Despite what blogs (and Apple) say, Macs will eventually have malware

People seemed to get into a tizzy about Apple posting an announcement recommending Anti-Virus software for Macs. Even though it was retracted, I do think that Apple priming Mac users for the eventuality of widespread malware is a good idea. People who believe that the fundamental design of Macs will prevent them from being an attractive target for viruses are dead wrong.

Several reporters and bloggers jumped on the apparition that graced Apple's knowledge base stating that Mac users needed to run multiple anti-virus packages. While the KB article turned out to be bogus, it does not mean that Apple users are safe from malware forever. I have said many times before and I will say it again: given the constant of end-user gullibility and a monetized malware underground, the emergence of Mac malware is a function of market share and anti-virus effectiveness on the dominant platform. You don't even have to depend upon verbal arguments, as I provide a game theory analysis as well.

The fact that the announcement was made and pulled seemed to give some bloggers, including Joe Wilcox, fuel for their argument that Macs don't have malware because they are fundamentally more secure.

The reality is that mass market malware writers don't care about novel attack code anymore. They also don't care about who is running the most vulnerable services. They do care about writing programs that look like legitimate applications that will trick the end user into voluntarily installing them. When the bad guy's target is the human being at the console, then his only decision becomes what is the size of the target to go after.

The fundamental fallacy in Joe's argument is that operating system security is equivalent to malware security. It isn't. No level of system architecture can prevent users from harming themselves. Malware writers are just waiting until there are enough victims to make their switch profitable.