Apple Sneaks Antivirus Signatures into OSX

36

Comments

+ Add a Comment
avatar

almhuss1

Apple's own website lists security software for Macs, so they are admitting there is a potential issue (at least for today):  http://www.apple.com/downloads/macosx/networking_security/protectmacantivirus.html  But, of course, they softpedal it.

 

avatar

zepontiff

Are there so many Mac fanbois on the Maximum PC site? Don't you have a Michael Moore docu-drama to watch or something?

avatar

focher

You just managed to single-handedly drag the level of dialogue even further into the uselessness that has been displayed. You offer not a single substantive point, suggesting that you don't have anything of relevance to add. Yet there you are, typing away anyway.

OS X, of course, is based on BSD Unix and inherits exactly the same benefits and risks of most other Unix-based platforms. This article talks about code signing - which even MS only does so far on drivers on their newer platforms (except the Xbox, where it does it for DRM sake) - in order to reduce the likelihood of non-authorized executables on the platform. Despite all of this, the dialogue has descended into a rant against OS X (and mostly by people who appear to know nothing about it) and the allegation that Apple's marketing gives people a false sense of security. Perhaps. But there is a difference between risk and fact, and the fact is that there has never been a single instance of an OS X virus in the wild. Zero. None. Nada.

avatar

juanm

http://www.webopedia.com/didyouknow/internet/2004/virus.asp

avatar

juanm

Justin, justin, justin ...

 

thanks for continuing to spread Fear, Uncertainty and Doubt with badly titled articles and misleading and just plain wrong information. And then it is amazing here in PCMaximum land that everyone immediately starts shouting the Mac sky is falling, the Mac sky is falling, blah, blah, blah.

 This is NOT a virus that the update has addressed but a Trojan. A Trojan is NOT a virus. Even the link (http://news.cnet.com/8301-1009_3-10110852-83.html) you provided in the first paragraph CLEARLY explains the differences between trojans and viruses and how Trojans can impact Macs and PCs. Why, because the USER activates them. This is different than a virus. Read this article again.

 

i am a Mac user and I realize that Macs are not immune to everything AND are especially not immune to users who open files from persons they don't know OR worst yet are duped (and we all can be) by an e-mail or file that appears to be from a company we deal with all the time only find out later we gave our user name and password away.

 

If you are going to report on mac problems and issues at least get your story correct. This is a Trojan issue NOT a virus issue.

 The funny part is that you state that this exploit "is a file disguised as the iPhoto application" that is the exact definition of a Trojan that can affect a PC AND a Mac.

 

avatar

mesiah

Congrats, you obviously got an A+ in your apple propaganda class. Your argument is textbook apple crosstalk to a T. When confronted with an obvious apple or mac flaw, instead of disputing the flaw, you change the subject and dispute the verbage of the claim. To all the morons and other apple lovers it sounds like "No, that is a total lie! That is not an issue." But what you are really saying is "Lets change the subject. You can't call it a tomato when its clearly a tomoto."

 

avatar

Muerte

technically you are right but people buy Macs so they don't have to know the difference and to them a trojan or virus no matter what you call them is bad.

I guarantee 90% of the people who own macs don't know the difference and won't care.

So you can pic nits all you want a security issue is a security issue is a security issue.

A rose by any other name....

avatar

focher

Your "guarantee" is useless and nothing more than the typical overblown rhetoric too many people use when anonymously making claims on Internet forums. "People" buy Macs for a variety of reasons, and there are plenty of extremely technologically capable people who buy them - seeing as it's a platform built on BSD Unix. Regardless of all that, the introduction of code signatures on their own apps is hardly is "see, security is bad on OS X" issue. The article obviously wants to make it one, but that doesn't make it so. Code signatures are getting more and more common, and are simply one more mechanism to ensure that the application you are executing is really from who it says it is. No different than SSL certificates for web sites.

avatar

focher

Ah, the age old "their market share is too small for virus writers". There are no - that's zero - cases of viruses in the wild on OS X. There have been some concept trojans written, which is an important distinction as a trojan requires a user to accept the execution of the program. And even then the program only executes at the user login permission level. On OS X, that defaults to a non root / administrator level access so the most the application can do is screw with the user's home folder structure.

None of that means there aren't security holes in OS X. And people have different opinions as to whether Apple's approach to even talking about security issues in OS X is appropriate. What gets me is how lame this article is, especially with the snide recommendation that Apple should mimic or listen to MS's approach. The fact is, Microsoft has the most dismal security history of ANY software provider...bar none. It has routinely released OSes and applications which allow viruses to self-install, propagate, and run at administrator level. Holding them up as some industry best practice is downright laughable. What's also evident is that most of the commenters on this forum don't even know the difference between a security hole, a virus, a trojan, or any other type of software security issue.

avatar

imagonex

Most hackers right now are thinking: WHO CARES?!  

Hackers targeting a declining 3% PC desktop market share is akin to a terrorist group pissing on the snow in Antarctica as opposed to bombing the Pentagon. Makes for a good comedy skit on MadTV, though.  

As far as Fruity PC Inc. misleading their customers? Well(cough, cough), yeah, just a little wee bit (sarcasm). 

Then again, I think most corporations mislead the consumers. All companies do it. They all utilize romanticized jargon to describe exploits or bugs that can be outright critical or urgent. Fruity PC Inc, though, is probably the best spin doctor at that. 

Fruity & Company better keep on praying hackers never do care about OSX. Keep that 3% or less going, Steve, and you're out in the clear.

avatar

noobstix

Damn, I wish I was still in public schools with all of those Macs in the computer lab.  I have the perfect website (or two, or three, or four, etc.) that I'd like to test the security of Macs on (Dells are no fun to infect).  Maybe McAfee will have a version called "Mac-Affee".  The name could fit perfectly.

Mobo: MSI 770-C45

CPU: AMD Phenom II X4 955 BE

Memory: 6GB Corsair XMS3 DDR3

Video: 1GB Diamond ATI Radeon HD5770

Monitor: 19" Viewsonic VX1935wm

HDD: 320GB Western Digital SATA

CD/DVD: Pioneer DVR-111D

avatar

PawBear

 Obviously a high number of high profile people are using the ipad.  ATT made that clear recently.  I think I can assume they use Macs.  If I wrote viruses I'd certainly target them and do my best to make sure noone ever figured it out, especially Apple. to maintain this delusion that all are safe.

"Either we conform the Truth to our desires or we conform our desires to the Truth."

avatar

Shadai

F*cking Miracles!

avatar

Slugbait

There was a KB article that sat on their website for a long while which advised their customers to have two antivirus programs installed. I always thought that to be funny after watching all the commercials. They deleted the KB about 18 months ago: http://support.apple.com/kb/HT2550.

There was an original KB before it. http://gizmodo.com/5100996/false-alarm-apple-mac-os-x-anti+virus-recommendation-is-old

Apple had always recommended using antivirus. Odd that they are suddenly changing their itune.

I doubt MS would be happy to give Steve a few tips, but I agree Apple wouldn't take them up on the offer. Steve has always seen himself as the driver, not the passenger.

But I digress...I think the reason Apple tells their customers they don't need antivirus is because Apple doesn't want their customers to experience the bugs and massive performance hit that comes with Mac antivirus programs, especially McAfee.

avatar

Bender2000

Apple actua;;y releases an update that makes their OS more secure, and this is a BAD thing? If they added a built in AV app like MS Security Essentials you guys would be hosing them for that too. You know Apple, they ignore the problem until they have the fix THEY want in place. Regardless of your bias, Apple made Macs safer. They also snuck in a new Mac Mini when no one was looking, so much for their announcements for minor things. Its like the reverse of vaporware, they come out with a product no one expects instead of announcing a product that never appears. Like the Slate or the Courier. I wish HP were more like that. I'd love to wake up one day and actually see HPs with Voodoo DNA in 'em. Then Apple would worry.

avatar

aviaggio

Actually, it's not that they added new signatures that's an issue. It's the fact that unlike every thing else they do they kept quiet about it and are trying not to draw attention to it.

Cause admitting your OS is being hit by virus attacks kinda flies in the face of one of your strongest (as in harped on in every single ad) selling points -- that Macs are "safer" than PCs and don't get viruses.

The whole situation just points out what we in the PC world have known for a long time -- Jobs is full of shit. 

avatar

Mayhemm

Is it wrong of me to be silently hoping someone writes a totally debilitating Mac-only virus?  One of the system-frying, hard disk-erasing ones?

 This would accomplish two admirable (IMO) goals:

1)  it would give Mac users a harsh lesson in internet security.  One they seem reluctant to absorb otherwise

 2) Crush Apple under the weight of lost-business, willful-negligence, property-damage, and false-advertising lawsuits.

avatar

Cache

I'm shocked that no one in the Russian mafia has developed a good, debilitating virus yet from a monetary perspective.  Figure you brick a few million Mac products, Apple's stock plummets--you buy massive amounts of low-cost Apple stock, and sit back as the Apple Addicts flock to the latests innovation--iVirus Protection.  Apple's stocks go back through the roof... and the Russian mafia makes an easy billion or so dollars.

Hell, if I could program anything beyond my DVR, that's what I'd do.

avatar

stradric

I don't think that would work in practice.  You'd need a virus that would target all OSes in order to infect a large amount of Macs since they're so sparsely distributed through the whole computing landscape.  Either that or take over Mac update, which is not easy task certainly.

Besides that, does Apple even make that much money on its PC business to send its stock plummeting?  I think it's all iPhones and iPods.  So if you manage to infect every iPhone, then maybe you have something...

avatar

TechJunkie

Yeah and at those conferences booked in advance, they announce insignificant version bumps and trivial new products. They announce at these conferences that they changed the color of sliced bread, or that they are putting out an update to the iphone so it can...wait for it.....WAIT FOR IT.....copy and paste!!!!! WOW, what a concept! No one will ever be able to top that! As far as trivial products, the ipad comes to mind. Why? Cause it's just a bigger ipod and they tout it as the biggest technological breakthrough since electricity. Give it up dude and your name shouldn't be "chet Sixsixsix". It should be "ChetMix" cause your a horrible poster and should stop reading.

 

I have to PooP!

avatar

WardTheSteak

I think this guy is for team Steve!  You're just mad, because you can't mod out your mac to be a twilight homage!  Noob!

Team Edward!             <----- One guy said Jacob, and I don't hop on bandwagons!

avatar

TechJunkie

Because SJ thinks his crap smells like candy gumballs and not to mention that he thinks that he is god. Period. But I'm not defending the guy who wrote the article, I'm defending the content. SJ is nothing short of a frail dictator that does no wrong, is perfect, his gadgets are perfect, and has all his little apple fritters right where he wants em'.

pssst. I'll tell you a secret. I don't have a coolermaster. I have an Antec 902 case with pretty blue lights.

avatar

DigitalNogi

zomg i luv twilight!!!

Team Jacob ftw! 

avatar

DigitalNogi

Here here!

avatar

jrocknyc

Your commas, make me, question your reliability.

avatar

BuLLg0d

...if your, Christopher, Walken

 

 

 

"I've got a fever, and it can only be remedied, with more cowbell"

avatar

BobbyPhoenix

I LOL'd, too, funny.

avatar

TechJunkie

Now I have a headache and the only antidote is more cowbell!

I have to PooP!

avatar

nadako

why apple loves to pull out the blame stick. Blaming Adobe for their security risks and what not. Lol if your a programer then you would understand to limit the User from the kernel and other Software installed as much as possible. And in limiting i mean making your variables private not public. Oh but a friend funtion is like a friend with benifits.

avatar

stradric

Private, public and friend functions are compiler mechanics.  They mean nothing in runtime where everything is assembly.

Also, programmers writing software to run on an OS should not have to worry about "to limit the User from the kernel".  It's the OS's job to limit kernel interaction.

avatar

TechW

I believe that the policy of Apple misleading its customers into thinking they are not subject to malware attachs will ultimately bite them in the butt. One day, all the beliving Mac owners are going to wake up to find out that they are the victims of identity theft and wonder how it could possibly have happened to them. I imagine they will blame Microsoft...

avatar

TechJunkie

Misleading as all hell.

I have to PooP!

avatar

kjrviking

When my buddies who say that they don't need antivirus, i just tell them that OSX is so much more open to attack than Win 7, then when they ask why there aren't any viruses for them, i am forced to respond that the OSX is too easy to hack and not enough people... maybe now more people will make viruses for it just to prove to Macheads that viruses do effect them

avatar

BuLLg0d

With Apple's market share increasing, and more users transitioning over to Mac and Apple products every day, it's only a matter of time before the right (or wrong) internet e-thug is going to gut punch Apple with malicious code due to their pretentiousness.  When it comes to PC's, no one claims 100% protection. If someone did claim that, they'd be hacked within a day.  We have all learned that the hard way.  PC marketing usually uses the term "more secure", and that's after a malicious attack.

Apple users live within a cloud of smug   http://www.southparkstudios.com/clips/104282

avatar

COMMANDER_COOK

Yep, they sniff thier farts. 

----------------------------------

Donate blood!     http://www.redcrossblood.org/

avatar

nsvander

I have numorous friends that think becuase they are on a MAC they dont need antivirus.  I tell them its just a bunch of BS and if you use the internet for anything you need it.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.