One In Five Macs Holds Malware — For Windows 285
judgecorp writes "One in five Apple Macs is infected with malware, according to Sophos. But most of that is harmless to the Mac... it is Windows malware ready to be transmitted to the Windows population. Only one in 36 Macs has OS X specific infections."
Infected? (Score:4, Insightful)
If the code never can run on Mac OS X, how can Mac OS X be infected? To Mac OS X, it'd just be a useless file full of some kind of data.
Re:Infected? (Score:5, Insightful)
They may only be able to carry the germ without symptoms, but that still sounds like an infection to me.
Passive carriers (Score:5, Insightful)
Re:Infected? (Score:5, Insightful)
True - if it's inert, it's not really an infection. However, this is why you see Linux workstations running anti-virus software in an enterprise environment. It's not because your Linux system will get "infected"; it's so your Linux system won't inadvertently infect vulnerable systems.
Confirmation Bias - better title (Score:5, Insightful)
One in five macs where people chose to install antivirus software have (inactive) Windows malware.
Which is a bit like saying "one in five cars brought to the mechanic get serviced for something." The survey is skewed due to the sample group - most Mac users never install any anti-virus software.
The only places I've seen it installed are on computers in corporate environments where there are already viruses being passed around commonly via email attachment, USB stick, and network drives. These places install antivirus on Macs so users don't forward a virus to Windows users - and it sounds like from this survey, that's with good reason.
Apple's Mail software (and Microsoft's Outlook for Mac) cache attachments locally on the user's disk, so it's very easy to "have" malware and viruses if you just receive email (even without opening it).
It's a bit ridiculous to claim they are "infected" however, and again, the sample group is not really representative. That said, I don't think Macs are in any way immune from viruses. Apple's iOS-like sandboxing and signed-app requirements would likely help OS X considerably in this regard, but of course every decision that increases security by removing control from the user also infuriates free/open software proponents and hackers. Think of jailbreaking iOS and how Apple patches security holes - this is maddening for people who want to jailbreak, but is ultimately an attempt to fix a potential infection vector.
Re:Antivirus Software on a Mac (Score:3, Insightful)
It's always been a good idea to have a virus scanner on a Mac - at the very least, it's a courtesy to users of other platforms who may be more vulnerable to any infectious crap you may pick up without realizing.
(I use OSX exclusively at home)
You want me to pay for an antivirus suite, or devote system resources to it all the time, as 'courtesy to users of other platforms'?
Nah. I'm good.
Re:Infected? (Score:5, Insightful)
The same way lots of people are infected with some very potent diseases. It's just they're immune to it, so they're really just carriers of the disease. Heck, isn't something like chickenpox able to hide for decades in people only to infect those who haven't had it yet?
Heck, I'd be the rates of Linux infection are the same - Linux is immune to practically all malware, but it certainly can be a carrier of them. Heck, if you think about it, Linux may cause the spread of it (via Linux-based email servers)
More marketing ...... (Score:5, Insightful)
The last sentence in the article makes their motives clear: “What Mac users really need to do is protect their computers now or risk allowing the malware problem on Macs to become as big as the problem on PCs in the future.”
Sophos simply wants to scare up some more business selling Mac business users their anti-virus software. (At least right now, home users can get it from them for free, at: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx [sophos.com])
I'm in no position to challenge their numbers, but even "1 in 36 Macs" having a Mac specific infection seems awfully high to me. Maybe this last trojan horse that made the rounds pushed that number way up ... but I haven't encountered a single Mac that was infected yet, out of the ones my co-workers own (and always ask me for help with when they have problems), out of the ones we use at home, or out of the ones I support for clients in my side job. I don't think any of my Mac using friends on Facebook mentioned problems with it either.
Regardless? The concern of Macs harboring Windows malware is nothing new... That's been a potential issue for as long as I can remember. I recall the office running Norton anti-virus for the Mac on iMac G3 machines running MacOS 8.6 and 9.1, at one of my old jobs, just for that reason. They didn't want to accidentally spread an infected file they might have gotten via email to a Windows recipient.
The main reason Mac users stopped that practice, as I recall, was the really poor quality of most anti-virus packages when OS X came out. Apple even gave away copies of Virex for OS X to .Mac account holders at one time, and the software bogged down and destabilized the machines so badly, everyone I knew removed it in a matter of days!
Re:Infected? (Score:4, Insightful)
...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.
Re:Infected? (Score:5, Insightful)
In biological disease, there's a phenomenon called a carrier. For reasons unknown, the person is infected, but doesn't show any of the symptoms and never will. They are however able to infect others. As such, they are still considered infected. I think that's how the mac is considered infected.
Macs are the computer equivalent of Typhoid Mary [wikipedia.org]?
This should go over well.
I'll just make some more popcorn.
Re:Antivirus Software on a Mac (Score:5, Insightful)
Unless you're running some old crappy Mac from 8 years ago, why would your big bad super duper Mac even notice the miniscule amount of system resources devoted?
You don't have a problem infecting other people's computers? Thanks a bunch!
Re:Passive carriers (Score:5, Insightful)
Yep. When I changed virus scanners a few years back, it found hundreds of infections on my system ... because I save my spam for when I need to train new filters.
The bigger problem is going to be people with infected files on a webserver that they're serving to the world ... JPEG exploits, word macro viruses, etc.
And it's compounded by the fact that some virus scanners don't bother scanning for older infections, so they can save CPU cycles & size of the virus definitions.
Re:Antivirus Software on a Mac (Score:5, Insightful)
Best practices say: Run antivirus! (Score:5, Insightful)
No matter if your OS is Windows 5.x, 6.x, Mac OS X 10.x or GNU/Linux Kernel 2.4.x or 2.6.x. If your machine is a desktop run an antivirus.
You owe it to the rest of the world to exterminate viruses/trojans/malware, both the many (or few) that your machine is susceptible to, as well as those that, even though will not infect your machine, will be passed on to someone else... ...because YOU, saavy and enlightened slashdot user, did not catch and exterminated them.
Do it for the unwashed masses, that are clogging the pipes with port scans and attempts to infect, do it to have a tad fewer cheap viagra/penis enlargement offers in your spam folder... do it for the children!!!! :-)
If you "feel confident" (note the quotes) that your OS is "safe", that you use "safe practices", and the AV is a "Waste of resources", then fine, get an AV with a small footprint, both in system resorurces, and in $£¥€, and run it while you are sleeping, so it does not affect your daily work routine.
I am writing this fom Firefox 10.0.3 esr in a Mac with 10.6.8, and I am not scared at all about these developments, but, as safe practice, run ClamXav manually. I scan my machine and its external hard-drives every night, and scan smaller/unknown removable media every time it is inserted. ;-)
So, please my Linux and Mac OS X brothers and sisters, stop being a bunch of snobs, get on with the program, and run an antivirus. :-)
--
Re:Infected? (Score:5, Insightful)
Contaminated would be a better word, since the viruses have no way to spread or affect the computer.
Re:Antivirus Software on a Mac (Score:2, Insightful)
I don't use p2p, I don't use pron sites, and I don't use Windows or IE. Viruses aren't really a part of my life.
Don't ask me to pay for the shortcomings of the platform you've chosen.
Re:Infected? (Score:2, Insightful)
That implies you have it with, directly noticed, controlled, and to do with as you will.
If I happen to be unknowningly injected with ebola, but am somehow entirely immune to its effects... I would have to say I'm infected, but not affected by it. Even if it's unable to be spread from me, that doesn't change the fact that it's still sitting there, just as potent as ever, but simply unable to perform it's function. Should something change in my system that allows it to do as such (let's say for the sake of argument, the Mac is installed with some program that will allow the virus to execute), then it will do exactly as it had originally intended... be a virus.
That's infected, my friend.
Re:Infected? (Score:5, Insightful)
Not really similar since a carrier is replicating and spreding the disease. The disease cycle is still progressing even though a carrier doesn't know it and there are no ill effects for the carrier. The mac isn't even a dead end host like many parasitic infections which are not meant for humans. Those actually can cause a disease process that has symptoms.
The malware on macs isn't replicating and spreading.
It is more like someone picked got a piece of mail addressed to nobody with no forwarding address and it is in a pile of junk in a drawer. Unless someone gets it out of the drawer and sends it to someone else, there is not really a problem.
Re:Infected? (Score:4, Insightful)
I'd wager the majority of the Windows malware "infections" are trojan exes from shitty porn sites.
The majority are from flash and java and javascript exploits by driveby downloads from infected servers or ads. Infact slashdot hosted a virus by a fake virgin mobile ad 3 weekends ago.
Thank God I ran Avast!. If you are one of those types who feels they are virii free who are running Windows and reading this, well your system is 0wned if you came here 3 weekends ago. Oops
Apple is easier to target for malware writters anyway because their users typically do not run anti virus software and feel safe clicking on shit anyway because the genius at the Apple Store said they are secure.
Windows users know better and have anti virus software and run Windows 7 (hopefully if they are home users) with full updates.
Re:Infected? (Score:5, Insightful)
Please don't inure people to the idea of "security theater". It really is a great description for a lot of what is being done publicly to pretend to do something, often at great expense, and frequently to the financial benefit of well connected people.
She swore by affidavit not to cook, but returned to cooking. Under a different name. Her release as a carrier depended on her not cooking, which she didn't follow.
She was the first carrier identified (at least in New York), and the policies evolved as more information came along. The effective solution to the bigger problem was to restrict carriers' activities, and Mary was used as the example of what would happen if you didn't comply. The rest were considered not justified for quarantine, again as more information was discovered.
Making up policies as you go along, and having to fight an obstinate woman who refused to acknowledge her danger to others, is not even close to security theater. You may be able to call it "meting punishment based on public perception" since she became relatively famous, which is not a whole lot better.
http://cythereabast.wordpress.com/2007/02/20/the-board-of-healths-exile-of-mary-mallon-was-it-justifiable/ [wordpress.com]