Apple Says Macs Are Safe, No Antivirus Needed 449
lobridge writes "Over the last two days multiple news feeds (and Slashdot) have been reporting that Apple has been quietly recommending antivirus software for their machines. It appears now that Apple has deleted an entry on their forums that suggested this and are saying that Mac computers are 'safe out of the box.'"
They are still recommending antivirus! (Score:5, Informative)
The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection.
Windows Vista is full of "protection", but I use antivirus on that as well. I love MacOS X, and I'm sure it's more secure, but there will be viruses and other malware on MacOS sooner or later.
By the way, isn't it ironic that Apple is still offering ClamXav for download on their own website [apple.com]?
Re:hexually transmitted (Score:2, Informative)
Could you have maybe said that shorter?
Don't read many of daveschroeder's posts, eh? He has a tendency to be a bit wordy, but much of what he has to say is actual useful information, especially relating to Macs, even if he is an Apple fanboy at heart. ;)
Re:Wrong, and bad summary, as usual (Score:5, Informative)
Nice long post, but you have one MAJOR fallacy included:
Wrong. Totally wrong. Mac antivirus software ONLY scans for W32 viruses as those are the only payloads that there are definitions for. You run that as a dontation of CPU cycles to your clueless Windows running counterparts who can't be bothered to run an OS designed from the ground up for multi-user networked security (like Linux, BSD, or as a result, MacOS)
Re:Better title (Score:1, Informative)
Re:Wrong, and bad summary, as usual (Score:4, Informative)
Wrong. Totally wrong. A cursory search of the Symantec (for example) DB shows a number of Mac specific attack signatures, including a fun looking AppleScript mass-mailing worm, an OS-level buffer overflow vuln, etc. A tiny minority of the total, sure, but not zero.
OS designed from the ground up for multi-user networked security (like Linux, BSD, or as a result, MacOS)
Pull the other one, it's got bells on! BSD I can maybe buy, but Linux is no more "designed from the ground up for multi-user networked security" than XP. Single root user with unlimited power and an unchangable ID? Overly coarse-grained FS ACLs? The problem with Windows isn't the design (at least, not in anything post-NT), it's the fact that most installations intentionally defeat the security model to make things "easier".
Re:Wrong, and bad summary, as usual (Score:5, Informative)
Here's a better article [informationweek.com] that's less inflammatory and also contains a statement directly from Apple:
"We have removed the KnowledgeBase article because it was old and inaccurate," an Apple spokesman said in an e-mailed statement. "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100% immune from every threat, running antivirus software may offer additional protection."
Sounds a bit more reasonable than the story text posted here on Slashdot.
Re:Wrong, and bad summary, as usual (Score:5, Informative)
Ok,
but read the DB closely:
So, its been detected at somewhere in the area of 1 or 2 sites. Ever. Not really losing sleep over it, but I'll concede the point that there kinda sorta is one virus definition in the virus scanner.
the second one isn't even protected against by the AV software.
Re:Safe... until (Score:5, Informative)
Hey. If you wiki you will see that there are viruses for Linux (I think the count is 4000ish), and below is a link to at least one Mac virus that I could find on Wikipedia (one search, I am lazy)
http://en.wikipedia.org/wiki/NVIR_(computer_virus) [wikipedia.org]
I agree strongly with the sentiment that Antivirus for Linux and MacOS are largely to protect against spreading windows virii
If you pass along an infected e-mail you are spreading a virus that could have stopped with you.
Another point to consider is weaknesses in other applications such as flash, Macoffice, silverlight (wich has a Linux beta) and so on.
OS vulnerability (or lack thereof) is only part of the puzzle.
If you are running apache php and firefox a simple script will crash your whole system regardless of OS.
A simple script along the lines of while $value is less than 1000000000 do value+1 and echo "the value is".$value
(I put in an EXTREMELY simplified version since /. did not want to show the full script, but most of you guys should get the idea)
In fact I embedded it in php and I caused my machine to run out of memory and lock up by simply accessing localhost in firefox. This is on an ubuntu box, running apache and FF with PHP.
If you are creative you can get up to a lot of mischief, regardless of platform.
Re:Safe... until (Score:5, Informative)
below is a link to at least one Mac virus that I could find on Wikipedia (one search, I am lazy)
http://en.wikipedia.org/wiki/NVIR_(computer_virus) [wikipedia.org]
I agree strongly with the sentiment that Antivirus for Linux and MacOS are largely to protect against spreading windows virii
If you pass along an infected e-mail you are spreading a virus that could have stopped with you.
The NVIR virus last worked on MacOS 8, it didn't work under MacOS 9 and it certainly doesn't work under Mac OS X. Basically the last operating system it worked on was obsolete over 10 years ago. There are no current Mac OS X viruses in the wild.
In regards to spreading Windows viruses yeah I feel bad for Windows users but I won't spend my own money and processor cycles on worrying about their systems. If they want to protect their systems then they should take steps to protect themselves. They could also dump Windows and get an operating system that isn't so ridden with viruses and malware. That's their own choice and problem, not mine.
Pulled Outdated Tech Note (Score:5, Informative)
Oh, I forgot! This is Slashdot.
Apple pulled the tech note because it was OUTDATED, not because they wanted to "censor" it.
The "real" question is "Why was this a 'story' in the first place?" I believe it was 'planted' by Microsoft, to attempt to derail serious holiday Mac purchasing, by sowing the seeds of FUD.
Show me even ONE true worm-type virus for OS X, and I will entertain the idea that there is something "there".
Until then, it's just disingenuous FUD. (Which I think is the only kind of FUD available)...
Dual-boot (Score:2, Informative)
Re:Safe... until (Score:5, Informative)
fyi, it really is "viruses", not virii.
Re:Safe... until (Score:3, Informative)
Heh.
I tried both in that post and virii seemed so... sophisticated.
Imagine that, a geek with aspirations to being sophisticated.
And then he gets it wrong...
Re:Safe... until (Score:1, Informative)
An OS X "Admin" account ("User can Administer This Computer") != root.
You've got to specifically enable root login capability. And in 9 years of using OS X on a daily basis, I have never come across a need to do that.
Ipso facto, barring "social engineering", there is absolutely NO way for a self-propagating piece of code to be developed for OS X.
And if it ain't self-propagating, it ain't goin' nowhere... fast!
Re:Don't need security updates either? (Score:3, Informative)
Yes, that's called a worm or trojan etc, which is different from virus.
To get infected with a worm or trojan user must download it, give it permissions to run and execute it. (So it usually requires some social engineering to get someone to do all this for you if you are malware writer).
Virus, on the other hand usually means user does not have to do anything but use computer normally to get infected.
Unpatched Windows XP (no service packs) connected to the Internet with no firewall and left unattended will get infected within seconds.
This is what we are talking about. OS X, BSD, Linux do not currently get infected with anything in the same scenarios.
No OS is safe from worms or malware that requires user cooperation. E.g. someone can send you an install script that has a line
rm -rf /
hidden among lots of comment lines it it. If you run it as super user, well you delete everything on your system partition. But this requires YOU to RUN it, it won't happen on its own.
Re:Safe... until (Score:3, Informative)
If Apple was serious about security, they would have you make a user account and an admin account. This run as admin by design crap is silly.
I think you are confused about what an "Admin" account is on Mac OS X. It's not really an admin account, but a user that through sudo can temporarily have super-user access. There is no need to create separate account because without an explicit user action, the account has no special privileges. As a matter of fact, there is no root user unless you go out of your way and adding a root user is actually less secure. It's a UN*X thing, not a Mac thing and debian/Ubuntu work exactly the same way.
Re:Safe... until (Score:2, Informative)
Actually, if you are talking about latin it is
Vira
'Virus' in latin means venom. Since this is something uncountable, latin has no plural for it. The 'correct' way to pluralise it has to come from English, since we're using a transliteration.
Re:Safe... until (Score:2, Informative)
I once did something like this in javascript in IE on windows 98 and ME (this was before the XP days). I just copy pasted the javascript code "window.open(virus.html)" about 500-1000 times in the script (I was 13 and hadn't learned about loops yet). It managed to chew enough resources that the start menu wouldn't open and the comp had to be restarted. I thought I was so l33t. lol.
Nowadays in XP, the system catches this sort of behaviour and asks if you want to kill the process. Don't know about Linux but will test in Ubuntu Intrepid today for fun.
For now, consider the following:
int main()
{
int *i;
while (1)
i = new int;
return 0;
}
Shock horror! Windows XP will catch this and kill it when it takes up enough memory (without even asking! that's a little rude to the power users...), Ubuntu however (at least in hardy, yet to try in intrepid) will let it continue on its merry way until the system becomes, for all intents and purposes, completely unresponsive. Had fun running this and then starting a game of CS:Source in wine. Watched the framerate slowly drop until I didn't move at all anymore. So yes. The thrash-crash line may not always be so clear-cut.
Having said that, this is all without the aid of any AV. I don't know if any AV would pick up an app that include such an intentional loop of leaking memory.
Re:Safe... until (Score:5, Informative)
Well, as my Admin account, I can download an application and drop it in my Application folder. No password is required. Now I can run that application and it can access /Library /Applications, my files, etc. It would stand to reason it could also replace apps in the /Application folder with compromised ones without issue.
With my non-admin account, it prompts for an admin password before letting me copy files in to the /Applications folder.
In fact from apples own security guidelines document they state,
"Each user needing administrator access should have an administrator account in addition to a standard or managed account. Administrator users should only use their administrator accounts for administrator purposes. By requiring an administrator to have a personal account for typical use and an administrator account for administrator purposes, you reduce the risk of an administrator performing actions like accidentally reconfiguring secure system preferences."
Seems to the the admin account lets you do some pretty dangerous things without realizing they are dangerous. Like maybe run a script that installs a comprised version of a application.
This is different then ubuntu. In ubuntu you can not simply copy files from your desktop into /usr/local/bin and let anyone run them. You have to specify your password.
Running as an admin is OSX is not a good practice.