Mac OSX, dual booting and viruses

Posted:
in macOS edited January 2014
A quick question,



I'm going to be buying a new laptop soon and thinking about getting a Macbook Pro (but will wait until the new one is out). Now, the big thing about the Mac that everyone keeps going on about is the lack of viruses and crashes etc. However, if you have windows on your Mac (dual boot, running parallel etc), can you get viruses this way and, if so, can this infect the Mac side of things?



Sorry if this is a dumb question but just wondering.

Comments

  • Reply 1 of 10
    Windows viruses (Macro Viruses excepted) cannot run on the MacOS side. They are compiled code and the Windows executable format does not work under MacOS, and vise-versa. From Windows you can see the files on your MacOS volume (with BootCamp 3 drivers), but you can't touch them, and the same rules apply to viruses that might be running on the Windows side.



    So you would be in danger of something scanning you HD for information, but it can't hurt the MacOS side.
  • Reply 2 of 10
    mr. memr. me Posts: 3,219member
    Quote:
    Originally Posted by RabidRabbit View Post


    ... However, if you have windows on your Mac (dual boot, running parallel etc), can you get viruses this way and, if so, can this infect the Mac side of things?



    Sorry if this is a dumb question but just wondering.



    To close the loop on Karl Kuehn's post, your Mac will not be affected by Windows viruses so long as it is running MacOS X. If you are running Windows on your Mac, then it is a just a well-engineered PC running Windows. As such, it is just as susceptible to viruses as any other PC from any other manufacturer running Windows.



    Bottomline

    Apple computer running MacOS X? Not affected by viruses.

    Apple computer running Windows? Affected by viruses unless otherwise protected.
  • Reply 3 of 10
    I.o.w.: a Windows partition, running natively (under Bootcamp) on a Mac is simply a Windows PC, and that part(ition) of your Mac is consequently just as vulnerable to malware as any other Windows PC. An infected Windows partition cannot infect the MacOS partition on that same Mac, though.



    To get rid of malware on a Windows partition (on a Mac) the usual measures apply that you would also apply to a Windows PC.



    If you only need to run Windows ocassionaly it is simpler – because you won't have to start up in Bootcamp – to run it in a virtual machine, under MacOS, with e.g. VirtualBox (FREE!), Parallels, or VMware Fusion. Which you start up and run while running MacOS.

    Should that virtual Windows machine get infected (and it will if you don't run up-to-date anti malware apps) you can simply trash the whole virtual machine and create a new, clean one with a couple mouse clicks.



    But if it is just one or two Windows applications that you would like to use (on your Mac) you can try to run them in CrossOver. Many Windows applications will run under CrossOver on a Mac (i.e. in MacOS), but many others won't, though. So that is a matter of trial and error.
  • Reply 4 of 10
    spotonspoton Posts: 645member
    Quote:
    Originally Posted by Rokcet Scientist View Post


    An infected Windows partition cannot infect the MacOS partition on that same Mac, though.





    And why do you think this cannot occur without the OS X partition being Filevaulted?



    The rest of what you said I agree with though, if the OP doesn't need performance for 3D type stuff, then a VM solution would be better as one can update only the original install "Snapshop" run a copy off of that and always have a pristine copy on hand.
  • Reply 5 of 10
    pbpb Posts: 4,233member
    Quote:
    Originally Posted by SpotOn View Post


    And why do you think this cannot occur without the OS X partition being Filevaulted?



    I think he means that the OS X installation cannot, by definition, be infected, which is true. Nevertheless, other kind of damage is possible because, for the Windows system under Bootcamp, that partition conainting OS X is just another disk partition with some files in it waiting there to be eaten up.



    The situation with a virtual machine is more safe though, unless someone writes malware to specifically exploit the communication paths between the virtual and the physical machines in order to do the same kind of damage. But the chances for this to happen are much smaller than in the case of Bootcamp. This is my feeling at least.
  • Reply 6 of 10
    Quote:
    Originally Posted by PB View Post


    I think he means that the OS X installation cannot, by definition, be infected, which is true. Nevertheless, other kind of damage is possible because, for the Windows system under Bootcamp, that partition conainting OS X is just another disk partition with some files in it waiting there to be eaten up.



    The problem with this thinking is that while booted from Windows (where viruses have a chance to work) the MacOS volume (HFS+) is read-only. So a Windows virus can read the files, but not write to it (so no damage other than privacy problems).



    Theoretically it could either write to the raw device (causing unpredictable damage), or it could include its own HFS+ drivers, and use those (not real likely). But this is probably not going to happen.
  • Reply 7 of 10
    spotonspoton Posts: 645member
    Quote:
    Originally Posted by Karl Kuehn View Post


    Theoretically it could either write to the raw device (causing unpredictable damage), or it could include its own HFS+ drivers, and use those (not real likely). But this is probably not going to happen.



    Until it does.



    I've cleaned PC machines that had a botnet running anti-virus software.





    For privacy sake alone one should Filevault their OS X user if they run a Windows partition.



    Of course with laptops this adds a tremendous amount of heat as the processor has to decode everything from the drive. Also low performance machines it could slow it down, but then one likely won't be running a Win partition on a low performance machine anyway.



    Also one needs to have the disk room to enable Filevault after the fact, it's best to decide to use it when first setting up the machine.



    One can't boot from a clone of their boot drive if it's Filevaulted (far as I know, it's just a unbootable encrypted image, something I got to check one day)



    Also if something happens and one needs to boot from another drive to access files on the boot volume or use Data Rescue or something like that to read the bits if the file system is hosed, they can't do that neither if the drive is Filevaulted.
  • Reply 8 of 10
    What if you share files between the two OS's? So for example, you write a document in Office for PC (on your Mac but using whatever means to get the PC version) and it becomes infected. You then load this file up in your Mac partition and play around with it. Can the Mac side of things become infected then?
  • Reply 9 of 10
    karl kuehnkarl kuehn Posts: 756member
    Quote:
    Originally Posted by RabidRabbit View Post


    What if you share files between the two OS's? So for example, you write a document in Office for PC (on your Mac but using whatever means to get the PC version) and it becomes infected. You then load this file up in your Mac partition and play around with it. Can the Mac side of things become infected then?



    So to be clear: you are copying a MS Office file from one to the other (the direction does not really matter, both are read-only).



    And with this exact example we find ourselves in a special case. The only things that infect files nowadays are MS Office macro viruses. These are things that can only really work inside MS Office (primarly Word, but Excel to a lesser degree), and on the Mac side can only affect open Office documents (on Windows there is a bit more room for damage). And generally MS Office macro viruses are written for Windows and fail in comical ways on MacOS (looking for the C: drive is the most common).
  • Reply 10 of 10
    spotonspoton Posts: 645member
    Quote:
    Originally Posted by RabidRabbit View Post


    What if you share files between the two OS's? So for example, you write a document in Office for PC (on your Mac but using whatever means to get the PC version) and it becomes infected. You then load this file up in your Mac partition and play around with it. Can the Mac side of things become infected then?





    Since a lot of viruses target Windows, it won't run on a Mac. But Mac's can act as a Typhoid Mary, basically a immune carrier, sending the virus laden file to other Windows users.



    Also infected files that take advantage of program that has similar instructions on both Windows and OS X can indeed infect a Mac.



    Mac's are very resistant to unknown malware due to it's Unix core.



    It's possible to run a trojan, disguised as a file from a Windows machine, and have it infect a Mac.



    OS X warns you if your about to execute a program for the first time, just to prevent such a thing from happening, but we all sometimes just click on things without thinking.



    Even if you run some hostile code, it can only clean your user files and infect applications, not root the machine, unless you give it your administrative password.



    It's important to clean Windows files in OS X using CalmXav before passing them onto other Windows users.



    Also it's not good to run as Admin User in any OS, even OS X. Even though Windows and OS X set this up as the first user, it's good to create another Admin User and logging into that one, change the first Admin User to General User.



    This way it protects your applications folder and other things.





    I should say though, after 20 something years of using Macs that I have gotten only one virus, the WDEF that came on a game disk, before the internet even existed.



    I did allow my machine to become rooted in several controlled experiments over the years, but I knew the risk and had a clone of my boot drive on a separate external drive.



    You should avoid running pirated programs and other code from unverifiable sources, and if something asks for your admin password, be extra careful. Other than that it's happy normal computing, no fighting or running anti-malware on OS X.



    What a lot of people do, including myself, is not use Windows on the internet except for OS and app updates from within the app, not use IE or any browser at all. Use OS X on the internet and for transferring files as it's more robust OS and then transfer files to the Windows side after cleaning with ClamXav first via USB key.



    This way Windows stays pretty much pristine, I rather use a Virtual Machine software like VMWare Fusion, this way I can take "snapshots" of entire OS's like a file. Keep the original install unused and update that one and make and use a copy instead. Insures the highest quality OS is being used all the time, no crap piggybacking from a earlier exploit.
Sign In or Register to comment.