Is Mac OS as safe as ever?

in macOS edited January 2014
Is Mac OS as safe as ever?

By Joris Evers, CNET

Published on ZDNet News: February 27, 2006, 4:00 AM PT

Apple Computer fans have long loved to point out the safety of using Mac OS X, which has mostly been left to its own devices by hackers. But the arrival of three threats has some asking: Is the software's charmed security life over?

In the past two weeks, a pair of worms that target Mac OS X have been discovered, along with an easily exploitable, severe, security flaw. The vulnerability exposes Mac users to risks that are more familiar to Windows owners: the installation of malicious code through a bad Web site or e-mail.

While these represent a sea change, there is no need for Mac owners to worry, experts said, as the published attacks are still mainly theoretical and not widespread. But they caution that Apple fans should not be smug: Now that it's been done, other malicious code writers are likely to turn their attention to the operating system.

It's a "small step in malicious code development for OS X," said Kevin Long, an analyst at security specialist Cybertrust and a Mac user for 11 years. "The message we need to get out there is that Mac users should not be complacent."

While Microsoft Windows users have grown accustomed to a seemingly incessant stream of computer worms, viruses and security vulnerabilities, the same is not true for Mac owners. Going by forum postings, many Apple customers believe their system is much better protected against cyberattacks than the average Windows PC.

"Mac malware is not a myth. It is very real," said Kevin Finisterre, a security researcher at Digital Munition. Finisterre created the Inqtana worm, which targets Mac OS X and spreads using an 8-month-old vulnerability in Apple's Bluetooth software. "My point with Inqtana was to say, 'Hey! Wake up!'" he said.

Finisterre did not release his worm into the wild. He created Inqtana only to prove a point, and to encourage antivirus makers to update their products against malicious software using the same method of attack, he said. Furthermore, Inqtana was programmed so that it could never spread far.

"Go buy yourself some antivirus software, keep your Apple updates current and stop pretending that you are invincible, because you are not," Finisterre advised Mac users.

The risk for Apple system users grows slightly every day, Long said. The number of people using Macs is growing, which makes attacks more likely, he said. Some have suggested that Mac OS X's previous immunity to threats is due partly to malicious coders focusing on Microsoft products, which have a much larger user base and so bring a much bigger scope for impact.

"Many think that the Macintosh operating system is impervious to viruses or these kind of security threats. It is not that they are impervious; they are targeted less," said Craig Schmugar, virus research manager at McAfee.

"Don't need to freak out"

The events of the last two weeks could change that. Hackers have had their interest in Apple piqued, Finisterre said. "It is a semi-new frontier, so to speak," he said.

Even so, the incidents likely won't have any significant fallout, Long said. "Hopefully, the end result is that people are a little more careful. They don't need to freak out about this," he said.

Many Mac users seem unfazed. "I don't see myself changing any habits or panicking and running out to grab antivirus," CNET reader Shane Walker wrote in an e-mail. "I am concerned, but not overly so. You just need to take the right precautions, watch your e-mail attachments and what you download like a hawk, and try to avoid known or seemingly questionable sites."

Another CNET reader, using the initials J.G., said the three incidents don't bother him. "They are 'proof of concept,' not actual malware loose in the wild," the reader wrote in an e-mail. "I think much of the attention now being focused on Macs and OS X will dissipate in a few months."

So far, there have been no reports of any Mac systems infected with the Inqtana worm. The other OS X security incidents have had little impact on users either, experts said. Leap.A, considered to be the first first Mac operating system worm, was publicly posted on an online Mac message board, but did not make it onto many computers.

The most serious incident was perhaps the public disclosure of a serious and easily exploitable flaw in the Apple operating system, which could be a conduit for intruders to install malicious code on computers running the software. Attack code that takes advantage of the security hole was quickly posted on the Internet.

The problem lies in the way Mac OS X associates files with applications, and it could be exploited to hit a Mac via the Safari Web browser or Apple Mail, experts said. Apple has said it is working on a fix for the flaw. So far, no attacks based on the bug have been spotted on the Web.

Overall, only a few currently known worms, viruses and Trojans target the Mac, McAfee's Schmugar said. Nevertheless, people should not ignore the danger. "There does not have to be more then 150,000 threats for Macs before it's a security concern," he said, referring to the number of known Windows pests.

A machine running Apple's operating system might actually be easier to hit than a Windows PC, Schmugar said. "There are fewer and less evolved defenses around a Mac, because there have been fewer threats against it," he said. "The success rate for getting malicious code to run is probably greater."

The Mac maker is taking measures to sew up the latest hole in its operating system. "Apple takes security very seriously," a company representative said. "We're working on a fix so that this doesn't become something that could affect customers." The representative could not say when the patch would be ready.

Long recommends two tweaks to the OS X settings to make it more secure: enabling the firewall, and disabling the "Open safe files after downloading" option in the Safari preferences. That last option, if not locked up, could be exploited to trick people into downloading malicious code onto their Mac, he said.

All in all, this is not significant enough to dent user confidence in Mac OS X as a secure operating system, said Ray Wagner, an analyst at Gartner. "Given that the most recent vulnerability does not spawn an attack before being patched--an unknown--there is not enough impact on the average user to cause a significant change in behavior," he said.

Apple is advising its customers to consult its online safety guide, and to be cautious when surfing the Web. "Apple always advises Mac users to only accept files from vendors and Web sites that they know and trust," the company representative said.

Asked if the Mac, compared with Windows, is still the obvious safer choice for people on the Internet, Gartner's Wagner simply replied: "Yes."


  • Reply 1 of 8
    tednditedndi Posts: 1,921member
    Nothing is perfectly safe.

    Before OS X we had Viri and such which were transmitted via floppy disks.

    We even had a few downloadable viruses.

    What is the most interesting is how quickly we respond to the threats. Also how chock full of holes OS X actually turns out to be.

    Anyone in security will tell you that there is no such thing as perfect security. A determined person or group of persons can always get in. It is just a matter of how difficult.

    for the most part I still feel very much more secure using OS X than I ever did on windows.
  • Reply 2 of 8
    hmurchisonhmurchison Posts: 12,392member
    If you think that the Mac has never had a malicious piece of software just do a search on "Autostart Worm"

    However far too much has been made of this issue. Methinks it's because the press loves to attempt to rub Apple's nose in it despite the fact that Apple never said the OS was impervious.

    So let's see...the Mac platform has two malicious pieces of code and the newswire is set aflame. Nothing much to see here..move along.
  • Reply 3 of 8

    Originally posted by hmurchison

    However far too much has been made of this issue. Methinks it's because the press loves to attempt to rub Apple's nose in it despite the fact that Apple never said the OS was impervious.

    Agreed. I've always found Apple's relationship to the media very interesting. Whenever Apple announces new products, the media decends on Cupertino like a pack of ravenous wolves ... Apple gets a bunch of gawking reporters and free advertising; however, when something like the two worms or some unfounded lawsuit or the iPod nano screen issue come up it's this huge rush to say "SEE, SEE, SEE!!! IT'S NOT SO AMAZING." So, who knows ... I've never been complacent, maybe a little smug at times (It's funny when your roommate's tricked out $1500 NewEgg Custom box crashes every hour or whenever he wants to play movies. He's updated almost all the hardware inside then switched to Ubuntu, and Linux is proving difficult to learn while trying to stay productive in school.), but it sure as hell isn't going to get to a fear level that Windows users have where they are afraid to actually use the computer cause they might somehow magically get a virus on it.

    Much ado about nothing and come tomorrow the table will turn again and the media will be back to giving Apple free advertising...
  • Reply 4 of 8
    "So... to get this virus I have to download something from someone over... iChat? And then I have to Double click it? Aren't they pictures? Can't I just drag them to iPhoto? And aren't you the only one I use iChat with?"

    "*sigh*...Yes Dad..."

    "You're not going to send me the virus, are you?"

    "No Dad"

    "Alright then. Wanna see my new iWeb?"

    ^ A conversation with my father over the phone two days ago. In retrospect his threat to take a mallet to his old Gateway PC seems to scale nicely.
  • Reply 5 of 8
    cosmonutcosmonut Posts: 4,872member
    I'm not really concerned:

    Windows Viruses/Worms/etc. = 300 Bazillion

    Mac OS X Viruses/Worms etc. = 2 or 3

  • Reply 6 of 8
    mr. memr. me Posts: 3,221member

    Originally posted by TednDi


    Before OS X we had Viri and such which were transmitted via floppy disks.

    We even had a few downloadable viruses.


    This is true, but somewhat misleading. Most Mac viruses date back to the days of System 6 and System 7. Indeed, they were transmitted almost exclusively by floppy disk. However, the Mac community responded with antivirus software such as Disinfectant and commercial titles like Symantec Antivirus for the Macintosh and Central Point Antivirus. By the time downloads became an important factor in our lives, viruses on the Mac were well under control. Mac viruses got a new lease on life when Microsoft released Word 6, which enabled the first cross-platform virus. Microsoft Office 98 brought the Mac into the fold of script-kiddie victims. Because Office scripts had no access to the OS the virtual foolproof effectiveness of Mac antivirus software, viruses were a concern, but not a major threat. As early as MacOS 8, Mac viruses had been reduced to fewer than one per year. MacOS X improved the situation, but the improvement was not really dramatic. We went from fewer than one to zero viruses per year.
  • Reply 7 of 8
    eckingecking Posts: 1,588member
    Condensed Version of the Article:


    They've become a mob demanding protection money!
  • Reply 8 of 8
    ClamXav is free, open source, and does the job. And it's (ClamAV, on which ClamXav is based) not driven by profits and fear mongering.

    So what's the sane choice for antivirus software?
Sign In or Register to comment.