Apple Says Macs Are Safe, No Antivirus Needed 449
lobridge writes "Over the last two days multiple news feeds (and Slashdot) have been reporting that Apple has been quietly recommending antivirus software for their machines. It appears now that Apple has deleted an entry on their forums that suggested this and are saying that Mac computers are 'safe out of the box.'"
Re:Safe... until (Score:4, Interesting)
Even after the user starts clicking on things, Macs are generally safe. The user must explicitly punch holes in their system to create most vulnerabilities.
Honestly, the original tech note struck me as an attempt by Apple to say something that Apple politically couldn't say: Mac antivirus software primarily protects against Windows viruses. If Windows exists on your network or runs on your Mac via virtualization, your windows systems will be safer if you run Mac antiviral software. (Macs can't get infected, but they can be carriers!) Thus running antiviral software is a "good idea" and presents "one more program" that must be defeated.
Of course, once the press got wind of this poorly worded tech note, it made more sense for Apple to simply pull it rather than take the political hit of wording it correctly.
Re:Bullshit (Score:3, Interesting)
I browse the web using telnet. Sometimes I do have to break out my calculator to handle https sites.
You jest, but having written several web server applications in the past, I have essentially had to browse web sites via a console interface in order to debug my programs. You actually get used to reconstructing the web page in your head, much like web developers can see their sites when writing code.
Why don't they recommend common sense (Score:2, Interesting)
That's what I've been using with various versions of Windows the last 12 years and I've never had any problems.
Security updates (Score:3, Interesting)
Good point, after reading your post I ran Software Update on my Tiger machine at work and found a 72.5 MB security update waiting to be downloaded and installed.
And most of the updates [apple.com] seem to be the kind of stuff that gets patched on Windows machines.
I guess Apples and PCs have many of the same security issues, the difference is that fewer people care to exploit them on Macs and also that it's easier to take advantage of click-happy users on a Windows computer to pull off an exploit. "Durr... naked pictures of Britney? CLICKCLICKCLICKCLICKpwned."
Re:Better title (Score:2, Interesting)
VIrologists might prefer that you use virii.
A computer virus is not a virus, but rather something new so go ahead and make up a new word with an arbitrary plural form.
That way, virologists can search databases for viruses safely without worrying about contaminating hits for references about virii.
Re:Safe... until (Score:2, Interesting)
Not yet been invented != Not yet been named and publicized
The strength of Mac (Score:4, Interesting)
The strength of Mac against viruses lays solely in the use of very stable FOSS solutions for the basics (very close to stable Debian versions) and then building on top of that (Aqua, CoreAudio, CoreImage etc. don't have any links to sockets). Really, what services CAN lay bare on a Mac to the internet: SSH (OpenSSH), E-mail (Postfix), Webserver (Apache). On the program side, you have Safari (Webkit) or Mozilla with Flash (Adobe) or Java (Sun) and those don't come above user level without requiring extreme interaction from the user (passwords). There is no such thing as ~/Library/StartupItems or ~/Library/LaunchDaemons and you need to become root to put stuff in /Library.
Of course as soon as a vulnerability is reported the community fixes it which trickles down to other vendors like Apple, RedHat etc. and many of those vulnerabilities for Apache or Postfix are hardly exploitable or only for rare setups (usually buffer overflows which could lead to an exploit if somebody was savvy enough to analyze all of them and see where they have space enough to load their own stuff and then call it too).
To have a successful attack on a Mac would also mean that you can successfully attack Linux or other Unixes or it would require a serious bug in certain programs (like Safari or Mail) which also allows to unnoticeable have a huge payload to replace things like Safari with a 'hacked' version or implement a plugin that does something weird.
Re:PR move (Score:3, Interesting)
OSX might be immune to worms, it is *not* immune to viruses.
Here is how OSX is wide open to viruses: I put out a shareware app that does something useful on the mac. When you download and run the program, it first infects a random app in your applications folder, like iTunes, then does whatever it was supposed to do. When you next run iTunes, it too infects a random app in your applications folder, and so forth. Soon, all of your applications are infected, and you don't even know about it.
This is possible because the default user can write to the applications folder without needing a password. Thus any application you run on OSX can silently modify iTunes, Safari, iPhoto, whatever.
Re:Wrong, and bad summary, as usual (Score:3, Interesting)
E.g.:
Symantec: The attached installer will automatically update Norton AntiVirus for Mac virus definitions and engine files to detect and repair the most recently discovered Macintosh and PC viruses. [symantec.com]
Sophos: Integrated cross-platform virus detection means Windows viruses can be deleted and cleaned on a Mac OS X computer. [sophos.com]
Re:Wrong, and bad summary, as usual (Score:2, Interesting)
Nice post, but you have one MAJOR fallacy included.
Wrong. Totally wrong.
http://www.symantec.com/security_response/threatexplorer/azlisting.jsp?azid=O [symantec.com]
Yes, there are fewer than a dozen OSX.* malware variatns for which definitions exist, and most of them are essentially never seen in the wild...but that's infintely more than none.
Something to try: (Score:3, Interesting)
Next time you think operating system XYZ is so secure that nothing unwanted can get in, go to defcon [defcon.org], turn on your laptop and it's wifi and connect to the local access point. I give you 10 minutes before someone is downloading all your porn.
People who think anything is immune on a network are laughable.
Re:Safe... until (Score:4, Interesting)
Correction: You use Windows because it's what most programs *you know* run on. I've converted from Windows a long time ago and I can do everything I did on my old machine on the Mac. Ripping CDs? No problem, UI is better too. Web design? Photo manipulation? Video editing? Yes, yes, and yes. Coding, watching movies, playing music... need I go on?
Re:Safe... until (Score:3, Interesting)
I left the ridiculous upgrade cycle behind a long time ago. When I got into college (still into PC gaming at the time) I made the mistake of buying a clunker of a "gaming laptop". Never again. My laptop is for work and for mobility, I have an Xbox 360 at home for a good reason.
But you're right, gaming isn't great on the Mac. But if you're talking about productivity tools - office suites, IM/chat, etc etc, the Mac is in every way comparable to the PC, and in many cases superior.
Re:Safe... until (Score:3, Interesting)