The Snow Leopard Report: Still Safe From Malware?
September 15th, 2009The spin about whether or not Mac OS X is susceptible to the malware scourge that has inundated the Windows platform will never stop. Whenever Apple releases a security update for Macs or the iPhone, or when a security researcher breaks into a Mac system, lurid headlines will be written.
Recently, for example, there was a story suggesting that Apple missed out on some serious opportunities to harden Snow Leopard and make it less vulnerable to malware. I won’t go into the specifics. I’m not a security expert and don’t play one on TV. But what Apple has done so far demonstrates they are committed to providing a secure computing environment to Mac users. Indeed, some of the suggestions may require tons of back-end work to deliver, and there’s nothing to say that these additional features can’t be rolled in via maintenance updates before the next major Mac OS X release.
One of notable new feature consists of a basic check of file downloads for potential malware. It wasn’t actually an announced feature or refinement for Snow Leopard, but it didn’t take long for the early adopters to discover it as they downloaded various and sundry stuff online.
At best, though, it’s a bare-bones tool. It will use a database to check against and put up a warning notice. It’s up to you to decide whether to trash the file, and it won’t repair any system damage after the fact. Well, at least it’s a start. I realize the companies that market security software are using it as evidence that Apple is beginning to recognize the potential for a malware problem, and maybe it’s a good idea for you to buy one of those products now and get robust protection.
For the time being, The Night Owl disagrees. You see, it’s not as if there’s a known virus threat for Mac OS X users that’s actually spread far and wide. So far, there have been proofs of concept, and a few mild infections. But a lot of what you’ve read about fits into the Trojan Horse category, where you actually have to physically download a file and launch it to allow it to deliver its payload, whatever that might be.
You’d probably categorize that form of malware as a form of social engineering. The same applies to phishing scams, where you get an email purporting to come from your financial institution, and you are asked to login via a link in the message to fix an account problem. If you do make that mistake, you are taken to a site that is cleverly (or not-so-cleverly) designed to mimic the real site. You enter your username and password and the keyloggers on the site record that information, so that the online criminals can login to the real account and steal your money.
Problems of that sort aren’t restricted to any computing platform. A Linux user can become a victim just as well. Yes, all the major browsers offer some measure of anti-phishing protection. The latest edition of the iPhone version of Safari has it too, but they generally work in the same fashion as anti-malware scanners. They check against a database of known scams, or evidence of suspicious behavior. The criminals, alas, are often a step ahead, so by the time updated databases are available, lots of people may have already become victims.
On a more expansive level, it’s quite true that Microsoft has invested a lot of energy and cash to make Windows less susceptible to malware. Certainly it’s a lot harder to infect a properly updated version of Windows XP, or even a Vista PC, and no doubt Windows 7 will be more secure. But you still have to possess an active security software subscription to protect you, since no operating system is perfect.
For now, Internet criminals take advantage of the fact that tens of millions of homes, and even small business PCs, are not well protected. So they have plenty of potential victims from which to create networks of spambots. Even if a PC owner takes the hint and fixes their computer, there are lots more unwary victims waiting their turn.
Yes, some fear merchants want you to believe that the Mac will soon become a major malware target. Just give it time, as Apple’s market share continues to grow, and you’ll see problems that are equal in scope to those facing Windows users.
What they don’t want to tell you is that Mac OS X is just one of a number of Unix and Linux style operating systems, and they have been out there for decades. The first computer virus was actually created on the Unix platform and you don’t see loads of infections on those ubiquitous Linux-based Web servers, do you?
Yes, there are problems of a different sort, such as the occasional DDOS attacks on sites, but such things happen regardless of computing platform. Even networks with special hardware security devices might occasionally succumb to such onslaughts if sufficiently intense.
But when it comes to regular home and business personal computers, the fact remains that Windows users remain highly vulnerable without protection. Mac users are still relatively safe. The latter situation may worsen over time, but few, except those who have a vested interest in selling bad news, believe the situation will ever become serious on the Mac. That’s not what they want to hear, but it appears to be the truth.
| Print This Post
Smart, well-written article.
Spot on Gene…
Your last paragraph hits the nail on the head.
Various Microsoft shills and antivirus vendors will come up with all sorts of lame excuses which boil down to “Macs are only safe because there aren’t many of them”.
I don’t buy the argument for a second, but let’s say that it’s true. What if the ONLY reason Macs were safe today was because they were in the minority?
Does anyone expect Mac OS X to overtake Windows any time soon? If the obscurity argument is correct, Macs will remain safer as long as Macs are in the minority. Since I expect that Macs will be in the minority for as long as I own any computer I buy today, then their logic says that Macs will remain safer for the life of my new computer purchase.
(Again, I don’t believe the argument. If someone develops and releases a virus that affects Macs, it could be devastating and since most Mac users don’t use AV, it could overnight become extremely destructive. I’m simply pointing out the logical consequence of the security through obscurity argument).