• On TV.com: THE GIRLS NEXT DOOR photos
December 2, 2008 6:40 PM PST

Apple deletes Mac antivirus suggestion

Posted by Elinor Mills
  • Font size
  • Print

Updated 7:45 p.m. PST with expert comment, at 7:20 p.m. PST with context on previous coverage, and at 7:08 p.m. PST with background.

Apple removed an old item from its support site late Tuesday that urged Mac customers to use multiple antivirus utilities and now says the Mac is safe "out of the box."

"We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesperson Bill Evans said.

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box," he said. "However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection."

Apple's previous security message in its KnowledgeBase, which serves as a tutorial for Mac users, was: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Security experts, while pleased that Apple would urge Mac users to install antivirus software, had warned that running multiple antivirus products could cause problems and recommended against it.

Apple's antivirus support note was initially published last year and was updated last month, despite reports that it was a new note.

One Apple expert speculated that Apple was merely removing a poorly worded support note and said it probably wasn't ever Apple's intention to tell Mac users they need antivirus.

"I bet you it was a low-level support note and it hadn't gone through the right approvals," said Rich Mogull, security editor of Apple news site TidBITS. "That's my guess."

To some, Apple's latest move will be seen as back-tracking given that it comes one day after those misleading reports circulated. The motive remains unclear, particularly because Apple didn't replace the previously published suggestion with an updated one.

The message that remains is that Mac users don't really need to take additional steps to protect against viruses and other malware. Telling customers they can run antivirus for "additional protection" could be interpreted as a way to protect against any liability.

There are no known viruses in the wild that exploit a vulnerability in the Mac OS, and Windows continues to be the overwhelming preference for malware writers to target their programs. But malware isn't just taking advantage of operating system weaknesses anymore. In fact, the majority of such threats now come from code that targets weaknesses in browsers and other applications that aren't platform specific.

Mogull said he doesn't recommend that the average Mac user install antivirus software because of the low-level of malicious software seen for Macs at this time.

To me, this new Apple statement poses more questions than it answers.

Regardless of the meaning of Apple's latest action, I'm pleased to now have open lines of communication with the company. Over the last few months, I have had an increasingly difficult time getting any response to my e-mails and phone calls. For instance, I got no response to my requests for comment on Monday's article about this topic. However, after talking to several Apple spokespeople on Tuesday about the matter I am confident that the situation has been cleared up.

I also was reminded of how much collective knowledge CNET readers have about Apple and would like to extend an invitation for people to feel free to contact me directly at elinor.mills@cnet.com with any feedback and tips related to Apple security issues.

Originally posted at Security
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Mac OS X

Tags:

Apple,

Mac,

security,

antivirus

Bookmark:
Digg
Del.icio.us
Reddit
Recent posts from Apple
Video, memory issues with MacBooks being reported
Apple branching out in 2009?
Google's search ads arrive on iPhone, G1
Wal-Mart workers spill the beans on iPhone launch
iPhone sold through Wal-Mart this month?
Turning the iPod Touch into a phone
Apple takes the 'touch' out of multitouch
Apple App Store tops 10,000 applications
Add a Comment (Log in or register) 197 comments
by solu1978 December 2, 2008 7:09 PM PST
Mac is safe .. Apple says so
Reply to this comment
by ekimkaerf December 2, 2008 9:27 PM PST
There are weapons of mass destruction in Iraq.... the government said so...
by victor_sf December 2, 2008 10:57 PM PST
MacOS X is a BSD Unix.
by Seaspray0 December 3, 2008 7:20 AM PST
Smoking doesn't cause cancer. The tobacco industry says so.
by Mr. Dee December 3, 2008 8:42 AM PST
If the Mac is safe, then Windows is the best OS in the world.
by faboumen December 3, 2008 7:26 PM PST
Unix is safe..It is just so.
by oludir December 3, 2008 8:33 PM PST
I guess its time someone writes a very good Mac only virus or trojan.
by Renegade Knight December 4, 2008 9:26 AM PST
@ekimkaerf

There were WMD in Iraq. That's a simple fact. WMD were not why we invaded, they were merely one excuse given for the invation.
by kooleekoolee1 December 5, 2008 9:10 AM PST
Now that's funny!
by chuchucuhi December 2, 2008 7:24 PM PST
It's safe out of the box I mean you wouldn't want to ship your products with viruses, thats just dumb. You release those later and release security patches and then release a new OS that is more secure. Have we learned nothing? That's how ya do it.
Reply to this comment
by pennwood18 December 4, 2008 2:15 AM PST
I go to the "DARK & DANGEROUS" places when I surf the internet, and my Mac is merely 'annoyed' so far .... but even with excellent security, the bad guys trashed my 2 year old Dell 2 years ago. I spent almost enough on security (& service calls) for the Dell to buy the Mac!
So yes indeedy, the Mac is "safe out of the box"
by Michichael December 4, 2008 3:07 PM PST
Penn if you had to pay dell for service calls and security, you obviously didn't know what you were doing. It's not the motorcycle's fault when an inexperienced rider tries to do a wheelie and wipes out. Stick with your training wheels on the kiddie course.
by AppleProLeo December 2, 2008 7:26 PM PST
This is what I've been saying in the last article by Elinor.

While yes you are right that Apple publicly "recommends" [ as an additional protection] using an Anti-Virus software it however doesn't wholeheartedly believe it. Just go to an Apple store and see if any of their Mac's are running an Anti Virus software, nor does it require its employees to be running an Anti-Virus software in it's internal machines like most other companies.

Unfortunately Apple does this because they market their products in a land where the people (try to) sue them for selling an iPhone - which doesn't live upto their speed demands - instead of just returning the damn thing.

Penguinisto is right Anti-Virus software on the Mac is a wast of time, money and speed. You see, AV software run in the background and consume CPU cycles and Memory scanning for something that does not exist. And while yes there is a chance it might one day, but until that day comes you would have wasted all that resource. Imagine if every Mac user used and Anti-Virus software since the release of Max OS X. Look how much wasted energy would have been consumed - anyone from the Greenpeace hippy land around?

Secondly an Anti-Virus software is useless until it knows about the virus, so even if you have an Anti-Virus software running it won't actually do anything until you updated it with a virus definition, which will only be available once/IF a virus is successfully released in the wild. In which case why not buy an Anti-Virus software after/IF the virus is released with the updated virus definition. Though it's likely if it ever did happen Apple will offer a fix through it's software update for free.

The Only time an Anti-Virus is needed on a Mac is if you want to stop the spreading of Windows viruses to other Windows users as it will catch those. But my stance on this is, it's not my responsibility to protect the computers of other especially when they won't even help themselves by having an Anti-Virus software running on their own computers or by not have having a real computer running a real OS.
Reply to this comment
by AppleProLeo December 2, 2008 7:34 PM PST
P.S

Vegaman_Dan and all you other PC Whinnies from the last article, where are you all now and your "...see even Apple tells you to use Anti-Virus software..."

Listen, damn it's so quiet you can almost hear the PC hard drives spinning away in the background scanning for viruses. hahaha.
by Perry_Clease December 2, 2008 7:41 PM PST
"AppleProLeo" great handle
by Mam00th December 2, 2008 7:44 PM PST
When did you lose you objectivity and your critical thinking... I know you feel that you should defend Apple and bash PCs, but don't you realize that Apple is just another company after your money? I find it quite alarming that many people just like you defend a corporation like this with such intensity...

It's sad to see people acting just like you... like tools...
by Hep Cat December 2, 2008 7:46 PM PST
"Secondly an Anti-Virus software is useless until it knows about the virus,"

Much of your comment is insightful, but this statement is not true; anti-virus software should also look for unusual behavior or actions, not merely bits of code that correspond to known viruses. While the most effective way to stop viruses, known and unknown, it's also the most difficult kind of anti-virus software to develop and test.
by shinji257 December 2, 2008 7:48 PM PST
The purpose of antivirus software is to prevent the spread of viruses. This would include known and unknown viruses. Heuristics is used to detect unknown viruses. The resources are not wasted if you never get one because it prevented their installation. The only security that Mac has right now is the "security by obscurity" bit and that is not good enough for me.
by AppleProLeo December 2, 2008 8:12 PM PST
@Mam00th

Thank you for your feedback, however I disagree when you say I have lost my objectivity and my your critical thinking by defending a company who is just after our money.

You see I am backing up my argument with facts and genuine arguments (see my first post above) unlike most other cnet commenters. AppleSuxLeo to name but a few. Secondly I am defending them because they are (in my opinion) in the right and are being wrongly 'attacked' - if you will for a lack of better word.

Lastly while yes they are a corporation who has an interest in monetary gain, however where they differ from almost all other companies in the world is they try and do so while also doing their best in creating wonderful products that innovates and pushes the boundaries of technology. Apple is not a ME-TO company.

You see for Apple monetary gain stands side by side with innovation and "changing the world" or "making a dent in the universe" which is whay Apple is a company many believe to be a company with a "soul - rightly or wrongly. Whether you believe this to be some cheesy marketing or fanboy hype or not - believe me that is how most if not all Apple employees go about with their day to day business at work. I have witnessed it with my own eyes. Which is why their products are as good as they are.

Now I could go on with multiple examples where Apple has proved money doesn't always dictate their business path but that is another article altogether.

I hope this clears things up for you and changes your judgement about me.

------

Where was I, ah yes Fanboy...Steve Jobs for King, yeah baby yeah.
by AppleProLeo December 2, 2008 8:16 PM PST
@ Hep Cat

Yes you are right, maybe I should have said, "Secondly an Anti-Virus software is [almost] useless until it knows about the virus,"

I stand corrected.
by AppleProLeo December 2, 2008 8:24 PM PST
@shinji257

You see that is the point, anything trying to install on OS X needs a password from its Administrator which is why a virus cannot install itself in the background. Nobody has (yet) found a way round it.

So an Aniti-Virus scanning away in the background trying to stop an installation is wasted resources because the OS does that for you. If (BIG IF) someone did come up with a workaround I'm sure Apple would release a free fix in no time at all through its software update, as that would be a major security flaw.
by AppleProLeo December 2, 2008 8:31 PM PST
@ shinji257

P.S

and this "security by obscurity" argument is total **** spread by PC users lacking knowledge and looking for an excuse for their defense in the use of an inferior OS.

Believe me I have argued this point with university professors (family members) who had to "re-evaluate" their argument.
by ?Brian December 2, 2008 9:12 PM PST
The recommendation only applies to people who have PC and Mac systems.

Since both of my systems are Macs, I would not benefit from an AV app.

Interesting how some Windows fanboiz start celebrating the moment they read the news.
by RideMan December 2, 2008 10:53 PM PST
shinji257 says, 'The only security that Mac has right now is the "security by obscurity" bit and that is not good enough for me.'

No. That's not it at all, and quite frankly I don't buy the "security by obscurity" line one bit. There are enough attention hungry bad guys out there who would *love* to be the first to crack OS-X, and the installed user base is big enough that a truly effective piece of OS-X malware would be devastating.

Let's compare this to securing a building, okay?

WINDOWS: Was built with the assumption that this is a good neighborhood. Still, the doors and (yes) windows are closed and locked, but inside is an open floor plan. The plumber is coming, but he knows to use the key under the rock by the side door. Just for safety, there is a security guard (AV software) who keeps an eye on things all the time.

OS-X: Was built assuming a bad neighborhood. Not only are the doors and windows closed and locked, but inside, all the rooms have doors and those doors are always kept locked. All the people who are allowed to be here have their own keys, and those keys only work on certain doors. This includes the plumber...he has his own key. There is no key under the mat. But there is no security guard, either.

Both houses are secure, but if you can find the key under the mat, you can take control of the Windows house. Under OS-X, you could steal the plumber's key, but that would still only get you into the front door and the utility closet.
by ajhoughton December 2, 2008 11:03 PM PST
@Hep Cat, @shinji257:
Heuristics are next to useless, quite frankly. They are responsible for a significant proportion of false positive reports from AV software, and since the criminal malware writing fraternity is not totally inept, they will test their malware against common AV software before releasing it. So heuristics are unlikely to catch any significant new malware in any event.

Heuristic checks, like AV software in general, is for the most part a waste of cycles.
by toosday December 2, 2008 11:50 PM PST
No reasonable person should believe what they hear in an Apple ad.

Apple says so themselves:
http://tinyurl.com/65keus
by afterhours December 3, 2008 6:17 AM PST
Leo, you're a hack. You do have a responsibility to check that anything that comes out of your machine is safe for another machine. You are legally liable for the destruction you purposely, or not-so-purposely cause. If you send an infected document to another person in your company, and that causes them loss of productivity because of your arrogance in not running appropriate safeguards, then I argue that you should be held accountable for the time IT wastes cleaning up after you. It should come out of your paycheck in some form -- perhaps a loss of promotion, wages, future raises... and if it happens again for an item that could have been blocked, then you should be fired. If you send that document to another firm, and they lose time or money, you and your company could be sued.

Morally, you have an obligation, no matter how much you hate on Windows, to not further headaches for others. There is a cascade effect here,and just because we (I've driven a Mac since '86) aren't as vulnerable now like we were in 1999, we should not be too smug. Why do you get a vaccine for polio? It's not widespread. But it's smart preventative action. Your promotion of not using something like ClamXAV is simply ill-advised. Windows will implode in its own right, we don't need to help it along by playing Typhoid Mary.
by AppleProLeo December 3, 2008 7:04 AM PST
@afterhours

Yes I would be legally liable if the piece of software was created and then sent by myself, NOT if it was sent from my machine. A lot of computers (I mean Windows PCs) are taken over in this world as bots without the user knowing and used for ill purposes. Yet no one ever got charged for not having a security or Anit-Virus software running after their computer was used as a bot. So where the hell you are getting this "legally liable" from I have no idea.

Now when you talk about a company situations where documents are being sent internally that is a different matter. I would still not use its (on a Mac) if the company does not make it a requirement, and no I would not be liable in this case either, for not having an AV software because it's not a company policy to have one. In which case company assumes all responsibility.

However I would use an AV software even on a Mac if the company I worked for had a policy dictating to do so, but not because I think I need it but because I would just be following company policy as the good employee.

Do you people give any thought to the arguments before you write them.

Moral obligation, moral obligation - Are you for real. I was born in Bangladesh one of the poorest countries in the world, millions die of poverty there. I of all people know where my moral obligation lies and it isn't no Windows user.
by Penguinisto December 3, 2008 7:09 AM PST
@afterhours:

In a corporate environment, you run what the IT department tells you to run - there was never an argument there. That environment is also treated as an ecosystem, where all computers within it are responsible for each other, so to speak. Home use is different - far different.

As for a legal obligation, that's a very weak argument for running A/V on a Mac. Is the government going to compensate me for the time, electricity, and CPU cycles wasted in running one? No? Then they have no authority to demand that I do. You also have to know full well that a file is infected before passing it on... no A/V, no knowledge of an infection, unless it can be shown that you yourself did the infection with intent.

Moral obligation? Sure - but I cover that by never passing on email attachments that I myself haven't made, re-saved in my own programs, or modified.
by Seaspray0 December 3, 2008 7:13 AM PST
I will stand by my statement that no OS is 100% safe. As proof: There would be no security patches to the software if there wasn't something wrong with the code to begin with. Since patches continue to be released for all operating systems, this proves that flaws in the OS's are continuously being discovered over time. By the description of these patches, you learn that without the patch, a flaw existed. It may have not been exploited, but it did exist and it could have been exploited.
by AppleProLeo December 3, 2008 7:21 AM PST
@Seaspray0

And you are arguing this point because...

Nobody here is say Mac OS - or any other OS for that matter - is "100% safe".
by D3vildog699 December 3, 2008 8:44 AM PST
Good to see apple still mixes that koolaid extra strong for you guys... you are a customer, they are a company... they want your money, WORKING for them has cleared the air on the apple situation... THEY DON"T CARE ABOUT YOU! Holy crap a company after you money! amazing...

Instead of being PRO one things, you should stand objective on all fronts for every OS, i like aspects of OSX, hate most of it... I like parts of LINUX... not a fan of the most of it... Really don't like parts of WINDOWS.. like others... who cares the PC (Macs are a Personal Computer) game is about preference and choice.

The assumption that you no longer need an antivirus is about as intelligent as saying Hitler shoulda ruled... Yes OSX is good, and strong, so is UNIX... turns out i have had 3 windows machines including 1 vista machine with no AV for a year (Funds ran low, dont like avg) never had a virus.

Wake up and smell the coffee guys its a new world where the company goes for your wallet, not your loyalty. If you wanna question the fact that i work for apple, go ahead. Your opinion on that fact means nothing to me.
by ittesi259 December 3, 2008 9:29 AM PST
For those of us that use Macs in a mixed hardware environment it is prudent to run AV software so as to prevent us from passing along infected files after we use them, even if the malware that came with the file can't hurt my machine, it could still destroy my network.
by AppleProLeo December 3, 2008 9:31 AM PST
@D3vildog699

You worked for Apple - well done good for you.

If you've bothered to read our pervious posts you'll see we are backing up our "pro" Apple stances with objective arguments and facts. Unlike many other PC Whinnies like yourself claiming Mac need a AV softwares without any objective thinking or counter arguments.

For example:

You say, "The assumption that you [Mac users] no longer need an antivirus is about as intelligent as saying Hitler shoulda ruled"

You then back up this point by arguing, "...turns out i have had 3 windows machines including 1 vista machine with no AV for a year (Funds ran low, dont like avg) never had a virus."

So the reason we Mac users need an AV software is because you as an individual Vista user had no virus for over a year. With such counter argument wisdom what are to Apple "fandboys" to do. Is it any wonder, with your intellect Apple didn't feel the need to keep you.

Read all the post and see which side - the "Apple Fanboys" or the PC Whinnies - are posting most of the sound and logical arguments. Best PC sided argument I've herd is Mac users should run AV software to protect the spread of viruses of Windows viruses to other Windows user. Right, OK.
by compudoc318 December 3, 2008 9:42 AM PST
i actually like what you said, but as soon as you state, a real cpu running a real os, you lost all respect. I love pc's, but i use macs as well, even married a certified mac tech. i know apples are better for certain things, and pcs for other things. as far as ll the a/v garbage, even without "bad viruses" out there for macs, why not have a/v just in case. unless its norton..lol, its not really slowing you down much, and if it does, get a newer mac. its like living in a flood zone with no flood insuranced because the area hasnt flooded in a long time.
by AppleProLeo December 3, 2008 10:05 AM PST
@compudoc318

The "real PC" I was referring to was any Personal Computer that is not running MS Windows - while it has some advantages it is a very flawed OS is many respects. Though Vista is (trying) improving things, but still a long way to go.

I've already explained myself as to why I do not use an AV software even as a 'just in case' scenario. You argument to buy a new Mac to ficilitae the efficient running of an AV software is pretty silly - sorry, but it is.

And yes it would be silly for me to spend about 10% of my income [cpu resource] on flood insurance if I lived in a Saudi Arabian desert.
by compudoc318 December 3, 2008 10:23 AM PST
apple, i have to agree with you most viruses are stopped by common sence anymore. and i guess i see why apple users arent using a/v now, but it would not surprise me to see the day when its needed. in the end, the whole apple vs. ms all comes down to preference, except in the workplace, but that could change too, since change is the one certain in life and in i.t.! Heck, i love the photo and video editing on macs, but i like the software choices and gaming on my pc.
by D3vildog699 December 3, 2008 10:25 AM PST
@appleproleo

Dude you are a fanboi, your opinion doesn't mean anything if all your bias goes to one OS. Be objective about ALL OS's you loose credibility when your name says things like "AppleProLeo". I know the apple OS is good for somethings, Video editing and such.. but it is not the end all be all of operating system. Get off your high horse, take off the rose colored glasses or whatever you wanna do, seriously bro... this isn't the old world of computing none of these Companies have the strength that they once had.
by D3vildog699 December 3, 2008 10:33 AM PST
P.S ( i wish i could edit my comments)

It's "WORK" for Apple, as in i still do... Sorry if i typed "WORKED" as a writer i have a tendency to type faster than i can correct.
by AppleProLeo December 3, 2008 10:46 AM PST
@D3vildog699

I have no problem with anyone being a "fanboy" or having a bias of any company as long as they are not doing it blindly and are instead based on logical thinking.

My name id is AppleProLeo is just a counter play on the idiot AppleSuxLeo, my real name isn't even Leo. However yes I am pro Apple and have my own reasons for it backed with logical thinking.

I have never claimed Mac OS is the be and end of all OS's - though I do believe it is the best all round commercial OS in the world today. As it marries most of the qualities of Windows and Linux/Unix in one seamless environment.

I am an IT consultant and have worked for both Windows and Mac based companies including Apple. So you can say I do know quite a bit about the world of computing. So making an tech argument for or against and backing it up is something I do for a living. No koolaid involved here.

To be honest what I'm doing now is past of my work - I see this as research, the accumulation of other opinions and seeing if mine can be disputed with sound logic.
by AppleProLeo December 3, 2008 10:54 AM PST
@D3vildog699

You work for Apple at present?

At best you're lying, at worst you're in bit trouble - as in you can say goodbye to your job - if Apple HR sees this page.

I know Apple relaxed its rules last year in regards to its employees commenting on the net but not to the extent where your allowed to comment on Apple - your employer - be it positive or not to the extent your doing.

Here's some free consultation advice.
http://www.monster.co.uk
by Vegaman_Dan December 3, 2008 2:06 PM PST
AppleproLeo wrote:

"Vegaman_Dan and all you other PC Whinnies from the last article, where are you all now and your "...see even Apple tells you to Anti-Virus software..."

Hello! I'm right here and more than happy to comment. I don't take comments like yours personally so it's no issue at all.

And now that Apple has retracted that recommendation, I would have to agree with them. The problem was that Apple was recommending something that you and quite a few others disagreed with, citing superior knowledge of the product than the OEM itself.

Apple has updated their recommendations and I have no issue with it.

It is clear that you are very much pro-Apple and are willing to defend the company against anything that might be construed as negative. That's your right and you can post that opinion freely. Please do not feel offended or take it personally if others do not share that opinion. The world is all the better for havind differences.
by Hernys December 3, 2008 3:33 PM PST
Rideman:
Your analysis is well done, but your inputs are just plain lies. THe architecture and design of both Windows and OSX are based on the same premises. Both are based, if you go back long enough, on the concept of "good neighborhood". Both have been improved enough so that the architecture is sound and the code is reasonably good. Now, if you look at the architecture of the latest versions in detail, they are relatively on par (don't just start a "no, they aren't" war unless you are willing to provide examples, I've studied both architectures quite intensively and I see no advantages to Apple's architecture at all). As for code quality, sorry, Windows code has an order of magnitude fewer security bugs being discovered each month, Microsoft patches faster and that's even more significant considering that Windows gets more attention.
Does this mean that Windows is safer? Certainly not! Windows is attacked much more widely so if you are using WIndows (especially if it's XP) you'll have to take more security measures to be safe.
But that doesn't change the fact that OSX is NOT superior to Windows in the security front. UI, definitely. Performance, maybe. Elegance and integration, yes. But security? Definitely, absolutely and terminantly no. There's no decent analysis of the security aspects of the OS that indicate that.
by D3vildog699 December 3, 2008 4:30 PM PST
Yes i do work for Apple still, and i have these same arguments at my work place with other employees. Its fun to argue with most of them, other take it personally...

If you wanna think that i'm BS'n you, go ahead i could care less, you opinion means very little to me, just as mine probably means very little to you. If you cant give an objective opinion then your pretty much as useless fanboy drone anyways so keep talking, ill keep reading and smiling at your blind loyalty to a company.

(Just so your aware, Employee loyalty went out the window when companies started to outsource, and yes apple does it to.)
by AppleProLeo December 3, 2008 9:59 PM PST
@D3vildog699

You haven't even read what I wrote properly, have you? It's obvious you are trying to tell the would how you work for Apple. Guess what nobody cares, reread what I wrote regarding your status as an Apple employee.

You say you like arguing with other Apple employees, way don't you send a link to this page to Apple HR with your badge number. And see what kind of arguments you come up with then the smack you with the rule book.

Don't worry I do believe you now when you say you are an Apple employee, as you sound just like a stupid 'Mac Specialist' because it's only stupid 'Mac Specialists' who can't stop banging on about how he/she works for Apple and does something as stupid as post it all over the web.

Get over yourself, you're just 'Mac Specialist' - go sell some Anti-Virus software to some poor Apple customer.
by AppleProLeo December 3, 2008 10:10 PM PST
@Vegaman_Dan

Funny how your approach has changed from the chest beating crusader in the last article to this tail between the legs diplomat.

Hah - all you PC Whinnies are a joke.
by D3vildog699 December 4, 2008 6:14 AM PST
Say what you want, your fanboi loyalty is laughable at best. I'm not a "Mac Specialist" or whatever you call it, and you have no idea what my personal job is like, i hate apple computers, but i like working there, and unlike the mac fanbois you find online, such as yourself. The people i work with actually enjoy arguing back with me.

Get a life dude, i was loyal to the government once, and i'll never be loyal to anything else again. everyone is out to screw you and the sooner you realize this the sooner you will get off your high horse.
by Penguinisto December 4, 2008 7:02 AM PST
@D3vildog699:

No, you don't work at Apple (unless you're one of the janitors there or the like). I can say this with certainty because a professional never ***** where he eats.

Here's why: Until recently, I worked for the Intel Corporation (I'm a Sr. Sysadmin - I recently moved to a green energy corporation in September, for one hell of a pay raise), I studiously avoided making any and all comments online concerning the Intel Corporation, period.

I did this specifically to avoid jeopardizing my paycheck, and to help my employer avoid any allegations of astroturfing or opinion-slanting by the news and blogging community. I also did this to avoid even accidentally violating NDAs and/or confidentiality agreements.

If you were an actual professional working for Apple, you would have known enough to do the same.

/P
by D3vildog699 December 4, 2008 7:38 AM PST
As i said, say what you want, i know that i do. Your beliefs about my employment mean nothing.
by D3vildog699 December 4, 2008 7:42 AM PST
Also. Im not at work while posting, and i do not post while at work.

Kudos on the green energy company! :) and Intel is my choice company for Mobos and chips.

Don't worry about my job or what they are going to do about me, former Marine means i can pretty much get a job where i want to.
by Renegade Knight December 4, 2008 9:29 AM PST
@Hep Cat

When anti virus software loses it's ability to track viruses individually they will have to change their methodology to what you are mentioning. We are reaching that poing but aren't quite there. Until we do, it's like they said. The AV software has to know about the virus.
by Me-- December 4, 2008 11:34 AM PST
dude... appleproleo/applebitc*leo... you need to get a life man! just count how many replies you have! i guess the reason aple (dont bother using your spell checker) fanboys "love" their stuff is because they just have way too much time in hand to spend on them rather than having a life!
by mikeburek December 2, 2008 7:48 PM PST
Maybe they hired someone new to computers and gave them access to create that post - or someone got fired and had 2 seconds before their network access was cut off.

I laughed at the "multiple antivirus utilities," and had to check myself that it was not a hoax floating around. Maybe they could work together better on a *nix based system, but it sure does create a pain on Windows.
Reply to this comment
by tabbie36-1 December 2, 2008 8:03 PM PST
In 10 years working on a mixed Mac/PC network (500+ Macs, 200+ PCs), I have seen Norton, Clam, AVG and more anti-virus packages all fail to protect the PCs and result in infected Windows boxes. At the same time, I have yet to install an antivirus package on a Mac, and I have yet to have an infected Mac.

That tells me something about the need for AV software on a Mac.
Reply to this comment
by jumpjetta December 2, 2008 8:58 PM PST
I agree. I've never installed an AV package on a Mac. I've administered about 350 machines in the last 5 years. I've never seen a trojan, virus or other malware exploit on a Mac.
by Vegaman_Dan December 3, 2008 2:30 PM PST
In the last 20 years of working in the IT workd installing OS's on Windows, Linux, and Mac systems on thousands of machines, I have never had a virus either. I take precautions to avoid that issue with end user education, preventative measures on my end, and keeping up with the times.

Does this mean that all three OS's are immune? Of course not. Does it mean that you need AV products on a Mac? No. That logic doesn't work there either. The networks I supported didn't have to deal with the issue because of the preventative measures and education in place.

Today, the focus on attacks aren't on the OS itself but instead upon exploiting flaws in individual applications or web services. That's something that none of the AV products out there can address at this time.
by Penguinisto December 3, 2008 4:57 PM PST
"Does this mean that all three OS's are immune? Of course not."

Does that mean that all three OS's are equally insecure and/or exploitable? Of course not.

Well - do you disagree?

Otherwise, --finally-- a sane post out of you, Dan. How'd that happen? ;)
by pennwood18 December 4, 2008 2:49 AM PST
Thank you ! (really) I'm a Mac home surfer who trashed a Dell, & I'm always a little worried, not-so-much now ...
THANK YOU !
by Renegade Knight December 4, 2008 9:35 AM PST
I can buy that. To borrow a stock market disclaimer: Past performance is no gurantee of future returns. What worked in the past is in the past, it's a good indicator for today, not too bad for next week, but 5 years from now? Everthing could be different.

However since I just got a Mac I'll enjoy the lack of AV on the system bloating it up.
by another_cissp December 2, 2008 8:18 PM PST
Famous last word. While I will would agree AV software is a waste of CPU cycles(windows, Linux, and Mac), I would never suggest to my customers that they don?t use it. Hopefully this does not come back to bite Apple in its conceited ass.
Reply to this comment
by Jeremy Chappell December 3, 2008 12:19 AM PST
I think AT THIS POINT, Anti-Virus software is a bit pointless on the Mac. There simply isn't a threat. However there are things that Mac users should do. Firstly they need to THINK about the trustfulness of software they are installing (is it a great idea to install a "video codec" from some porn site, giving their admin password to do it? [HINT: No, it isn't]).

Mac comes with a Firewall; good idea to use it (it's in the security section of System Preferences). I uncheck the "Open safe files after downloading" in Safari (it's in the General section of Safari's Preferences) but some will feel this is a bit paranoid. Have a reasonably secure admin password. Most important advice, ALWAYS think before just typing it when requested - Mac OS X doesn't require it often, so don't get in the habit of just dumbly typing the password. Of course, you're keeping Mac patched with the latest patches - right? Lastly, while it isn't properly a security issue, make backups - Macs use hard disks (not fairy dust) and those things fail.

Is the Mac magic? No, it's Unix.

Is it more secure than Windows? Yes, Windows is a popular target, and uses "security through obscurity" (you can't look at the source code).

Is this just because Mac has pathetic market share then? No, not completely, the lower levels of Mac OS X are available for widespread inspection (Darwin) and Mac OS X draws on many open source projects.

So is Mac OS X like Linux for security? Well it's probably closer than Windows is, but there are significant parts of the system that are closed source. Historically Mac OS X has proven to have good security, there are things you can do to harden its security but for most users it has to be seen as "good enough".

Is open source software always more secure than closed source? While that is a huge generalisation, I think most of the time that is true, if we're talking about open source projects with on going activity.

Full disclosure: Yes this is being typed on a Mac, but I do also run other OSes (not on this machine) and no currently none of those are Windows (I'm not saying I never need to use Windows - but it is less often now). Do I have a pathological hatred of Microsoft and its products? No, I have Microsoft Office installed on my Mac (legally) I have a Microsoft mouse (I'm not going to try and defend Apple's mighty mouse) and I play games on an XBox360 (Mac isn't ideally suited for playing games... and the XBox360 is a lot cheaper than an Alienware PC, given my preferences for games, it's a good solution - YMMV).
by AppleProLeo December 3, 2008 7:17 AM PST
@Jeremy Chappell

I commend you for you knowledge and wisdom, something that seems to be a rarity in the cnet comment section - and often in the article section too, to be frank.

And yes you are correct in basically saying the best Anti-Virus software on the Mac is a little user education.
by Penguinisto December 3, 2008 12:48 PM PST
"So is Mac OS X like Linux for security?"

Yes. They both use *nix-based internal architectures and are rigged quite similarly for security.
by captain_code December 2, 2008 8:25 PM PST
One important point that is often ignored in debates such as these, is that if there wasn't issues there wouldn't be a need to release "security updates". They would be "feature updates", "usability updates", or "we stuffed that one up updates". Security obviously denotes that there are security issues. That's how virus's are written, by exploiting known and unknown security issues, also known as vulnerabilities. Also, anyone who is a user of US-CERT, will know and receive many emails that describe the "vulnerabilities" that apple is patching in those updates. In my opinion Apple just doesn't have the market share to make it a big enough target yet for viruses and the like. It's only a matter of time.
Reply to this comment
by Jeremy Chappell December 3, 2008 12:28 AM PST
I'm sure Apple will be pleased you think it's only a matter of time before they have sufficient market share. Actually I think we're seeing a shift in the kinds of threats we're seeing, one that bypasses the desktop OS completely. As users make more use of "cloud services" it's those that will be more tempting targets than the users (more and more stateless) desktop.

At this point I don't think Apple will ever need to face the kinds of threat level Windows faces, and some aspects of Mac OS X are inherently more secure than Windows (in fact Microsoft have adopted many of the some ideas in Windows Vista, I'm not suggesting they were copied directly from Mac OS X - other OSes used the same strategies prior to their adoption by Apple when they migrated from Mac OS Classic to Mac OS X).

How data is protected "in the cloud" is going to be a much more interesting topic in the future than any erosion of Mac OS X's security.
by Dalkorian December 3, 2008 10:43 AM PST
"In my opinion Apple just doesn't have the market share to make it a big enough target yet for viruses and the like."

Sigh, how many times does this lie have to be shot down before even the idiots get it?

OS "Classic" (OS 9 and previous) = tiny market share, viruses in the wild.

OS X = growing market share, definitely bigger than OS 9's was, and yet no viruses. Period. None. All proof of concepts I've seen so far have been trojans, not one single virus.

These FACTS prove your opinion is just plain wrong. But I'm guessing you'll keep spreading the lie anyway, maybe because it makes you feel smarter.
by ozoneocean December 2, 2008 8:46 PM PST
The changing of the anitivirus advisory is simply part of the Apple marketing strategy. The brand image is one of a simple to use, good looking, safe, and now green computer system. These claims don't always entirely conform to reality, but they're managed very well.

Of course Macs are susceptible to viruses, this has been proved quite a few times, but such a small target just isn't worth the while for attackers. In fact the Mac user base is probably more susceptible to attacks than any other, since a large part of the threat is actually the social engineering and playing off of the naivete of the victim; A natural assumption of invulnerability isn't such a clever thing.
Reply to this comment
by Znatok December 2, 2008 9:42 PM PST
"Of course Macs are susceptible to viruses, this has been proved quite a few times"

Why lie??

All proof of concept required one or another type of user involvement (providing permission/entering admin password).
There are NO proof of concept when program put itself on machine (from the net or other media) and spread to another by itself.

So, Why lie?

Or just informed?

PS. The only time you could experience mac virus if you run pre MAC OS X system (OS7-8) installed on 10-15 years old hardware.
by Larry O'Brien December 2, 2008 10:10 PM PST
huh? "such a small target just isn't worth the while for attackers." small target? hmmm. guess several tens of millions just doesn't cut it these days. much too small to notice. huh?

these jokers who write the viruses seem to feel vindicated (or are extolled somehow) when they get ANY headline notice. they don't attack because they think the market is too small or nobody would notice? yeah, sure, you betcha.

and of course, the other generality, "Macs are susceptible to viruses, this has been proved quite a few times..." would seem to imply that there have been 'a lot' of Mac viruses. Sophos, Norton & McAfee might disagree, but then I guess all Mac users are just naive victims. sigh.

ALL things done by fallible human beings, most especially millions of lines of coding, is susceptible to intervention, be it a virus, a trojan, a worm or a friendly or unfriendly macro. no one has claimed the Mac OS is invulnerable (ok, no one with any credibility), it's simply an incredibly well built and dynamic series of packages of software with difficult to intercept protections, not impossible, just imposing enough that the jokers have yet to affect our community like they have the Windows community. other than these 'discussions' of course.

it's like Thomas Jefferson said, "the price of freedom is eternal vigilance."

until computers can think for themselves (and hopefully, for us), like Hal, Mycroft Holmes, Data or Kortana, all of us poor sentient creatures must do our own thinking, be aware, be vigilante and be informed. Apple has done a fantastic job, but even the fantastic has limits....

wow, sorry 'bout the soapbox, but I'm tired of the whole Mac vs PC thinking. why 'versus' when the damn things are just tools (ok, fancy, expensive, mostly wonderful, but still just tools); at the end of the day, it's still the gray-matter upstairs that has to do the thinking. think, people. if your car makes a funny noise you can't identify...take it to a mechanic. if your stomach hurts...go to a doctor. if your computer starts the equivalent of drooling or throwing a temper tantum...RUN. ok, just kidding. figure out if repairs are within your operating procedures capability...or take it to someone who does. whether that 'someone' is a virus/diagnostic utility, an Apple/PC genius or the local witch doctor...fix it and move on.

what Jefferson said...eternal vigilance!
by Jeremy Chappell December 3, 2008 12:37 AM PST
That's right. Mac users are clueless idiots. But because there is only six of them worldwide it's not worth your time to empty their bank accounts (they're too stupid to hold down jobs anyway).

Much easier to target PC users, who are all rocket scientists with amazingly secure systems.

I'm glad we cleared this up. I've got to finish dragging my knuckles along the floor, you probably need to finish probing Uranus (or whatever it is you PC users do).
by Dalkorian December 3, 2008 10:47 AM PST
Quit playing with mommies computer, you don't know anything. Finish elementary school, junior high and high school, then come back for an intelligent conversation.
by Rawnchie14 December 3, 2008 11:46 AM PST
Phew, some posters here like to clutter PC and Mac users as to being all the same type of people. This is so sad it's almost funny. We're all human beings here, different and unique human beings. While you obviously like to define you, and others by the computer they use - I'd rather remember that PC users and Mac users, are all different - and I promise you, it's not due to the computer they chose to use.

PC/Mac users need to get off their high horses, and quit generalizing/assuming they know who and what they are talking about. Some actual unbiased facts are all that are needed here.
by bxwatso December 2, 2008 9:03 PM PST
This is one of those things your really can't take back.
Reply to this comment
by Vegaman_Dan December 3, 2008 2:41 PM PST
It's also something that people will endless spin their to their own preference.

"Apple OSX makes antivirus unneccessary"

"Apple backtracks on security"

Both are 100% accurate for this situation.
by gefitz December 2, 2008 9:05 PM PST
Lots of the statements Apple makes here about protection and the need for it demonstrates a clear misunderstanding of the technology behind protection and security.

Not knowing that anti-virus software looks for anomalies that point out the possibility of infection...sort of scares me...seeing this makes me think that folks that do that sort of thing will soon be taking advantage of Apple's naivete...
Reply to this comment
by Jeremy Chappell December 3, 2008 12:45 AM PST
It's not some "lack of understanding". But do you always wear a gas mask when you leave the house? What about deadly airborne infections? Now I know none exist where you live, but don't you understand how such a thing might work?

If there is a significant threat of viral infection afflicting the current version of Mac OS X at any point in the future, I'll get buy Anti-Virus software for my Mac. Until that day, I'll keep patching and taking reasonable precautions. It is not because I'm stupid and don't understand, I know a Mac is just a computer, but until there is something to guard against I'm not going to overreact.
by Goodbye Helicopter December 2, 2008 9:21 PM PST
The sad thing is, most AV apps for Macs simply look for windows malware that is on the mac for whatever reason.
Wasted cycles!
Wasted money!
Wasted effort!
Even if a user manages to authorize and install one on their own mac, it would be real damned hard for the thing to do much damage beyond sending home data that is in-the-clear-text.
No self-propogation, no way to infect the next mac, no way to access the input in an NSSecureInputField
Reply to this comment
by contentcreator--2008 December 2, 2008 9:22 PM PST
If OS X is immune to vulnerabilities, why do they patch it (and Quicktime and Safari) so often? You have to REBOOT OS X after a Safari patch, of all things. You wouldn't have to do that if it was a plain user-mode OS X app. (Better to use Firefox.) If you think OS X is immune, turn off your Apple Update and good luck.

The marketing message has won. Success can be self-limiting.
Reply to this comment
by ?Brian December 2, 2008 10:04 PM PST
Since vulnerabilities are not the same as viruses, Apple does not have to halt their Mac -versus- PC ads.

When I switched to the Mac almost 2 years ago, I knew about the vulnerabilities and when comparing the PC -versus- the Mac, there was one clear winner - hence my decision to switch.

Once you go Mac, you don't go back.
:)
by Znatok December 2, 2008 10:06 PM PST
It's immune to viruses NOT to vulnerabilities.

"A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The term "virus" is also commonly used, albeit erroneously, to refer to many different types of malware and adware programs. " wikipedia
by Jeremy Chappell December 3, 2008 1:01 AM PST
Did anyone suggest it was "immune"? I think what was actually said was there was no need to Anti-Virus software. (As there aren't any Mac viruses in the wild).

But of course, you need to keep the system patched. The Safari question though does merit a more considered answer.

Safari uses the WebKit rendering engine, under Mac OS X, this is also used by other parts of the system, notably "Help" and xCode (and is available to third party developers). Patches made to WebKit need a reboot as a result of fixes applied to WebKit. This is actually a security feature, the system will continue to run after such an update, but some parts of the system might (due to caching within the OS) then be running older an version of WebKit, if the update included a security patch then those parts of the system are still exposed to the issue. QuickTime is similarly as much a system service as a distinct application. Hence it doesn't matter if you run Safari or Firefox, you should keep Safari patched.

The message from Apple is clear on this: Run "Software Update", I doubt they could be much clearer on this - it's in the "Apple Menu" second item from the top! Clearly, they want you to run it.
by ferretboy88 December 3, 2008 3:28 PM PST
Why are Linux guy so into protecting their rigs but Apple folks ignore it?
by Penguinisto December 3, 2008 5:01 PM PST
@"contentcreator": You're operating off of a lot of bad assumptions, first and foremost the faulty assumption that updates and patches are somehow unnecessary. That is false. The story is that A/V software is unnecessary on a Macintosh.

Why? Because:

1) OSX is more secure than Windows by orders of magnitude, and
b) A/V solutions wouldn't be cost-effective on OSX given the stupendously small number of active viruses (read: zero).

Does that help any?
by faboumen December 5, 2008 8:59 PM PST
MacOSX had a (supposedly first) virus released back in 2006 (osx/leap.a). It infected files and sent the file to everyone on your iChat buddy list. See: forums.macrumors.com/showthread.php?t=180323 & guides.macrumors.com/OSX/Leap-A
by laglure December 2, 2008 11:40 PM PST
Hello,

While I would agree that Macs suffer from far less security issues than Windows PCs, I would also point out there have been multiple viruses, trojans, injection scripts, and DOS vulnerabilities for OSX. In 2008 alone, there was:
Macsweeper - which could be installed without direct user interaction and was resistant to deletion.
hovdy trojan
RKOSX - trojan? or virus not sure
Jahlav - trojan- Apple issued security advisor and suggested running AV software for this one I believe
BadBunny worm, affects Windows, OSX, and LINUX! through OpenOffice

As you can see OSX is far from safe, safer yes but not completely safe from a variety of malware. Advising users NOT to use AV/Anti-Malware software is irresponsible. You're not likely to be infected but saying NOT to use it suggests NO threat exists and that is NOT true. An OSX system can be compromised in a variety of ways, the system itself, software on the system, and the network it runs on are all points of attack for a hacker. I find attitude of invulnerability in many Mac users to be very unsettling. OSX will not save you from a DNS exploit or man-in-the-middle attacks on your network. While AV doesn?t help you in those cases, no one should feel invincible when using any computer.
Reply to this comment
by Ravendon December 3, 2008 12:33 AM PST
Macsweeper. Could only be installed by going to KiVVi software's website and installing an application.

RKOSX. Hacking tool. Needs someone at the computer so they can install it. Can't be installed remotely or without knowledge or permission of Admin.

Jahlav. Hacking tool. Needs you to install supposed key generator for cracking software. So you'd have to be a thief and a dumbass to get this on your system.

BadBunny. On Mac OS X, it's just 2 Ruby scripts. The user has to receive a file via iChat, and manually choose to open and run the file contained inside. Again, requiring Dumbass to cooperate and open a strange attached .tgz file in iChat and give it permissions to run.

So yes. Mac OS X is like any hard to breach Unix operating system. It can be compromised with the help of a DUMBASS user or a hacker who is sitting at the computer.

Go secure a computer and let me sit in front of it and I can guarantee that I'll destroy all your data. Doesn't matter what security measures you take or what OS you use or what processor you have.
by afterhours December 3, 2008 6:26 AM PST
And you don't think some switchers would qualify? Or even some long-time Mac users? Anyone from OS9 days seems to blindly click on the authentication to allow anything to run on their systems -- and they are not typically cnet readers. So it is HUMAN nature to be lazy and take the shortcuts. Apple is due for a wakeup call. I'm not saying you run out and by something from securemac or the the other FUD peddlers, but don't think we can't get taken in some fashion.
by Penguinisto December 3, 2008 6:33 AM PST
So, let's see... you list four (four is "many" now?) exploits that require the user to

a) type in an admin password in an environment where such an act is very, very rare for software installs and,
b) actively (and pretty much knowingly) install the thing

...and all the while A/V software won't stop you (and most times has a hard time warning you there is one).

Well Gee... makes me just want to run out and buy a Norton license right now, don't it?

Not.

/P
by Dalkorian December 3, 2008 10:56 AM PST
Do you not understand the terms you use or are you intentionally spreading FUD for an M$ paycheck? Hint: look up any definition for "virus", then describe how any of the mentioned exploits qualify as a "virus". Every one of them is a trojan (trojans can be devastating on any OS, but you'll never understand why until you understand what a trojan is to begin with). You even admit to not understanding the difference between a trojan and a virus ("RKOSX - trojan? or virus not sure"), yet you want everyone to think you know something. LOL.

Go back to elementary school and grow a brain. Until then, stop proving what an idiot you really are.
by laglure December 3, 2008 2:22 PM PST
Well, first let me thank the readers who have chosen personal attacks. I always felt the internet lacked in that area. Secondly, I agree that I have pointed out trojans but I do not understand how trojans do not ally to AV/malware software. I understand the difference between a trojan and a virus, but I don?t understand why people think it?s ok to accept vulnerabilities associated with trojans because they require user interaction. An infected system is an infected system and a good AV/malware suite should provide:
1) Additional warning to the user if specific malicious code is detected
2) Warnings when suspicious patterns are observed in code
3) At least some ability to contain or delete the malware immediately
4) Additional logging of system events which may help locate the malware

All four of those points are good reasons to run some type of AV/malware suite on a critical box. I don?t understand why Mac users get so bent out of shape when this issue comes up. On a daily bases I use Solaris and various nix flavor OSs and they are vulnerable too. A critical Linux box is running AV/malware software on it in addition to hardware based AV/malware boxes in the network. Again, I am not saying you have to run AV/Malware software but I do think saying you don?t have to, is an error and provides a false sense of security to the end user.
I did not mean for my short list of malware to be some all in compassing proof of the inferiority of OSX as some seem to take it. Those programs were notable ones found recently or that I happen to remember from security postings. I used them simply as proof that malicious software for OSX exists and that the use of AV/malware software may provide added security.

Summary: I share, though without the hatred of AV/malware software, the opinion of most here that OSX is far less vulnerable than a Windows box, but feel it to be irresponsible to advise an end user that AV/malware software is unnecessary.
by ferretboy88 December 3, 2008 3:29 PM PST
Don't forget Penguin that many little kids use computers and are click happy. The bad guys could get dumb people to click anything.
by Penguinisto December 3, 2008 4:45 PM PST
@ferretboy:

If you actually give your little kids the root password to the computer they run, you deserve whatever you get :/
by Penguinisto December 3, 2008 5:06 PM PST
@laglure:

Problem is, the tasks you outline in A/V software often fails to do the things you claim it should do (no updated heuristics or signatures, misidentification of legit files, etc). So, well... what's the point?

Right now, the ROI on A/V software is pretty much nil if you;re running Linux, Solaris, or OSX.
by ferretboy88 December 4, 2008 12:44 PM PST
I helped many people with their computers and most people don't even use passwords. They skip right over the master password option. Totally dumb.
by iertry December 2, 2008 11:59 PM PST
Bet Apple is annoyed. This story was even the most read on the BBC News website.
Reply to this comment
by T_C_A December 3, 2008 12:32 AM PST
I am suprised no one bothered to mention that we can run microsoft windows on our Macs.

If you are going to run microsoft windows on any machine you NEED virus software.

I own several PC's and 1 macbook pro. I make my kids use the macbook pro because I don't trust virus software to catch everything. And I won't teach them how to run MSFT windows on it, we use the other PC's in the house if they feel the need to use Microsoft.

TechieChick
Reply to this comment
by planetjeffy December 3, 2008 1:05 AM PST
You all don't get it. Even if the Admin is password protected, most viral infections come from clever programmers taking advantage of computer uses with human engineering. They trick you into clicking or responding to something you shouldn't. Mac users aren't any smarter than PC users. When it does hit, it will be huge and nobody will be prepared.
Reply to this comment
by Jeremy Chappell December 3, 2008 3:16 AM PST
If that something is modifying system files you have to provide the admin password.

Actually I have Safari set up so it doesn't open files (it can do this for some file types). Mac OS X shipped (as a consumer OS) in 2001 - it's almost 2009, how long do we need to wait for this to happen? I'd also disagree, most viral infections are not the work of "clever programmers" most as the work of pretty poor programmers (I'm sure you'll think of exceptions). I agree that many of the most successful attacks are the result of social engineering. But actually, is Anti-Virus really the answer to that?

Mac OS X makes pretty good choices as to what needs users intervention and what doesn't. XP failed users by not asking permission for anything, Vista drowns users by asking permission for things that don't need explicit permission. I'm sure Windows7 will strike a better balance. IMHO Mac OS X already does that. The problem with Vista's approach is users get desensitised to the question of permission by being asked too many times, quickly they stop thinking about what they are being asked as the questioning is too routine. This is probably no better than XP's trust everything approach.

I'm sure service packs for Windows will also address this. (This isn't a technical issue so much as a social engineering one)
by DrtyDogg December 3, 2008 3:26 AM PST
Unless of course the trojan takes advantage of one of the many bugs in os x that allow privilege escalation.
by Penguinisto December 3, 2008 6:36 AM PST
@planetjeffy:

Maybe this will help: it is very, very rare that you need to type in the admin password to install an application on a Mac. Usually you drag and drop it into the Applications folder, and that's it - it's "installed".

If an app requires an admin password to be installed on a Mac, a user is definitely going to notice that.
by lazarbel December 3, 2008 9:27 AM PST
Where did you get your information stating Mac users are not smarter than PC users? A couple of studies indicate otherwise. Higher IQ's, higher annual earnings, higher educational levels. However, I am almost certain those statistics will not hold far into the future considering the large number of diehard PC users currently jumping the fence, diluting the pool.
by Dalkorian December 3, 2008 11:02 AM PST
by DrtyDogg December 3, 2008 3:26 AM PST
Unless of course the trojan takes advantage of one of the many bugs in os x that allow privilege escalation.

----------------------------------------------------------------

Sigh. Look up the definition of "trojan" again. Yes, if the user is tricked into installing malicious software on their own computer, they're in trouble. But in that case it really doesn't matter what OS they're running, does it.

Nothing in the world is perfectly secure. This includes OS's like OS X and Linux. It's just that some OS's are FAR from secure and those OS's tend to get hacked repeatedly in the wild. Guess which OS leads the charge on that front.

Get it now?
by DrtyDogg December 4, 2008 3:13 AM PST
Sigh, a trojan doesn't have to be installed manually, the "trick" you speak of can be as simple as viewing an image(see there most recent patch fix) which allows for remote code execution. Or as seen in Pwn to Own, visiting a web page again allowing remote code execution(this one through quick time).

I do not have AV software installed on my Mac, or my OS X86 machine, but it really isn't a bad idea for most people to be protected before a problem arises.
by topgunb2 December 3, 2008 2:06 AM PST
This is Steve Job, Jeremy Chappell please see me tomorrow for a PR post at apple, your dedication in defending apple product (even if you are not an apple employee) is commendable.
ps: couldn't be stuffed to create a new a/c with stevejob as user name!
Reply to this comment
by Jeremy Chappell December 3, 2008 3:04 AM PST
Don't be stupid.

Which part of what I said was "PR Spin"? Don't confuse a technical evaluation of a product's strengths and weaknesses as "blind faith".

Mac OS X doesn't have a virus issue.

If you're an idiot and install anything you come across you can end up installing something that does something that does something nasty, Mac OS X isn't immune from user stupidity (especially a user with the admin password).
by DrtyDogg December 3, 2008 3:27 AM PST
See Pwn to Own. The mac was owned by visiting a website. No other user interaction was necessary.
by ckurowic December 3, 2008 4:15 AM PST
dogg: don't be stupid. Everyone knows how full of b/s that nerd hacker competition was. It was SOCIAL ENGINEERING not a virus. NO SYSTEM is immune from that.
by D3vildog699 December 3, 2008 10:29 AM PST
Fanboi makes another excuse seeing his precious OS hacked...
by Rawnchie14 December 3, 2008 12:10 PM PST
@ ckurowic

How full of bs IS this competition? The fact that you chose to call it a "nerd competition" inclines me to believe that you...

1) Believe that you are better somehow than these "nerds" you speak of.
2) Believe that just because it's not a virus, you're alright.

Well, I'd love to argue with you, but from your other comments, you seem to fan-boyish-ly smite anyone who isn't a die hard Apple fan like yourself, so I'll let you think what you like, no matter how pathetic it is.
by DrtyDogg December 4, 2008 3:16 AM PST
Social engineering: visit this website. No other user interaction was required after hitting enter on the URL. Don't be stupid the OS is coded by people, that means it is not without flaws.
by ckurowic December 3, 2008 4:17 AM PST
Wow I didn't see this coming two days ago when I first commented. Let the PEECEE fanboys start the spewing of hot air.
Reply to this comment
by Penguinisto December 3, 2008 6:38 AM PST
Heh. Most of 'em are going to be awfully quiet... :)
by rapier1 December 3, 2008 9:43 AM PST
Its comments like this that make me want to throw my Mac out the window so I'm not tainted by association with the mac fanboi zealots.
by Penguinisto December 3, 2008 10:31 AM PST
Heya rapier1 - feel free to throw it out anytime you like. ;)

(seriously - drama-queenery is not really much of an argument... you need to lay off it, man)

/P
by rapier1 December 3, 2008 11:15 AM PST
Why should I throw it out? I don't have a problem with the machine. Only the people that the company seems to attract. And really, you are the *last* person that should be saying anything about drama queens. No one seems to be as invested in dragging out every argument as you.
by Penguinisto December 3, 2008 12:51 PM PST
If you say so...

(but if it helps, I got one hell of a laugh out of your post).
by Vegaman_Dan December 3, 2008 2:58 PM PST
Penguinisto wrote:

"Heh. Most of 'em are going to be awfully quiet... :) "

Either that, or they haven't been able to get in a word edgewise amongst all the Apple Apologists. There's an awful lot of excuses being made by everyone.


As for drama- you are one of the biggest emo-drama posters here, Penguinisto. Make sure you remember to include yourself in that category of people you suggest to 'lay off it'.

"If you say so... "

And you frequently do. :)
by ferretboy88 December 3, 2008 3:22 PM PST
I bought an Apple computer a few years ago. I sold it after I understood that owning a mac was like being in a cult. Why do they act so crazy. My computer is the best your computer sucks. ha ha. Like little kids.
by Penguinisto December 3, 2008 4:48 PM PST
Oh yeah... I threaten all kinds of weird things, like throwing my computer out of the window because someone says something I disagree with...

ROTFL...

"There's an awful lot of excuses being made by everyone. "

True, but yours are pretty entertaining.

/P
by ddanckaert December 3, 2008 4:37 AM PST
Of course, if you don't have antivirus installed on a Mac, how do you really know you've not had an infection, or not passed one along to others, including Windows users.

I view it as a responsibility to have antivirus installed on all my computers, even if the risk is low. And for the Mac, I use Intego VirusBarrier X5 which has a minimal performance hit.
Reply to this comment
by Dalkorian December 3, 2008 11:05 AM PST
One idea is to keep track of network traffic. That's how we know at my work that there are no infections in any of our Macs (the entire company is running Macs, except the main server itself with runs AIX).

Just a thought.
by Jeremy Chappell December 3, 2008 4:42 AM PST
Where has this "security by obscurity" nonsense come from?

It's a description of the security of closed source systems - like Windows. The Mac takes the opposite view, and has a (largely) open source code base. I'm sure Linux users (and others) will view Mac system as "too closed" but some Windows fanboy trying to suggest Macs are "security by obscurity" is frankly laughable.

The idea behind "security by obscurity" is this: if you don't know how something functions you can't defeat it. The argument about that or "peer review" (the opposite approach) is as old as locksmiths!

Microsoft uses "security by obscurity" it has nothing to do with rarity. It is a fundamental design choice, and people have argued both sides for years.
Reply to this comment
by Dalkorian December 3, 2008 11:10 AM PST
This "security by obscurity" nonsense comes from M$ fanbois who haven't been around computers long enough to realize that OS X isn't Apple's first operating system. I try to counter that idiotic claim when I run across it, but they never listen. They *WANT* the myth to be true because it makes them feel better about their bad decision.
by Rawnchie14 December 3, 2008 12:16 PM PST
@ Dalkorian

What bad decision? You seem to assume anyone without a Mac must be struggling with their computers. Because viruses merely exist, they MUST be bothering people, right?

While I do agree the security by obscurity argument is a dirty lie by Apple-haters, I do urge you to quit the militant PC bashing and would like to remind you that Linux, is still the most secure operating system around.
by jinx101a December 3, 2008 6:53 PM PST
"Security through obscurity" means among other things that Mac's enjoy better security because there are far less of them on the Internet. You can mock the comment because you have nothing substantial to add but the idea is still a valid argument.

Also, it's cliche and hypocritical to scream fan boy at every person who doesn't like something you do. If you & Dalkorian are not the poster children of a being a Mac zealot I don't know what is.
 See all 197 Comments >>
advertisement

In the news now

Photos: Engelbart's demo, 40 years later

On December 9, 1968, SRI's Douglas Engelbart unveiled the computer mouse, hyperlinks, and navigable windows, in an event seen by many as one of the most important in the history of technology.


Which tax-prep service can you afford?

Webware reads between the lines of the bewildering pricing for Intuit TurboTax and H&R Block TaxCut to point you toward the best possible deal.


About Apple

At the start of the 21st century, there's no tech outfit more influential than Apple. CNET News' Tom Krazit and other reporters will attempt to make sense of the rumors, hype, products, and people that will shape the future of the company. But Apple's not the only game in town, as the established cell phone companies and others strike back against the iPhone. E-mail Tom at Tom.Krazit@cnet.com.

Add this feed to your online news reader

Apple topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
CES
Cell phones
Dell
GPS
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET