to the supermarket, pick up a PC and plug it in. You have to do some work and have some understanding to get to the point where you can even connect to the internet.
People who would be inclined to fall for the social engineering employed by many attacks are less likely to put forth the effort to use Linux. While I salute the OSX foundations, the same can’t be said about the Mac, because it’s so much easier to get started. I wonder what percent of users from each camp would fall for this when trying to view set of pictures:
The user is prompted for admin credentials to launch the malicious code…
Whenever people warn me about a virus, I always say, “I use Linux.” Then I often have to translate it to “I’m not affected by viruses.”
I am sure you are aware that they are viruses for Linux.
This being said, I tend to think virus authors are even less interested in writing for linux, not only because of its security technologies, its relatively small market share, but also the fact that most linux users are very security conscious, which means social engineering attacks are very unlikely to work.
Why do we get these bashing articles that pin mac users as the dumbest on the planet.
Get over this bs and inform the Mac-Community, instead of bashing.
Why do we get these bashing articles that pin mac users as the dumbest on the planet.
Not true. Windows users are, on average, the dumbest people on the planet.
Actually, I believe it may be you, for propagating such bullshit
I think you read too into it. He didn’t say that certainly, nor did he imply it. I’m not sure where you got that from, in fact.
That is the result of having overwhelming market share.
It will be safe for as long as chickens have lips.
Look all the hype surrounding the reported mac “virusses” and “adware” was pure FUD. I am *still* waiting for the first reported infection in the wild.
There is an effort going on to blacken the mac’s reputation for security which has become a major selling point. This is augmented by name calling as in this article “at best naive and at worst stupid” and misinformation “the assumption that something is infallible”.
Nobody is assuming OSX is infallible except some idiots, the kind which also exist on Windows and Linux and claim those OS’ will solve all of life’s problems. So stop the hate-campaign already.
Edit: I’m normally not one for tinfoil hats, but to my mind the regularity with which the same BS story keeps popping up all over the place indicates some serious astro-turfing going on
Edited 2006-03-22 20:49
Look all the hype surrounding the reported mac “virusses” and “adware” was pure FUD.
Oh? So the things that were reported (and some still not fixed, like the Mail/Safari problems) are all fake? They have been made up?
And the term adware was never used, iirc.
There is an effort going on to blacken the mac’s reputation for security which has become a major selling point.
Cut the nonsense. Next thing you know you’re gonna tell me Microsoft and aliens are behind all this.
Nobody is assuming OSX is infallible except some idiots, the kind which also exist on Windows and Linux and claim those OS’ will solve all of life’s problems. So stop the hate-campaign already.
There are alot of Mac users out there (I’m actually a Mac user myself) that think that using OSX makes the virusproblem something to not worry about. Just check the post by i.e. jeffb above. The more Mac users squeal there are no and will be no problems related to security, the more people will try to disprove them.
Oh? So the things that were reported (and some still not fixed, like the Mail/Safari problems) are all fake? They have been made up?
Sure there are problems but the response is disproportionate. Pure FUD as they don’t offer solutions but do nothing but wildly exagerate the problem. To contrast nearly every mac related site has posted security tips for users and generally informed them about basic security.
And the term adware was never used, iirc.
Malware then. I’m not really up to date on the difference between the two.
Cut the nonsense. Next thing you know you’re gonna tell me Microsoft and aliens are behind all this.
Well the same BS keeps resurfacing every month on a new no-name site. Point is most new mac users have told me security played a role in their decision and this story which refuses to die expressly damages that reputation. When what is essentially a non-story (Leap.A, the most limp-wristed virus in recent history) refuses to die even after months I get suspicious. Well these guys are “security consultants”, “Wiens brood dat men eet, wiens woord dat men spreekt” I guess.
There are alot of Mac users out there (I’m actually a Mac user myself) that think that using OSX makes the virusproblem something to not worry about. Just check the post by i.e. jeffb above. The more Mac users squeal there are no and will be no problems related to security, the more people will try to disprove them.
A lot of windows users think just installing Norton will solve all their problems. Idiots are everywhere. And another FUDing article that offers no tips or constructive advice surely isn’t going to change that.
Edit : the dutch proverb translates roughly to “you speak the words of the provider of your bread” FYI
Edited 2006-03-22 21:11
” It was in one of these groups that I first heard reports of a virus (Leap.A) that had started to infect Apple’s Mac OS X operating system.”
Yes what do you mean with “started” is that is a real objective presentation of the situation? is there no innuendo there at all ?
Assuming the following:
(*) Fairly sanely configured firewall – that is to say, no file sharing ports left open to the internet
(*) Security patches applied in a timely manner (say, within 48-72 hours of their release)
(*) Spending the majority of time as a unprivileged user, rather than running as root or administrator or running sudo to install or run things all the time
(*) No internet-exposed server software (IIS, Apache) running
I wonder how many people would get worms or viruses at all. Does anyone know of any studies about this? I have mostly Linux machines here (and one FreeBSD), and two Windows machines. I’m fairly certain that even if I didn’t have a virus scanner running in the Windows boxes, I would not get any viruses / worm infections.
Do people really just run crap they download from p2p networks and receive from strangers in e-mail anymore?
I am really curious how insecure all of the major OSes are when deployed behind a sane SOHO firewall, with users who don’t do absolutely boneheaded things. I haven’t had any kind of problem with my Windows machines in years (some spyware, but I knew what I was getting into with some seedy shareware – cleaned it off with some software).
I have to honestly wonder if the OS you run really matters if you run in a nominally sane environment.
Maybe a better question and discussion is how to get your average user to understand the need to run in a sane environment, and a step-by-step howto for new users on how to set this up.
Quite obviously there will always be servers on the net with ports open that the latest-and-greatest worms will take advantage of. But unless my perception of things is seriously distorted, we should be a lot closer to zero-virus infection rates across all OSes for home users than we are now.
Moreover, listening to “My OS is more secure than yours!” is kind of like listening to a debate on the merits of New Kids on the Block in 2006. It’s incredibly passe.
What we should be doing is helping everyone to secure their machines, because we all benefit, no matter what OS they run. From what I read today about Vista, it should be more secure out of the box in terms of taking an important stride forward – encouraging users to work in a least-privileged environment.
Technical people, developers, geeks, nerds, power-users…us…we need a more united front against the idiots who write viruses and worms. If we took the time we spend (And I’ve done it, I’m not being sanctimonious here) scoffing at other OSes and their flaws, and used it to secure our parents’ Windows boxes or whatever…Imagine what a better place the net would be.
“Do people really just run crap they download from p2p networks and receive from strangers in e-mail anymore? ”
Yes they still do it. You can tell them 50 times, they’ll still do it. Because the Smiley on the .exe looked so lovely, really. That’s why they’re called idiots. And there are quite a lot of these out there.
You wouldn’t believe anyone would be stupid enough to fall for nigerians money scams or penis enlargment products…
“Technical people, developers, geeks, nerds, power-users…us…we need a more united front against the idiots who write viruses and worms. If we took the time we spend (And I’ve done it, I’m not being sanctimonious here) scoffing at other OSes and their flaws, and used it to secure our parents’ Windows boxes or whatever…Imagine what a better place the net would be.”
You can’t see me but I’m clapping! Unfortunately as true as the above statement is, there will always be someone double clicking that attachment……..
obviousely I would never suggest that any OS is virus/malware free. I think the reason why the “mac community” (whatever that maybe) reacted the way it did was the simple fact that no mac user has ever heard of a mac being infected outside of lab conditions, AND that the hype was totally disproportianate to the threat ( I recall BBC news articles on the “mac virus”).
I have to say though I own a Mac SE (which still works in full B&W glory btw) which at some point had loads of viruses (according to anti-virus at any rate). What those viruses did I can’t say because I never lost any data. It may have been system 4.x but still.
Why does everyone get so terribly offended at the concept that A might be better than B? OS X has proved to be less prone to problems than Windows for quite a while now, and while it is a good idea for the community to be aware that there might be more exploits in the future, at what level is this discussion even applicable to the overall Mac userbase? Does the author just want everyone to be scared and paranoid for the sake of being as scared and paranoid as the Windows community? “The assumption that something is infallible is at best naive and at worst stupid; it can only invite trouble.”
Being attacked because one is making a big deal out of something is very different than making the assumption that something is infallible, and it sounds to me as if this person is simply bent upon making a big deal out of this recent “virus” scare.
Ok, so the Mac isn’t perfect (I don’t think any reasonable person claims this).
I would still rather run a
1. Mac, standard install, firewall on, NO anti-v
than…
2. XP SP2, standard install, “protected” by Norton/McAfee http://news.zdnet.com/2100-1009_22-6048709.html
By McAfee’s own admission, they release a definition file every 3-4 months that can potentially damage the client system. That’s more than all known OS X ‘viruses’/malware combined!
Usually I would say that if you are just basically carefull a Windows XP machine doesn’t get infected that easily and that if you select your software carefully you don’t need antivirus software at all.
Sadly, any service pack 1 XP gets infected in about 10 minutes on the net (dreaded RPC vulnerability). And lots and lots of people have install CD that’ don’t include SP2. An OS that can get infected just by connecting to the net without visiting anything… this still has to be beat in terms of insecurity.
I know how annoying some hardcode mac-heads can be when talking about how supposedly secure their machines are while at the same time being the kind of people who would definitely run any app sent to them by some unknown friend (entering the password as required).
That said. There is still no problem with OSX as of today. Zero, nada, niente, nichts. In *real* life, not lab tests, proof of concepts, or security forecasting paid for by Symantec…
So you can keep on telling me I am unconscious and that the great cataclysm is coming. The day I start receiving e-mails from infected macOSX machines is the day I’ll start caring about viruses/malware again.
In the meantime, I’ll just sit back and relax, just like I did since the first day I got my iBook. I am offering a mini to my mother, so at least one person in my friends and family will definitely stop complaining about their antivirus conflicting with their antispyware.
And if it last just two more years? Well, those will have been nice, peaceful years. Enjoy it while it lasts.
For balance I suggest concerned readers read the following :
Basic Mac OS X Security ( http://www.macgeekery.com/tips/security/basic_mac_os_x_security ) for some good advice.
Digging deeper into the Leap-A malware ( http://www.macworld.com/news/2006/02/17/leapafollow/index.php ) The dirt on leap.a and why you’re probably not affected or how to solve it if you are.
Mac Attack a Load of Crap ( http://www.wired.com/news/columns/0,70257-0.html ) for why people like me are *really* tired of this non-story.
The same security measures will work on any OS, in my experience. First, stay well away from those who claim their OS is invulnerable. They will be saying this right up to the moment they get a nasty surprise and after that you won’t hear from them again.
Second, run an AV and firewall, on Windows run anti-spyware, shut off unwanted services, harden running services, use good passwords, harden your web-browser, patch when advised but only update from trusted sources, and stay away from dodgy downloads and mucky areas of the net. On Linux, use sudo, not root. And on Windows, shut off sharing and netbios stuff on networking if it’s just you and the internet. For email, follow the sensible precautions route which about 100,000 sites cover I should imagine.
Since about 1990 I’ve had only one virus which got picked up by my AV almost straight away. And that’s on Mac, Windows and Linux, as I’ve used all three OSes during that time. It’s not rocket science, just a bit of work.
Just a minor quip, but:
It’s Not a Virus!
Some respondents refuted that Leap.A was a virus at all; preferring instead to describe it as a worm; as if that’s somehow better. Technically correct they might be, but in my opinion it is immaterial, whether Leap.A is self propagating or requires user intervention to infect its target. The unwarranted presence of a potentially malicious third-party “program” on your system, and what it is about to do, is what you should be worrying about! Not what it is called. Worms are in fact more dangerous as they can infect vulnerable systems without user intervention.
He sketches an incorrect dichotomy. The difference between a virus and a worm isn’t the amount of user-intervention required to propagate it, it’s wether the malicious program inserts itself into another body, like a file, filesystem or word-document (which means it’s a virus), or wether it runs standalone and propagates either fully automated, or like a trojan (be it via email or open ports).
XP architectural design has proven to be a total failure, that is why Vista takes so long, at MS they are franticly trying to clean up the mess, good luck MS.
OSX is secure as an OS can be and if any issue comes up, Apple is fast enough to correct it. Yes we will see attempts to exploit OSX but we will never see a successful exploit.
Yes, I am a Mac-zealot and for good reasons.
Edited 2006-03-23 11:13