Interesting quote:
Mr. Reynolds - "The Mac OS is also a harder target, partly because open-source code and limited hardware diversity..."

So, OS X is a harder target because it is "open and closed"?
Windows is completely MS, but has diverse hardware... that means Windows is an easier target because it is, what, "closed and open"???

I suggest reading this rebuttal to the claims about OS X's vulnerability: http://www.unsanity.org/archives/000396.php

What amazes me is that we hear these warnings in ever increasing timbre, yet the basis for these warnings never seem to change.

"There are so few Macs out there that no virus writer would bother with, BUT IT COULD HAPPEN!!! Also watch out for falling meteors, cows, and the occasional ice encrusted frog."

If there are so few Macs around then why is this news now, and why does it continue to bubble up with increasing frequency?

A possible answer is that perhaps there are more Macs out there then many would like to admit, and still no viruses. Another possibility is that companies whose business it is to market protection software are seeing a marked increase in the number of Mac, but not a similar increase in the software they sell. How else to drum up sales than to scare the natives?

For those of us who use Macs daily, these warnings are annoyances, but for potential switchers, these warnings could mean the difference between them choosing a Mac or another Dell. Which should make any conspiracy theorist happy.

The net of it is that Macs are, for the time being at least, safe from viruses. If one ever does show up, it wouldn't take a lot to get your Mac patched.

Vern Seward

Quote

A hybrid worm targeting both the Mac OS and Microsoft Windows could be developed, but such an attack would be difficult to orchestrate

i am curious as to how such a virus/worm could be developed

OS X and Windows are on completely different chip architectures, and unless a front end universal translator was installed first it will always be platform dependant (for the same reason .exe cant be read with OS X and .app cant be read with Windows)

yes, with apple getting a bigger mindshare, and a bigger presence in public, i think that attempts at attacks are not too far off-- the difference is that attacks are being administered against a system that has firewalls and other security measures, as compared to the first few malware attacks on windows

TRO

There is a primary difference between the "might happen" of homeland security, and the "might happen of Symantec, et.al.

Homeland security issues warnings to basically cover their butts if something nasty does come about; thus avoiding the finger pointing and blame laying that occurred after 9/11.

Symantec (and now Gartner Research) are issuing warning in order to sell Mac Users a basically unnecessary product; thus increasing their sales.

Now, if Homeland Security were selling plastic wrap for houses, then there would be a direct parallel....

Warning.

There are companies who's profile is so low that they need to spread concerns about fictional problems in order to boost interest in their services.

The technique is sometimes referred to as 'security cures obscurity'.

Just because their profits have been poor and their track record has been lamentable, it's not safe to assume that they will always be immune to publicity.

Analysts have discovered a number of vulnerabilities in the business plans of those companies and the companies are trying to patch things up.

"Mr. Reynolds noted that because of the Mac's small market share, the chances of a virus or trojan
gaining any traction is relatively small"

Actually, because of the Mac's reputation for being immune to malware, OS X is a big target for serious malware authors. Market share honestly doesn't matter. It's claims of being bulletproof that makes the people who can really do damage stand up and try attacking a system. And for four years now, OS X has proven those claims of being bulletproof as true.

Isn't it insane that Windows is such an insecure operating system that an entire sub-market grew up around it?

I am hoping that the Department of Homeland security is basing their warnings on intel, an no RC that is not "Intel". Are terrorist cells increasing their communictions "chatter", have suspect terrorists made travel arrangements or have gone underground, things that would point to a possible attack forming up.

Gartner on the other hand probably doesn't have an intel network looking at hacker activity.

True we are runing a pretty secure OS. However, that doesn't mean we OSX users can rest easy, sooner or later we will get hit. When I was in the U.S. Navy my mentors were Pearl Harbor vets. As Winston Churchill said "The worst case scenario should not come as a surprise."

Practice safe computing

Are these groups/companies owned (or paid off) by Microsoft? Sure seems like it. And really, that's not a bad idea for Gates and his cohorts. Buy up a virus company and use their "neutral" status to push the FUD.

None of these "Chicken Little" virus scare articles even touch on the truth.

There will, someday, be an OSX virus/trojan/worm...but we haven't yet seen anything close to that day.

Back in my Classic days, I had a virus which started to 'eat' up folders and finally, whole applications. I managed to detect the culprit and its name was Norton SystemWorks! I am not so technically advanced that I don't know how that was achieved, but I had to reinstall the OS for the only time in my 7 years as a Macuser - and since then I have been very careful with touching anything Symantec.
Anyway, I dared visit their site the other day and used their online test which told me my system was safe and secure with my firewall. In case the market share should hit us, I have Virex and I haven't still told any virus the password for my Admin account and I don't know how it would be able to find out how to get into the root account, since I haven't done so, myself. Maybe it is hidden in my subconscious and the virus can enter into those murky realms?

I would be very happy if the next warning could elaborate a little on the different 'locks' and 'walls' an intruder would have to get through on Mac OSX, instead of sowing only seeds of FUD.

Quote

randompro42 wrote:

Quote

A hybrid worm targeting both the Mac OS and Microsoft Windows could be developed, but such an attack would be difficult to orchestrate

I am curious as to how such a virus/worm could be developed.

Without going into precise details that could be used to construct such a beast, the idea would be to use one worm as a launchpad for spreading the other. Something similar was proposed once in a paper out of UC Berkeley, in which a worm written for IIS embeds exploit code for IE into web pages, which then uses the infected client to search for more IIS hosts. This uses a server-side worm as a base for a client-side worm, and vice versa.

There is a rough analogy to species-hopping biological viruses such as influenza, where the virus spreads from birds to humans, using the birds as a biological reservoir.

Such a hybrid is certainly possible, but would probably be comparatively large, and would require one or more persons with knowledge of coding for both platforms.

In short, it's doable, but don't count on it happening soon.

Jason

Because of the Mac's reputation for being immune to malware, OS X is actually no target for serious malware authors. Today, malware is written to make profit. There are about one million or so zombie PCs around, ready to send spam, ready for DDoS attacks against victims that can be black-mailed, ready to spread the next virus. Access to these zombie PCs are for sale for cash. There is real money to be made.

Who cares if you can infect a few hundred Macintoshs? There is no money to be made. Zero ROI (that's Return On Investment).

Here is what keeps the Macintosh safe: 1. Inherently more safety through better OS software. 2. Less value for attackers because of smaller market share. 3. Much harder for a virus or worm to spread because of smaller market share. 4. No available know-how in writing malware against Macs vs. years of experience in writing Windows malware.

The only way I can see a attack on both PC and mac is if the virus/worm was written in Java. But that would limit the spread of the attack to people who visited the infected website. Perhaps on the PC it could spread faster since IE is built into the OS and can access everything.

This story is ridiculous. Here we have Microsoft Windows with hundreds of viruses, multiple spy ware infestations, open ports out the wazoo, and they have the nerve to suggest, be weary of Mac OS X. Give me a break. I'm a Macintosh user, and it will be a cold day in hell before I'll opt for the sorry of an excuse, clunky, bug infested, forty pound wheel of Swiss cheese, piece of
crap operating system, more commonly known as Windows. Gartner can cry wolf all they want, but the MS crowd has already been eaten, washed down and excreted. I'm usually not this crude, but this story has really got my goat.

If Windows is so secure, then why are companies stuck with it disabling Internet Explorer with tools like Fortres and switching the default browser to Firefox or Netscape. None of witch is necessary in Mac OS X. Time for the enterprise to take a hard look and switch to a real secure OS, instead of trying to hobble along with Windows. They are the ones who bought into Bill Gates
lies and empty promises, and now they're stuck with their poor decisions to go all Windows. A mixed environment is always superior to a monolithic one. Just like using a variety of web browsers is ideal to just using IE.

Anyone with half an ounce of sense will make Macintosh their next computer upgrade. With OS X, you're moving forward. With Windows, you're either sinking or barely staying afloat. Enterprise would be wise to add the Mac OS to their environments. All the necessary hardware and tools are there to do it. It seems hubris rules the day instead of common sense.

Quote

2. Less value for attackers because of smaller market share. 3. Much harder for a virus or worm to spread because of smaller market share.

There you go spreading FUD. Market share does not equal install base. I realize you're writing a generally pro Mac comment but jebuz! Market share = % of units sold within a market (ie. computers) Install base = % of units currently in use within a population. The Mac install base is MUCH bigger then the FUDsters would have you believe.

IMHO the only reason why the PC market share is so big is all the people who are constantly replacing their PC's every year or two. If these people had a stable os that didn't need to be patched/reinstalled every other month I'm sure that the Market share of Mac would be much higher than the estimated 2-3%. In contrast, the current estimated Install base for mac is generally anywhere from 5-15%. 15% is way high IMHO but I wouldn't be surprised in the least if it were between 6-8%.

Back to the original story, the $ that Symantic and other security companies are loosing out on is huge. More people switching to Mac means less $ in their pockets, pure and simple. These Security companies can moan about OSX vulnerabilities all they want but the truth is most Mac users are smart enough to understand that it's all FUD and they will inform potential mac buyers about it when asked (and even when not asked).

who are coming over via the mac mini. Every-time apple has new hot product, going back to original iMac as i recall, the software industry gets excited about a new surge in sales. these statements, while not false, are certainly over statements as reporter noted ""almost nonexistent," it is nonexistent" and are none the less being put forth for a finical gain.

Now most mac people who are on platform probably have some knowledge of lac of problems we face compared to windows users. Most windows user who come over dont know that. so the time is ripe for these "reports"

http://www.theinquirer.net/?article=22259

This is quite apropos in light of Symantec's and Gartner's comments about OS X.

Quote

Guest wrote:
The only way I can see a attack on both PC and mac is if the virus/worm was written in Java. But that would limit the spread of the attack to people who visited the infected website. Perhaps on the PC it could spread faster since IE is built into the OS and can access everything.

Folks, do you remember Fat Binaries from the days of the 680x0 to PPC transition. Do you Ever use a hybrid cd with both PC and Mac versions of files on the same disk. Here the basic idea: you write the virus for both platforms and then bundle the two together so that whenever one is copied, the other one is also. It's doable, but not easy or profitable.

Possible, potential.

But where is probable or existing?

Mac OS X has been out 4 years. Only one year less than Windows XP.

Hmm. Windows has 68,000+ viruses, countless unpatched vulnerabilities, and of course, many hackers attempting to tear it down.

To date, OS X has NO viruses, vulnerabilities patched within short periods of time, and no malware.

Symantec has no real Mac users. They want them. Hence their warnings.

And all these others.

Watch their words. They give themselves away.

i know this particular article was about Gartner, but i have to comment on symantec

but as a 4+ year Switcher now, this dissapoints me. on the pee cee side, Norton was a name you could trust, especially the dude they had on the cover of the boxes (you know who i'm talking about)... that dude if you used him in marketing today just looks like either a smarmy IT so-called 'guru' or a paedophile, or both

IMHO symantec has got this totally A55 backwards. why make a desperate last-ditch to get people to buy its Mac security software, or to scare people into PCs so that it can keep/grow its PC security revenue? Symantec has merged with Veritas, so a total corporate solution in a mixed environment (read: which might include Xserves and OS X) of storage and security is a total gold mine.

Gartner and Symantec are being idiots. Here is a chance to make the most of Mac OS, by putting forward total solutions for home and corporate that include windows and OS X and linux, perhaps, and (here's the clincher) -- RESULTS IN A SAFER MORE PRODUCTIVE PERSONAL AND CORPORATE COMPUTING EXPERIENCE.

With the increase of potential attack warnings, hackers will be encouraged to write something. The more talk there is, the higher the risk.

Ive been using Macs since 1986 and NEVER had a problem other than the odd crash in the early days. I purchased a Windoze box recently and just surfing the net almost killed it.

MAC 4EVA PEOPLE. Just have to convert the world now. The place would be safer for all.

Kiwi

… is that, IF a virus ever reaches the Mac platform, it might get unnoticed for a short while, but as soon as news of it leaks out, it will make a special bulletin on CNN and loudspeakers-equipped vans will be patrolling all major and medium size cities the world over proclaiming :"We told you the Mac wasn't invulnerable !!!"
We only need to look at the amount of major headlines all over the net when the Opener "proof-of-concept" was published … and that wasn't even a virus.
I had a lot of fun then going onto the ZDNet site and reading all the funny Talkbacks coming from their crowd of windows faithful …
Obviously, though, if it DID happen, the Mac community is a really tight group, and it wouldn't take very long at all for the news to be out, and I trust that a patch would come out of Cupertino very quickly, AND IT WOULDN"T BE FULL OF HOLES, like on a platform I don't want to name again (which isn't Linux …)

+

OK, every Mac-using TMOer, here's a simple way to show Symantec and Gartner just how ridiculous their take on OS X security happens to be. For the 5700+ registered members, simply post a simple message explaining your Mac model, OS, Internet connection type, security measures, and security/malware problems to date. For me:

Home office:

800 MHz Mac G4 tower
OS X "Panther" 10.3 (need to update)
Verizon DSL, 24 hrs/day
Mac OS X firewall "on"
problems to date: none

Work office:

933 MHz Mac G4 tower
OS X "Panther" 10.3.8
T1 connection, all workday long
Mac OS X firewall "on"
problems to date: none

Portable:

15" Aluminum PowerBook G4
OS X "Panther" 10.3.8
Airport to T1 and DSL; Edge card
Mac OS X firewall "on"
problems to date: none

...yet I've long since lost count of the number of problems encountered by my Windows-using friends. 'Nuff said!

I know we're talking about Gartner, but I would like to add something about the other noisemaker …
If Symantec want the Mac business, why did they keep making their Systemworks so bad it never managed to work properly with OS X ? And then, why, instead of improving it, did they just drop the Mac version ??? They apparently don't want to improve their crappy software (which used to be excellent on OS 9, by the way, and saved my butt a couple of times then), but they would like us to buy Norton AntiVirus … With my experience with SystemWorks, my motivation is very, very weak … all the more since my .Mac account provides me with a copy of Virex, which is perfectly good for my needs: protecting my PC friends from Windows viruses my email might be carrying …

about Gartner this time :
They make their living doing studies paid for by big High-Tech companies such as Microsoft and Symantec … I'm not sure Apple uses their services, but MS definitely does, a lot … so maybe this last "Warning" to OS X users was just the equivalent of a Rebate Check to MS for their last order …

... to dissuade people from switching to the Mac, as well as instilling fear of "potential" virus and malware into current Mac users. If they can make switchers think that it's "just a matter of time" then they'll have another reason to not switch. That keeps them a steady customer for their products. If they can make Mac users think that "sooner or later" they will need them, they will keep getting our money. Now, I'm not naive enough to think that it won't ever happen, but it hasn't happened yet. With moderate procautions, I doubt we will ever be truely effected by such malware.

Seen in a press release we didn't quite finish reading:

"The Mac Homeland Defense Security Meter was moved from Green (Low) to Blue (Guarded) today, although this was mostly as part of an annual maintenance QA to verify that the risk warning system is still functioning properly.

In the meantime, PC users are reminded that the PC Homeland Defense Security Meter is still registering Red (High), for the 143rd consecutive week."



-hh

'nuff said

Quote

Guest wrote:
'nuff said

my point was symantec and gartner can go kiss my shiny, well-secured, unix-based as... i mean OS...

Quote

Guest wrote:
Here is what keeps the Macintosh safe: 1. Inherently more safety through better OS software. 2. Less value for attackers because of smaller market share. 3. Much harder for a virus or worm to spread because of smaller market share. 4. No available know-how in writing malware against Macs vs. years of experience in writing Windows malware.

Lou adds:
I heard another reason why Macs are safe; their users like them.

The idea is that most virus writers are PC based because PC people hate their computers. It is that hate that inspires viruses.

So we're all in agreement that Symantec has totally destroyed it's image as a security company. Now Gartner has added itself to the FUD generation factory.

Are anymore so called "business analysts" and "researchers" willing to wipe out all their credibility and knowledge depth with yet another prediction of woe without basis for facts? How did they do their research? Is Gartner in posession of equity from Symantec and not divulging that fact?

I do hope other analysts looking for a FUD headline, tread carefully, because Symantec now knows FUD without proof doesn't sell.

I can only assume that many Mac users will take future "research" from Gartner with a pinch of salt.

The vast majority of PC viruses are writen with the use of a "Virus Kit". There's CD's out there with all the instructions you need to create your own! I know this only because one of my neighbors 'found' one and trashed his dad's PC seeing if it worked!

So lets be realistic here. For any kind of repeat of the PC's number of viruses, someone has to spend a good amount of time figuring out how to get something installed and distributed on a Mac, and somehow manage to do so without requiring an Admin password.

OS-X has been out now for years, and if this was remotely possible, it would have been done and thoroughly exploited already, because it shouldn't matter what the OS is to write a PC output-compatible SPAMbot.

But the bottom line is that OSX has proven for years that the effort to accomplish this is much greater than the reward. That's the bottom line. Gartner is obviously clueless...

"OS X and Windows are on completely different chip architectures, and unless a front end universal translator was installed first it will always be platform dependant (for the same reason .exe cant be read with OS X and .app cant be read with Windows)"

Isn't there already a "universal translator", aka "Java Virtual Machine"?

Also, at least with the Code Fragment Manager (OS 9 executable format), it's possible for an executable file to contain both x86 code in it as well as the PEF binary code. You can simply shift the PEF code fragment from the beginning of the file where it usually starts, to immediately after where the x86 code finishes. Photoshop droplets are saved this way and can run in both OS X as a CFM Carbon app and on a Windows machine (provided the .exe filename extension is there).

Don't get me wrong, I don't buy into all this hype either, but it is possible.

Martin Reynolds, vice president of Gartner's Dataquest
organization, this week warned Kellogg NA Co,, maker of the
popular breakfast pastry Kellogg's Pop-Tarts®, that it was
possible that an as-yet-undiscovered weevil specific to Pop-
Tarts might be looming just over the horizon. The Gartner-
dubbed "Pop-Tart Weevil" would be unlikely to spread quickly,
because of the relatively small target that Pop-Tarts present in
today's sprawling supermarkets and retail giants, but just one
weevil outbreak could cause trouble for Pop-Tart-hungry
patrons.

"Although Pop-Tart Weevils are essentially nonexistent today,
there's nothing in evolutionary theory that would preclude such
a weevil from coming into existence, and quickly making itself
known to breakfast treat purchasers. While a Pop-Tart Weevil
would be likely to die if it were to get trapped in, say, a box of
Kraft Macaroni and Cheese, it might be possible that a hybrid
weevil might form that attacks both Kellogg's Pop-Tarts and
Kraft Macaroni and Cheese. Don't simply assume that your Pop-
Tarts -- or your macaroni and cheese, stuffing mix or granola
snacks, for that matter -- are immune from weevils and other
vermin," said Reynolds.

Perhaps coincidentally, several of Gartner's clients have stepped
up to offer weevil protection products aimed at frequent
purchasers of Kellogg's Pop-Tarts. Weeviltec of California, for
example, offers several anti-weevil plans at various price points,
depending on the annual volume of Pop-Tart purchases.
Supermarket chains and combination retailers like Wal-Mart
would likely purchase the Anti-Weevil Enterprise Edition, while a
typical family of four would gravitate towards the Consumer or
Small Business Editions.

Says Reynolds, "we feel that our clients' anti-weevil protection
plans provide the ultimate guarantee against the theoretical
future attacks of Pop-Tart Weevils and many of their
evolutionary kin. Don't say we didn't warn you."

"Because of the Mac's reputation for being immune to malware, OS X is actually no target for serious malware authors."

That's a load of garbage. So the question is, are you a liar or just ignorant? There's absolutely no fame, noteriety, or challenge in making Windows malware #71,937. But writting Mac OS X malware #1 is a challenge that would make headlines if accomplished. And serious malware authors are in it for fame, noteriety, challenge, or a combination of the three. Saying that malicious coders will ignore a system if it claims to be immune to them is completely ass-backwards.

Quote

Guest wrote:
Now most mac people who are on platform probably have some knowledge of lac of problems we face compared to windows users. Most windows user who come over dont know that. so the time is ripe for these "reports"

That's probably closest to the truth. PC switchers, coming from a computing environment in which malware is pretty much a given, are going to give a lot of credence to the "well, it COULD happen, so we'd better, just in case" idea. And really, can you blame them? If I had to use Windows at home nowadays, I think I'd be paranoid too.

Thus, the FUD from the security companies. If they can get PC-to-Mac switchers to believe it, then it won't matter if they switch or not, because Symantec's bacon will be covered either way.

What PO's me is that the Mac-side Norton products are so bug-ridden; I'd hate for a crap AV program to be a new switcher's first impression of the reliability and ease of the Mac platform.

--rueyeet