• On GameFAQs: Is it OK to lay my Wii down on its side?
December 2, 2008 6:40 PM PST

Apple deletes Mac antivirus suggestion

by Elinor Mills

Updated 7:45 p.m. PST with expert comment, at 7:20 p.m. PST with context on previous coverage, and at 7:08 p.m. PST with background.

Apple removed an old item from its support site late Tuesday that urged Mac customers to use multiple antivirus utilities and now says the Mac is safe "out of the box."

"We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesperson Bill Evans said.

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box," he said. "However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection."

Apple's previous security message in its KnowledgeBase, which serves as a tutorial for Mac users, was: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Security experts, while pleased that Apple would urge Mac users to install antivirus software, had warned that running multiple antivirus products could cause problems and recommended against it.

Apple's antivirus support note was initially published last year and was updated last month, despite reports that it was a new note.

One Apple expert speculated that Apple was merely removing a poorly worded support note and said it probably wasn't ever Apple's intention to tell Mac users they need antivirus.

"I bet you it was a low-level support note and it hadn't gone through the right approvals," said Rich Mogull, security editor of Apple news site TidBITS. "That's my guess."

To some, Apple's latest move will be seen as back-tracking given that it comes one day after those misleading reports circulated. The motive remains unclear, particularly because Apple didn't replace the previously published suggestion with an updated one.

The message that remains is that Mac users don't really need to take additional steps to protect against viruses and other malware. Telling customers they can run antivirus for "additional protection" could be interpreted as a way to protect against any liability.

There are no known viruses in the wild that exploit a vulnerability in the Mac OS, and Windows continues to be the overwhelming preference for malware writers to target their programs. But malware isn't just taking advantage of operating system weaknesses anymore. In fact, the majority of such threats now come from code that targets weaknesses in browsers and other applications that aren't platform specific.

Mogull said he doesn't recommend that the average Mac user install antivirus software because of the low-level of malicious software seen for Macs at this time.

To me, this new Apple statement poses more questions than it answers.

Regardless of the meaning of Apple's latest action, I'm pleased to now have open lines of communication with the company. Over the last few months, I have had an increasingly difficult time getting any response to my e-mails and phone calls. For instance, I got no response to my requests for comment on Monday's article about this topic. However, after talking to several Apple spokespeople on Tuesday about the matter I am confident that the situation has been cleared up.

I also was reminded of how much collective knowledge CNET readers have about Apple and would like to extend an invitation for people to feel free to contact me directly at elinor.mills@cnet.com with any feedback and tips related to Apple security issues.

Originally posted at Security
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Security and spyware,

Mac Software

Tags:

Apple,

Mac,

security,

antivirus

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Download Blog
Review redux: Flixster movie app for BlackBerry
Official NASA app and a hovercraft racing game: iPhone apps of the week
Popular iPhone movie app flops on BlackBerry
Must-have utilities for your Windows toolkit
Opera Mobile 10 beta browser: First Look video
Doom, Command & Conquer revived for iPhone
Mozilla's e-mail group looks toward the cloud
Seven essential free software apps for a new PC
Add a Comment (Log in or register) Showing 1 of 4 pages (208 Comments)
by solu1978 December 2, 2008 7:09 PM PST
Mac is safe .. Apple says so
Reply to this comment
by ekimkaerf December 2, 2008 9:27 PM PST
There are weapons of mass destruction in Iraq.... the government said so...
by victor_sf December 2, 2008 10:57 PM PST
MacOS X is a BSD Unix.
by Seaspray0 December 3, 2008 7:20 AM PST
Smoking doesn't cause cancer. The tobacco industry says so.
by Mr. Dee December 3, 2008 8:42 AM PST
If the Mac is safe, then Windows is the best OS in the world.
by faboumen December 3, 2008 7:26 PM PST
Unix is safe..It is just so.
by oludir December 3, 2008 8:33 PM PST
I guess its time someone writes a very good Mac only virus or trojan.
by Renegade Knight December 4, 2008 9:26 AM PST
@ekimkaerf

There were WMD in Iraq. That's a simple fact. WMD were not why we invaded, they were merely one excuse given for the invation.
by lokeykoo December 5, 2008 9:10 AM PST
Now that's funny!
by chuchucuhi December 2, 2008 7:24 PM PST
It's safe out of the box I mean you wouldn't want to ship your products with viruses, thats just dumb. You release those later and release security patches and then release a new OS that is more secure. Have we learned nothing? That's how ya do it.
Reply to this comment
by pennwood18 December 4, 2008 2:15 AM PST
I go to the "DARK & DANGEROUS" places when I surf the internet, and my Mac is merely 'annoyed' so far .... but even with excellent security, the bad guys trashed my 2 year old Dell 2 years ago. I spent almost enough on security (& service calls) for the Dell to buy the Mac!
So yes indeedy, the Mac is "safe out of the box"
by Michichael December 4, 2008 3:07 PM PST
Penn if you had to pay dell for service calls and security, you obviously didn't know what you were doing. It's not the motorcycle's fault when an inexperienced rider tries to do a wheelie and wipes out. Stick with your training wheels on the kiddie course.
by AppleProLeo December 2, 2008 7:26 PM PST
This is what I've been saying in the last article by Elinor.

While yes you are right that Apple publicly "recommends" [ as an additional protection] using an Anti-Virus software it however doesn't wholeheartedly believe it. Just go to an Apple store and see if any of their Mac's are running an Anti Virus software, nor does it require its employees to be running an Anti-Virus software in it's internal machines like most other companies.

Unfortunately Apple does this because they market their products in a land where the people (try to) sue them for selling an iPhone - which doesn't live upto their speed demands - instead of just returning the damn thing.

Penguinisto is right Anti-Virus software on the Mac is a wast of time, money and speed. You see, AV software run in the background and consume CPU cycles and Memory scanning for something that does not exist. And while yes there is a chance it might one day, but until that day comes you would have wasted all that resource. Imagine if every Mac user used and Anti-Virus software since the release of Max OS X. Look how much wasted energy would have been consumed - anyone from the Greenpeace hippy land around?

Secondly an Anti-Virus software is useless until it knows about the virus, so even if you have an Anti-Virus software running it won't actually do anything until you updated it with a virus definition, which will only be available once/IF a virus is successfully released in the wild. In which case why not buy an Anti-Virus software after/IF the virus is released with the updated virus definition. Though it's likely if it ever did happen Apple will offer a fix through it's software update for free.

The Only time an Anti-Virus is needed on a Mac is if you want to stop the spreading of Windows viruses to other Windows users as it will catch those. But my stance on this is, it's not my responsibility to protect the computers of other especially when they won't even help themselves by having an Anti-Virus software running on their own computers or by not have having a real computer running a real OS.
Reply to this comment
by AppleProLeo December 2, 2008 7:34 PM PST
P.S

Vegaman_Dan and all you other PC Whinnies from the last article, where are you all now and your "...see even Apple tells you to use Anti-Virus software..."

Listen, damn it's so quiet you can almost hear the PC hard drives spinning away in the background scanning for viruses. hahaha.
by Perry_Clease December 2, 2008 7:41 PM PST
"AppleProLeo" great handle
by Mam00th December 2, 2008 7:44 PM PST
When did you lose you objectivity and your critical thinking... I know you feel that you should defend Apple and bash PCs, but don't you realize that Apple is just another company after your money? I find it quite alarming that many people just like you defend a corporation like this with such intensity...

It's sad to see people acting just like you... like tools...
by Hep Cat December 2, 2008 7:46 PM PST
"Secondly an Anti-Virus software is useless until it knows about the virus,"

Much of your comment is insightful, but this statement is not true; anti-virus software should also look for unusual behavior or actions, not merely bits of code that correspond to known viruses. While the most effective way to stop viruses, known and unknown, it's also the most difficult kind of anti-virus software to develop and test.
by shinji257 December 2, 2008 7:48 PM PST
The purpose of antivirus software is to prevent the spread of viruses. This would include known and unknown viruses. Heuristics is used to detect unknown viruses. The resources are not wasted if you never get one because it prevented their installation. The only security that Mac has right now is the "security by obscurity" bit and that is not good enough for me.
by AppleProLeo December 2, 2008 8:12 PM PST
@Mam00th

Thank you for your feedback, however I disagree when you say I have lost my objectivity and my your critical thinking by defending a company who is just after our money.

You see I am backing up my argument with facts and genuine arguments (see my first post above) unlike most other cnet commenters. AppleSuxLeo to name but a few. Secondly I am defending them because they are (in my opinion) in the right and are being wrongly 'attacked' - if you will for a lack of better word.

Lastly while yes they are a corporation who has an interest in monetary gain, however where they differ from almost all other companies in the world is they try and do so while also doing their best in creating wonderful products that innovates and pushes the boundaries of technology. Apple is not a ME-TO company.

You see for Apple monetary gain stands side by side with innovation and "changing the world" or "making a dent in the universe" which is whay Apple is a company many believe to be a company with a "soul - rightly or wrongly. Whether you believe this to be some cheesy marketing or fanboy hype or not - believe me that is how most if not all Apple employees go about with their day to day business at work. I have witnessed it with my own eyes. Which is why their products are as good as they are.

Now I could go on with multiple examples where Apple has proved money doesn't always dictate their business path but that is another article altogether.

I hope this clears things up for you and changes your judgement about me.

------

Where was I, ah yes Fanboy...Steve Jobs for King, yeah baby yeah.
by AppleProLeo December 2, 2008 8:16 PM PST
@ Hep Cat

Yes you are right, maybe I should have said, "Secondly an Anti-Virus software is [almost] useless until it knows about the virus,"

I stand corrected.
by AppleProLeo December 2, 2008 8:24 PM PST
@shinji257

You see that is the point, anything trying to install on OS X needs a password from its Administrator which is why a virus cannot install itself in the background. Nobody has (yet) found a way round it.

So an Aniti-Virus scanning away in the background trying to stop an installation is wasted resources because the OS does that for you. If (BIG IF) someone did come up with a workaround I'm sure Apple would release a free fix in no time at all through its software update, as that would be a major security flaw.
by AppleProLeo December 2, 2008 8:31 PM PST
@ shinji257

P.S

and this "security by obscurity" argument is total **** spread by PC users lacking knowledge and looking for an excuse for their defense in the use of an inferior OS.

Believe me I have argued this point with university professors (family members) who had to "re-evaluate" their argument.
by  Brian December 2, 2008 9:12 PM PST
The recommendation only applies to people who have PC and Mac systems.

Since both of my systems are Macs, I would not benefit from an AV app.

Interesting how some Windows fanboiz start celebrating the moment they read the news.
See more comment replies
by mikeburek December 2, 2008 7:48 PM PST
Maybe they hired someone new to computers and gave them access to create that post - or someone got fired and had 2 seconds before their network access was cut off.

I laughed at the "multiple antivirus utilities," and had to check myself that it was not a hoax floating around. Maybe they could work together better on a *nix based system, but it sure does create a pain on Windows.
Reply to this comment
by tabbie36-1 December 2, 2008 8:03 PM PST
In 10 years working on a mixed Mac/PC network (500+ Macs, 200+ PCs), I have seen Norton, Clam, AVG and more anti-virus packages all fail to protect the PCs and result in infected Windows boxes. At the same time, I have yet to install an antivirus package on a Mac, and I have yet to have an infected Mac.

That tells me something about the need for AV software on a Mac.
Reply to this comment
by jumpjetta December 2, 2008 8:58 PM PST
I agree. I've never installed an AV package on a Mac. I've administered about 350 machines in the last 5 years. I've never seen a trojan, virus or other malware exploit on a Mac.
by Vegaman_Dan December 3, 2008 2:30 PM PST
In the last 20 years of working in the IT workd installing OS's on Windows, Linux, and Mac systems on thousands of machines, I have never had a virus either. I take precautions to avoid that issue with end user education, preventative measures on my end, and keeping up with the times.

Does this mean that all three OS's are immune? Of course not. Does it mean that you need AV products on a Mac? No. That logic doesn't work there either. The networks I supported didn't have to deal with the issue because of the preventative measures and education in place.

Today, the focus on attacks aren't on the OS itself but instead upon exploiting flaws in individual applications or web services. That's something that none of the AV products out there can address at this time.
by Penguinisto December 3, 2008 4:57 PM PST
"Does this mean that all three OS's are immune? Of course not."

Does that mean that all three OS's are equally insecure and/or exploitable? Of course not.

Well - do you disagree?

Otherwise, --finally-- a sane post out of you, Dan. How'd that happen? ;)
by pennwood18 December 4, 2008 2:49 AM PST
Thank you ! (really) I'm a Mac home surfer who trashed a Dell, & I'm always a little worried, not-so-much now ...
THANK YOU !
by Renegade Knight December 4, 2008 9:35 AM PST
I can buy that. To borrow a stock market disclaimer: Past performance is no gurantee of future returns. What worked in the past is in the past, it's a good indicator for today, not too bad for next week, but 5 years from now? Everthing could be different.

However since I just got a Mac I'll enjoy the lack of AV on the system bloating it up.
by another_cissp December 2, 2008 8:18 PM PST
Famous last word. While I will would agree AV software is a waste of CPU cycles(windows, Linux, and Mac), I would never suggest to my customers that they don?t use it. Hopefully this does not come back to bite Apple in its conceited ass.
Reply to this comment
by Jeremy Chappell December 3, 2008 12:19 AM PST
I think AT THIS POINT, Anti-Virus software is a bit pointless on the Mac. There simply isn't a threat. However there are things that Mac users should do. Firstly they need to THINK about the trustfulness of software they are installing (is it a great idea to install a "video codec" from some porn site, giving their admin password to do it? [HINT: No, it isn't]).

Mac comes with a Firewall; good idea to use it (it's in the security section of System Preferences). I uncheck the "Open safe files after downloading" in Safari (it's in the General section of Safari's Preferences) but some will feel this is a bit paranoid. Have a reasonably secure admin password. Most important advice, ALWAYS think before just typing it when requested - Mac OS X doesn't require it often, so don't get in the habit of just dumbly typing the password. Of course, you're keeping Mac patched with the latest patches - right? Lastly, while it isn't properly a security issue, make backups - Macs use hard disks (not fairy dust) and those things fail.

Is the Mac magic? No, it's Unix.

Is it more secure than Windows? Yes, Windows is a popular target, and uses "security through obscurity" (you can't look at the source code).

Is this just because Mac has pathetic market share then? No, not completely, the lower levels of Mac OS X are available for widespread inspection (Darwin) and Mac OS X draws on many open source projects.

So is Mac OS X like Linux for security? Well it's probably closer than Windows is, but there are significant parts of the system that are closed source. Historically Mac OS X has proven to have good security, there are things you can do to harden its security but for most users it has to be seen as "good enough".

Is open source software always more secure than closed source? While that is a huge generalisation, I think most of the time that is true, if we're talking about open source projects with on going activity.

Full disclosure: Yes this is being typed on a Mac, but I do also run other OSes (not on this machine) and no currently none of those are Windows (I'm not saying I never need to use Windows - but it is less often now). Do I have a pathological hatred of Microsoft and its products? No, I have Microsoft Office installed on my Mac (legally) I have a Microsoft mouse (I'm not going to try and defend Apple's mighty mouse) and I play games on an XBox360 (Mac isn't ideally suited for playing games... and the XBox360 is a lot cheaper than an Alienware PC, given my preferences for games, it's a good solution - YMMV).
by AppleProLeo December 3, 2008 7:17 AM PST
@Jeremy Chappell

I commend you for you knowledge and wisdom, something that seems to be a rarity in the cnet comment section - and often in the article section too, to be frank.

And yes you are correct in basically saying the best Anti-Virus software on the Mac is a little user education.
by Penguinisto December 3, 2008 12:48 PM PST
"So is Mac OS X like Linux for security?"

Yes. They both use *nix-based internal architectures and are rigged quite similarly for security.
by captain_code December 2, 2008 8:25 PM PST
One important point that is often ignored in debates such as these, is that if there wasn't issues there wouldn't be a need to release "security updates". They would be "feature updates", "usability updates", or "we stuffed that one up updates". Security obviously denotes that there are security issues. That's how virus's are written, by exploiting known and unknown security issues, also known as vulnerabilities. Also, anyone who is a user of US-CERT, will know and receive many emails that describe the "vulnerabilities" that apple is patching in those updates. In my opinion Apple just doesn't have the market share to make it a big enough target yet for viruses and the like. It's only a matter of time.
Reply to this comment
by Jeremy Chappell December 3, 2008 12:28 AM PST
I'm sure Apple will be pleased you think it's only a matter of time before they have sufficient market share. Actually I think we're seeing a shift in the kinds of threats we're seeing, one that bypasses the desktop OS completely. As users make more use of "cloud services" it's those that will be more tempting targets than the users (more and more stateless) desktop.

At this point I don't think Apple will ever need to face the kinds of threat level Windows faces, and some aspects of Mac OS X are inherently more secure than Windows (in fact Microsoft have adopted many of the some ideas in Windows Vista, I'm not suggesting they were copied directly from Mac OS X - other OSes used the same strategies prior to their adoption by Apple when they migrated from Mac OS Classic to Mac OS X).

How data is protected "in the cloud" is going to be a much more interesting topic in the future than any erosion of Mac OS X's security.
by Dalkorian December 3, 2008 10:43 AM PST
"In my opinion Apple just doesn't have the market share to make it a big enough target yet for viruses and the like."

Sigh, how many times does this lie have to be shot down before even the idiots get it?

OS "Classic" (OS 9 and previous) = tiny market share, viruses in the wild.

OS X = growing market share, definitely bigger than OS 9's was, and yet no viruses. Period. None. All proof of concepts I've seen so far have been trojans, not one single virus.

These FACTS prove your opinion is just plain wrong. But I'm guessing you'll keep spreading the lie anyway, maybe because it makes you feel smarter.
by ozoneocean December 2, 2008 8:46 PM PST
The changing of the anitivirus advisory is simply part of the Apple marketing strategy. The brand image is one of a simple to use, good looking, safe, and now green computer system. These claims don't always entirely conform to reality, but they're managed very well.

Of course Macs are susceptible to viruses, this has been proved quite a few times, but such a small target just isn't worth the while for attackers. In fact the Mac user base is probably more susceptible to attacks than any other, since a large part of the threat is actually the social engineering and playing off of the naivete of the victim; A natural assumption of invulnerability isn't such a clever thing.
Reply to this comment
by Znatok December 2, 2008 9:42 PM PST
"Of course Macs are susceptible to viruses, this has been proved quite a few times"

Why lie??

All proof of concept required one or another type of user involvement (providing permission/entering admin password).
There are NO proof of concept when program put itself on machine (from the net or other media) and spread to another by itself.

So, Why lie?

Or just informed?

PS. The only time you could experience mac virus if you run pre MAC OS X system (OS7-8) installed on 10-15 years old hardware.
by Lazlo666 December 2, 2008 10:10 PM PST
huh? "such a small target just isn't worth the while for attackers." small target? hmmm. guess several tens of millions just doesn't cut it these days. much too small to notice. huh?

these jokers who write the viruses seem to feel vindicated (or are extolled somehow) when they get ANY headline notice. they don't attack because they think the market is too small or nobody would notice? yeah, sure, you betcha.

and of course, the other generality, "Macs are susceptible to viruses, this has been proved quite a few times..." would seem to imply that there have been 'a lot' of Mac viruses. Sophos, Norton & McAfee might disagree, but then I guess all Mac users are just naive victims. sigh.

ALL things done by fallible human beings, most especially millions of lines of coding, is susceptible to intervention, be it a virus, a trojan, a worm or a friendly or unfriendly macro. no one has claimed the Mac OS is invulnerable (ok, no one with any credibility), it's simply an incredibly well built and dynamic series of packages of software with difficult to intercept protections, not impossible, just imposing enough that the jokers have yet to affect our community like they have the Windows community. other than these 'discussions' of course.

it's like Thomas Jefferson said, "the price of freedom is eternal vigilance."

until computers can think for themselves (and hopefully, for us), like Hal, Mycroft Holmes, Data or Kortana, all of us poor sentient creatures must do our own thinking, be aware, be vigilante and be informed. Apple has done a fantastic job, but even the fantastic has limits....

wow, sorry 'bout the soapbox, but I'm tired of the whole Mac vs PC thinking. why 'versus' when the damn things are just tools (ok, fancy, expensive, mostly wonderful, but still just tools); at the end of the day, it's still the gray-matter upstairs that has to do the thinking. think, people. if your car makes a funny noise you can't identify...take it to a mechanic. if your stomach hurts...go to a doctor. if your computer starts the equivalent of drooling or throwing a temper tantum...RUN. ok, just kidding. figure out if repairs are within your operating procedures capability...or take it to someone who does. whether that 'someone' is a virus/diagnostic utility, an Apple/PC genius or the local witch doctor...fix it and move on.

what Jefferson said...eternal vigilance!
by Jeremy Chappell December 3, 2008 12:37 AM PST
That's right. Mac users are clueless idiots. But because there is only six of them worldwide it's not worth your time to empty their bank accounts (they're too stupid to hold down jobs anyway).

Much easier to target PC users, who are all rocket scientists with amazingly secure systems.

I'm glad we cleared this up. I've got to finish dragging my knuckles along the floor, you probably need to finish probing Uranus (or whatever it is you PC users do).
by Dalkorian December 3, 2008 10:47 AM PST
Quit playing with mommies computer, you don't know anything. Finish elementary school, junior high and high school, then come back for an intelligent conversation.
by Rawnchie14 December 3, 2008 11:46 AM PST
Phew, some posters here like to clutter PC and Mac users as to being all the same type of people. This is so sad it's almost funny. We're all human beings here, different and unique human beings. While you obviously like to define you, and others by the computer they use - I'd rather remember that PC users and Mac users, are all different - and I promise you, it's not due to the computer they chose to use.

PC/Mac users need to get off their high horses, and quit generalizing/assuming they know who and what they are talking about. Some actual unbiased facts are all that are needed here.
by bxwatso December 2, 2008 9:03 PM PST
This is one of those things your really can't take back.
Reply to this comment
by Vegaman_Dan December 3, 2008 2:41 PM PST
It's also something that people will endless spin their to their own preference.

"Apple OSX makes antivirus unneccessary"

"Apple backtracks on security"

Both are 100% accurate for this situation.
by gefitz December 2, 2008 9:05 PM PST
Lots of the statements Apple makes here about protection and the need for it demonstrates a clear misunderstanding of the technology behind protection and security.

Not knowing that anti-virus software looks for anomalies that point out the possibility of infection...sort of scares me...seeing this makes me think that folks that do that sort of thing will soon be taking advantage of Apple's naivete...
Reply to this comment
by Jeremy Chappell December 3, 2008 12:45 AM PST
It's not some "lack of understanding". But do you always wear a gas mask when you leave the house? What about deadly airborne infections? Now I know none exist where you live, but don't you understand how such a thing might work?

If there is a significant threat of viral infection afflicting the current version of Mac OS X at any point in the future, I'll get buy Anti-Virus software for my Mac. Until that day, I'll keep patching and taking reasonable precautions. It is not because I'm stupid and don't understand, I know a Mac is just a computer, but until there is something to guard against I'm not going to overreact.
by Goodbye Helicopter December 2, 2008 9:21 PM PST
The sad thing is, most AV apps for Macs simply look for windows malware that is on the mac for whatever reason.
Wasted cycles!
Wasted money!
Wasted effort!
Even if a user manages to authorize and install one on their own mac, it would be real damned hard for the thing to do much damage beyond sending home data that is in-the-clear-text.
No self-propogation, no way to infect the next mac, no way to access the input in an NSSecureInputField
Reply to this comment
by contentcreator--2008 December 2, 2008 9:22 PM PST
If OS X is immune to vulnerabilities, why do they patch it (and Quicktime and Safari) so often? You have to REBOOT OS X after a Safari patch, of all things. You wouldn't have to do that if it was a plain user-mode OS X app. (Better to use Firefox.) If you think OS X is immune, turn off your Apple Update and good luck.

The marketing message has won. Success can be self-limiting.
Reply to this comment
by  Brian December 2, 2008 10:04 PM PST
Since vulnerabilities are not the same as viruses, Apple does not have to halt their Mac -versus- PC ads.

When I switched to the Mac almost 2 years ago, I knew about the vulnerabilities and when comparing the PC -versus- the Mac, there was one clear winner - hence my decision to switch.

Once you go Mac, you don't go back.
:)
by Znatok December 2, 2008 10:06 PM PST
It's immune to viruses NOT to vulnerabilities.

"A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. The term "virus" is also commonly used, albeit erroneously, to refer to many different types of malware and adware programs. " wikipedia
by Jeremy Chappell December 3, 2008 1:01 AM PST
Did anyone suggest it was "immune"? I think what was actually said was there was no need to Anti-Virus software. (As there aren't any Mac viruses in the wild).

But of course, you need to keep the system patched. The Safari question though does merit a more considered answer.

Safari uses the WebKit rendering engine, under Mac OS X, this is also used by other parts of the system, notably "Help" and xCode (and is available to third party developers). Patches made to WebKit need a reboot as a result of fixes applied to WebKit. This is actually a security feature, the system will continue to run after such an update, but some parts of the system might (due to caching within the OS) then be running older an version of WebKit, if the update included a security patch then those parts of the system are still exposed to the issue. QuickTime is similarly as much a system service as a distinct application. Hence it doesn't matter if you run Safari or Firefox, you should keep Safari patched.

The message from Apple is clear on this: Run "Software Update", I doubt they could be much clearer on this - it's in the "Apple Menu" second item from the top! Clearly, they want you to run it.
by ferretboy88 December 3, 2008 3:28 PM PST
Why are Linux guy so into protecting their rigs but Apple folks ignore it?
by Penguinisto December 3, 2008 5:01 PM PST
@"contentcreator": You're operating off of a lot of bad assumptions, first and foremost the faulty assumption that updates and patches are somehow unnecessary. That is false. The story is that A/V software is unnecessary on a Macintosh.

Why? Because:

1) OSX is more secure than Windows by orders of magnitude, and
b) A/V solutions wouldn't be cost-effective on OSX given the stupendously small number of active viruses (read: zero).

Does that help any?
by faboumen December 5, 2008 8:59 PM PST
MacOSX had a (supposedly first) virus released back in 2006 (osx/leap.a). It infected files and sent the file to everyone on your iChat buddy list. See: forums.macrumors.com/showthread.php?t=180323 & guides.macrumors.com/OSX/Leap-A
by laglure December 2, 2008 11:40 PM PST
Hello,

While I would agree that Macs suffer from far less security issues than Windows PCs, I would also point out there have been multiple viruses, trojans, injection scripts, and DOS vulnerabilities for OSX. In 2008 alone, there was:
Macsweeper - which could be installed without direct user interaction and was resistant to deletion.
hovdy trojan
RKOSX - trojan? or virus not sure
Jahlav - trojan- Apple issued security advisor and suggested running AV software for this one I believe
BadBunny worm, affects Windows, OSX, and LINUX! through OpenOffice

As you can see OSX is far from safe, safer yes but not completely safe from a variety of malware. Advising users NOT to use AV/Anti-Malware software is irresponsible. You're not likely to be infected but saying NOT to use it suggests NO threat exists and that is NOT true. An OSX system can be compromised in a variety of ways, the system itself, software on the system, and the network it runs on are all points of attack for a hacker. I find attitude of invulnerability in many Mac users to be very unsettling. OSX will not save you from a DNS exploit or man-in-the-middle attacks on your network. While AV doesn?t help you in those cases, no one should feel invincible when using any computer.
Reply to this comment
by Ravendon December 3, 2008 12:33 AM PST
Macsweeper. Could only be installed by going to KiVVi software's website and installing an application.

RKOSX. Hacking tool. Needs someone at the computer so they can install it. Can't be installed remotely or without knowledge or permission of Admin.

Jahlav. Hacking tool. Needs you to install supposed key generator for cracking software. So you'd have to be a thief and a ******* to get this on your system.

BadBunny. On Mac OS X, it's just 2 Ruby scripts. The user has to receive a file via iChat, and manually choose to open and run the file contained inside. Again, requiring ******* to cooperate and open a strange attached .tgz file in iChat and give it permissions to run.

So yes. Mac OS X is like any hard to breach Unix operating system. It can be compromised with the help of a ******* user or a hacker who is sitting at the computer.

Go secure a computer and let me sit in front of it and I can guarantee that I'll destroy all your data. Doesn't matter what security measures you take or what OS you use or what processor you have.
by afterhours December 3, 2008 6:26 AM PST
And you don't think some switchers would qualify? Or even some long-time Mac users? Anyone from OS9 days seems to blindly click on the authentication to allow anything to run on their systems -- and they are not typically cnet readers. So it is HUMAN nature to be lazy and take the shortcuts. Apple is due for a wakeup call. I'm not saying you run out and by something from securemac or the the other FUD peddlers, but don't think we can't get taken in some fashion.
by Penguinisto December 3, 2008 6:33 AM PST
So, let's see... you list four (four is "many" now?) exploits that require the user to

a) type in an admin password in an environment where such an act is very, very rare for software installs and,
b) actively (and pretty much knowingly) install the thing

...and all the while A/V software won't stop you (and most times has a hard time warning you there is one).

Well Gee... makes me just want to run out and buy a Norton license right now, don't it?

Not.

/P
by Dalkorian December 3, 2008 10:56 AM PST
Do you not understand the terms you use or are you intentionally spreading FUD for an M$ paycheck? Hint: look up any definition for "virus", then describe how any of the mentioned exploits qualify as a "virus". Every one of them is a trojan (trojans can be devastating on any OS, but you'll never understand why until you understand what a trojan is to begin with). You even admit to not understanding the difference between a trojan and a virus ("RKOSX - trojan? or virus not sure"), yet you want everyone to think you know something. LOL.

Go back to elementary school and grow a brain. Until then, stop proving what an idiot you really are.
by laglure December 3, 2008 2:22 PM PST
Well, first let me thank the readers who have chosen personal attacks. I always felt the internet lacked in that area. Secondly, I agree that I have pointed out trojans but I do not understand how trojans do not ally to AV/malware software. I understand the difference between a trojan and a virus, but I don?t understand why people think it?s ok to accept vulnerabilities associated with trojans because they require user interaction. An infected system is an infected system and a good AV/malware suite should provide:
1) Additional warning to the user if specific malicious code is detected
2) Warnings when suspicious patterns are observed in code
3) At least some ability to contain or delete the malware immediately
4) Additional logging of system events which may help locate the malware

All four of those points are good reasons to run some type of AV/malware suite on a critical box. I don?t understand why Mac users get so bent out of shape when this issue comes up. On a daily bases I use Solaris and various nix flavor OSs and they are vulnerable too. A critical Linux box is running AV/malware software on it in addition to hardware based AV/malware boxes in the network. Again, I am not saying you have to run AV/Malware software but I do think saying you don?t have to, is an error and provides a false sense of security to the end user.
I did not mean for my short list of malware to be some all in compassing proof of the inferiority of OSX as some seem to take it. Those programs were notable ones found recently or that I happen to remember from security postings. I used them simply as proof that malicious software for OSX exists and that the use of AV/malware software may provide added security.

Summary: I share, though without the hatred of AV/malware software, the opinion of most here that OSX is far less vulnerable than a Windows box, but feel it to be irresponsible to advise an end user that AV/malware software is unnecessary.
by ferretboy88 December 3, 2008 3:29 PM PST
Don't forget Penguin that many little kids use computers and are click happy. The bad guys could get dumb people to click anything.
by Penguinisto December 3, 2008 4:45 PM PST
@ferretboy:

If you actually give your little kids the root password to the computer they run, you deserve whatever you get :/
by Penguinisto December 3, 2008 5:06 PM PST
@laglure:

Problem is, the tasks you outline in A/V software often fails to do the things you claim it should do (no updated heuristics or signatures, misidentification of legit files, etc). So, well... what's the point?

Right now, the ROI on A/V software is pretty much nil if you;re running Linux, Solaris, or OSX.
by ferretboy88 December 4, 2008 12:44 PM PST
I helped many people with their computers and most people don't even use passwords. They skip right over the master password option. Totally dumb.
by iertry December 2, 2008 11:59 PM PST
Bet Apple is annoyed. This story was even the most read on the BBC News website.
Reply to this comment
by T_C_A December 3, 2008 12:32 AM PST
I am suprised no one bothered to mention that we can run microsoft windows on our Macs.

If you are going to run microsoft windows on any machine you NEED virus software.

I own several PC's and 1 macbook pro. I make my kids use the macbook pro because I don't trust virus software to catch everything. And I won't teach them how to run MSFT windows on it, we use the other PC's in the house if they feel the need to use Microsoft.

TechieChick
Reply to this comment
by planetjeffy December 3, 2008 1:05 AM PST
You all don't get it. Even if the Admin is password protected, most viral infections come from clever programmers taking advantage of computer uses with human engineering. They trick you into clicking or responding to something you shouldn't. Mac users aren't any smarter than PC users. When it does hit, it will be huge and nobody will be prepared.
Reply to this comment
by Jeremy Chappell December 3, 2008 3:16 AM PST
If that something is modifying system files you have to provide the admin password.

Actually I have Safari set up so it doesn't open files (it can do this for some file types). Mac OS X shipped (as a consumer OS) in 2001 - it's almost 2009, how long do we need to wait for this to happen? I'd also disagree, most viral infections are not the work of "clever programmers" most as the work of pretty poor programmers (I'm sure you'll think of exceptions). I agree that many of the most successful attacks are the result of social engineering. But actually, is Anti-Virus really the answer to that?

Mac OS X makes pretty good choices as to what needs users intervention and what doesn't. XP failed users by not asking permission for anything, Vista drowns users by asking permission for things that don't need explicit permission. I'm sure Windows7 will strike a better balance. IMHO Mac OS X already does that. The problem with Vista's approach is users get desensitised to the question of permission by being asked too many times, quickly they stop thinking about what they are being asked as the questioning is too routine. This is probably no better than XP's trust everything approach.

I'm sure service packs for Windows will also address this. (This isn't a technical issue so much as a social engineering one)
by DrtyDogg December 3, 2008 3:26 AM PST
Unless of course the trojan takes advantage of one of the many bugs in os x that allow privilege escalation.
by Penguinisto December 3, 2008 6:36 AM PST
@planetjeffy:

Maybe this will help: it is very, very rare that you need to type in the admin password to install an application on a Mac. Usually you drag and drop it into the Applications folder, and that's it - it's "installed".

If an app requires an admin password to be installed on a Mac, a user is definitely going to notice that.
by lazarbel December 3, 2008 9:27 AM PST
Where did you get your information stating Mac users are not smarter than PC users? A couple of studies indicate otherwise. Higher IQ's, higher annual earnings, higher educational levels. However, I am almost certain those statistics will not hold far into the future considering the large number of diehard PC users currently jumping the fence, diluting the pool.
by Dalkorian December 3, 2008 11:02 AM PST
by DrtyDogg December 3, 2008 3:26 AM PST
Unless of course the trojan takes advantage of one of the many bugs in os x that allow privilege escalation.

----------------------------------------------------------------

Sigh. Look up the definition of "trojan" again. Yes, if the user is tricked into installing malicious software on their own computer, they're in trouble. But in that case it really doesn't matter what OS they're running, does it.

Nothing in the world is perfectly secure. This includes OS's like OS X and Linux. It's just that some OS's are FAR from secure and those OS's tend to get hacked repeatedly in the wild. Guess which OS leads the charge on that front.

Get it now?
by DrtyDogg December 4, 2008 3:13 AM PST
Sigh, a trojan doesn't have to be installed manually, the "trick" you speak of can be as simple as viewing an image(see there most recent patch fix) which allows for remote code execution. Or as seen in Pwn to Own, visiting a web page again allowing remote code execution(this one through quick time).

I do not have AV software installed on my Mac, or my OS X86 machine, but it really isn't a bad idea for most people to be protected before a problem arises.
by topgunb2 December 3, 2008 2:06 AM PST
This is Steve Job, Jeremy Chappell please see me tomorrow for a PR post at apple, your dedication in defending apple product (even if you are not an apple employee) is commendable.
ps: couldn't be stuffed to create a new a/c with stevejob as user name!
Reply to this comment
by Jeremy Chappell December 3, 2008 3:04 AM PST
Don't be stupid.

Which part of what I said was "PR Spin"? Don't confuse a technical evaluation of a product's strengths and weaknesses as "blind faith".

Mac OS X doesn't have a virus issue.

If you're an idiot and install anything you come across you can end up installing something that does something that does something nasty, Mac OS X isn't immune from user stupidity (especially a user with the admin password).
by DrtyDogg December 3, 2008 3:27 AM PST
See Pwn to Own. The mac was owned by visiting a website. No other user interaction was necessary.
by ckurowic December 3, 2008 4:15 AM PST
dogg: don't be stupid. Everyone knows how full of b/s that nerd hacker competition was. It was SOCIAL ENGINEERING not a virus. NO SYSTEM is immune from that.
by D3vildog699 December 3, 2008 10:29 AM PST
Fanboi makes another excuse seeing his precious OS hacked...
by Rawnchie14 December 3, 2008 12:10 PM PST
@ ckurowic

How full of bs IS this competition? The fact that you chose to call it a "nerd competition" inclines me to believe that you...

1) Believe that you are better somehow than these "nerds" you speak of.
2) Believe that just because it's not a virus, you're alright.

Well, I'd love to argue with you, but from your other comments, you seem to fan-boyish-ly smite anyone who isn't a die hard Apple fan like yourself, so I'll let you think what you like, no matter how pathetic it is.
by DrtyDogg December 4, 2008 3:16 AM PST
Social engineering: visit this website. No other user interaction was required after hitting enter on the URL. Don't be stupid the OS is coded by people, that means it is not without flaws.
by pithenumber December 31, 2008 8:14 AM PST
@ DrtyDogg
No social engineering
break into popular site, modify code of homepage, wait and hope nobody notices
by ckurowic December 3, 2008 4:17 AM PST
Wow I didn't see this coming two days ago when I first commented. Let the PEECEE fanboys start the spewing of hot air.
Reply to this comment
by Penguinisto December 3, 2008 6:38 AM PST
Heh. Most of 'em are going to be awfully quiet... :)
by rapier1 December 3, 2008 9:43 AM PST
Its comments like this that make me want to throw my Mac out the window so I'm not tainted by association with the mac fanboi zealots.
by Penguinisto December 3, 2008 10:31 AM PST
Heya rapier1 - feel free to throw it out anytime you like. ;)

(seriously - drama-queenery is not really much of an argument... you need to lay off it, man)

/P
by rapier1 December 3, 2008 11:15 AM PST
Why should I throw it out? I don't have a problem with the machine. Only the people that the company seems to attract. And really, you are the *last* person that should be saying anything about drama queens. No one seems to be as invested in dragging out every argument as you.
by Penguinisto December 3, 2008 12:51 PM PST
If you say so...

(but if it helps, I got one hell of a laugh out of your post).
by Vegaman_Dan December 3, 2008 2:58 PM PST
Penguinisto wrote:

"Heh. Most of 'em are going to be awfully quiet... :) "

Either that, or they haven't been able to get in a word edgewise amongst all the Apple Apologists. There's an awful lot of excuses being made by everyone.


As for drama- you are one of the biggest emo-drama posters here, Penguinisto. Make sure you remember to include yourself in that category of people you suggest to 'lay off it'.

"If you say so... "

And you frequently do. :)
by ferretboy88 December 3, 2008 3:22 PM PST
I bought an Apple computer a few years ago. I sold it after I understood that owning a mac was like being in a cult. Why do they act so crazy. My computer is the best your computer sucks. ha ha. Like little kids.
by Penguinisto December 3, 2008 4:48 PM PST
Oh yeah... I threaten all kinds of weird things, like throwing my computer out of the window because someone says something I disagree with...

ROTFL...

"There's an awful lot of excuses being made by everyone. "

True, but yours are pretty entertaining.

/P
by ddanckaert December 3, 2008 4:37 AM PST
Of course, if you don't have antivirus installed on a Mac, how do you really know you've not had an infection, or not passed one along to others, including Windows users.

I view it as a responsibility to have antivirus installed on all my computers, even if the risk is low. And for the Mac, I use Intego VirusBarrier X5 which has a minimal performance hit.
Reply to this comment
by Dalkorian December 3, 2008 11:05 AM PST
One idea is to keep track of network traffic. That's how we know at my work that there are no infections in any of our Macs (the entire company is running Macs, except the main server itself with runs AIX).

Just a thought.
by Jeremy Chappell December 3, 2008 4:42 AM PST
Where has this "security by obscurity" nonsense come from?

It's a description of the security of closed source systems - like Windows. The Mac takes the opposite view, and has a (largely) open source code base. I'm sure Linux users (and others) will view Mac system as "too closed" but some Windows fanboy trying to suggest Macs are "security by obscurity" is frankly laughable.

The idea behind "security by obscurity" is this: if you don't know how something functions you can't defeat it. The argument about that or "peer review" (the opposite approach) is as old as locksmiths!

Microsoft uses "security by obscurity" it has nothing to do with rarity. It is a fundamental design choice, and people have argued both sides for years.
Reply to this comment
by Dalkorian December 3, 2008 11:10 AM PST
This "security by obscurity" nonsense comes from M$ fanbois who haven't been around computers long enough to realize that OS X isn't Apple's first operating system. I try to counter that idiotic claim when I run across it, but they never listen. They *WANT* the myth to be true because it makes them feel better about their bad decision.
by Rawnchie14 December 3, 2008 12:16 PM PST
@ Dalkorian

What bad decision? You seem to assume anyone without a Mac must be struggling with their computers. Because viruses merely exist, they MUST be bothering people, right?

While I do agree the security by obscurity argument is a dirty lie by Apple-haters, I do urge you to quit the militant PC bashing and would like to remind you that Linux, is still the most secure operating system around.
by jinx101a December 3, 2008 6:53 PM PST
"Security through obscurity" means among other things that Mac's enjoy better security because there are far less of them on the Internet. You can mock the comment because you have nothing substantial to add but the idea is still a valid argument.

Also, it's cliche and hypocritical to scream fan boy at every person who doesn't like something you do. If you & Dalkorian are not the poster children of a being a Mac zealot I don't know what is.
Showing 1 of 4 pages (208 Comments)

Search Download Blog posts

About The Download Blog

Download.com editors cover the world of downloadable software and beyond.

Add this feed to your online news reader

The Download Blog topics

download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET