“In the wake of the Flashback botnet which targeted Mac computers, Apple has removed a statement from its messages on its website that Mac operating system X (OS X) isn’t susceptible to viruses.” It was an untenable statement anyway. Security is an illusion.
I bought a Mac because Apple claimed it’s insusceptible to viruses. Does anyone know how to get my money back?
I already have two computers running two different operating systems that have security built-in. I don’t need another one.
So you paid over $1000 to have a computer that doesn’t catch a virus, while you already have 2 systems that are protected and could have used that $1000+ to buy the most expensive pro version of any firewall/virus scanner around?
I think he was joking
They thought Hannibal was joking when he went to the local circus to borrow some elephants. We all know what happened!
I think you need this:
http://scoopertino.com/new-app-makes-it-easy-to-get-rich-off-of-app…
😉
Since any user from OSNews should know that there are no 100% secure OS, you are to blame yourself for believing in such hype.
Security is hard, and most normal users don’t bother with it.
Even if they get a proper configured OS, there are many stupid users that will just “Press this to…” when asked, regardless how good the OS is in regards to security.
I think that he is being sarcastic.
Fun fact: This isn’t true for Windows and other updates.
Edited 2012-06-26 11:59 UTC
In what sense?
Since the NT early days, if you have a proper configured Windows NT system, it is as secure as UNIX (discounting possible not patched exploits).
If the user is running as administrator, or knows the administrator password, then it is as secure as his/her can make use of the respective brain.
Edited 2012-06-26 12:26 UTC
It depends on your definition of “properly configured” and disregards the frequency of zero day exploits for the system. Prior to Vista, many programs required the user to be an admin and did not prompt for serious modifications to the system configuration. All of the above, contributed terrible security for the end user until Vista.
After which, UAC contributed terribly by making Vista a massive pain in the ass. And to this day, I still see “modern” Windows systems (Vista, 7) infested out the ass with malware. Despite UAC. In other words, Vista didn’t fix shit.
As badly as it’ll make Windows blow, Microsoft forcing Windows on ARM to break 100% compatibility with x86 programs will at least “protect” the OS from malware, in the sense that there won’t be much (if any) written for it in a while. It’ll be relatively safe just long enough for the OS to get a foothold on the ARM market, which is currently dominated by Linux/Android and iOS. But it’ll still be just another version of the same Windows; give the dumbass masses time to switch to it and the software writers to follow, and malware will be as plentiful as traditional x86 Windows versions.
Edited 2012-06-28 06:38 UTC
No operating system can fix the lack of brain of most computer users that install every crap they land their hands on.
Yes, and as I said, I expect it to be only a matter of time after release that Windows 8 virtual dominates the ARM architecture. And it will bring all the traditional dumb Windows users with it.
I totally agree, Windows NT was really well designed, i agree that if it’s used correctly however i would also say the problem with NT Security can also be blamed on application creators and i put Microsoft at the top of the list.
I say this as it was quite evident that the OS team didn’t work at all with the applications team, that Office and pretty much all Microsoft software requires administrator rights to install and in some cases run, the escalation part of windows administration was completely forgotten about until it became standard practice to setup standard user accounts with administrative privileges, something we are paying for and trying to unwork in the present.
No man made device is flawless, especially something as complex as an Operating System.
If you mean, they refuse to “click here to install updates”, then you’re probably correct. The worst part about windows updates is that they often require a reboot (even under windows 7!).
How is it that malware writers are able to build malware that can dig into the deepest parts of the OS immediately after a user clicks a button (or even without that), while Microsoft can’t even live-update their own OS properly and requires a full reboot?
A live update that succeeds on 99% of systems is an enormous success for a malware author.
In contrast, a live update that hoses 1% of systems unbootable is a disaster for Microsoft.
This isn’t strictly limited to live updates. Ever tried to troubleshoot a failed update in Windows 7 that installs, reboots, starts configuring, then locks? Not fun. Live update or no live update, it still rendered the install unbootable until it could be fixed.
However, as a Mac user myself, I feel obligated to point out that Apple isn’t all that great at live updating either. There are some updates, sometimes for OS X-provided applications, that still require a restart when they really shouldn’t need one. I will say that Apple at least packages updates more cleanly. Ever done a Windows update that installed some security patches and then, on the next reboot, you need to run windows update again to get yet more security patches to fix problems in the security patches you’ve just applied? One would think that Microsoft would at least packages these in a more coherent fashion. Granted, they do occasionally have “cumulative security updates” but even those often don’t have the latest patches and require a few rounds of updates to get them all. Aside from being a general pain to those of us who have to maintain them and resulting in a machine having more down time than it really needs, this does eventually leave a lot of files lying around the system. They have gotten a bit better with this since the days of XP sp3 but still nowhere near Apple or the various Linux distributions. I can only hope this will be one area addressed in Windows 8.
Yet OTOH, OSX updates tend to have silly size (even stranger, some of Apple fans seem to boast about any supposed network problems this brings); while, on the plus side, MS patches tend to be smaller, more manageable.
And still, those “staged” updates also most likely stem from possible implications of a failed update (even if very rarely, that would still end up in a massive number of end-user machines with Windows) – less testing when the process is more strictly specified like that, I imagine.
Apple was selling security through obscurity. Security experts will tell you this never works. In reality, it may stop some script kiddies, but never anyone who wants to do real harm to you.
Any OS can get a virus. It’s simple to write one in whatever language is commonly used by that OS. With OS X, I could write one as a bash script even. It is fairly hard to gain root on an OS X box without user approval, but one doesn’t need root necessarily. Some of the best viruses on Windows infect the user profile and spread through infected documents on the network or get injected into the browser as a plugin, etc.
I’m typing this on a Mac. i do like them, but frankly I never felt invincible. if anything, my laptop is more secure because it dual boots Linux and MidnightBSD and both of those have much less marketshare for desktop use. It’s only more secure because no one cares enough to write a virus for it. Mac OS X is now very popular if you count iOS variants. There are a lot of people trained to write Cocoa apps and can now write malware too. On the bright side, there are few viruses so far for OS X compared to Windows.
There are several free antivirus solutions for OS X including Avast, Sophos, etc.
And now they will replace the statement with an AD, to <insert_famous_anymalware_here> that will be installed by default on your MacOS with a 30 day demo license.
¬¬
Finally
Yes, but you know they’re going to eventually release a version of OSX that only allows applications from the app store, at which point they’ll declare it virus free again.
Obi-Wan: “I semse a great disturbance in the Force.”
Luke: “Millions of voices suddenly crying out in terror, and then suddenly silenced?”
Obi-Wan: “No, a disruption in the Reality Distortion Field.”
Edited 2012-06-26 16:49 UTC
Well, no wonder they pulled out this statement. It’s a false statement now. I actually think it is quite honest move and I don’t consider it to be bad. They acknowledged a problem [for once].
“Security is an illusion.”
Now, I can’t agree with you, Thom. At least not entirely.
Security is definitely NOT a product [like MacOSX/Linux/Windows/whatever]. It is a PROCESS [quoted after Bruce Schneier]. Thus, as long as you have good platform [good implementations and good quality of code], good maintainance of the whole project and system processing you can basically avoid some serious problems, although they are not unavoidable. As we all know zero day vulnerabilities happen anyway.
The difference here would be that in Apple’s case it was a VIRUS and it could had been prevented, while in zero day vulnerabilities it is basically unavoidable.
I’m a Mac user myself, but I’m not affected by the rdf. I’m glad Apple finally removed the spurious virus-free claim. I can’t count the number of people who’ve seen me using my Mac and go “so you can’t get viruses on that thing?” Any os can get a virus or other malware, no matter how secure and OS X isnot secure by default. As long as there are enough users to make your platform of choice a target, there will be malware for it. Even *NIX has had a few malware attacks, anyone remember Code Red? You are not secure by default, no matter what you use. There’s only one real defense against these types of things, and that is good, old-fashioned and yet scarce, common sense.