Mac OS X: Is it true that MacOS is Virus Free?...
You take yourself wayyyyy too seriously, pal...
by b8375629 - 2/26/08 8:50 PM In reply to: I doubt it... by b8375629"Why don't you accept when someone not only says you're wrong, but explains why? What makes you so special?"
(smacking head - ho boy!) 
"No matter how many times you get corrected, you continue to assert that I don't know what I'm talking about, and exalt yourself like some kind of authority in IT."
Uh, no...I think you can't accept somebody disagreeing with you, so you take it to a personal extreme everytime somebody else does. Maybe you shouldn't go around spreading so much FUD. It only makes you look like a fool.
"I think everyone following this thread knows by now that you're not. Why are you wasting your time, my time, and everyone else's time, trying to play it off?"
Hey a few posts back, you announced it was the end of the debate. I can see that you're not a man of your word, so if I'm really wasting your time, you can end it anytime you want to.
But you won't so don't complain.
"If this were true, you would have confirmed it the first time I mentioned it in this thread."
What, am I supposed to print my resume online for you? LOL...
"No, you're attempting to take the path of least resistance, spewing your own ad-hominem attacks at me to machete your way through the thicket of correction legitimately substantiated by me."
(??) - - - ---> That's funny.
"Some of us know how to thank others for the enlightenment of correction, and don't have to "make saves" and pick up the lie where it left off for the sake of our pride & ego. Obviously, you're not among us."
Dude, you really need to get out and get some fresh air. Seriously. You take this (and yourself) wayyyy too seriously. You sound like you're on the verge of going off the deep end here.
"Obviously your pride and ego are so indispensable to you that you'll continue to assert that I'm mad..."
Well if you're not, you're pretty close to it. (laughs)
"...and pursuing a "what if" game, in spite of the fact that I've already linked to legitimate security vendors who record and describe Linux malware. I suppose it's just a figament of my "quixotic" imagination, right?"
It is a figment of your imagination, and it looks like most of the people who've responded to you, aren't really impressed by any of the so-called proof you've googled up. Maybe you shouldn't try so hard, huh? Or are you that big a slave to Microsoft that you've put blinders on towards any of the other possibilities that out there.
"Why don't I buy an Apple? Because I'm not worried, plain and simple."
Coulda fooled me... - - - not 
Nah, just some fun.
by b8375629 - 2/26/08 8:54 PM In reply to: No scaremongering here, just warning by santuccie"LOL, now you're sending me private messages? Wow, you've really taken this personally!"
Oh I'm doing that 'cause I know the mods will be deleting all this shortly. And I want to make sure you know I'm having fun with you before they do.
(laughing)
Night nite, sanduccie...
by b8375629 - 2/26/08 9:00 PM In reply to: Nah, just some fun. by b8375629It's getting late. Us adults have to go to work tomorrow. I know you don't quite know what that is son, but someday when you're all grown up and have to pay your own bills, you will.
LOL....
Google searches and Dai Zovi's comment
by Krioni - 2/24/08 12:46 PM In reply to: Here's an example for you by santuccieLeopard's firewall is disabled by default, but Mac users are not "sitting ducks" because there aren't any service ports open that are vulnerable by default. Your comment (discussed below) about who is "more secure" is based on quotes from security researcher Dino Dai Zovi after a "hack-a-Mac" competition where NO ONE could hack a Mac through a remote-only exploit, which is what a firewall protects against. In other words, the firewall wasn't needed to stop dedicated hackers. The exploit that DID work required the user visiting a malicious website manually, which a firewall wouldn't help with. So, Apple went with usability here, since the security benefits were negligible.
Interesting comment about Google searches, although that wasn't the original question. It was whether Macs have viruses, not "which is more secure?" For all you know, the original poster absolutely refuses to upgrade (downgrade?) to Vista for reasons OTHER than security (I seem to remember reading that Windows users weren't very happy with it... somewhere...).
I think what you're saying is that Windows Vista is more secure than XP, which was much less secure than Mac OS X. I'll agree that with UAC turned on, Vista seems to be much better than XP. My understanding, though, is that it tends to do one of two things: (1) teach people to click "Allow" every time, or (2) make people so crazy they turn it off. Neither is good for security, although at least it moves Vista closer to the "everything that can go wrong can be blamed on the user" scenario.
Also, one of the major differences between Mac OS X and Windows (at least before Vista) was that READING email messages could not infect you on a Mac - only opening attachments could. Microsoft foolishly made the decision to make its email clients execute attachments when the user merely tried to read the message to see what it was. I assume they've remedied that in Vista (and perhaps before)?
Google searches are fascinating exercises in discovering "what people are saying," but proof of nothing. Ever read someone saying something you knew to be untrue? Also, I did the search you suggested, and it seems that all or most of the results in Google are people talking about what security researcher Dino Dai Zovi said, so does that mean it's really only one result? Also, many of those results add a question mark after your search phrase, not an exclamation point. Google results for a phrase mean that people are talking. Things that are universally known to be true don't require a lot of people commenting on them. It's usually the controversial things that get talked about.
By the way, the number of Google results for "os x is more secure than windows" is 4,510. Anybody care? I don't.
Dino Dai Zovi, by the way, also said: "I use a Mac as my primary, secondary, and tertiary computers." Must be that he uses only Macs because they are LESS secure? Maybe there are other reasons for not using Vista - maybe it's increased security comes at the expense of less usability. My understanding is that many people are sticking with Windows XP, despite its inferior security, due to many shortcomings in Vista. In addition, in Dai Zovi's list of security procedures, he mentions that he doesn't bother running any commercial anti-virus software.
See http://daringfireball.net/2007/04/interview_dino_dai_zovi
More details about what Dino Dai Zovi said, since he's the expert you rely upon for your theory: he said that Vista's code quality is better "in newly-written code." Guess what? Both Mac OS X and Windows have large amounts of NON-newly-written code, so the quote you mentioned is not directly what he said. Read Dai Zovi's comments in context at:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9018138&pageNumber=3
Anyway, the point is that Mac users are safer. In some theoretical future, that may change. Of course, one hopes that Apple won't just sit down and rest on its laurels, but continue to improve as well. Maybe someday, enough of the Windows users whose machines currently comprise vast networks of millions of spam-spewing zombie computers will upgrade to something - anything! - other than what they have now, and the amount of spam will go down.
Let's cheer for anyone who improves security. If Dai Zovi is right, and Microsoft has made some recent improvements in how they make more secure new code, let's hope two things: (1) they carry that over to replacing all of their insecure old code, an admittedly difficult task, and (2) anything smart behavior of theirs is either already being done, or soon will be, by others, including Apple.
I'm going to stick to the computer platform Dai Zovi uses: Mac OS X. Less headaches, between the security of yesterday(?) and the much better user experience.
Good luck with whatever you choose. But, whatever you choose, please do what it takes to be secure - I hate getting spam because of others' poor security.
Let me explain this a little better...
by santuccie - 2/24/08 4:26 PM In reply to: Google searches and Dai Zovi's comment by Krioni'Leopard's firewall is disabled by default, but Mac users are not "sitting ducks" because there aren't any service ports open that are vulnerable by default. Your comment (discussed below) about who is "more secure" is based on quotes from security researcher Dino Dai Zovi after a "hack-a-Mac" competition where NO ONE could hack a Mac through a remote-only exploit, which is what a firewall protects against. In other words, the firewall wasn't needed to stop dedicated hackers. The exploit that DID work required the user visiting a malicious website manually, which a firewall wouldn't help with. So, Apple went with usability here, since the security benefits were negligible.'
--Why does the Mac have a firewall at all then? And what do you think a firewall is for? I'm not talking about IDS/IPS, which a lot of popular firewall products use to help fight malware. The actual purpose and function for which the firewall was developed is to keep out the snoops and hide your presence online. One open port, regardless of what services use it, gives you away. And if you truly have the expertise to debate here, you should know that a dedicated hacker can punch through SPI. What do you think is worse, having to restore your system after a virus attack, or having to spend months to years, and thousands of dollars to recover from identity theft?
Again, remember that social engineering has always been the foremost delivery technique in the digital underworld. The case in point at the Hack-a-Mac competition was that your platform is not invincible. You will see me repeat this point as you read on.
'Interesting comment about Google searches, although that wasn't the original question. It was whether Macs have viruses, not "which is more secure?" For all you know, the original poster absolutely refuses to upgrade (downgrade?) to Vista for reasons OTHER than security (I seem to remember reading that Windows users weren't very happy with it... somewhere...).'
--Good point, and forgive me if you felt I went too far off-topic. But I did give you what you asked for. You asked for an example of ItW threats to the Mac; you got one.
'I think what you're saying is that Windows Vista is more secure than XP, which was much less secure than Mac OS X. I'll agree that with UAC turned on, Vista seems to be much better than XP. My understanding, though, is that it tends to do one of two things: (1) teach people to click "Allow" every time, or (2) make people so crazy they turn it off. Neither is good for security, although at least it moves Vista closer to the "everything that can go wrong can be blamed on the user" scenario.'
--No, that's not what I was saying. The very context used in the Google searches mentioned above should have made that clear. And apparently I gave you the impression that UAC is a HIPS engine of sorts. That's not what it is; it doesn't cry "Wolf!" every time a program tries to access the Internet, accept inbound traffic, monitor keystrokes, or whatever. It's only a checkpoint for processes that require high privileges. A drive-by downloading Trojan would not be able to sneak past it. And since UAC does not produce the kind of popup fatigue you would expect from a first-generation HIPS, or a firewall with one, a sudden UAC popup while you're surfing the Web would be an immediate red flag. But again, I was only pointing out that UAC is yet another speed bump along the path to gaining a foothold. A parasite would still have to circumvent IE7's protected mode and access the API.
'Also, one of the major differences between Mac OS X and Windows (at least before Vista) was that READING email messages could not infect you on a Mac - only opening attachments could. Microsoft foolishly made the decision to make its email clients execute attachments when the user merely tried to read the message to see what it was. I assume they've remedied that in Vista (and perhaps before)?'
--No. Instead of worrying about attack vectors, which are actually covered in the new SDL project, they locked down the attack surfaces, the key regions malware need access to in order to run with Windows.
'Google searches are fascinating exercises in discovering "what people are saying," but proof of nothing. Ever read someone saying something you knew to be untrue? Also, I did the search you suggested, and it seems that all or most of the results in Google are people talking about what security researcher Dino Dai Zovi said, so does that mean it's really only one result? Also, many of those results add a question mark after your search phrase, not an exclamation point. Google results for a phrase mean that people are talking. Things that are universally known to be true don't require a lot of people commenting on them. It's usually the controversial things that get talked about.'
--Good point. Proof? No. Let's say food for thought. Dino Dai Zovi is not the only person quoted in those 2,000 results, but that's not the point, either. The issue is that Mac users such as yourself presume from the get-go that Mac OS is secure and Windows is not, which is precisely what makes the turning point with Vista a potentially "controversial" thing. It is not universally known.
'More details about what Dino Dai Zovi said, since he's the expert you rely upon for your theory: he said that Vista's code quality is better "in newly-written code." Guess what? Both Mac OS X and Windows have large amounts of NON-newly-written code, so the quote you mentioned is not directly what he said. Read Dai Zovi's comments in context at:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9018138&pageNumber=3'
--"I also hoped that the live demonstration of a Mac OS X exploit would provide some much needed hard evidence in the recent Mac security debates." This is my point. The ratio of new code to old code is not, and neither is it to Dai Zovi. When referring to newer code in the SDL project, he is talking about third-party applications, not the operating system itself.
'Anyway, the point is that Mac users are safer. In some theoretical future, that may change. Of course, one hopes that Apple won't just sit down and rest on its laurels, but continue to improve as well. Maybe someday, enough of the Windows users whose machines currently comprise vast networks of millions of spam-spewing zombie computers will upgrade to something - anything! - other than what they have now, and the amount of spam will go down.'
--Amen to that. Personally, I use Challenge-Response.
'Let's cheer for anyone who improves security. If Dai Zovi is right, and Microsoft has made some recent improvements in how they make more secure new code, let's hope two things: (1) they carry that over to replacing all of their insecure old code, an admittedly difficult task, and (2) anything smart behavior of theirs is either already being done, or soon will be, by others, including Apple.
'Good luck with whatever you choose. But, whatever you choose, please do what it takes to be secure - I hate getting spam because of others' poor security.'
--Actually, everything a Windows user needs to protect their machine(s) has been there in NTFS all along. All you have to do is disable write-access to the kernel. In order to start with Windows, malware must be able to install/modify a system service or driver, write to the registry, or both. All these attack surfaces are in one central location. Furthermore, in order for remote code execution to occur, a script must be able to declare a function in Windows API. If write-access is disabled in system32, the program cannot launch in the first place. There's more than one way to lock Windows down; one is demonstrated here: http://invincible-windows.blogspot.com/
Personally, I don't use Arovax Shield. I just lock system32 and two of its subfolders: config and drivers (config contains the registry hives; drivers is self-explanatory). I have three machines at home; none of them have antivirus or antispyware. One of the desktops stays on 24/7 for printer sharing and autosurfs. I keep over 10 tabs open in the browser, only occasionally refreshing to clear out cache and speed it back up. The only time I unlock the kernel is to install software, and I always know what it is I'm installing.
Our machines don't get infected, not even with adware. Even if I neglected to scan at VirusTotal and opened an infected e-mail attachment, it couldn't do anything. Of course I can't speak for the masses, but my own systems are safer than your Macs will ever be out of the box. You don't need to worry about me littering the Web with spam. And because I don't use AV/AS, my systems are even more nimble and stable than OS-X Tiger. No errors, no halts, no bluescreens, and they're fast. You should see them go!
'I'm going to stick to the computer platform Dai Zovi uses: Mac OS X. Less headaches, between the security of yesterday(?) and the much better user experience.'
--I'm glad your user experience is a pleasant one. I need my right-click context menus. Like I said above, there is such an Utopia for Windows as well; Mac users just don't need a tech like me to get there. That having been said, a Mac could very well be exactly what the OP needs. My disagreement with you had nothing to do with it. You asked for an example of ItW malware for the Mac platform; I gave it to you.
Oops!
by santuccie - 2/24/08 4:54 PM In reply to: Let me explain this a little better... by santuccieSorry, I didn't notice that you were a different person.
Hmm.
by wkia - 2/25/08 2:42 PM In reply to: Let me explain this a little better... by santuccieI've got to try this. I've got an old HP Box sitting around doing absoutely nothing, What can I lose?
Anyway, to tell you the truth, this is something I did not know, so thanks for the tip (and the link)
Slightly off topic, but relevant,
by mrmacfixit
- 2/25/08 4:49 PM
In reply to: Let me explain this a little better... by santuccie
the Mac had the Right Click Contextual menus back in the days of System 9
All currently shipping Desktop Macs ship with a 5 button mouse so, should you ever decide to change, your contextual menus are there for the having
P
Thanks for the update
by santuccie - 2/25/08 5:06 PM In reply to: Slightly off topic, but relevant, by mrmacfixit
All I ever see is a 1-button mouse, and there are Macs on display in the student store running Leopard. I wonder why they don't standardize the 2-or-more-button mouse to utilize it? That's just wasteful.
Anyway, like I told wkia, I prefer Windows for its hardware and software options. Upgradeability is the reason why the IBM compatible leapfrogged the Mac in the first place, even when the Mac OS was way better than DOS or Windows.
The fastest PC is faster than the fastest Mac. I don't know about Vista, but your video editing is less choppy with XP than it can ever be with Rosetta or Parallels. If it's not broke, don't fix it.
http://compreviews.about.com/od/general/ss/MacXP.htm
The mouse you see in the student store
by mrmacfixit - 2/26/08 4:55 AM
In reply to: Thanks for the update by santuccie
is the "Mighty Mouse" and that is the one with the multiple buttons.
Although there are no obvious signs of separate "clickable" parts, there are still there.
The inner workings of the mouse detect whether you clicked on the right or the left side. The scroll "pimple" is also a button, the scroll goes up/down/left/right/diagonally and the final button is a squeeze on the sides.
Hard to see how the Mac Pro, with its 4 quadruple core xeon processors is slower than the fastest commercially available user PC, but what the heck
P
Thank you
by santuccie - 2/26/08 7:26 AM In reply to: The mouse you see in the student store by mrmacfixit
I didn't know that was how the Apple mouse works now.
I can't tell you off the top of my head of a PC that comes stock with a quad-core Xeon, but it's up to the consumer what they want to put in it. I'm talking about home-built powerhouses. 
I was just going on a stock machine
by mrmacfixit - 2/26/08 7:39 AM
In reply to: Thank you by santuccie
This from the Mac Pro
Two 3.2GHz Quad-Core Intel Xeon (8-core)
Bet that screams!
Cool stuffs!
by santuccie - 2/26/08 8:38 AM In reply to: I was just going on a stock machine by mrmacfixit
I'll bet that does scream! :P
Morris Worm
by msgale - 2/26/08 3:50 PM In reply to: Slightly off topic, but relevant, by mrmacfixit
Remember, remember the 2nd of November (1988)
"certainly" doesn't make you right
by Krioni - 2/23/08 9:04 AM In reply to: No, it is not. by thljclYou can say "certainly not virus-free," but using the word "certainly" doesn't make your unsupported assertion true.
Symantec sells anti-virus software to Mac (and Windows) users. They admit there are no viruses for Mac OS X, although there were proof-of-concept WORMS and Trojan Horses. Not viruses. So, there have been a few pieces of demo malware, but no viruses. Here's the link:
http://www.symantec.com/enterprise/security_response/weblog/2006/07/macinenterprise_mac_os_x_virus.html
Even the OSX.Leap.A mentioned in that post as a "worm" required the _user_ to choose to run something. It was social-engineering-based, which means that it was a worm that required a Trojan Horse-type infection route.
Another "proof-of-concept" piece of malware is OSX.Macarena. It merely replicates, without doing anything harmful, and only within the directory that it was installed. It has no way to install itself, and so isn't a threat. Oh, and the source code is available, with comments by the author in it that he couldn't get it to do anything dangerous.
http://www.zdnet.com.au/news/security/soa/Mac-virus-author-admits-coding-difficulties/0,130061744,339272051,00.htm
Furthermore, you'd have to download, compile, and install this "virus" by hand, which makes it more like the old UNIX joke of sending an email that asks the targeted person "please delete all your files for me."
http://macdailynews.com/index.php/weblog/comments/11556/
(quoting a no-longer-free MacFixit review of the situation including responses by Symantec).
Reminder: don't run a program from an untrusted source. See OSX.Exploit.Launchd, at:
http://www.symantec.com/security_response/writeup.jsp?docid=2006-063013-2645-99
If you run that program, it can open up a door for someone to take over your computer. Then again, as I mentioned, Trojan Horses depend on the user doing something very unwise, and are almost impossible to block if the user decides runs them. Again, it's a personal computer - the company who sold it to you assumed you'd want to, you know, USE it, which generally involves letting you decide what programs you want to run.
David Pogue of the NY Times wrote a good piece in 2006 about some general ideas I've mentioned:
http://pogue.blogs.nytimes.com/2006/08/25/25pogues-posts-4/
In that piece, he also expresses hope that Vista would be safer than XP. It appears to be safer, but certainly not safe. Read more (especially the last two sections, where MS sat on a fix for a serious vulnerability until AFTER many people were hacked) at:
http://www.viruslist.com/en/analysis?pubid=204791938
Anyway, as I mentioned previously, Mac OS X is safer by design, but certainly not perfect. Apple releases security updates for a reason - they've been staying ahead of potential attackers. Users also need to avoid running untrusted code. Having a regular backup system helps, too. The company I mentioned in my previous post (hacked because of a too-simple password) lost almost no data because they had good backups.
Safe computing is the best thing you can do. Mac OS X just makes it easier to do that while wasting less time and money on anti-virus packages, etc.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
