With 20 million Macs to pick on if they weren't more secure someone would have caused some kind of free flowing virus threat. 10,000 copies of Vista and a virus was already found. This old excuse about security from obscurity just doesn't wash anymore. Mac market share is growing rapidly now and still not one proven virus out in the wild on the Mac. I would think these virus engineers would be even hotter on the Mac side to prove they could do it and be the first to do so. So far a lot of fakers have tried and have all been proven they lied about how they broke in.

Exactly. Though the low market share may have something to do with the overall number of attempts, if OS-X weren't fundamentally more secure you'd think we would have seen one successful hack. Haven't there been verified exploits on Linux, even though it has a smaller market share. Heck there are exploits on Cisco routers.

Obscurity has nothing to do with market share or the installed user systems share. Apple is one of the LEAST OBSCURE computer systems, and offers the one of the most tempting targets for malware creators. This is no secret to hackers.


Temptation #1 - Taunting - Never in the history of computing devices has any other computer manufacturer been so brazen about its security as to advertise it to so many around the world. This level of taunting is like twisting a dagger into the hearts of hackers.

Temptation #2 - Transparent - Apple utilizes far more open-source code than Microsoft. This code is not only in user systems, but is also found in Apple's servers and super-computer grid configurations. All of Mac's core operating system, BSD UNIX, is freely available for use and inspection for vulnerabilities.

Temptation #3 - Vulnerable - Over 95% of the Mac OS X users do NOT use ANY malware protection software. In fact, corporate-owned Apple systems, from in-store demo units to the staff at Cupertino, do not use any such software. They rely upon the innate security of the OS alone.

Temptation #4 - Fame - To be the first to create a successful, self propagating virus or to take control of a Mac for the use of being an unwitting spam generator would bring tremendous international notoriety; the Holy Grail of programming. Apple's public announcement of being virus-free makes this challenge impossible to ignore by many hackers.


There isn't a hacker out there that isn't aware of Apple's use of open source programming, their lack of virus protection software, and their arrogant public taunting of criminals. The general population still dwells within their vast herd of false security and myths, having yet to experience a Mac for themselves and view Apple as being an obscure computer system. But, for the hackers, they clearly see it, they are very well aware of it... but can't touch it. For them, Mac OS X is far from obscure.

How would you even know if you had a virus? Very few mac users even have an antivirus installed or if it is installed they don't run it, the bottom line for me has always been how unstable the operating systems are, problems arise and because so few people use the system the problems arn't documented, don't have fixes, and you end up shelling out more money than you already did for the inflated price of the computer to have a tech come in and tell you "he has no idea" because no one knows how to fix those damn things. Anyone who thinks no viruses or malware exists for macs is a fool, I have friends who have programred viruses and malware for macs, thankfully they are nice people and only used them to play pranks on eachother and never used them maliciously, lets not kid ourselves and say the mac operating system is virusproof and secure, its simply underused and used largly by people who think PCs are too complicated. There are lots of punks out there on the internet and when they want to mess with someones computer they put a rootkit or malware or a virus out there and they simply expect that a PC user will download it, its not easy to program a virus and somehow manage to make sure that a mac user will actualy get thier hands on it.

Just visiting a website with Windows XP and Internet Explorer can lead to spyware being installed on your machine without your consent or knowledge (if you're running as an admin).
I challenge someone to write some malware that does that on a Mac. If it can be done, Apple will patch it as soon as possible. Windows has had this problem for years, and to my knowledge, it is still the case.
Imagine having to worry about what site you go to and wondering if you're going to walk away from it infected.

One can only imagine how much more of an ego trip and accompanying public impact, would be fore the first to trip up OSX as compared to the millionth to do so against windows would be. Strange that this obvious and simple fact sems to escape these commentators. No one has so far contradited my logic when I have put it to them

Symbian on cell phones, has received viruses and trojans, and its market si smaller than OSX
Vista beta, on the 10,000 base had viruses,
WinCE, has viruses.

this myth does not hold up.

Quote

Guest wrote:
How would you even know if you had a virus? Very few mac users even have an antivirus installed or if it is installed they don't run it, the bottom line for me has always been how unstable the operating systems are, problems arise and because so few people use the system the problems aren't documented, don't have fixes, and you end up shelling out more money than you already did for the inflated price of the computer to have a tech come in and tell you "he has no idea" because no one knows how to fix those damn things. Anyone who thinks no viruses or malware exists for macs is a fool, I have friends who have programred viruses and malware for macs, thankfully they are nice people and only used them to play pranks on eachother and never used them maliciously, lets not kid ourselves and say the mac operating system is virusproof and secure, its simply underused and used largly by people who think PCs are too complicated. There are lots of punks out there on the internet and when they want to mess with someones computer they put a rootkit or malware or a virus out there and they simply expect that a PC user will download it, its not easy to program a virus and somehow manage to make sure that a mac user will actualy get thier hands on it.

This hardly merits writing something.... I think you might be on to something though, Mac users are mac users generally because we do think that PCs are too complicated. Example, for me to do what I am able to do on my mac with final cut pro, is pretty sweet, trying to do the same thing on a PC would be more complicated. Why do we need complication!?, I just want to get my work done. I could do it on a PC, I it is not like I lack the know how. Its just why would I do it on a PC, when the mac is a much more efficient tool. Oh, one more thing, its wicked easy for us mac users to know how to use Vista .... they are already very familiar to us mac users, because we have been using something similar to for years.
p.s. Does your PC have a spell-checker? Yes it does, why don't you use it?

How would you even know if you had a virus?

So.... youre saying that mac users computer may literally be crawling with virus software that is stealing our credit card numbers, logging our keystrokes, deleting files, displaying website advertisements, redirecting our web-browsers to porn sites, popping up advertisements, running illicit p2p servers and allowing people direct access to our files....

...And absoluely no-one has noticed this?

A MacOS X server in Australia was compromised and serving up malware. I think that's proof that relying on the OS itself to protect you isn't enough.

While the exploit was in a 3rd party product, not OS X, it's disturbing to hear so many claim they do nothing to protect their Macs because it isn't necessary. If you're connected to the internet via anything other than dial-up and you run any internet application you're at risk. Yes it's a low risk, but for an entire platform to be so complacent is just asking for trouble.

Turn on the software firewall in OS X, get your computer behind a router, don't try software if you don't trust the source and, if you're running a server, learn how to secure it before you let the world in.

Quote

Guest wrote:
...I have friends who have programred viruses and malware for macs, thankfully they are nice people and only used them to play pranks on eachother and never used them maliciously...

You are a liar.

Seriously what serious virus, trojan, spyware writer would not wear it as a "Badge of Honor" if they could write something…anything to shut up these so called "Smug Mac Users"(me being one of them) The guantlet was thrown down 5 years ago, and none have met the challenge.

Seriously what serious virus, trojan, spyware writer would not wear it as a "Badge of Honor" if they could write something…anything to shut up these so called "Smug Mac Users"(me being one of them) The guantlet was thrown down 5 years ago, and none have met the challenge.

I would like to read real data proving if the Mac had a larger market share, it would have many more security issues. It is true that security holes have been found. It is also true, that the majority of those holes have been patched by Apple or vendors like Microsoft. What hasn't been presented, is real data proving that the Mac is as vulnerable as windows. Show me proof.

Bregalad,

I agree with you 100%. The question is, how do you know if a software source can be trusted. Can we trust anything we find on Version Tracker? Once in a while I see some software that sounds interesting, but I worry about the source even when its on version tracker. Also, what about all of those widgets? Is there any way to creen software for malware?

Quote

Guest wrote:
How would you even know if you had a virus? Very few mac users even have an antivirus installed or if it is installed they don't run it, the bottom line for me has always been how unstable the operating systems are, problems arise and because so few people use the system the problems arn't documented, don't have fixes, and you end up shelling out more money than you already did for the inflated price of the computer to have a tech come in and tell you "he has no idea" because no one knows how to fix those damn things. Anyone who thinks no viruses or malware exists for macs is a fool, I have friends who have programred viruses and malware for macs, thankfully they are nice people and only used them to play pranks on eachother and never used them maliciously, lets not kid ourselves and say the mac operating system is virusproof and secure, its simply underused and used largly by people who think PCs are too complicated. There are lots of punks out there on the internet and when they want to mess with someones computer they put a rootkit or malware or a virus out there and they simply expect that a PC user will download it, its not easy to program a virus and somehow manage to make sure that a mac user will actualy get thier hands on it.

(Please read your second sentence out loud. It would be a good example of a "run-on" sentence for a textbook.)

Go to Symantec's site. See if you can find a listing for a Mac OS X virus that is NOT a Word or Excel macro or a script that requires using an admin password to install and activate. Remember that I said a virus, as that is what you wrote. Trojan horses don't count, as they are not "viruses" but work by fooling the user into thinking that the program does one thing, when it really does something else. (It may also do what it is purported to do.)

There have been demonstration "viruses" created, but most required the user to cooperate in some way (e.g., supply an admin password) or were really Trojan horses. Name six Mac OS X-specific viruses (remember, not Trojan horses or macros that affect Windows, as well) that have made it into the wild and been fairly widely distributed. Just six.

If low market share was the major factor, then, there shouldn't have been viruses for Mac OS 9, either, as it also had a low market share, perhaps smaller than OS X does now. However, there were viruses for OS 9 (and OS 8 & OS 7). Those OSes were much more vulnerable and were exploited. Indeed, anyone who uses OS 9 regularly should have an up-to-date antivirus program, as I expect that some are still floating around.

The low market share factor is based upon a sound bit of science in epidemiology--the "herd immunity" effect. A society doesn't have to vaccinate everyone against some contagious disease (measles, for example) for the disease to essentially disappear. If most people are vaccinated, the number of vulnerable people is small. If a few do get sick, they are less likely to have contact with other vulnerable people. However, that assumes that the vulnerable people are spread around. If, instead, they are concentrated in a few communities, those communities can be hit hard by the disease. The proper public health action in that case is to vaccinate everyone in and around the affected community. The herd immunity effect is also diminished if people travel widely. (That is, allegedly, how AIDS was transmitted from Africa to the rest of the world. In previous centuries, that happened with syphillis and bubonic plague.)

When computers were only loosely connected, herd immunity could work. Most people downloaded a few files a week, if that. Today, however, with the massive interconnections via the Internet and with people downloading hundreds of files a day (images, video, sounds, HTML, javascripts, java programs, etc.) simply by surfing the web, the exposure is likely to be very wide. That's why viruses travel so fast today.

Oh, did you know that Mac antivirus programs actually check for WINDOWS viruses, etc.? The primary reason (now, at least) to have them is to avoid passing on Windows viruses through emails, web sites, etc.

Quote

emersiveone wrote:
p.s. Does your PC have a spell-checker? Yes it does, why don't you use it?

A lot of spell checkers (including that built into OS X) do not automatically work in browsers. FWIW, "P.S." should have been capitalized, but that probably wouldn't have been caught by your spell checker.

ZD Net keep repeating these columns, to the degree that I've unsubbed my RSS feeds, because it's pointless. I guess it has it's positive (consistently reminding people 'no viruses yet') but it's a scientifically untenable argument, like flying saucers or the existence of God - you can't actually disprove it.

The fact is that Macs DID have viruses on a similar market share, prior to OS X. The number of security flaws in most Unix systems is demonstrably smaller, and more importantly Unix systems are more like multi-hulled ships - which despite the disaster of the Titanic, became a standard safety feature in ships since.

>Is there any way to creen software for malware?
No. You can look for certain things, but there is no way to decide whether a program is legitimately doing something you want or not. Key-logging is exceptionally useful when creating software test scripts or recording macros.

[quote="gslusher"]

Quote

Guest wrote:
A lot of spell checkers (including that built into OS X) do not automatically work in browsers. FWIW, "P.S." should have been capitalized, but that probably wouldn't have been caught by your spell checker.

Yes it Does.

I love how everyone claims to be so in the "Know". Do a little reading and you'll see that OSX actually "is" more secure:

http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

I suggest keeping comments to what Guest said, not how he said it. He is one of these people who 'write as they speak', run-on sentences and all. Plus the increasing trend (from chat rooms, message services etc.) not to capitalise and gloss over rules of spelling. But there's no need to crucify him over something so petty.

Quote

Anonymous wrote:
How would you even know if you had a virus? Very few mac users even have an antivirus installed or if it is installed they don't run it, the bottom line for me has always been how unstable the operating systems are, problems arise and because so few people use the system the problems arn't documented, don't have fixes, and you end up shelling out more money than you already did for the inflated price of the computer to have a tech come in and tell you "he has no idea" because no one knows how to fix those damn things. Anyone who thinks no viruses or malware exists for macs is a fool, I have friends who have programred viruses and malware for macs, thankfully they are nice people and only used them to play pranks on eachother and never used them maliciously, lets not kid ourselves and say the mac operating system is virusproof and secure, its simply underused and used largly by people who think PCs are too complicated. There are lots of punks out there on the internet and when they want to mess with someones computer they put a rootkit or malware or a virus out there and they simply expect that a PC user will download it, its not easy to program a virus and somehow manage to make sure that a mac user will actualy get thier hands on it.

I participate in another forum where from time to time someone posts something so ridiculous that the only response possible is the one to this post: HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

>Turn on the software firewall in OS X<
No!

>get your computer behind a router<
No!

> don't try software if you don't trust the source<
OK

> if you're running a server, learn how to secure it before you let the world in.
OK

Quote

Anonymous wrote:
>Turn on the software firewall in OS X<
No!

>get your computer behind a router<
No!

> don't try software if you don't trust the source<
OK

> if you're running a server, learn how to secure it before you let the world in.
OK

The "No's" show that you don't understand the problem very well. It has little or nothing to do with OS X and everything to do with exposure. Those with "always connected" Internet connections (DSL, cable modems, etc.) are, literally, acting stupidly and recklessly if they refuse to use at least a software firewall. The router option is even stronger.

FWIW, the Apple Airport Extreme Base Station does NOT provide a "hardware" firewall. Your Mac is still visible. I use an Airport Extreme base station. Internet security checks show that the ports are closed, but the computer DOES respond. That's not as secure as using a router with a built-in firewall. I used to use an Asante router; it always passed the "stealth" test--the Mac was not visible at all. When the Asante router died, I made a compromise to get the ability to use the Airport Express to extend the wireless network.

The author was not crucified in my opinion. But I for one do not like the trend towards bastardised English in the interests of speed/brevity on the Internet. It's just sloppy.

If something is worth saying, present it as well as you can (excluding incorrect use of apostophes). That way you can not be criticised.

Run-on sentences strike me as potentially being an ill-considered stream of ideas rather than a well presented argument.

John

I tend to agree with aryugaetu:

Quote

Obscurity has nothing to do with market share or the installed user systems share. Apple is one of the LEAST OBSCURE computer systems, and offers the one of the most tempting targets for malware creators. This is no secret to hackers.


Temptation #1 - Taunting - Never in the history of computing devices has any other computer manufacturer been so brazen about its security as to advertise it to so many around the world. This level of taunting is like twisting a dagger into the hearts of hackers.

Temptation #2 - Transparent - Apple utilizes far more open-source code than Microsoft. This code is not only in user systems, but is also found in Apple's servers and super-computer grid configurations. All of Mac's core operating system, BSD UNIX, is freely available for use and inspection for vulnerabilities.

Temptation #3 - Vulnerable - Over 95% of the Mac OS X users do NOT use ANY malware protection software. In fact, corporate-owned Apple systems, from in-store demo units to the staff at Cupertino, do not use any such software. They rely upon the innate security of the OS alone.

Temptation #4 - Fame - To be the first to create a successful, self propagating virus or to take control of a Mac for the use of being an unwitting spam generator would bring tremendous international notoriety; the Holy Grail of programming. Apple's public announcement of being virus-free makes this challenge impossible to ignore by many hackers.


There isn't a hacker out there that isn't aware of Apple's use of open source programming, their lack of virus protection software, and their arrogant public taunting of criminals. The general population still dwells within their vast herd of false security and myths, having yet to experience a Mac for themselves and view Apple as being an obscure computer system. But, for the hackers, they clearly see it, they are very well aware of it... but can't touch it. For them, Mac OS X is far from obscure.

+++++++++++++++++++++++++++++

On the subject of "speak as you write" I agree with jecrawford:

Quote

But I for one do not like the trend towards bastardised English in the interests of speed/brevity on the Internet. It's just sloppy.

With spellcheck available today, there is no reason for simple spelling errors (i.e. "apostophes", "programred", "eachother", "thier"). To me it means the author is too lazy to present his/her ideas in a coherent manner.

I even forgive wrong words used (i.e. "there" "their" / "two" "to" "too"), because spellcheck won't catch them.

And yes, I have been guilty in the past of not spellchecking.

I recall during the 1998 Winter Olympics, held in Nagano, Japan, there was a lot of talk about whether or not a pronunciation was correct simply because many people pronounced it that way. I couldn't believe my ears, if you'll forgive the weak pun.

Popularity has never defined "correct". Many people want to believe otherwise, as such beliefs often justify our actions. "Everyone is doing it..." But the prevalence of eroding human communication online does not indicate that a new standard should be adopted.


For the curious or otherwise intellectually-inclined: in Japanese the 5 vowels are always pronounced the same. No chart is needed to demonstrate the dozens of possible pronunciations of the "A" vowel. The common mispronunciation of Nagano utilized two different "a" sounds, and ironically neither was correct.

Yet the incredible ignorance of the American media suggested that because so many people pronounced it that way, perhaps it was the Japanese people who had been mistaken.

While we're on the subject, Tokyo has only two syllables. Try with all your might, mind, and strength to avoid giving it a third in the middle.

[/soapbox]


- Jon

P.S. Incidentally I'm at work at 4:00 A.M. and I'm typing this from XP, so I'm afraid it hasn't automatically alerted me to misspelled words. My apologies if I missed any.