On Aug 13, 2008, at 7:54 AM, Profile wrote:
I just read the Consumer report on virus protection, spyware problems etc. etc. They never cover the Mac well but they did mention that a vulnerability to the Mac is spyware, that the Mac users are blase and unconcerned when in fact Safari has no built in protection for spyware.
Spyware and viruses are the two topics that seem to cycle through the discussion here every couple of months. They're also topics to which my antennae are always sensitive because I'm pretty security conscious. I don't claim to be an expert on the subject, but I'll tell you what I think anyway.
Have you ever had spyware on your Mac? Do you know anyone who's had spyware on his or her Mac?I've never had a virus or spyware on Mac OS X and I don't know anyone who's had one.
The anti-spyware and anti-virus companies such as Symantec and McAffee are constantly pushing out self-serving threat reports about theoretical vulnerabilities in the Mac operating system. Publications, including the New York Times, Newsweek, CNet and perhaps now Consumer Reports, dutifully parrot the warnings almost word for word. There are plenty of examples showing that experts can indeed "pwn" Mac OS X by doing unusual things under under highly controlled conditions. I've yet to see a credible report of an exploit out in the wild. Until that happens, what is the security software looking for?
Thinking of spyware, in particular, almost all the malware classified as spyware on Windows is not self-propagating. Most of it is inadvertently installed by careless users doing unsafe things like double-clicking attachments. On an unprotected Windows XP machine, a double-clicked malicious executable can do almost anything to the system almost instantly. The same type of program on Mac OS X or Linux would need administrative access to do its thing. To get administrative access, it must be running as an administrative user and to do so, it needs an administrative password. Even if a user is foolish enough to double-click a mysterious file, being asked for an administrative password ought to be a big clue that bad things could happen. Without administrative access, the possibilities are much more limited because the program is limited to doing things in only one account. (It can still do bad stuff, but it can't very easily "pwn" the machine.)
But, there's something deeper going on here. Why is Windows malware so successful? Besides being easy to infect, Windows is the victim of it's own success. An exploit can spread efficiently only if a critical mass of machines is susceptible. That will never be the case with Mac OS X; Apple can only dream of having 10% of the active boxes. If only half of those practice safe computing, it's unlikely the critical mass needed for an epidemic can be reached.
That is not to say Mac OS X is invulnerable. Eventually someone will find a way to break into it. At that point, it might well be worthwhile to peek at what McAffee has to offer. My solution is to practice safe computing. I don't run as an administrative user. I don't launch unknown files. I don't type an administrative password unless I know why a program needs it. I make sure my firewall is turned on and doesn't open unnecessary ports. I install security patches promptly. I back up important data.
The best protection against malware on the Mac is common sense. As for the Safari issue…There have been two security complaints about Apple going around the 'Net in recent weeks.
The first is Apple's failure to patch a security hole in bind on non- server versions of Mac OS X. This is a complete non-issue for almost everybody because very few people run a domain name server on their desktop and this is what bind does. I think Apple should supply the patch to Tiger and Leopard, but I'm not terribly concerned about it.
The Safari issue that's got the pundits in a tizzy is the lack of phishing protection in Safari, not spyware. This was set off when PayPal threatened to ban Safari users because of no phishing protection. According to PayPal, Safari is the only major browser without such protection. Of course, there are already phishing schemes that get around the protection in the other browsers, so the lack of built-in protection has become somewhat moot.
Apple should address this issue, but, once again, the best way to avoid phishing schemes is to practice safe computing. For example, if you get an email that seems to be from your bank asking for information, don't click on the link in the email to get to your bank's site; navigate there yourself. The link in the email may be a phisher and a direct link through your browser is hard to fake.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ The next Louisville Computer Society meeting will be September 23 at MacAuthority, 128 Breckinridge Lane. Posting address: [email protected] Information: http://www.math.louisville.edu/mailman/listinfo/macgroup
