Viruses, worms, port infiltrators, Hack the OSX?
Just out of the blue and due to several other posts, I wanted to get everyone's opinion on OSX and it's vulnerabilites. I am new to OSX, former BSD/XP user I sort of blindly assumed that OSX was relitavely secure due to several reasons that I generated myself about OSX and it being a BSD based system. Was I wrong to assume that all of the above title are ripe for the average OSX user to be swamped by such things? If I was wrong, PLEASE explain the easiest way to put a stop to the above.
Comments
There are a ton of people that use Windows and a bunch of vulnerabilities. This means a ton of malware becasue it can reach a bunch of people somewhat easily.
Apple has a smaller market share, so it isn't nearly as proitable for a programmer to find a vulnerability then distribute some software to a comparatively small number of people on the internet. This doesn't mean it can't happen, it's just less likely. The same can go for Linux and BSD based systems, but they hold an even smaller market share.
Now, with Apple gaining popularity, I have a feeling that a lot more holes in security will be found. Couple that with the fact that Apple isn't very quick about releasing security patches and Mac users can be facing a few problems in the future... but at this point there really isn't a reason to be afraid. Just use a firewall and don't be stupid browsing the internet and you should be fine for the most part. Any system can be broken into given enough time/money/profit, so don't be surprised if a gaping security hole that no one's thought of pops up one of these days.
Because hacking computers is not exactly a major industry.
There is certainly a chunk of malware which is designed to push advertising - so that class of malware is cerainly more profitable on the PC.
But the really nasty stuff, the viruses which cause all sorts of damage, are really demonstrations of (malicious) programming ability. The creators seek notoriety more than they seek cash.
The thing is, creating a Windows virus is relatively easy. Windows is full of holes.
Wheras creating a mac exploit is relatively hard. Anyone who succeeds to exploit a Mac gains much more kudos than creating a mere Windows exploit.
The first hacker to create a successful Mac virus will be world famous. Look at the enormous fuss caused by the "WiFi" exploit last year. A couple of hackers who simply claimed to be able to crash a Mac, by constructing malformed wireless packets got themselves instant fame.
IMO The kudos argument trumps the market-share argument.
C.
I don't totally buy the market-share argument.
...
I don't buy it at all. The marketshare excuse was created out of whole clothe by Bill Gates in the 1999-2000 time frame to deflect attention from the fact that Windows was being inundated with viruses at the time. The popular press and other easily convinced individuals accepted it without asking questions. People like smax keep saying that Mac viruses if the Mac's marketshare increases. You just wait. Well, the Mac's marketshare is increasing. We are still waiting.
To answer the OP's question, however, the Mac has a serious vulnerability. If you allow someone to hit your Mac with a sledgehammer, then he/she can do serious damage to your computer.
I know OSX is hard to write viruses for, but until a lot more people start using it there is no real profitable reason to do it aside from someone's own fame.
Hello? Is this thing on?
People *only* write viruses for fame.
And writing a successful Mac virus would make you *very* famous. Much more famous than creating a PC virus would.
Market share is a bogus argument.
C.
But, yes the first truly successful Mac virus will be huge.
I was talking about exploits in general... If someone can get into your computer there is a lot of stuff in there that can be used for profit. So not all viruses/exploits are for fame alone.
But, yes the first truly successful Mac virus will be huge.
What in the World are you talking about? Whatever you are saying, let's get a few facts straight:
MacOS X 10.0 came and went. No viruses.
MacOS X 10.1 came and went. No viruses.
MacOS X 10.2 came and went. No viruses.
MacOS X 10.3 came and went. No viruses.
MacOS X 10.4 came and is about to go. Still no viruses.
What are these MacOS X virus writers waiting for?
America Online a long time ago was a virus free paradise until AOHELL, a program that made it so easy to hack into AOL came online and I believe that is when kids everywhere started experimenting. As OSX comes more hip, those same kids in the same situation as before will download it and have fun but this time with OSX. That is what I am most worried about at this point.
I still think despite the reports, OSX will always be WAY more secure than Windows products simply because only one set of hardware is dealt with, not a gazillion configurations with unique circumstances such as on the Windows platform, Sun platform, Linux, Unix, BSD, Ubuntu and a heap of others.
During the 90s Apple's market share was between 5% and 10%, dropping very low after 1996 when Win95 came out...
Now it's been 5 years and still no real virus for an OS with a growing market share. Bear in mind that the 4-5% share they have at the moment equals a lot more Macs than in 1995 simply because more computers are sold these days.
OS X has most of it's email and web browsing frameworks run within an application in user space. Find a crack in any of those very exposed set of functionalities and normally the best you can hope for is to crash the program. Sure there are some cases where you can get deeper into the OS, but the fame bounty is HUGE and still NOBODY has been able to figure out how to self-replicate a virus. All near virii have required multiple direct user actions which disqualifies them from being a virus in the first place.
As for time to patch statistics. Those times are strictly generated on the publicly released dates of the vulnerabilities. On the Windows side, MS is queried and worked with for weeks before the official announcement is made. Then the patch comes out a couple weeks later, after it has been in work for awhile. This scratch-my-back-I'll-scratch-your's routine is played by the security companies due to fear MS could freeze them out with inaccessible APIs.
On the OS X side, vulnerabilities have been so few and far between that the finders post them within a couple days of informing Apple, usually with a derisive note of how Apple didn't respond well to the unveiling of the vulnerability. So Apple patches 40-60 days after that, not bad considering MS's 30-day time-to-patch comes after they have had 6-8 weeks of time to work before the clock starts.
It's all in how you tell the story.
... Sure there are some cases where you can get deeper into the OS, but the fame bounty is HUGE and still NOBODY has been able to figure out how to self-replicate a virus. All near virii have required multiple direct user actions which disqualifies them from being a virus in the first place.
... This scratch-my-back-I'll-scratch-your's routine is played by the security companies due to fear MS could freeze them out with inaccessible APIs.
Hiro,
Is Secunia one of the security companies you're referring to? I visit their site occassionally. Also, how much is the FAME bounty worth these days?
Thanks.
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user.
http://en.wikipedia.org/wiki/Computer_virus
That, right there, lies the real culprit. The Mac OS X was designed from the ground up to be protected. The Kernel is one layer, the Application layer is another. As Hiro said, the absolute worst one could do is possibly cause an Application to stop working.
While this image isn't exactly the one I was looking for, it does illustrate the whole point. OS X was built with the idea that layers could talk with each other, but they would also be protected from each other. Such as, an Application cannot add arbitrary code into the Kernel, without the User being notified.
Anyone who is a developer will know exactly which image I am talking about, but this one is close.
How about this image? Too complex? I got this from an Amit Singh article.
Also, as a non-devleoper, I would appreciate a short primer on how to read such diagrams. If it takes too long, I'll just look elsewhere.
Thanks.
The market share argument also fails if you take into account any pre-OSX version of the Mac OS. There were dozens of viruses on System 6, 7, 8 and 9.
...
This is not quite true. IIRC, there are something like 26 Mac-specific viruses. For the most part, these were System 6/System 7 viruses. Even MacOS 8- and MacOS 9-specific viruses were big news. Remember the QuickTime autorun vulnerability?
With the advent of Word 6, Microsoft enabled the cross-platform virus. Visual BASIC for Applications came to the Mac with Office 98. It brought the world of the script kiddie to the Mac. On the Mac, however, Office macroviruses infected only Office. On the Windows, they could adversely affect your whole system.
This is the thing that makes the whole "Security by Oscurity" excuse so laughable. Microsoft provided the tools which enabled so many Windows exploits. Those tools can't be used to crack a Mac no matter how much its marketshare increases.
Mike,
How about this image? Too complex? I got this from an Amit Singh article.
Also, as a non-devleoper, I would appreciate a short primer on how to read such diagrams. If it takes too long, I'll just look elsewhere.
Thanks.
That wasn't the one either, but it will do. What that diagram shows is where each part of the OS interfaces with the others. For instance, there are five main sections to your diagram: Hardware, Core OS "Darwin", Application Services (Like Core Data, Core Image, the Windowing System, etc), API (Application Protocol/Procedures Interface), and the GUI. Very few segments go into other sections. It is for this reason why many Cocoa developers (myself included) are very defiant in using Carbon procedures. Cocoa is very encapsulated, and therefor (IMNSHO) better. The segments that do cross (Java, Carbon, and QuickTime) do so because of the nature of the language (Java), it is the older way of doing things (Carbon), and will be changed in the future (Quicktime into its CoreImage/Video/Animation segments).
I hope this helps
That wasn't the one either, but it will do. What that diagram shows is where each part of the OS interfaces with the others. For instance, there are five main sections to your diagram: Hardware, Core OS "Darwin", Application Services (Like Core Data, Core Image, the Windowing System, etc), API (Application Protocol/Procedures Interface), and the GUI. Very few segments go into other sections. It is for this reason why many Cocoa developers (myself included) are very defiant in using Carbon procedures. Cocoa is very encapsulated, and therefor (IMNSHO) better. The segments that do cross (Java, Carbon, and QuickTime) do so because of the nature of the language (Java), it is the older way of doing things (Carbon), and will be changed in the future (Quicktime into its CoreImage/Video/Animation segments).
I hope this helps
Mike,
Thanks much. That short post was very helpful. Now I understand this type of diagrams a lot better. Where can I find a primer on the rules for the structure of this type of diagram?
Thanks.
Sorry, I have no idea. I figured it out through my Computer Programming Courses that I took in High School, plus all of my years of experience in programming. I am not even sure what that kind of diagram is called.
I'm sure there's a much more proper name, but it's basically a super-complicated Venn diagram.