Mac community must wake up to security

Apple Macintosh users believe they are immune from security problems and need to wake up to the potential of attack -- before they are rudely awoken by a destructive piece of malware.

At the University of Otago in New Zealand, where around 40 percent of the computers are Apple Macintosh systems, IT security manager Mark Borrie has been educating his OS X users in security best-practices. He said many of those users believed they were immune to security problems -- a trap many Mac fans seemed to have fallen into.

Borrie told ZDNet Australia  that although the Mac is generally a safer operating system environment than Windows -- because it is attacked less often-- it still contains vulnerabilities that at some point will be exploited by malware authors.

"On the security side of things I reckon the Mac community has yet to wake up to security. They think they are immune and typically have this idea that they can do whatever they want on their Macintosh and run what they like," said Borrie.

"If I can get our Mac users up to speed and say 'you are not immune' -- so when [the malware] hits, hopefully we will be pretty safe," he said.

The University of Otago's Apple desktops are all loaded with antivirus protection just in case of an outbreak.

"We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie.

Borrie admits to being a Macintosh fan and claims to have used one 'since the day they were launched', but he said the problem with loyal communities like Macintosh users is that when it comes to security, the conversation is usually 'religious' rather than constructive.

Secure by design or secure by accident?
"I don't care what operating system I use. The issues are the same but unfortunately people do not agree. It becomes a religious argument and I really try and avoid that," said Borrie.

Paul Ducklin, head of technology in Asia Pacific for antivirus firm Sophos, agrees that security discussions about Mac OS -- and Linux -- are not constructive because too many users believe they are "secure by design".

"I know a lot of people that are 'linux heads' and they believe they are secure by design rather than accepting that they are actually secure by accident," said Ducklin, who pointed out that last year a very dangerous piece of malware was discovered for Mac OS X.

Dubbed Renepo (alias Opener), Ducklin said the malware: "turns off system accounting, turns off the OS 10 firewall, turns off auto updates, turns file-sharing on, opens an SSH back door, downloads and installs an open source video conferencing program and opens it in 'do not advise the user mode'."

Ducklin also agreed that generally the Mac is a safer platform than Windows, but he said OS X users should see its existence as a reminder that the Mac platform is not immune.

"It is pretty calm for the Mac but [Renepo] should be a sanitary reminder that these things are not impossible," said Ducklin.

Mac users have got used to being in a 'comfort zone', according to Michael Warrilow, an independent analyst (formerly of META Group).

"Mac users (mainly home and small office) could be in a 'comfort zone' regarding spyware in particular. In my opinion, this is a similar level of comfort as to most Windows home users - but with the benefit of 'security by obscurity'," said Warrilow.

Adam Biviano, senior systems engineer at Trend Micro Australia and New Zealand, said that the Mac will become more of a target for both spyware and viruses as its popularity increases.

"If you are trying to propagate your spyware you are still going to look at the most popular platform to attack. However, spyware allows the author to gain profit and if they can see profit by hacking into a platform other than Windows, I don't see why they wouldn't do it," said Biviano.

Biviano also expects to see a Mac virus in the foreseeable future: "I definitely see a day where the Macintosh platform could be compromised by a virus -- you still have to apply patches to the Mac," he said.

Has Microsoft leapfrogged Apple?
The University of Otago's Borrie also believes that over the past three years, after so many high-profile embarrassments, Microsoft has finally delivered more secure products and created an impressive patching infrastructure, which he believes has left Apple "a few years behind" the Redmond giant.

"I put Apple a few years behind Microsoft in understanding how to manage security for the users. I put Microsoft a number of years behind the Unix community because the first systems that got hurt -- ten or fifteen years ago -- were Unix systems. Microsoft had to fix the security because it had such a bad reputation and to its credit, the company has really turned it around, " said Borrie.

Borrie justifies his comments by pointing out that Microsoft has had a lot of practice dealing with malware attacks, which has made the company very responsive: "The early warning system and the methods Microsoft has put in place to distribute updates is really important. I don't think Apple's responsiveness is up there -- it is certainly not as good as Microsofts'."

Apple disagrees it has been left behind by Microsoft. A spokesperson for Apple told ZDNet Australia  that the company takes security very seriously and any suggestion to the contrary is "not correct".

"Who is suggesting we are not keeping up? We are constantly vigilant about security. The fact that our customers did not suffer when the most recent worm brought down the likes of CNN.com would suggest that we're doing a good job of maintaining a vigilant approach to security. Go to Sophos and look at the top 10 viruses for the past month. They are all W32 related," the spokesperson said.

However, Sophos's Ducklin said his company's Web site also contains some 'alarming' reading for Apple's customers: "There is not a clear and present danger like there is with Windows but the same risks apply. Anyone who doubts it should go to our Web site and read the technical section on Renepo," he said.

Like this article? Click below to send it to your mobile for free!

Advertisement

Print feature brought to you by Hewlett Packard

Talkback 90 comments

  1. Mac is more secure by design AND religion Noah Burton Greenstone -- 09/09/05

    The problem of course rests with the moneygrabbing people and policies at Microsoft; and their history of anticompetitive business practices. Mac has always been the 'healthy alternative' to PC, not only because the OS is open-sourced and transparent, but because it has always worked well. as long as the microsoft behemoth continues to dupe users into a false sense of security (And quality) by releasing substandard products at exhorbitant prices; squeezing out their competitors with unfair prtactices, as well as spying on their users with the latest regime of 'Verification', Apple / Mac, UNIX and Linux etc will always be the OS of choice for those who enjoy true freedom as well as product integrity and quality.

    1. Histroy repeat's it self !!!!!! Anonymous -- 09/09/05

      If you look back at Mac history , you will see that at one time there were more virus written for the mac as appose to the PC or windows at that time , it amazes me that some people have short memories of there beloved system past and that to state that MAC have always been safe , is bullshit , first of , wake and smell the roses , and secondly there is no such thing as a secure system whether it be PPC or PC , you what a secure system unplug the dam nit and stick it in a hole in ya backyard.

    2. Stupidity John -- 09/09/05

      It is the same great unwashed who only remember that Mac is only recently UNIX byproduct, it was proprietary software for a very long time before this.

    3. you're full of it Anonymous -- 10/09/05

      In Classic's hayday there were less than 300 viruses. I switched to the Mac around the OS 9 times, and there were no active viruss from 8.5 onward into OS X. At that time, I had over 300 viruses crawling in my 95 box. Your point is moot and you don't know enough to comment. Go back to excel, slave!

    4. you're full of it Anonymous -- 10/09/05

      300 Viruses?

      You should not be allowed touch a computer.

      I rarely use antivirus software and when I do I never have any viruses. I use W2K and WinXP with no problems

    5. Get the facts right! Anonymous -- 11/09/05

      Depending on what authority you want to go with (and how you want to count variants as independent viruses or as just one of a type) there have been between 42 and 108 viruses which specifically targeted Macintosh System 3.0 through Mac OS 8.5. There have been NO viruses (as in zero, none, one over aleph null, etc.) which have specifically targeted Mac OS 9.x or any variant of Mac OS X.

      In the same time frame (Macintosh System 3.0 through Mac OS 8.5) there were several thousands to tens of thousands of viruses specifically targeting DOS through Windows 95 (again depending upon how you want to count variants).

      Stating there was any point in time where there were more viruses specifically targeting the Macintosh platform than targeting the DOS/Windows platform is simply NOT true. Going as far back as 1989 I had to deal with more viruses on DOS/Windows than on Macintosh.

    6. More points to make about security. Anonymous -- 11/09/05

      Not only are there ZERO viruses currently for OS X, the antivirus product that is sold by Symantec for OS X currently only scans Microsoft Office documents for macro viruses. It does nothing else. Microsoft Office macro viruses don't work on OS X, but the antivirus product will clean them so they won't do damage if they ever find they way to a Windows computer.

      The author wonders when viruses will be written for the Mac. It's probably not worth writing a traditional virus for Unix or Mac. The reason is that most users in unix and MacOS run with reduced privilege. The Mac applications and operating system are protected from the user and his viruses. On Windows, running with reduced privilege results in a frustrating user experience, so most users do their everyday work as an administrator, making their computer much more vulnerable. Microsoft is attempting to address this in their next version of Windows.

      Any computer that opens a port on an untrusted network is vulnerable to attack from the network. Any user account is at risk from malware. If you can trick some into running malware, then anything that user has privilege to manage is at risk. Apple and Unix make it easier to limit privilege without frustrating the user. It's true that Mac (and linux) users should be aware of security best practices. No one is immune and no operating system is perfect. The author makes the point that Apple is relatively bad at quickly addressing important security issues. I've seen Apple stay in denial about a security flaw for weeks before patching.

      Windows has other oddities that don't help matters. For example, there are about 10 different places where you can tell Windows to launch an application when the user logs in. Eight of these are hidden in places like the registry where the average user can't see or manage them. Malware use this places to stay active across logins. (There is a program called "Autoruns" that will enumerate all the startup items on your system. It's looks like there are more than 10.)

      I manage a domain of Windows PC's. They do take more care and feeding than Unix/Linux/Mac's. But we've been running for about 3 years with only one virus infection and one case of malware. Not bad. During that time, we also lost a Debian linux box that was fully patched. So what do I know? :)

    7. ##Your all idiots!!## geekman -- 20/09/05

      ok heres the thing i use windows and linux alot, i hate macs and especially those ipods i got one from my parents and they just dont work after full charging, it lasts at most 15minutes and im not the only one. So anyway im not saying windows is better than mac, they are worse, i bag out microsoft all the time! But you mac users are sooooo cocky about security its unbelieveable! My cousin has a mac and is a mac lover, he doesnt think for a second that he will be attacked. This article, to isnt saying mac is crap or windows is good, but that you have to be ready for the inevitable you WILL get many viruses in the near future and you must wise up. I can accept mac and its OSX as a good product but geez u guy **** off you have to stop being so full of it, even all of you IT guys, infact especially you, you should know better. I guess all of you have been blinded by love. JUST STOP IT MAKES ME SOOOO ANGRY >:(

    8. So, why post it twice? kill the geek -- 04/10/05

      Because all of your experience has your head so far up your **** that you can't see your keyboard? Probably. Get off your high horse. You clearly don't have a clue.

    9. ##Your all idiots!!## geekman -- 20/09/05

      ok heres the thing i use windows and linux alot, i hate macs and especially those ipods i got one from my parents and they just dont work after full charging, it lasts at most 15minutes and im not the only one. So anyway im not saying windows is better than mac, they are worse, i bag out microsoft all the time! But you mac users are sooooo cocky about security its unbelieveable! My cousin has a mac and is a mac lover, he doesnt think for a second that he will be attacked. This article, to isnt saying mac is crap or windows is good, but that you have to be ready for the inevitable you WILL get many viruses in the near future and you must wise up. I can accept mac and its OSX as a good product but geez u guy **** off you have to stop being so full of it, even all of you IT guys, infact especially you, you should know better. I guess all of you have been blinded by love. JUST STOP IT MAKES ME SOOOO ANGRY >:(

    10. jack**** not interested -- 04/10/05

      when was this imaginary time?

    11. You have been brainwashed by Microsoft Noah Burton Greenstone -- 06/10/05

      It's a sad thing when people who are supposed to be 'creative' are the ones being led by the machine...

    12. Mac is NOT open source Max Riethmuller -- 05/10/05

      Ah excuse me, but Mac OS has never been open source. Unix (which it has only been based on since OS X) is NOT open source. You are getting confused with Linux.

    13. Sorry, you're WRONG! Anonymous -- 07/10/05

      The core of OS X is the best of three different versions of BSD Unix: OpenBSD, NetBSD and FreeBSD. All of which are open source and IIRC, all of which are older than linux. Heck, linux isn't even an operating system, it's just a kernal and on top of that, linux is not the foundation or beginning of FOSS. FOSS has existed long before Linus Torvalds ever dreamed of the linux kernal.

    14. MAC OS X is not open source Max Riethmuller -- 20/10/05

      MAC OS X is not open source no matter which way you read it, which is what I was objecting to. UNIX is based on open source code, but UNIX is not a free os. Linux is. Even if it is kernal as you say, it is still free to use and install. Unix is not. (Last time I checked, you don't need a UNIX licence to install Linux.) So the poster who said MAC OS X is free because it is based on UNIX was completely off track.

    15. Apple is not even close to being open source mcepat -- 04/11/05

      ok yes based on UNIX but thats where it ends, they have taken UNIX and wrapped it in there little package and closed all the doors, but Apple has always been this way with IPOD, ITUNES and all there operating systems, when a developer creates a addon like for example konfabulator, Apple just steals it and calls it there own, actaully other then Microsoft, Apple is probably the biggest closed propieritary company I of today

    16. OS X IS based on Open Source Jason -- 07/03/06

      Actually Mac OS X is built on an Open Source core. It's called Darwin and is based on Free BSD: http://developer.apple.com/opensource/index.html

      "With its open-source core based on FreeBSD 5.0 and the Mach 3.0 microkernel, Mac OS X is the best Macintosh operating system ever for UNIX users...."

  2. Asking anti-virus vendors about security Anon-e-Mouse -- 09/09/05

    is like asking the diet industry about junk food vendors.

    Yes, there are Linux viruses, but ten thousand times less than for Windows.

    That's not the important question.

    Here's the important question.

    Have you seen these viruses spread?

    No.

    Why? Well, because Outlook, IE and Office are _not_ available for Windows and Linux is locked down by default.

  3. Explanation? Anonymous -- 09/09/05

    If one states that the Mac OSX is not more secure than Windows by design, I would expect an explanation why it isn't so, but I have found none. On the other hand, there are lots of explanations as to why it is more secure by design. I shan't repeat them here, though.
    And please not that I say 'more secure' not 'totally secure'...

  4. An interesting hypothesis... Anonymous -- 09/09/05

    As to why Macs are likely to remain a generally safer platform in the long term...

    http://daringfireball.net/2004/06/broken_windows

    Makes sense to me.

  5. Foolishly leaving out critical facts Brent Billman -- 10/09/05

    Rediculous story. It wouldn't have hurt to mention OS X has a more advanced permission system, "root" user is disabled by default on all systems, Admin password is required for all system file additions or modifications, and various other security features that Windows Vista is adding and XP could only dream of.

  6. UNIX More Secure by EVOLUTION james hammett -- 10/09/05

    The UNIX boxes were victims of worms, hackers and virus's long before Windows even had a built in TCP stack.

    As a result UNIX developers have been making it more secure for decades.

    The biggest vulnerability that Mac's have is people using a weak password or not have good password security. Just because you have an airbag, doesn't mean you stop wearing your seatbelt.

    Try doing an nmap scan of a newly installed windows box, vs an NMAP on a newly installed MacOS X Box. Compare the number of ports that are open.

    A virus infected program does have a few more hurdles to overcome, but it could spread on OS X.

  7. Didn't the Author Research before he wrote so many Errors? James Jones -- 10/09/05

    Technically the Mac cannot get a Virus, it's not designed in anyway similar to Windows. In 10 years, Authors will be saying the same thing. "Just wait, Macs will get a Virus sooner or later" Well, it is later, and the Mac cannot get them... Here are the reasons:

    Here is my reasoning why Mac OS X is superior in security:

    1) 30+ years of UNIX, Live 24/7 network development. No other consumer OS is this battle tested on the Internet.

    2) Known insecure networking ports are turned off by default.

    3) Automatic Software Update is turned on by default.

    4) All administrative actions require a password. In other words, for Virus to move from machine to machine, a Virus writer must go into every house/office then figure out the user's password, then hit return. (now you know why there are Zero viruses on Macs)

    5) Root administrator account is turned off by default.

    6) Apple's quick response with security patches.

    7) The open source nature of the operating system allows flexibility. If Apple doesn't provide the patch quickly enough I can download the source code and install it myself.

    8) Like Windows, Mac OS X provides an easy to use user interface which exposes many of its UNIX underpinnings making it easier to administrate for beginners.

    9) Mac OS X by default supports secure encryption and communication protocols for authentication: Kerberos, SSH, VPN, MS-CHAP2, DIGEST-MD5, CRAM-MD5, DHX, OTP, SMB-NT, APOP.

    Many of these features are cited by the National Security Agency as pluses in favor of Mac OS X. You can read it about in their publication:
    http://www.nsa.gov/snac/os/applemac/osx_client_final_v.1.pdf

    Finally, many of Mac OS X's security problems are only theoretical and can never materialize, nor propagate in the wild. Apple contracts agencies to find security holes in its operating system before the hackers do. They work with the CERT (http://www.cert.org/) and the FreeBSD community (http://www.freebsd.org/security/) to address security issues. They also belong to FIRST (http://www.first.org/). In short Apple takes security seriously and if you work with Macs as I do you'd know it.

    1. Windows Security vastly improved since Windows 98 Max Riethmuller -- 05/10/05

      If you worked with windows the way I do you'd understand that the biggest threat to security is user's clicking on things or opening things they shouldn't. Of all the windows machines I manage, we only ever get viruses when people visit porn sites or other crap sites, or open attachement they shouldn't.

      If you worked with windows (thousands of machines over several years) the way I do, you'd realise that MS have addressed many of the issues you raise.

      MS is continually improving their security, yet MAC users persist in believing that nothing has changed since Windows 98.

    2. Windows Security vastly improved since Windows 98 Max Riethmuller -- 05/10/05

      If you worked with windows the way I do you'd understand that the biggest threat to security is user's clicking on things or opening things they shouldn't. Of all the windows machines I manage, we only ever get viruses when people visit porn sites or other crap sites, or open attachement they shouldn't.

      If you worked with windows (thousands of machines over several years) the way I do, you'd realise that MS have addressed many of the issues you raise.

      MS is continually improving their security, yet MAC users persist in believing that nothing has changed since Windows 98.

  8. Mac OS X Security Anonymous -- 10/09/05

    According to my business partner, who is in his 45th year as a database architect, 23 years with IBM and a PHD in business systems here are the security facts as they relate to the UNIX kernel therefore the BSD underpinnings of MacOSX.

    None of the following applies to Mac OS X applications or to the Mac OS X GUI. With that said those areas are very easy to manage from a security point of view. Now, back to the UNIX kernel.

    Forty years a ago, IBM and the original internet, DARPA, got together to develop a level of security within the then UNIX kernel. The concept of 'services' was born and implemented for this flavor of UNIX which was then passed on to the 'community'. No memory addresses existed then and they don't exist today. Specifically in the BSD version of UNIX (reputedly the most secure and stable of the 110 flavors of UNIX) as used by Apple for MacOSX. In fact, each service, when installed on a specific machine is installed randomly. Services are installed in different locations on each machine.

    According to the good doctor malware writers must have an 'address' to install their applications against. UNIX has none. Windows is totally 'memory addressed' based. So was the original Mac Classic OS. And each installation of the OS is the same as the machine sitting next to it.

    Remember, this was developed for DARPA, which had to be extremely secure. Let us also remember that UNIX was designed to be shared from day one. MS-DOS/Windows was never designed to be shared from the get go.

    All of the above according to someone who was there and contributed to the development of IBM's version of UNIX in the 1960s.

    1. Are you on drugs?!? Anonymous -- 10/09/05

      "<i>In fact, each service, when installed on a specific machine is installed randomly. Services are installed in different locations on each machine.</i>"
      <br><br>
      This is so ridiculous and wrong that I don't even know where to begin to refute it.
      <br><br>
      If you're talking about where the service is installed <i>in memory</i> when they run, well duh - of course they're "in different locations", it's a UNIX, programs don't run in fixed locations in memory.
      <br><br>
      As for your IBM friend working on UNIX 40 years ago - UNIX was invented and developed at AT&T Bell Laboratories, not at IBM; and it was developed starting in 1969, which is 36 years ago not 40, last time I checked.
      <br><br>
      Signed,
      <br><br>
      Someone who has worked with BSD UNIX since 1984 and actually knows its history (unlike your IBM friend)

  9. author is happy.. Anonymous -- 10/09/05

    getting a lot of hits for this bullshit. eg. linux is "..secure by accident", like somebody tripped over themselves and suddenly it's secure -- bloody hell.

  10. This article is absurd Anonymous -- 10/09/05

    I don't want to give this article any more attention than a simple reply: there is no substance to its claims whatsoever and its ignorance is staggering. Security doesn't happen by "accident" and it's not luck that has resulted in zero viruses for OS X as opposed to thousands and thousands for Windows.

    Also, btw, OS X's security model is based on and derived from UNIX's, dummies.

    This article is just plain stupid.

    1. The REAL reason Mac is virus-free Anonymous -- 10/09/05

      The author reveals his youth and ignorance by what he fails to mention.

      There HAVE been viruses for the Mac -- back in the System 6/7 days. The reason viruses were so rare then is that the good folks at University of Illinois (as well as others) created and maintained anti-viral tools and released them FREE to the Mac community. Viruses were eradicated within hours, not days as they are on the Windows platform.

    2. Probably a paid ad from microsoft Anonymous -- 11/09/05

      This is from the web-site regarding this supposed vulnerability,
      "Note that any attacker trying to plant this worm in your network would need to get root access on one of your boxes first, meaning that you would already be "owned"."

  11. Get real Anonymous -- 10/09/05

    This is a ridiculous story and a non-story at that. Mac OS X is secure by design but that does not mean it is impregnable. The so-called malware was written as a demosntration piece and has not affected anyone. Microsoft ahead of Apple in security? That has to be one of the most ridiculous statements Ihave ever heard in 15 years of IT.

  12. Opener? More like door knocker Anonymous -- 10/09/05

    If I remember correctly "renepo", like all other software on the Mac requires the user to enter their password before installing.

    I have never read of a single case of infection by renepo and while I have antivirus software for Mac it is because i came from the Windows world. I only use it once a quarter as a check.

    There are NO Mac OS X viruses. Check the databases yourself.

  13. I would fire Borrie Anonymous -- 10/09/05

    "The University of Otago's Borrie also believes that over the past three years, after so many high-profile embarrassments, Microsoft has finally delivered more secure products and created an impressive patching infrastructure, which he believes has left Apple "a few years behind" the Redmond giant."

    If I were the University I would fire Borrie for his ignorance.

    I am on TruSecure's IT Security Alerts mailing list. 2 days ago there were no less than *6* new alert updates for Windows worms/viruses. The notion that Microsoft has overtaken anyone in the security area is patently absurd. (Let's see ... how much adware/spyware is allowed to get onto my Mac ... none)

    Sophos' shill drags up the year-old Opener/Renepo issue. For one thing, that was a Trojan Horse, *not* a Virus. For another, as many people on MacInTouch pointed out, it had to be installed by an Admin user, which would've provoked an alert if it was delivered somehow in some fashion that required an installer to be run. The instances where people got that on their systems were classic - i.e. they got hacked and rooted, it wasn't something that was spread, like Windows viruses. You will never get a Virus for your Mac by opening up a document in Mail.app!

    Anyone knows that you have to keep up on security updates and use best practices (use the Firewall if you're savvy enough, use Little Snitch, close unnecessary ports, blah blah). Whether it be OS X or Linux or BSD, there will always be buffer overflows or other exploits discovered (I get several TruSecure alerts daily; many of them are for UNIX/Linux systems). Be vigilant and you will be in good shape. But Apple behind Windows in security? Thanks, I needed a good laugh this morning ...

  14. geez.. Harry -- 10/09/05

    How did this administrator agree to even go on record with these comments? He is displaying his absolute ignorance on IT matters. Anti-virus on his Macs? hahah..OK? Security best practices? Yes, and all computer users should be educated about this, but Macs are much more secure because OS X has been designed from the core out, or bottom up with security in mind. Microsoft ahead? HAHAHA...that's like claiming the Polish have the best military in the world since they have been attacked, occupied and conquered so many times. Ignorance. Were I a user or a manager on this guy's network, I'd be pretty darned concerned with his abilities right about now. Possibility of Mac malware? Sure. But no evidence. Opener? Uh..yeah in a lab and you had to have elevated privledges to INSTALL it. There was no way it was installed by itself via email or network attack.

  15. "...but the same risks apply..." Anonymous -- 10/09/05

    Give me a break. On the Sophos Web site, in the "Advanced" section of this worm description, they write:

    "Note that any attacker trying to plant this worm in your network would need to get root access on one of your boxes first, meaning that you would already be "owned". Nevertheless, SH/Renepo-A collects into a single script a wide range of anti-security attacks. Once the worm has run on your computer, it will compromise system security in many ways, including..."

    That's a big "Nevertheless!" So it has to go like this:

    1. A person first has to have access to your computer.

    2. Then they have to get access to an admin account.

    3. Then they have to get access to the root account, assuming the current administrator hasn't already changed the password for the root account.

    That's a whole lot of assumptions for my taste! I also find it "interesting" that this information is in the "Advanced" section and not in the "Summary" or "Description!"

    1. Not quite but close enough Anonymous -- 10/09/05

      Having an admin account on OS X is the same as having root. An admin account can use sudo on the command line to get a root shell. I recommend not running your daily work on an admin account. OS X makes it pretty easy to use an alternative login name when you need admin privileges.

      Other than that, you are dead on. A trojan like renepo is not much of a threat since a user has to type their password to an admin account for it to be installed.

    2. Not really Graham Fluet -- 28/11/06

      actually there are THREE levels of accounts in mac the root, the admin, which can modify minor system things like the main applications folder and some parts of the library and can modify the system with the root password, and the standard, which can only modify thier home folder, although they can place programs that don't need an password installer in thier home folder, and run them.

  16. Here is a nickel, buy a clue. NM Jeff Foxworthy -- 10/09/05

    NM means no message.

  17. What else should we worry about? Anonymous -- 10/09/05

    One day your IT department will get hit by an asteroid. Sure, maybe not today, maybe not tomorrow, but if you wait around long enough (a million years?) an asteroid is sure to strike your house. Good grief. A competent backup system is enough to protect you from harm without giving money to Mac Anti-Virus software vendors. The fact is that I am a flippant Mac user. I go where I like, I install all sorts of garbage on my Mac and enjoy myself! No harm has befallen me. I trust Apple and they will get my money.

  18. Microsoft Propaganda Piece Anonymous -- 10/09/05

    Anyone who actually has a clue, isn't a paid liar and Microsoft shill knows this article is pure bull ****

    You can create all the fear in the world and it won't save your **** when a virus is successful on the Mac because the reason it is able to work is Apple hasn't foreclosed that vulnerability yet and the virus companies only close past holes so anybody who is looking out the front windshield at viruses coming has a chance to do something and that is Apple only. So far their record is perfect. 100% success while Windows is simply a virus magnet that makes it an absolute certainty of being infected constantly.
    What would you prefer the chances of being killed by a meteorite on Sunday at 10:56AM or the chances of an infection while swimming and living under sewage all day every day. Of course if you have **** for brains you will choose the sewage because it's all you know. However if your brighter and are living fear free there is some chance that some Sunday some Mac user some where may have to go to his backup and flush some sewage from his Mac. Fortunately these morons who keep crying wolf are the only thing to fear. Fortunately the idiots are ignored and Apple keeps vigilant and has a 100% success rate so far. I'd put my faith in that track record over the absolute certainty of infection and death that is the daily and rightful fear of every moron living in the sewer pit that is Microsoft products.

  19. secure by obscurity? uh... no... Anonymous -- 10/09/05

    here's what a REAL security expert has to say on the matter:

    http://www.theregister.co.uk/2003/12/16/windowsstyle_security_hell_stalks_mac/

  20. 95% of people reading this article... Anonymous -- 10/09/05

    evidently use Windows.

    What does it mean that not one of them share Borrie's audacity and back up anything he says in the article?

    The boy should be fired.

  21. Mac OSX FUD RON NORRIS -- 10/09/05

    There are "NO" OSX 10, Tiger viruses. Against over 65,000 for Windows. Stop spreading these lies about the Mac.

  22. The effort is worth it Anonymous -- 10/09/05

    Actually - All "user environments" are going to these
    "make it easy for the user" whizzy things that make it just as easy for the maleware installers.

    Just like you have to lock your door, and look carefully
    at the produce at the store, you have to keep your machine from automatically doing things for you, and
    look carefully before allowing something access to your
    machine. I do this by turning off all java, javascript,
    cookie, and plug-ins. I use a text-based email client.

    THen - if I believe I can trust a site, I'll use a second browser that has "only what's needed" enabled to utilize the features of the web site.

    This meant that I was not vulnerable at all to the Malicious Applescript vulnerability, because it relied on
    java in the browser to run the malicious applescript.

    Since java was turned off - I had effective locked the door, and the window next to it. Another vulnerability might be the equiv. of smashing the glass and breaking in the window, but for the one that relied on the door being unlocked - I foiled it.

  23. Alice Springs Woefully Unprepared for Tsunamis Anonymous -- 10/09/05

    The apparent lack of tsunamis doesn't mean that a tsunami, anxious to gain media exposure, won't appear and cause all the greater devastation for the utter lack of preparedness.

    Obviously, Mac OS X is more vulnerable to malware than Alice Springs is to tsunamis, but frankly it's hard to imagine a Mac virus even striking unprepared users as badly as numerous recent WORM and virus outbreaks have struck the allegedly prepared Windows community.

  24. OS X Anonymous -- 10/09/05

    ...Borrie's comments are nonsensical if OS X is behind Windows, and Windows is behind Unix, seeing as OS X is a Unix-based OS. He totally lacks credibility.

  25. I'm quite aware of security and that's why I use a Mac Anonymous -- 10/09/05

    I'm quite aware of security and that's why I use a Mac and OSX Tiger. It's more secure than any Windows PC could ever wish for.

    1. You and Dick Clarke (and me) Bart Simpson -- 10/09/05

      This guy should know:
      http://en.wikipedia.org/wiki/Richard_A._Clarke

  26. OS X security Bart Simpson -- 10/09/05

    I can say this: I've been using OS X since its public beta in 2000 (or was it 2001?) - I've never had a virus, spyware - nada. I can also say this: I've been using W2K for the same time period - I've had to re-install countless times due to such malware, and have gotten into the habit of always going to Software Update upon login. That's not always enough though, as I've been nailed before even pulling up the site... Of course, WIndows patching forces you to install, restart, install, restart, install as it doesn't deal well with dependent patches, making it more likely that you'll get something along the way. OS X doesn't have this limitation - it can be updated from 10.3 to 10.3.9 with one visit to Software Update. With OS X, I fearlessly open attachments, surf the darkest corners of the web... without hesitation.

    Having said all that, I'm not stupid - a virus could hit me. People give Apple's OS X a lot of credit for its UNIX heritage, which they should. The BSD families of UNIX are the safest OS' out there. However, it's Apple that has introduced some seriously scary bugs of their own. Actually, it's just the one that I can remember, but it was a doozie - an easily exploited hole in Safari left users wide open to serious attack. Luckily, that never materialized.

    For this joker to claim that Windows is ahead of Apple in terms of security is pure silliness as Apples response to vulnerabilities has been every bit as fast as MS'... Obvious attempt to get hits...

    1. Apple's response to security issues is NOT as fast as MS Anonymous -- 11/09/05

      It's faster.

  27. Facts Anonymous -- 10/09/05

    Where does the author get such information? Where is the latest Mac virus?? Since OS X has been out for the last few years where has the latest virus popped up? Security is always going to be an issue on any OS, but proportionally, even if Mac and Windows had the same numbers, Windows is ultimately and obviously less secure. Get the facts straight. The numbers don't lie.

  28. I just wrote Mac Scott Lahteine -- 10/09/05

    It asks for an admin password with a message about "routine maintenance" and then... ha ha ... erases the entire hard drive! I couldn't possibly get it onto your Mac - much less get it to execute - without direct physical access to your machine, but let's just ignore that fact and cling to the fear, shall we?

    As a consummate computer geek, I realize the potential for security flaws in any system. Linux has security flaws, Unixen have security flaws, and even the beloved Mac has security flaws. The question is how easily these flaws can be exploited, and what kinds of openings are there for such exploits? On Windows you have applications that can be exploited very very easily. Visit a web page with Internet Explorer, and software might be installed and executed on your system without your ever being aware of it. Open an email message or a Word file attachment, and you might find yourself host to a virus or worm. Microsoft has made it far too easy for malicious crackers to cause mayhem. For a Mac to be exploited it almost certainly would have to have a public IP address and have extra services running that aren't enabled by default.

    In general, the Mac *is* more secure than your average Unix system, because for most of us it isn't acting as a server open to the world. And the Mac is not only more secure than Windows, it is *fundamentally* more secure than Windows.

    Has Microsoft surpassed Apple in their approach to security? Not by a long shot. They would need a total redesign of their system from the bottom-up to get to the starting line in this race. Microsoft has improved their response time for exploits, but most Windows machines aren't being patched by common users.

    The day that some piece of software gets installed and executed on this here Mac without my being aware of it.. that's the day I'll put away my Apple rosary. Meanwhile, I'm quite happy being faithful to my chosen religion.

    1. I just wrote Mac "malware" Scott Lahteine -- 10/09/05

      My original title got truncated. Weird.

    2. The Apple Rosary Anonymous -- 11/09/05

      Amen Brother!

  29. Yeah, right. Anonymous -- 10/09/05

    What kind of crap story is this. Why wake up to something that doesn't even exist at this point?

  30. Wake up to the potential!!! What a laugh... Mr. X -- 10/09/05

    "wake up to the potential of attack"

    Well, there's always the potential that a meteor will strike the earth, so what do we do about that? Yet another ridiculous case of OS X FUD by the makers of anti-virus software!

  31. you've had 5 years to write a virus Anonymous -- 10/09/05

    for mac os X - where is it?

    not even one virus available in all that time?? against how many windows virii?

    not even one bit of malware etc as well??

    with millions of os X users, not a single infection reported??

    how can you say its not secure??

    what an absolutely bullshit article. this is journalism at its worst. as well as antivirus companies trying to make us paranoid to sell more product.

    the only protection you need for your mac is a firewall and little snitch.

    don't bother with an antivirus.

  32. Malware Statistics Martin Hill -- 10/09/05

    It is true that Mac users should not believe themselves immune to a *potential* malware attack sometime in the future, but even if/when that finally happens, they still have every right to feel immensely safer than Windows users.<br>
    <br>
    As Kelly Martin, the content editor for Symantec's publication SecurityFocus said in April 2005: "There are no viruses on OS X -- not a single one... Just as Windows users have become accustomed to 140,000 viruses, Apple users have become accustomed to none."
    http://www.theregister.co.uk/2005/04/21/apples_big_virus/<br>
    <br>
    Here are the raw statistics for your information:<br>
    <br>
    Microsoft Windows:<br>
    Viruses and Worms = 17,500 (symantec.com)<br>
    Spyware and Adware programs = 78,000 (www.pestpatrol.com)<br>
    Burrowers = 40 (www.pestpatrol.com)<br>
    80% of PCs infected with spyware (webroot.com)<br>
    Last year (2004) alone:<br>
    - 500 new Trojans (www.pestpatrol.com)<br>
    - 500 new keyloggers (www.pestpatrol.com)<br>
    - 1,287 new adware apps (www.pestpatrol.com)<br>
    - 7,360 new viruses and worms (symantec.com)<br>
    <br>
    Mac OS X:<br>
    Viruses and Worms = 0 <br>
    Spyware programs = 0<br>
    Adware = 0<br>
    Keyloggers = 0<br>
    Burrowers = 0<br>
    Trojans = 3 (symantec.com)<br>
    Last year (2004):<br>
    - 1 Rootkit (symantec.com)<br>
    <br>
    When you look at the actual data, it becomes pretty obvious that with zero worms, viruses, spyware or adware recorded targeting it, Mac OS X remains the safest, pest-free OS by an enormous margin. <br>
    <br>
    Note that Trojans can't spread by themselves - they are bits of code that pretend to be something innocuous and need to be downloaded and opened by an authorised user. In the case of the three targeting Mac OS X, two are harmless while the third deletes a user's home directory if run by that user.<br>
    <br>
    Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker then also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself.<br>
    <br>
    Note that 37 vulnerabilities in Mac OS X noted last year (which were promptly patched by Apple) does not constitute "increased attacks on OS X" as some commentators have stated as no attacks using any of these vulnerabilities have been recorded. Security firm Mi2g states: "Mac OS X and BSD Unix are the "world's safest and most secure 24/7 online computing environments."<br>
    http://www.mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//www.mi2g.com/cgi/mi2g/press/190204_2.php<br>
    <br>
    The theory of "Security through Obscurity" (that there are not enough Macs to be a target for hackers) though certainly a factor, is not the whole story. This theory fails to explain the fact that the number 1 web server, Apache, with almost 70% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which has captured only 21% of the market (Netcraft.com). This theory also does not explain why the Windows Firewall product BlackIce with a marketshare a tenth the size of the Mac had a particularly destructive worm written for it while Mac OS X still has none.<br>
    <br>
    The old classic Mac OS suffered a number of viruses (mostly MS Word macros), but Mac OS X is still untouched.<br>
    <br>
    John Gruber has a useful article on why Windows suffers so much malware:<br>
    http://daringfireball.net/2004/06/broken_windows<br>
    <br>
    However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 15 million+ OS X users out there - however, today is still not that day. Mac OS X has been sitting untouched for 4 years now pretty much without blemish which speaks to a very impressive security story even if/when some effective malware appears. <br>
    <br>
    -Mart

  33. Mac community must wake up to security Anonymous -- 10/09/05

    I am very surprised by your article. You must be a new reporter on technology. First I suggest you obtain a Macintosh and use it. This will help your future stories on apple products. Your article lacks what must writer should have creditibility. The fact that you do not have one reference to a real security breach speaks volume for your piece (oh, I mean article). Three weeks ago all systems at my company rebooted themselve from the zobot virus which was a security exploit of microsoft Operating system. Please how serious is microsoft about security, I bet you didnot ask those companies who lost countly millions of dollars in productivity to windows security breaches. Hey I was productive my workstation didnot reboot. Speaking about security did you compare apples firewall with Windows Which is better? which is more user friendly to configure. if I recall this is another piece I mean software to make you feel good that microsoft is serious about security. Lets see, I believe this didnot help to stop the zobot spread. But you must know that because you did your research. Did you say write articles for microsoft? are they your employer. By the way writing is not my strong suit just like your article on technology must not be yours.

    signing off.

  34. Stupid news strikes again Anonymous -- 10/09/05

    Web news companies post this type of news to generate web-hits and to generate web activity for banners floating above

    Can you say - National Enquirer??? type news for nerds?? Come on ZDnet! bring it up a notch!

  35. The Only Mac Viruses Anonymous -- 10/09/05

    It should be said:

    The Only Mac Viruses are Articles about Mac Viruses.

    Other than that, there is no concern for any users of OSX about Viruses.

  36. Wintel risk to National Security Anonymous -- 10/09/05

    This article totally misses the big picture. The author admits that Apple has managed a PC Operating system which is immune to viruses and then tries to turn on a system proporting some imagined risk, while very REAL Wintel computers are compromised every day. First off, let's give Apple kudos for 0 viruses in over 5 years. The adoption of Unix was a beautiful thing for the Mac community, bringing superior stability as well as security. But let's extend the scope and consider the current National Security implications and the real risk which Wintel computing currently poses to our nation's IT infrastructure. Is the convenience of Big Brother Microsoft too great a risk to National Security? Why doesn't Congress call Microsoft to the carpet for this after last months serious Virus outbreak and the actual impact it had on our nation's industry? The Apple folks aren't doing magic. All computers have the potential to be virus resistant by design like OSX, Linux, and the other flavors of Unix. Regardless of your stand on Apple vs. Wintel vs. Linux vs. Unix, in a time of war, we have pull together to do what's best for the nation, not simply what's best for the profit margins of one giant corporation. This issue has to get fixed and soon, before it's exploited to it's fullest and brings about devastating harm to our nation's economic fabric.

  37. Not quite so Anonymous -- 10/09/05

    It is certainly true that everyone on the Mac must take into account security issues. And I don't know where the author takes his information as to that Mac users wouldn't. The simple fact is, there has been no real security threat to Mac OS X vs 1000s to Windows. Downright absurd is the statement the M$ would be ahead of Apple in security questions. Apple constantly and rapidly fixes security wholes, in my experience much faster than M$. Also, the OS is far more secure, albeit not immune, of course. But the likes of Outlook and Explorer do invite malware. No such thing can be said on the Mac OS X side of things. Security issues on the Mac are a splinter as compared to a M$ forest. And Apple takes better care of their splinter than M$ of their forest. And yet, the splinter my sting at some time, that's for sure. But to say that, the article was way overblown.

  38. And all this time I thought O SX was a Unix system Anonymous -- 10/09/05

    "I put apple a few years behind Microsoft in understanding how to manage security for the users. I put Microsoft a number of years behind the Unix community because the first systems that got hurt -- ten or fifteen years ago -- were Unix systems. Microsoft had to fix the security because it had such a bad reputation and to its credit, the company has really turned it around, " said Borrie.

    I believe Apple is the most widely-sold UNIX-based operating system in the world.

    I'm glad he's not my IT guy.

  39. MS is Safest - Not Counting 2 Weeks Ago ... jbelkin -- 10/09/05

    Is that guy working on a grant from Redmond, where was MS when thousands of computers went down 2 weeks ago? In a parellel universe, no doubt MS is the safest OS on the planet but not in our universe.

  40. Now back in reality.... Martin Pilkington -- 10/09/05

    First off, i will point you all to this:

    http://www.unsanity.org/archives/000396.php

    Very nice post about the whole Opener thing. Anyway... Windows Vista is coming out next year and shall have a load of new security features that will help stop malware from being able to get such a strangle hold on a system. The thing is that many of these already exist on Mac OSX. For example, in order to have a virus completely wipe the whole OSX system you either need root enabled, which isn't on OSX, or you'd need to use sudo to change the permissions to something the user can delete, but that requires entering in your admin password.

    Saying that Macs would suffer just as much as windows if they had the same market share is kinda stupid, due to the fact that OSX doesn't have as many flaws as Windows. I mean, the majority of attacks on windows come from one place, Internet Explorer. Internet Explorer was rushed into the core of windows, along with ActiveX without any consideration for security. This meant that MS had given malware writers the tools they needed to access the core of windows. Coupled with the fact that an Admin account in Windows let's you do practically everything with very few warnings this has led to the huge increase in malware on windows.

    Now one point to consider, Linux has a few pieces of malware, not a huge amount but they exist. Linux also reportedly has an equal market share to OSX, about 3-4%. So why does Linux have more malware than OSX? You could blame it on Linux being used on webservers and such but really it is because some distro's of linux have features that allow malware to be there. The ones that don't have these features don't get affected. The same happens with OSX, there are very few known features that could allow for malware to spread, and if Apple is slow off the mark to fix them, then the Mac community isn't (in the case of the help:// exploit a patch was released by a 3rd party a day or so later while Apple took about a week and a half to fix it).

    The fact is, that while Macs aren't immune to malware, they are much better protected than Windows PC's. The mac community is unique in it's closeness and that is one of the biggest advantages the mac has against malware. If a piece of malware appears then there will be articles on what it does, how to get rid of it and how to stop it getting on your system, applications to patch the hole and death warrants issued for the writer, all within 24-48 hours of it appearing.

    And my last point, malware writers like to cause havock, but they also are very proud. With Mac users sneering in their faces about how secure OSX is you'd think that someone would have written something to get back at them. I mean, imagine the sort of pride it would give them knowing that they were the one to infiltrate OSX, the OS that m