Filed under: Analysis / Opinion, OS, Security
Symantec talks Mac security
What might Apple's surging sales of Macs have to do with the security of your computer? Possibly, a lot. In a recent CIO interview (conducted by our very own Lisa Hoover), Ollie Whitehouse, an architect for Symantec's Advanced Threat Research Team said that as the Mac keeps growing in popularity, so will the exploits. This theory has been around for as long as OS X, if not longer but lately it seems to be gaining some credibility. There was the Mac "virus" last year, though it actually managed to infect less than 50 Macs in the wild. There was the report of a "dramatic increase" in OS X malware recently. And just yesterday ZDNet posted an article on vulnerabilities found in three operating systems: Leopard, Windows Vista, and Windows XP. They said that Mac OS X had the most vulnerabilities of the three (though it is worth noting that they are "vulnerabilities," not actual exploits. Windows still reigns supreme on that front).
Could these analysts be right? Should we be worried about the continued security of our chosen platform? Should Apple start focusing on OS X's security rather than simply adding more features?
Only time will tell, but one thing is certain: it is a scary world out there.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 2)
Rafe H. said 11:33PM on 12-19-2007
"...it is a scary world out there."
No it is NOT.
Reply
Russell said 11:36PM on 12-19-2007
Before people jump in saying "Of course the security companies say things are insecure", let me just say that while you have a point, so does this guy.
OS X is inherently more secure than Windows simply because of it's Unix heritage - specifically its management of users and permissions.
The fact is, however, that the overlying UI code and the like, while certainly cleaner than much of what you find in Windows, *does* contain security problems (for example the Quicktime hole that got so much attention recently), and these can't be ignored. Apple needs to make sure that they respond quickly and effectively to security problems as they are discovered.
Also, it is important to keep in mind that aside from the whole "not much point in writing a virus for so few people", on the macro scale it is technically difficult to write a virus for an operating system that makes up such a small percentage those in use. If, for example, a virus spreads through email and can successfully infect 1 out of every 100 computers it is sent to that are running the OS it targets, then if the average person has 300 emails in their address book it's population will grow by a factor of 4 every generation if everyone uses the same OS. But if only 10% of all users use an OS, then it will only be able to grow its population by a factor of 1.3 per generation, a rate much more easily countered by security measures.
So yes, macs will become more vulnerable as their user base grows, and yes, it is very important to always consider security. But yes, Macs are still much less vulnerable than Windows machines.
Reply
Chris said 10:45AM on 12-20-2007
@ Quix:
Great minds think alike:
http://www.creativefriday.com/editorial/universal-hates-you/
Chris said 10:47AM on 12-20-2007
I am starting to get irritated by this FUD. I'm not saying Macs aren't vulnerable, nor do I believe Macs won't have a few nasty malware issues to deal with, but the very idea that the threat is increasing because of Macs popularity is vaporware. Longer definition of my idea here:
http://www.creativefriday.com/editorial/mac-malware-is-like-vaporware/
Chris said 10:49AM on 12-20-2007
My 1password Autosubmit strikes again. Please disregard my comment #3 starting with "@Quix." It's irrelevant to this topic and I suck.
Kevin Ballard said 11:57PM on 12-19-2007
Brent Simmons is a Mac Virus
http://nick.typepad.com/blog/2007/12/brent-simmons-i.html
Reply
Simon Arch said 12:01AM on 12-20-2007
Microsoft practises security through obscurity. Their software is 100% closed. If you want to look at their source code you have to jump through hoops and pinkie swear with Bill Gates that you won't talk about what you've seen, cross your heart and hope to die, stick a needle in your eye (ouch!). Contrast that with Apple. A large part of Mac OS X's source code is open, and freely available for anyone to scrutinise. If you believe some people, over two hundred security flaws were found in Mac OS X in the last year alone. And how many viruses came out of that?
I'll grant you, Windows is where the money is for malware authors. They know Windows is leakier than a screen door on a submarine and how to take control of an unprotected system. But you'd think at least one Mac virus would have emerged by now. Think of the fame that awaits the person who successfully creates a real Mac virus (one which doesn't need to trick a user into launching it in order to do its damage and spread). It doesn't matter if he goes to jail: he'd be a star. Apple always hypes X's security. Apple USERS always rag on Windows users about viruses and major security issues. What better way to permanently establish your cred than by taking Apple down a few thousand notches?
@Russell: "it is technically difficult to write a virus for an operating system that makes up such a small percentage those in use"
Nonsense. There may be fewer Mac users, but you don't need to have billions of users to have an effective virus; you just have to have unsuspecting users, and that's just what Mac users would be in the face of a real, honest-to-Steve Mac virus. All you need is a Mac and a copy of XCode and the desire to do it. These things are readily available almost anywhere in the world, so why hasn't it happened yet? Why is it so hard to believe that BSD, Mach and Mac OS X really are that secure?
And yes, I do think the AV manufacturers desire to create a climate of fear to trick people into buying costly subscriptions to their software. It's the worst thing you could install on a PC; it's wholly unnecessary on a Mac. If you're paranoid, turn on your Mac's firewall and install ClamAV. It's open source and completely free and a thousand times more stable than anything Symantec has release in over a decade.
Reply
Adrian Charles said 10:37AM on 12-20-2007
"There may be fewer Mac users, but you don't need to have billions of users to have an effective virus; you just have to have unsuspecting users"
True.
Still, Russell was not talking about the effectiveness at an individual level, but rather about the effectiveness of spread among users.
In that context, his statement was entirely correct.
jason said 12:23AM on 12-20-2007
symantec can go SIOOMA, they have made woeful products for macs for years, this is a pathetic grab for more market share now that the mac platform is expanding. shame symantec shame
Reply
Ed said 7:34AM on 12-20-2007
Agreed. I wouldn't use their products on any platform, let alone infest my MacBook with that crapware. I'm sure if it gets much worse someone will write a free, and much better app.
Ralph M said 12:57AM on 12-20-2007
I am struck by the fact that ALL of the articles on the threat of viruses to Macs start with interviews of people who work for anti-virus companies. And despite all of this talk -- just FUD, really -- there is still not a single example of a working MacOSX virus in the wild infecting a meaningful number of machines.
Until that virus arrives, I think we are entirely justified in our skepticism -- indeed, scorn -- of these fear mongers. And TUAW should be very careful about giving them a platform to either advance their blatant self interests, or engage in platform-bashing of the Mac.
Reply
J said 4:37AM on 12-20-2007
The reason these people almost always seem to work for security companies should be obvious - because they are security experts. What do you expect? Anyone with enough knowledge and expertise on the subject is obviously going to be employed as a security professional.
Judging by Ollie Whitehouse's long history in the security community (google him if you are unfamiliar), I would not call this a case of spreading FUD as a face for Symantec. He is a research engineer, not PR or sales. Believe it or not, some times smart people with valid opinions actually are employed by large corporations, and it doesn't mean everything they say has corporate motivations. Honestly, the Symantec ATR team is so far removed from anything to do with Norton AV products that I am sure this guy doesn't give a rats ass how many users go out and buy norton for mac.
What he says here though is painfully obvious, and it amazes me how stubborn and naive mac users insist on being. OS X is not fundamentally more secure than windows in any capacity, and as of the improvements in XP Sp2 and Vista, it is actually quite behind. With the introduction of features such as ASLR in Leopard, we saw a step in the right direction, but don't kid yourself. Maybe ask yourself, why WOULDN'T osx become more of a target as it gains popularity?
I love OSX, and use it exclusively these days, but I am not going to be delusional about its shortcomings. I won't be buying AV products for it anytime soon, but I do hope Apple takes security a little more seriously and I hope apple users realize they are not immune by any stretch.
Goomba said 8:35AM on 12-20-2007
@J. Prove it. There are no Mac viruses. Period.
If this Ollie Whitehouse, you speak of, is such an expert, perhaps he wouldn't be working for a company that continually creates and distributes such garbage products. Symantec's system hogging, buggy products are in part what turned me to a mac user.
Greg G said 2:48AM on 12-20-2007
Yeah, beef up the security, but keep it simple, under the hood.
Reply
stevebert said 12:41AM on 12-20-2007
Perhaps Apple should follow Microsoft's lead and have their Mail application open and execute every code snippet attached to an e-mail, then it wouldn't be so "technically difficult to write a virus for an operating system that makes up such a small percentage those in use".
Sheesh... get a clue!
Reply
fr_tuaw said 2:16AM on 12-20-2007
If Symantec (and McAfee) didn't suck soooo hard on Windows, I'd be more inclined to listen. However, I've seen the quality of their products plummet over the last couple years, causing more random and painfully annoying problems (debugging friends and coworkers systems) than any virus ever did. I've been telling folks to get refunds from these jokers for the last couple months, and referring them to Kaspersky.
Symantec : Norton :: Carly Fiorina : HP.
Reply
Ben said 5:54AM on 12-20-2007
Hasn't this subject been done to death already? I've been reading about this for years. Nobody's had anything new to add to this debate since about 2001.
Reply
michaelsviews said 6:38AM on 12-20-2007
Its been almost a year since switching over from the DARK SIDE and even when I was a windows user I never ever used symantec for anything because of all the BLOAT.
I am sure if the engineers, programmers and Steve put there heads to the grindstone they can save money and keep malicious people out of others systems. But your always going to have the one person or group that has too much time on there hands thats going to have to push things to the limit
Reply
kincas said 7:45AM on 12-20-2007
"There was the Mac "virus" last year, though it actually managed to infect less than 50 Macs in the wild."
virus????
OSX.Leap.A is a worm that targets installs of Macintosh OS X and spreads via iChat Instant Messenger program.
worm is not a virus.
http://en.wikipedia.org/wiki/Virus
Reply
daenney said 8:22AM on 12-20-2007
The problem I think with this comparison lies in the fact that, because the Windows sourcecode is closed, there is no way telling exactly how many vulnerabilities there are in the first place, whereas on Mac OS with it's opensource nature an estimate can be much more precise.
For all I know, there could be a 1000 more vulnerabilities in Windows than Mac OS, just because we can't look into the source to prove it doesn't mean they aren't there.
Another thing is that Microsoft has this habit of patching more than one leak or vulnerability with an update without documenting this, so there's really no way to tell and that's why I hate those statistics so much.
They could be just as close to reality as talking monkeys popping-up in my brain.
Reply