by , 4:00 PM EST, March 31st, 2005
On the heels of Symantec's March 21 warning regarding security vulnerabilities present in Mac OS X, Gartner Research recently issued a brief note titled, "Don't Assume Your Macs Are Immune to Security Flaws."
While Mac OS X has not fallen victim to any widespread viruses or trojans to date, Gartner Research analyst Martin Reynolds warned businesses in particular that they should not necessarily consider themselves immune from such malicious code, and that appropriate safeguards should be in place in case such an event arises.
Mr. Reynolds noted that because of the Mac's small market share, the chances of a virus or trojan gaining any traction is relatively small; PCs that would receive the infected file, for example, would not pass it on to other systems, much like how Windows viruses and trojans are halted when they reach a Mac recipient.
"A hybrid worm targeting both the Mac OS and Microsoft Windows could be developed, but such an attack would be difficult to orchestrate," said Mr. Reynolds. "The Mac OS is also a harder target, partly because open-source code and limited hardware diversity mean that vulnerabilities can be quickly detected and patched with less risk to applications. However, it only takes one exploited weakness to cause trouble."
While the report is not quite as sensational as news outlets have made it out to be, some Mac users will surely point out that Mr. Reynolds' statement that "[spyware] is almost nonexistent on the Mac platform today, [but] problem spyware could emerge," is slightly misleading in itself: spyware is not "almost nonexistant," it is nonexistant as of this writing.
We can't help it: these warnings from Symantec and Gartner strike us in a similar fashion as the U.S. Department of Homeland Security's terrorism warnings. Some may pan for us comparing computer exploits to international terrorism, but both essentially speak of things that might happen, and both surely incite some sense of fear in at least a few people who hear them. In contrast, a reminder to exercise prudent computing (much like prudent living) would probably be more effective. For Mac users, that means backing up your data regularly, and if you do so feel the need, perhaps installing an anti-virus package (.Mac users get Virex for free). We don't see any need to rush out to the store to stock up on duct tape and copies of Symantec's Norton AntiVirus at this point, however.
And certainly don't let up on reminding your Windows friends who run AdAware every few days about the merits of Mac OS X systems -- in our experience, the Windows spyware/virus "halo" effect is far more effective at netting switchers than any silly white music player. ;-)