toggle

AAPL Stock: 423 ( -8.77 )

MacNN News

http://www.macnn.com/articles/05/09/09/mac.malware/

Security guru speculates about Mac malware

updated 11:45 am EDT, Fri September 9, 2005

Mac malware

At the University of Otago in New Zealand, where around 40 percent of the computers are Macintosh systems, IT security manager Mark Borrie says Mac users need to wake up to the . Borrie told ZDNet Australia� that although the Mac is generally a more secure platform, it will inevitably be exploited by malware."On the security side of things I reckon the Mac community has yet to wake up to security. They think they are immune and typically have this idea that they can do whatever they want on their Macintosh and run what they like," said Borrie. "We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie.

by MacNN Staff

Post tools:

TAGS :

troubleshooting

toggle

Comments

cebritt
Fresh-Faced Recruit

Joined: Mar 2000

0

09/09, 12:01pm | report spam | close Reply |
Hey Mark

You're missing the point. Macs are more secure because the OS has fewer holes, not just because they're less popular.

bobthenob
Fresh-Faced Recruit

Joined: Jul 2004

0

09/09, 12:14pm | report spam | close Reply |
Someday

Somebody is going to create a headline about the potential for Mac viruses.

Horsepoo!!!
Banned

Joined: Jun 2003

0

09/09, 12:16pm | report spam | close Reply |
And that someone...

...will be ME!!! MUAHAHAHA!

Peter Bonte
Fresh-Faced Recruit

Joined: Aug 2001

0

09/09, 12:46pm | report spam | close Reply |
>

And macusers tend to install the latest greatest en most secure version of the OS as Windows users do not.

jimothy
Fresh-Faced Recruit

Joined: Sep 2000

0

09/09, 12:48pm | report spam | close Reply |
UNIX

From the article:

"I put apple a few years behind Microsoft in understanding how to manage security for the users. I put Microsoft a number of years behind the Unix community because the first systems that got hurt -- ten or fifteen years ago -- were Unix systems."

So if UNIX is a few years ahead of Microsoft, isn't it very likely that Mac OS X would also be ahead, being UNIX based?

Warrenpeace
Fresh-Faced Recruit

Joined: Oct 2001

0

09/09, 12:48pm | report spam | close Reply |
Shut up New Zealand guy!

You just want your name on the web, so you can get hired to consult and make a stupid amount of money making ridiculous, unfounded predictions like this.

denim
Mac Elite

Joined: Jun 2000

0

09/09, 01:02pm | report spam | close Reply |
Apple isn't perfect

You'll note that Apple had to release various patches to deal with security holes. Also, keep in mind that not everyone updates promptly. That's the same problem as in the Windows world: not everyone is a techie, and people tend to leave things alone when they *work*. It's only when things start *failing* that users try to figure out why. We who close the barn door BEFORE the horse gets out, are in the minority. Don't get cocky.

rtamesis
Dedicated MacNNer

Joined: Jan 2000

0

09/09, 01:08pm | report spam | close Reply |
IT propaganda

Someone is just trying to justify his job and explain why he is still needed, especially if his department switches over to Macs instead of Windows PCs.

just a poster
Fresh-Faced Recruit

Joined: Jun 2004

0

09/09, 01:10pm | report spam | close Reply |
security guru voodoo

I think it's pretty likely that there will be more trojans for the mac, but viruses and worms? They are for Microsoft products ONLY.

Next time they should talk to a security expert instead of a guru/hack.

Gabriel Morales

Joined:

0

09/09, 01:14pm | report spam | close Reply | delete
Uh-huh...

It's always advisable to be aware and cautious when it comes to security...

But all this preoccupation with a Mac virus seems to be FUD, rather than based on any real evidence. I reckon there's probably some other less noble agenda behind these people who keep spreading this FUD.

I'll keep waiting for a real Mac virus... that will come.... someday.... until then, I'll just update regularly and not worry much about it.

PBG4 User
Senior User

Joined: Feb 2001

0

09/09, 01:21pm | report spam | close Reply |
Today

In today's Windows world, a virus attacks, then the anti-virus software gets updated. Then the Windows OS gets updated. Seems to me that running anti-virus on Mac doesn't make too much sense since it wouldn't stop an infestation of a currently unknown virus anyway.

Feathers
Grizzled Veteran

Joined: Oct 1999

0

09/09, 01:33pm | report spam | close Reply |
John Dvorak Clone?

Hey, yet another Mac-Baiting bullsh1tter! I'm guessing that this guy is still running OS 8.5.1 and likes a few inches of Uncle Bill. Health warning: Don't Swallow or it seeps into your brain and forces you to write MacFUD and invite the ridicule of the smartest people on the internet! ;)

SunSeeker
Mac Enthusiast

Joined: Apr 2001

0

09/09, 01:34pm | report spam | close Reply |
Sticks and Stones....

""We want to be ready for the first big Macintosh virus -- because it will come. Some day, somebody will say 'I am going to create a headline and write a virus for Mac'," said Borrie. "

I am pretty sure that has already been said, probably thousands of times by would be David's to OSX' Goliath, yet here we are?

Being ready is a good idea, but FUD is FUD whoever is spreading it!

Huck
Fresh-Faced Recruit

Joined: Sep 2005

0

09/09, 02:07pm | report spam | close Reply |
Sigh, It's Only NZ, Folk

Without being needlessly cruel, allow me to point out that this fellow hails from *New Zealand*.

Having just returned from living in that backward disease swamp for the past two years, I can tell you firsthand that the natives aren't the brightest stars in the heavens. In fact, I dare-say, they are generally the most clueless dolts on the planet.

So, I wouldn't worry too much about any missives spewing forth from the University of Otago regarding the imminent arrival of the killer Macintosh virus.

After all, these are the same little folks who are too frightened by the idea of someone running coax into their dwellings to have cable TV. (Instead, they are content to have Sky TV beam down signals that drop out every time it gets windy or rains... which, of course, is every ten seconds in New Zed-land).

~H

nat
Junior Member

Joined: Mar 2002

0

09/09, 02:11pm | report spam | close Reply |
uh... NO!

I'm so sick of this "Mac's aren't as popular" argument for there being no immediate security threats.

Here's what a REAL security expert has to say on the subject:

http://www.theregister.co.uk/2003/12/16/windowsstyle_security_hell_stalks_mac/

brianwells
Fresh-Faced Recruit

Joined: Jul 2002

0

09/09, 03:29pm | report spam | close Reply |
Forced updates?

"It's only when things start *failing* that users try to figure out why."

Perhaps Apple could engineer Mac OS X to stop working every 3 months unless a security patch or OS update was installed ;-)

slur
Fresh-Faced Recruit

Joined: Oct 1999

0

09/09, 08:01pm | report spam | close Reply |
FUD troll..

ZDNet always gets a boost in traffic with these stories. It keeps their ad rates up. Viva Capitalizm!

Back in reality-world, Mac OS X has been out for almost 4 years and no virus or piece of malware has ever been written that can gain control of Mac OS X, never mind propagate itself exponentially over the internet. Microsoft has the monopoly on that phenomenon.

Frankly, if you want to make headlines you're better off attacking Windows. Why waste months trying to exploit the Mac? The Mac doesn't have holes in Safari or Mail or WebDAV or AFP that allow remote code execution, whereas Windows programs and services have more holes than a Swiss cheese factory. If you want to make a headline you can write a Windows virus in a weekend, and there are even dozens of code samples out there to get you started.

In fact, why do anything at all? There'll be a Windows virus headline within a few weeks anyway. Just wait, and someone else will do it for you.

JulesLt
Fresh-Faced Recruit

Joined: Jul 2005

0

09/10, 06:33am | report spam | close Reply |
Same old

Would help if us Mac users could read the whole article using Safari.

Shame - he starts off well - I think everyone needs to be security aware and 'malware' is an issue for anyone on any platform - regardless of what built in security you offer there is always someone dumb enough to run an executable thinking it's something else - even if it prompts you to enter your admin password. Like the XP SP2 Firewall, the Mac firewall doesn't warn about programs dialling out - however, my experience is that people just approve everything - I've seen firewalls spyware programs manually approved!

I'm sure it won't be long before someone creates a Trojan widget (maybe it pretends to do something useful but once you've granted it permission does much more). There are also security holes in both Apple's code and the open source components Apple use - hence the security updates. Same as in Linux and other Unix O/S. Then again, these can be over-played - how many Mac users are running Apache?

What none of these O/S are vulnerable to is the sort of automatic download and execute vulnerabilities MS built into Outlook and Explorer (i.e. ActiveX). Apple notably came close with the initial release of the Dashboard - and reacted quickly, contrary to the security consultants article.

Worms are feasible on non-MS systems - there's been talk of potential vulnerabilities in Cisco routers and most of the security patches (on Unix derived systems or Windows) concern buffer overrun vulnerabilities - holes that allow malicious code to be inserted into an already executing process. Only thing you can do is keep your firewall up and your programs up to date.

Security by obscurity : Macs had more viruses back in the old days, when they were mostly distributed by swapping infected floppy discs. Strangely they dried up about the same time Apple moved MacOs over to a Unix basis. There's not a lot of known Linux viruses, and despite some FUD trying to suggest that the virus writers don't attack their own (yeah right, most Linux users I know wouldn't have a Windows system in their house to test a virus on). To me that says 'design' not 'obscurity'. It also says 'Unix' rather than 'Apple' is what's responsible, but then what do you expect from a system that was designed to run multiple users and multiple programs and protect the underlying machine and other users from being affected by the action of one user??

There's also the fact that far from being obscure it's a well known major target - which is more tempting, writing the 15000th Windows virus or the 1st OS/X one? Especially when you know none of those OS/X users will be expecting it or running security software.

Security updates : Apple's auto-update is equal to the one on Windows XP - that's sufficient for domestic users, but I'm aware corporate networks don't normally use it (imagine having 2000 machines all trying

turtle777
Clinically Insane

Joined: Jun 2001

0

09/12, 11:03am | report spam | close Reply |
FUD

It's just FUD. Nothing more. He probably got a check from an anti-virus software vendor.

-t

Show More Comments

Login Here

toggle

Network Headlines

06/19	Third-party replacement MacBook batteries...
06/19	Texas firm sues Apple over iPhone's...
06/19	First Look: Apple Airport Extreme with...
06/19	Parallels Desktop 8 for Mac updates...
06/19	Apple wins $30M iPad contract with...

Show All

06/19	Third-party replacement MacBook batteries...
06/19	Texas firm sues Apple over iPhone's...
06/19	First Look: Apple Airport Extreme with...
06/19	Apple TV 5.3 update adds HBO Go, Sky...
06/19	Dish gives up on Sprint merger attempt...

Show All

toggle

Security guru speculates about Mac malware

updated 11:45 am EDT, Fri September 9, 2005

Mac malware

Hey Mark

Someday

And that someone...

>

UNIX

Shut up New Zealand guy!

Apple isn't perfect

IT propaganda

security guru voodoo

Uh-huh...

Today

John Dvorak Clone?

Sticks and Stones....

Sigh, It's Only NZ, Folk

uh... NO!

Forced updates?

FUD troll..

Same old

FUD

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

Most Read

10 Most Discussed

MacNN Marketplace

Security guru speculates about Mac malware

updated 11:45 am EDT, Fri September 9, 2005

Mac malware

Related Articles

Recent Articles

Hey Mark

Someday

And that someone...

>

UNIX

Shut up New Zealand guy!

Apple isn't perfect

IT propaganda

security guru voodoo

Uh-huh...

Today

John Dvorak Clone?

Sticks and Stones....

Sigh, It's Only NZ, Folk

uh... NO!

Forced updates?

FUD troll..

Same old

FUD

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

Most Read

10 Most Discussed

MacNN Marketplace