The FUD Report: More Mac OS X Virus Myths
October 17th, 2006When I interviewed Symantec’s Mike Romo about its latest Mac security software, Norton Confidential, I had to wonder whether the product made any sense. The new application, which apparently shipped simultaneously on the Windows platform, offers four key features that are designed to protect you against phishing, loss or tampering of valuable files and information and invasions by network intruders.
The first is probably the most significant, as it impacts the next two. Here things get a little strange, for you see, the first version ships as essentially a plugin for Firefox; Safari compatibility will come later. As you might have heard, version 2.0 of Firefox, now available in final candidate form, already has phishing protection.
I suppose Symantec might argue that its protection algorithms are more powerful, and perhaps updated more regularly. On the other hand, if you are careful about responding to fake messages pretending to be from financial institutions that ask you to reenter your account information to preserve your account, you’ll probably be safe anyway. As to network intrusions, wouldn’t those regular security updates from Apple and using a firewall be sufficient? I’m wondering.
So I’m on the fence about Norton Confidential right now, though I suppose extra protection is never a bad thing. However, version 1.0 appears to have caused at least one kernel panic on my Power Mac G5 quad, and I also noticed a small loss in Internet bandwidth, which can grow more severe if you add every single protection option.
All this raises the larger question of whether you really need third party security protection on your Mac. With the recent growth of the platform, some tech writers, and certainly the makers of security software, are claiming that Mac OS X is apt to become a more compelling target for malware any minute now. So far, except for some proofs of concept, and perhaps one infection that impacted a very small number of users, there hasn’t been a real Mac virus in years, not since the Classic Mac OS was around.
Certainly, the Mac is not an invisible platform, despite a worldwide market share in the single digits. There are, for example, roughly twenty million Mac OS X users out there. A major virus infection can certainly cause plenty of havoc. Surely that’s a large enough market to attract some attention, and wouldn’t an Internet criminal want to be the first to create that virus and see it spread far and wide?
Or maybe they just like Apple and hate Microsoft, which is why the latter gets almost all the attention.
Although Consumer Reports magazine continues to gloss over the fact, every single penny of the billions of dollars lost from computer malware in recent years occurred on the Windows platform. In fact, there are already reports of intrusions on Windows Vista, which hasn’t even been released yet. Sure, there may be a few million beta testers, but that’s still far less than the Mac’s user base.
True, Mac OS X is built upon a tried and tested Unix core, so it’s fair to say that the system is locked down in a more robust fashion than Windows. In fact, Microsoft has claimed that it created Windows Vista with superior security in mind, and that may be true, although that isn’t stopping Microsoft from touting its own security software package to protect you from the slings and arrows of the Internet.
However, no computing platform is immune. While it’s hard to justify using Mac malware protection software right now, except to keep you from spreading Windows viruses by email to unwary friends and family members, bad things might indeed happen some day.
The other night, I talked about Mac security with long-time tech talk show host Craig Crossman, on his nationally-syndicated Computer America radio show. He said he didn’t use any virus protection. And the guest for the second hour of that broadcast, best-selling Mac author Bob “Dr. Mac” LeVitus, said the very same thing.
I take a somewhat more obsessive/compulsive approach. My Power Mac remains unprotected, except for Mac OS X’s built-in firewall, and the intrusion protection afforded by my wireless router. My MacBook Pro, however, indeed has a virus package installed, since it travels a lot. Perhaps that’s a bit of overkill, but I’m prepared to extend that protection to my desktop computer the moment the situation changes.
For now, I’m just watching and hoping things won’t get worse any time soon.
| Print This Post
I’d have to agree with the ones who say there’s no need, unless you interface with a lot of Windows users and don’t want to pass anything along. I too, use a router that insulates me from the wild and wooly internet, and keep my firewall on both my Macs. But I see no need for virus protection where there are none for the Mac (in the wild) and I rarely download strange unknown files to run willy nilly on my machines anyway.
Practice safe computing, know where your stuff is coming from, don’t visit weird web sites that you don’t know who runs them, discard unsolicited email containing files you didn’t ask for, understand that your bank will NEVER ask you to follow a link in an email to their web site to ask for your account information, NEVER use your laptop connected through wifi for banking, shopping or paying bills, and the odds are that you will not suffer a lot of pain, no matter what your operating system.
These are the basic rules for safe computing, and you violate them at your peril.
Last year a virus definitions subscription renewal for Norton AV for Mac was $3.50. This year it’s $15.00. That’s what all the FUD from Symantec is all about. Greed is all consuming.
AV for the Mac is mainly to prevent me from unwittingly spreading Windows viruses. I’d gladly extend that courtesy towards Windows users for $3.50 but not for $15.
You get a lot of this “Macs have no viruses because of the low marketshare” nonsense on the web. Though no platform is totally secure, the Mac simply has way fewer security holes.
I use a Firewall, and I am careful about avoiding “Phishing” attempts, but that’s it.
I think Symantec’s message is mostly about generating revenue (and I can’t blame them for that).
For security, I rely on:
1. Mac OS X built-in firewall for incoming protection.
2. Little Snitch firewall for outgoing protection. I find I learn a lot by being notified about software that wants to “phone home”. Ninety percent of the time I let the software connect forever. However, when I visit a website and it wants me to allow some strange connection, then I don’t.
3. ClamxAV for anti-virus protection. I have no idea if it works or not.
4. My brain for anti-phishing.
Having said that I use various products for security, I should mention that for 8 years I used a Windows machine and in that time, I had:
1. One virus (Melissa, and it was my own stupid fault for clicking on an obvious executable). One detected/quarantined virus according to Grisoft’s AVG.
2. Zero spyware (at least as determined by Adaware, Spybot Search and Destroy, and Zone Alarm).
3. Zero problems with phishing (because my eBay account does NOT need to be updated).
I can understand why the experts swim naked.
,dave
Can we at least have one Mac virus that really gets out there and infects people the way one of many Windows virii have? Then we can discuss security – and how Norton probably won’t have the def ready for it anyway.
Didn’t Steve Jobs claim that there are roughly 30 million Mac users in his last keynote? I just did a quick search and found citations which were all over the map from 20 to 35 million. I wonder if hard data exists on the issue of a Mac user census tally?
I’m referring strictly to Mac OS X users here 🙂
Peace,
Gene
Ah. So by your reckoning the Mac Luddite contingent presently constitutes roughly a third of the Mac user populace. Thanks for the clarification!
“and how Norton probably won’t have the def ready for it anyway.”
This is what I’m sayin’….when and if a Mac virus is created and spread, it will be unknown by any AV software out there. All AV software will have to be ‘updated’ to ‘know’ the virus, so running the software beforehand to ‘catch’ a never-before-known virus is putting the cart before the horse. Am I wrong?
Since Norton Confidential is not an anti-virus soft, I don’t see how Symantec’s product can be related to FUD or Mac OS X virus myths.
Okay, Gene, I think you’ve got it exactly right. Of course when running Windows with Boot Camp, one needs standard Windows protection software. But what about running Windows with Parallels Desktop?
Disclaimer: I’m a former Symantec employee.
At least knowing that somewhere/someway/somehow in the middle of the night the file “mach_kernel” was overwritten would be a good thing. While Apple is very good about sending out patches, etc., nobody is perfect.
As for the knowledge thing, frankly, not all of us are that smart. Several months ago, I had my boss come in all concerned because he’d just gotten an email about how our PayPal account needed to be reauthorized. I told him it probably didn’t and that this was a scam to get at the money in the account. He called PayPal and, sure enough, they told him the same thing. So he’s a bit more aware than he once was.
Software like this has it’s place. Unlike the Windows side–where it’s almost a requirement–Mac users can use it more for informational purposes. I used to enjoy watching NPF’s firewall logs to watch the port scans and various attempts to access my Mac. But software like this is definitely optional for Mac users.
The statement that all the money lost to computer malware was on the Windows platform is incorrect. My nephew works at a company that uses Linux, and he told me that their biggest problem was viruses. Apparently there are something like 100 Linux viruses.
There goes the argument that small market share is the reason OSX has no malware.
I dont know about now adays but I have found in the past that installing mac based AV usually does more harm then good it goes crazy and starts thinking your regular files are suspicious and corupts your system…. im content to use my system the way apple intended….
Personally if a virus does eventually hit the mac I dont think its going to run rampant the way it would on windows…. unless a lot of people loose their mind and say oooh virus lets see what this will do to my computer
If for some reason that something bad does hit…. Ill do what any good windoze user should do atleast every 3 months and do a fresh install for ****s and giggles…cheers
I’ve said this before: If a virus comes out for Mac OS X, you will hear it all over the news BEFORE the antivirus software is updated. Then, if you feel you’re at risk, you can go buy some antivirus software. Until that happens, you’re getting nothing for your money and computer processing power. Waste of money and hassle.
Oh, and antivirus software has been documented to cause a lot of problems, in addition to general slowness.
Apple appears to have a new interest in propogating Windows viruses as they’re now pre-loading them onto IPods.
…errr make that propagating 🙂
“3. ClamxAV for anti-virus protection. I have no idea if it works or not.”
I suspect ClamxAV does work. I forward PayPal and EBay phishing to their spoof addresses and had several of these in my “Sent” mailbox. Surprise, surprise, surprise, some of these wonderful messages did contain viruses. I like the price of ClamxAV and have many grudges agains Symantec. They have eliminated more working software for the Mac than any other company outside of M$.
I’ve said this before: If a virus comes out for Mac OS X, you will hear it all over the news BEFORE the antivirus software is updated. Then, if you feel you’re at risk, you can go buy some antivirus software. Until that happens, you’re getting nothing for your money and computer processing power. Waste of money and hassle.
Products like Norton Confidential have behavioural engines that detect malicious activity, in addition to the usual armory of updated signatures. This is the direction the industry needs to move in…and it appears that it is moving.
apple computers have been know for not having viruses, its all about the market share. microsoft is the largest technology company in the world. thats why apple had to create computers that were compatible with microsoft made software and other stuff that was made for windows. they had to steal a piece of the pie, if you know what im saying. right now, apple is a company that is starting to grow, its a good stock too. the bigger they grow, the bigger their popularity. you might laugh at home but, i never knew what a macintosh computer was until last july. then i started to get intrested and wanted to get one, but they’re way too expensive. so i just do research about it. apple has become more popular here, ever since they established a new apple store. apple made retail stores, i think the stores are 2 years old or 3, they figured out that where they made the stores, they sold more of their products. now in the not too distant future i see more apple retail stores and more people buying macs, therefore more people using macs. when more people are using macs they’ll figure out the structure of the mac, when they do they can create programs that mess around with the mac that is avalible for people to download, these are called viruses. pc has more viruses because the same thing happened and its been like 50 years. so people know how to read a pc like a childs book. the reason is because microsoft chooses to keep old hard drives, thats why they are so big on it. they keep the old ones and new ones so people can run old windows software and new ones. thats the security hole, and thats why you see for windows 98 and up. macs, i don’t know but i think they constantly change their hard drive to keep away from the security holes. what i think is microsoft should get rid of this, alot of people don’t run old software. the only reason they keep it on so the lazy people don’t have to change their programs. so if i were the owner of microsoft and was really smart, i would have big plans for it. oh yeah and the mac norton thing, i would take it if i had a mac, just in case. there could be security holes none of us know about, and they just keep coming in, no one knowing whats happening in it.