Despite what blogs (and Apple) say, Macs will eventually have malware

Despite what blogs (and Apple) say, Macs will eventually have malware

Summary: People seemed to get into a tizzy about Apple posting an announcement recommending Anti-Virus software for Macs. Even though it was retracted, I do think that Apple priming Mac users for the eventuality of widespread malware is a good idea.

SHARE:
268

People seemed to get into a tizzy about Apple posting an announcement recommending Anti-Virus software for Macs. Even though it was retracted, I do think that Apple priming Mac users for the eventuality of widespread malware is a good idea. People who believe that the fundamental design of Macs will prevent them from being an attractive target for viruses are dead wrong.

Several reporters and bloggers jumped on the apparition that graced Apple's knowledge base stating that Mac users needed to run multiple anti-virus packages. While the KB article turned out to be bogus, it does not mean that Apple users are safe from malware forever. I have said many times before and I will say it again: given the constant of end-user gullibility and a monetized malware underground, the emergence of Mac malware is a function of market share and anti-virus effectiveness on the dominant platform. You don't even have to depend upon verbal arguments, as I provide a game theory analysis as well.

The fact that the announcement was made and pulled seemed to give some bloggers, including Joe Wilcox, fuel for their argument that Macs don't have malware because they are fundamentally more secure.

The reality is that mass market malware writers don't care about novel attack code anymore. They also don't care about who is running the most vulnerable services. They do care about writing programs that look like legitimate applications that will trick the end user into voluntarily installing them. When the bad guy's target is the human being at the console, then his only decision becomes what is the size of the target to go after.

The fundamental fallacy in Joe's argument is that operating system security is equivalent to malware security. It isn't. No level of system architecture can prevent users from harming themselves. Malware writers are just waiting until there are enough victims to make their switch profitable.

Topics: Malware, Apple, Hardware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

268 comments
Log in or register to join the discussion
  • Wrong assumptions based on the negative Windows experiences

    Windows has a lousy record for security, Microsoft should
    be ashamed and people in general should use something
    better. Thousands of different types of malware for
    Windows and virus-cleaning costs which are skyrocketing
    (around $14 billion each year globally) should scare off at
    least those with a limited budget and at least some
    common sense.

    Face it, it's just Microsoft and their customers who have
    problems with this, now, and it's highly unlikely any more
    severe problems like those with Windows will emerge
    anytime soon when there's still zero malware for Macs and
    Linux to worry about.

    Trying to make people think they should be afraid because
    the Windows-experience has been so terrible isn't very
    nice or responsible.
    Mikael_z
    • Safari didn't have anti-phishing until recently

      And PayPal openly called it out as the browser to avoid. Better put down the koolaid and see the reality, dummy.
      LBiege
      • And how long did other browsers have that feature?

        AFAIK, all this anti-phishing-stuff only started in a usable form in 2008. Whether Safari has it a few months earlier or later doesn't really change the game.

        Strange, how easily these MS-addicts become insulting. Lack of arguments, perhaps?
        anonymous
        • Another one

          "Strange, how easily these MS-addicts become
          insulting. Lack of arguments, perhaps?"

          [sarcasm]
          And Apple addicts are perhaps poor little angels
          trying to defend their so nice god Steve Jobs ?
          [/sarcasm]

          Last time Apple fanboys are often the first to insult
          and to show how arrogant and insulting they are.
          timiteh
        • You're kidding right?

          Safari's the very last major browser to add anti-phishing capability - if you could call it that. The other browsers added this feature [b]2 YEARS AGO[/b] and have been updating* it steadily ever since

          *(the exception here is IE7 - as usual)

          The browsers leading the way in anti-phishing technology are Firefox and Opera; they've actively updated their technology with each release. The maddening thing about Safari was that Apple stealthily pushed Safari onto the windows platform as an 'alternative' to IE7 despite the fact that it couldn't even match IE7's security features (which were already behind Firefox and Opera's). Finally, they've quietly added a rudimentary anti-phishing system after lagging behind for two years. Now THAT'S insulting to their customers - but Mac fanboys take it with a smile - as usual.
          eMJayy
          • Safari is a joke anyway

            I used to be about as rabid an Apple fanboy as you could find, and my next computer is going to be a MacBook, because they've still got the best technology, but there's no way I'm ever going to use Safari. From the beginning it's been a primitive piece of crap with serious compatibility and security issues. I simply can't understand how the creators of OSX managed to come up with such a worthless browser, one that's even worse than IE.

            And then they had the nerve to try to sneak-install it onto my PC during a QuickTime update by setting the option as checked by default and hoping I wouldn't notice. That's what finally turned me off of Safari forever. I don't want anything to do with any program that [i]its own designers[/i] know is so bad that the only way to get it onto people's computers is to trick them into installing it.
            masonwheeler
          • Makes you wonder

            [i]I don't want anything to do with any program that its own designers know is so bad that the only way to get it onto people's computers is to trick them into installing it.[/i]

            Sounds like the kind of strategy malware writers use, doesn't it...? hmm
            tikigawd
          • Safari is "a joke"?

            I'd like a bit more detail on what it is about Safari that
            makes you consider it "a joke". Its major "incompatibility"
            issues have to do with the non-standard "proprietary" code
            designed to work only with IE. And while its security isn't
            perfect, it rates high above IE on that score as well.
            As for trying to sneak it past you ... I doubt there was
            malicious intent behind that error. Unlike IE, merely having
            Safari installed on your system poses no danger to you or
            to the system. If, of course, you have the room on your HD
            to store the code along with the stuff you WANT to be
            storing.
            As for it having been defective from the beginning, it is
            now in its 3rd full version and it was initially in Beta. So, if
            you are going by your Beta-test experience ... you really
            need to get a clue - Beta is [b]all about finding bugs![/b]
            So they can be fixed.
            I don't believe you are a "rabid ... Apple fanboy". I believe
            you may be "rabid", but that any "Apple" claim you might
            make is an accident at best, a fabrication at worst.
            dlmeyer@...
          • A joke

            [i]Its major "incompatibility" issues have to do with the non-standard "proprietary" code designed to work only with IE.[/i]

            Hate the web developers, not IE.


            [i]And while its security isn't perfect, it rates high above IE on that score as well.[/i]

            evidence?

            Which brings us to...
            [i]Unlike IE, merely having Safari installed on your system poses no danger to you or to the system.[/i]

            Yes, unless you don't consider Safari's infamous carpet bombing incident a big deal. Apple certainly didn't, that is until everyone from here to Mars called them out on their moronic response to the flaw. It became a PR mess for them, that's why they fixed it, not because they really cared about the consumers.

            Arrogant company acting accordingly.
            tikigawd
          • same experience

            I believe my safari download came with my son's never ending iTunes updates. As I recall there was another Apple mobile package installed as well at that time. I will acknowledge that I should have better user controls setup on my pc but the fact remains that Apple did a back door install of thier apps on my machine. If Apple wants to increase the installed base of thier apps then at least keep the previous claimed high road and package them seperately.
            Chris Z
          • Yup Safari is to be avoided

            Safari is such a resource hog, I only know one Mac user who still uses Safari. All the others use Firefox.

            I'll give it a look from time to time just to see if it has any improvements. You never know even crappy software can be improved... For instance on Windows IE7 is a far sight better than IE6 and IE8 is light years ahead of both. Maybe if the Safari team get their collective ducks in a row, they could make a decent browser out of it.
            awasson@...
          • I love Safari

            I use a Mac and love Safari, I've tried firefox for Mac, but I
            find it too slow.
            ccfman2004
          • Re: I love Safari

            "I've tried firefox for Mac, but I find it too slow."
            That is why Firefox beats Safari in speed benchmark tests! Another fanboy that feels guilty if they don't go 100% Apple...
            W1LL-B1LL
          • IE7

            Phishing filter is updated hourly....
            https://phishingfilter.microsoft.com/PhishingFilterFaq.aspx
            JoeMama_z
          • We're not all the same.....

            I ditched Safari long ago.... with a smile.... and switched to Firefox. You shouldn't assume that we all use Safari.
            GSavage777
        • Lack of arguments?

          And here's you not even bothering to look up the facts as to when other browsers provided anti-phishing filters.
          Sleeper Service
      • Whose Kool Aid are you drinking?

        It's not realistic to assume that because your operating
        system is problematic, that other operating systems will
        have the same problems. The reality is there are hundreds
        of thousands of malware in the wild for Windows and zero
        for Macintosh. It won't stay that way. Someday there will be
        one. Then you Windows Kool Aid drinkers will go ballistic
        telling us Mac users "I told you so." Then it will be several
        hundred thousand for Windows and one for Macintosh. If
        all you Windows Zealots are so secure with running 14
        antivirus programs at once. That's wonderful. We Mac
        users don't have that problem and you guys are so ready to
        point the finger at us, I'm sure we will find out about any
        malware in the wild before it actually happens to us. The
        truth is that currently, it is more risky to put intrusive and
        sometimes buggy anti-virus software on your Mac, than it
        is to not run the software. There are good anti-virus
        programs for the Mac, but the 2 big commercial ones have
        been known to cause problems and can be quite klunky
        and intrusive. I personally have anti-virus software and
        scan only rarely, but I do block all outgoing transmissions
        and if I get anything really unusual, I'll check it out, but
        most outgoing transmissions come from Adobe, Microsoft,
        and Stuffit applications. I could never feel secure using
        Windows online for anything, no matter how much
        protection the computer has on it.
        MacGeek2121
        • Kool Aid?

          Wow. Kool Aid has so much to do with choice of operating system... BRAVO!
          W1LL-B1LL
          • different meanings

            He's talking about the Jonestown Massacre. You must be too young to understand the colloquialism. The good reverend Jim Jones poisoned his flock using Kool-Aid, hence the reference. Do you drink the Microsoft or Mac "Kool-Aid"? Personally, I enjoy both flavors, and even the occasional Cherry Linux at work. (Get it? Red Hat, Cherry...?)
            cuba_pete@...
          • it wasn't kool-aid in Jonestown,

            it was Flavor-aid.

            ;-)
            rtk