- Related Stories
-
Bugs bite into popular browsers
April 25, 2006 -
Unpatched Mac flaws may put users at risk
April 21, 2006 -
Apple issues Java security update
April 19, 2006 -
Apple corrects patch trouble
March 13, 2006 -
Another Mac OS X hack challenge launched
March 7, 2006
The antivirus vendor introduced McAfee VirusScan for Mactel on Friday. To back up its statement, McAfee cited the release in March of a patch that fixed 20 vulnerabilities in OS X. A proof-of-concept worm that targeted the OS X platform was also discovered earlier this year.
Many flaws have been discovered in Microsoft products over the same period.
McAfee admitted that Mac users were at "no significant risk" at the moment. But the security vendor also said that if the OS X user base expands, thanks to the popularity of iPod media player and its new range of Intel-powered Macs, then Apple's software will become a more tempting target for organized criminals.
"Historically, Microsoft has been targeted because it has had dominant market share. As there are more Apple users (in the future), more threats will appear," Sal Viveros, a security expert at McAfee, told ZDNet UK.
"At this point, there is very little research (into OS X vulnerabilities) and very few people trying to exploit the OS. You have a lot more people trying to find vulnerabilities in Windows at the moment, but we believe that as more people put the time into finding vulnerabilities in Apple OSes, they will become just as vulnerable as any other OS," Viveros added.
Some Apple users have reacted angrily in the past to suggestions that the Mac platform is becoming less secure, pointing out that Microsoft regularly releases critical patches.
But Secunia said that it also believes that hackers are likely to focus more resources on finding vulnerabilities in Mac OS X.
"Windows still has a much larger user base than Mac, and is therefore much more interesting to find vulnerabilities in," a representative for the security monitoring company said. "However, the interest in finding vulnerabilities will increase if the popularity of Mac systems grows. We have seen the same increase in discovered vulnerabilities in the Mozilla and Firefox browsers as they increased in popularity."
Secunia added that Mac operating systems are far less at risk than Windows systems are when it comes to blanket attacks, but said they were just as vulnerable to targeted attacks.
"For large-scale attacks, the risk seems smaller than other operating systems, considering the user-base size. However, it is just as prone to small and direct attacks as other OSes," the company's representative said.
Mac OS X has so far proven to carry far fewer security problems for users than its more popular rival. Apple has argued that this is partly due to its code base being inherently more secure than that of Microsoft's Windows. BSD, the Unix variant at the heart of OS X, was designed from the outset to be a networked, multiuser system with levels of security, while Windows comes from a tradition of single-user, non-networked systems.
In addition, some experts have argued that because OpenBSD is open source, it has been scrutinized by more people than Windows.
Tom Espiner of ZDNet UK reported from London.
See more CNET content tagged:
McAfee Inc.,
vulnerability,
Apple Mac OS X,
Apple Computer,
popularity
They should clarify. Macs ARE more secure, by design.
" I am genetically better hence i do not have to see a doctor and i will never get sick, i will never die."
They should clarify. Macs ARE more secure, by design.
" I am genetically better hence i do not have to see a doctor and i will never get sick, i will never die."
Saying Mac OS X is just as vulnerable as windows is blatantly lying. Mac OS X isn't perfect and has room for improvement, but Apple has made some good decisions with how they implemented things that greatly improve security. One is no CD auto-run. Windows has this and most people have no idea about disabling it. (I disbale it because I find it annoying as hell.) That decision has kept things like the Sony rootkit from installing on the Mac (yes, there was a rootkit for Macs too on Sony CD's, but it required the user double-clicking an installer and entering his admin password). The fact that the admin password must be typed in for software to install system extensions is a big plus for Apple's security. Apple has also used the eXecute Disable on x86 machines (powerpc is much hard to stack smash from what I understand of the architecture).
There are currently -ZERO- viruses for OS X. Some of the things recently called viruses by ignorant reporters were in fact trojan horses. The difference? A trojan horse requires social engineering, while a virus is able to spread by on its own, usually by using security holes in the OS. As long as you don't go downloading "unreleased OS update!!!" off bittorrent, you are not going to get these.
McAfee and Symantec are worried about losing sales from users switching to the Mac platform, so they go on a disinformation campaign to protect their bottom line. How pathetic.
Saying Mac OS X is just as vulnerable as windows is blatantly lying. Mac OS X isn't perfect and has room for improvement, but Apple has made some good decisions with how they implemented things that greatly improve security. One is no CD auto-run. Windows has this and most people have no idea about disabling it. (I disbale it because I find it annoying as hell.) That decision has kept things like the Sony rootkit from installing on the Mac (yes, there was a rootkit for Macs too on Sony CD's, but it required the user double-clicking an installer and entering his admin password). The fact that the admin password must be typed in for software to install system extensions is a big plus for Apple's security. Apple has also used the eXecute Disable on x86 machines (powerpc is much hard to stack smash from what I understand of the architecture).
There are currently -ZERO- viruses for OS X. Some of the things recently called viruses by ignorant reporters were in fact trojan horses. The difference? A trojan horse requires social engineering, while a virus is able to spread by on its own, usually by using security holes in the OS. As long as you don't go downloading "unreleased OS update!!!" off bittorrent, you are not going to get these.
McAfee and Symantec are worried about losing sales from users switching to the Mac platform, so they go on a disinformation campaign to protect their bottom line. How pathetic.
Most windows users already know everything you just said. They have already "learned" so stop repeating yourself. This is one of may posts I've read where you have asked "When will Window users learn?" If you chose OSX for greater security, then fine. Windows user choose their operating system based on different criteria which was more important to them. People do not buy a computer based on security alone, they will factor price, software availability, functionality, ability to make the computer do what they want...
Do you purchase your automobile based on security alone, or do you factor in other concerns such as fuel economy, cost, options... And, everyone has their own idea on what they consider important (or else we'd all be driving the same cars).
I know windows is more vulnerable to attack, but I also know that my PC cost less and I don't have to deal with proprietary hardware. So, in answer to your question, we HAVE learned, we know, but it will still be our choice for other reasons. When will you learn THAT, internetworld7.
For the other decent mac users,
I have been pleased that MAC has moved to the intel based processor. It appears to be making an impact on software availability. I sparked an interest when I heard it could run both Mac OSX and Windows, but I have yet to hear anything about running linux as well. I'm still asking about this, so if you have news on the subject, please post.
Most windows users already know everything you just said. They have already "learned" so stop repeating yourself. This is one of may posts I've read where you have asked "When will Window users learn?" If you chose OSX for greater security, then fine. Windows user choose their operating system based on different criteria which was more important to them. People do not buy a computer based on security alone, they will factor price, software availability, functionality, ability to make the computer do what they want...
Do you purchase your automobile based on security alone, or do you factor in other concerns such as fuel economy, cost, options... And, everyone has their own idea on what they consider important (or else we'd all be driving the same cars).
I know windows is more vulnerable to attack, but I also know that my PC cost less and I don't have to deal with proprietary hardware. So, in answer to your question, we HAVE learned, we know, but it will still be our choice for other reasons. When will you learn THAT, internetworld7.
For the other decent mac users,
I have been pleased that MAC has moved to the intel based processor. It appears to be making an impact on software availability. I sparked an interest when I heard it could run both Mac OSX and Windows, but I have yet to hear anything about running linux as well. I'm still asking about this, so if you have news on the subject, please post.
currently very small and is likely to remain small while the Mac is
a small niche and unprofitable for virus writers, but Mac anti-
virus software does has its uses.
I believe both Norton's and this virus software also scan for
Windows viruses. So if an email or Office document has arrived
on a Mac, it could act as a carrier vector, even though the
machine itself won't get infected.
Viruses will appear for Mac OS X, but until they do, anti-viral
software could mainly be used to help control the spread of
Windows viruses.
virus, are the virus security companies. Unless the virus writers,
and companies are one and the same, or the virus writers are
paid by the virus security companies, it would NEVER be
profitable for virus writers.
Now, what if you can't get any effective viruses out the door?
Well, the next best thing to do, is SCARE UP a few potential
customers.
I'm sorry, but boning up to these companies, and trying to lay
the foundation for the need of their products, by saying buy it
anyway because if you run XP you can scan for them (but you
forgot they don't even share the same partition so that's totally
improbable anyway), is a but ridiculous.
Most, if not all, OSX users will spend most of their time in OSX, if
and only if they installed XP. Otherwise ALL of their time is just
OSX. So catering to these companies makes no sense, at this
time.
If, and when, a virus shows up, I'll be looking to the open-source
community for aid.
have a duty to scan emails and Office documents passing
THROUGH your machine.
On the other hand, Norton has had two known security problems
on the Mac, and a deserved reputation for causing stability
problems.
The flipside of the smaller user base issue, is a smaller
programming base, and A/V software typically integrates with
the operating system at a very low level (for instance, hijacking
the program launch mechanism to check the executable you're
about to run hasn't changed). So you'd better get that right.
Personally I'm happier with ClamXAV - it's free, and in terms of
system protection it only works on scanning files coming in -
the run-time jiggery pokery is minimised.
currently very small and is likely to remain small while the Mac is
a small niche and unprofitable for virus writers, but Mac anti-
virus software does has its uses.
I believe both Norton's and this virus software also scan for
Windows viruses. So if an email or Office document has arrived
on a Mac, it could act as a carrier vector, even though the
machine itself won't get infected.
Viruses will appear for Mac OS X, but until they do, anti-viral
software could mainly be used to help control the spread of
Windows viruses.
virus, are the virus security companies. Unless the virus writers,
and companies are one and the same, or the virus writers are
paid by the virus security companies, it would NEVER be
profitable for virus writers.
Now, what if you can't get any effective viruses out the door?
Well, the next best thing to do, is SCARE UP a few potential
customers.
I'm sorry, but boning up to these companies, and trying to lay
the foundation for the need of their products, by saying buy it
anyway because if you run XP you can scan for them (but you
forgot they don't even share the same partition so that's totally
improbable anyway), is a but ridiculous.
Most, if not all, OSX users will spend most of their time in OSX, if
and only if they installed XP. Otherwise ALL of their time is just
OSX. So catering to these companies makes no sense, at this
time.
If, and when, a virus shows up, I'll be looking to the open-source
community for aid.
have a duty to scan emails and Office documents passing
THROUGH your machine.
On the other hand, Norton has had two known security problems
on the Mac, and a deserved reputation for causing stability
problems.
The flipside of the smaller user base issue, is a smaller
programming base, and A/V software typically integrates with
the operating system at a very low level (for instance, hijacking
the program launch mechanism to check the executable you're
about to run hasn't changed). So you'd better get that right.
Personally I'm happier with ClamXAV - it's free, and in terms of
system protection it only works on scanning files coming in -
the run-time jiggery pokery is minimised.
That said, an antivirus product, or more appropriately named malicious code detection product, is part of a complete security baseline that provides for comprehensive coverage in a corporate environment. The threat exists, therefore the products should exist to mitigate the risk. Mac OSX desktops should be secured to the corporate standard just like Windows PCs, Linux Desktops, and Unix workstations.
The article discusses OpenBSD as being more secure. In my understanding, Mac OSX is not based on OpenBSD. OpenBSD is a complete and seperate rewrite of BSD with security as part of the core concept in the project. According to Wikipedia (we know it must be true then) Apple's Mac OSX uses FreeBSD as its reference implementation. While fixes to the OpenBSD code base are often submitted to the other BSD implementors there is no requirement for incorporation of the code, and often it is not incorporated at all.
McAfee wading into the Apple Security market is a great thing, but if they truly believe the Mac security problem to be equal to a less used PC technology, then they will likely not succeed in the space. You have to understand a problem to provide a viable solution for it.
You can't really confirm this until they get the marketshare that windows has. I'm not saying its the only reason but its reasonable to say its one of them.
That said, an antivirus product, or more appropriately named malicious code detection product, is part of a complete security baseline that provides for comprehensive coverage in a corporate environment. The threat exists, therefore the products should exist to mitigate the risk. Mac OSX desktops should be secured to the corporate standard just like Windows PCs, Linux Desktops, and Unix workstations.
The article discusses OpenBSD as being more secure. In my understanding, Mac OSX is not based on OpenBSD. OpenBSD is a complete and seperate rewrite of BSD with security as part of the core concept in the project. According to Wikipedia (we know it must be true then) Apple's Mac OSX uses FreeBSD as its reference implementation. While fixes to the OpenBSD code base are often submitted to the other BSD implementors there is no requirement for incorporation of the code, and often it is not incorporated at all.
McAfee wading into the Apple Security market is a great thing, but if they truly believe the Mac security problem to be equal to a less used PC technology, then they will likely not succeed in the space. You have to understand a problem to provide a viable solution for it.
You can't really confirm this until they get the marketshare that windows has. I'm not saying its the only reason but its reasonable to say its one of them.
These monkeys must be desperate for cash.
"McAfee admitted that Mac users were at "no significant risk" at
the moment"
Understatement of the decade. Mac users are more at risk from
McAfees dire bugridden software than anything else.
As for the poster here who gave unwarranted credence to the tried, but tired, "smaller market share means it's not worth writing virii to exploit it" argument, go read the numerous counter-examples in posts on related C|net stories to learn why this is simply not true. The most common counter-example is how there have been many more vulnerabilities and exploits of Microsloth IIS web servers, which are in the minority, behind Apache web servers, which run on Unix/Linux/MacOS and Windoze systems.
At least this joker didn't try to make the case that it's just a matter of time before Mactel systems become infected by virii via iPods ... and ATMs, of all things (I'm not kidding, another uninformed security "expert" actually mentioned virii being spread via ATMs in another C|net shill piece apparently written by one of their paying clients).
All the Best,
Joe Blow
It's a good business idea to start now and do things in a proactive manner rather than to stick your fingers in your ears and shout "LA LA LA LA LA LA LA!"
In my opinion, it is just this sort of mentality that will make hackers look more and more to an OS where the end users try to deny reality and won't bother with security patches or efforts to protect their computer. Ripe territory, in fact.
These monkeys must be desperate for cash.
"McAfee admitted that Mac users were at "no significant risk" at
the moment"
Understatement of the decade. Mac users are more at risk from
McAfees dire bugridden software than anything else.
As for the poster here who gave unwarranted credence to the tried, but tired, "smaller market share means it's not worth writing virii to exploit it" argument, go read the numerous counter-examples in posts on related C|net stories to learn why this is simply not true. The most common counter-example is how there have been many more vulnerabilities and exploits of Microsloth IIS web servers, which are in the minority, behind Apache web servers, which run on Unix/Linux/MacOS and Windoze systems.
At least this joker didn't try to make the case that it's just a matter of time before Mactel systems become infected by virii via iPods ... and ATMs, of all things (I'm not kidding, another uninformed security "expert" actually mentioned virii being spread via ATMs in another C|net shill piece apparently written by one of their paying clients).
All the Best,
Joe Blow
It's a good business idea to start now and do things in a proactive manner rather than to stick your fingers in your ears and shout "LA LA LA LA LA LA LA!"
In my opinion, it is just this sort of mentality that will make hackers look more and more to an OS where the end users try to deny reality and won't bother with security patches or efforts to protect their computer. Ripe territory, in fact.
if pigs could fly - lol
Apple has already sold zillions of iPods, and that hasn't translated into additional Mac sales.
As for the Intel-powered Macs, the only people excited about those Apple fans. They are a big yawn to current users of Windows computers.
unaffected by iPod sales.
The truth is, there are two numbers growing. The number of
computer users, and the number of mac users. As the number
of computer users grow, a company with a flat sales record
would see a shrinkage in their share even if they don't lose any
customers. If the companys share is the same, their sales are
increasing. If a companys share grows, their sales are simply
out performing the market.
Well, since Apples base has actually grown, it is safe to say they
are selling a hell of a lot more than you give them credit.
Apple's PC sales are above HP and slightly below Dell?
You're just a FUD spreading troll.
if pigs could fly - lol
Apple has already sold zillions of iPods, and that hasn't translated into additional Mac sales.
As for the Intel-powered Macs, the only people excited about those Apple fans. They are a big yawn to current users of Windows computers.
unaffected by iPod sales.
The truth is, there are two numbers growing. The number of
computer users, and the number of mac users. As the number
of computer users grow, a company with a flat sales record
would see a shrinkage in their share even if they don't lose any
customers. If the companys share is the same, their sales are
increasing. If a companys share grows, their sales are simply
out performing the market.
Well, since Apples base has actually grown, it is safe to say they
are selling a hell of a lot more than you give them credit.
Apple's PC sales are above HP and slightly below Dell?
You're just a FUD spreading troll.
companies that are 'protecting' Windows users see a new market
of Windows users wanting to purchase and use new Mac
systems. These new users are bringing with them all their
experiences with malware, adware and viruses and have no
experience with Mac OSX security. These users will probably be
the first ones to fall for the BS thats being put out by companies
like McAfee. BTW, I used their software years ago on a Mac and
dumped it because it was so bad.
My 2cents
companies that are 'protecting' Windows users see a new market
of Windows users wanting to purchase and use new Mac
systems. These new users are bringing with them all their
experiences with malware, adware and viruses and have no
experience with Mac OSX security. These users will probably be
the first ones to fall for the BS thats being put out by companies
like McAfee. BTW, I used their software years ago on a Mac and
dumped it because it was so bad.
My 2cents
by a worm about a year ago. Only AVG survived without anything
overtaking them.
McAfee is full of it. In the two years I've used a Mac for mostly
web and business, I've no hacks, no viruses, no worms, no
malware. Nothing.
I just bought a new Win XP laptop yesterday, had McAfee as OEM
deal, and within the hour of playing with it, virus. And their little
program did nothing about it.
However, I did also, for fun, install a version of the old
Michaelanglo virus from 1991. It saw that.
- MacAfee?
-
by fakespam
May 6, 2006 10:49 AM PDT
- McAfee and Norton, and few other AV software were overtaken
-
Reply to this comment
-
Showing 1 of 2 pages (118 Comments)by a worm about a year ago. Only AVG survived without anything
overtaking them.
McAfee is full of it. In the two years I've used a Mac for mostly
web and business, I've no hacks, no viruses, no worms, no
malware. Nothing.
I just bought a new Win XP laptop yesterday, had McAfee as OEM
deal, and within the hour of playing with it, virus. And their little
program did nothing about it.
However, I did also, for fun, install a version of the old
Michaelanglo virus from 1991. It saw that.