PDA

View Full Version : Hey Mac, Join the Club!



andre1028
1 Dec 2008, 08:04pm
I'm guessing that Mac users are going to share our problems too in the future :)

http://news.cnet.com/8300-1009_3-83.html?tag=hdr;snav


In what appears to be a first, Apple is recommending that Mac users install antivirus software.

But don't read this as an admission that the Mac operating system is suddenly insecure. It's more a recognition that Mac users are vulnerable to Web application exploits, which have replaced operating system vulnerabilities as the bigger threat to computer users.

Apple quietly signaled its shift with an item titled "Mac OS: Antivirus utilities" posted on its Support Web site (http://support.apple.com/kb/HT2550) November 21: "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

The item offers three software suggestions: Intego VirusBarrier X5 and Symantec Norton Anti-Virus 11 for Macintosh, both available from the Apple Online Store, and McAfee VirusScan for Mac.

Brian Krebs, who first reported on the Apple antivirus recommendation (http://blog.washingtonpost.com/securityfix/) Monday in his Security Fix blog at The Washington Post, said an Apple store employee told him he didn't need antivirus software when he purchased a MacBook three months ago.

LegalSmash
1 Dec 2008, 08:25pm
I'm guessing that Mac users are going to share our problems too in the future :)

http://news.cnet.com/8300-1009_3-83.html?tag=hdr;snav



BTW, this should be moved to Tech instead.

good.

Itch
2 Dec 2008, 09:18am
It's common sense.

We had a user bring a mac laptop in that was totally jacked up due to a virus.

Her response when asked if she had any anti-virus software was

"But Mac's don't need any, cause they don't get Virus's right?"

I laughed very very hard when I told her she had better pray she backed up her data. Of course she hadn't.

LVG
2 Dec 2008, 09:53am
Mac operating system is suddenly insecure

Mwuhahaha

Astrum
2 Dec 2008, 10:39am
Every operating system is insecure, news at 11.

First and foremost, most AV software for OSX does more harm than good. It usually doesn't scan for OSX based viruses, it usually scans for Windows based viruses. There are very, very few OSX based viruses, and there are no zero contact privilege escalating viruses yet. If you willingly open a virus then you're an idiot, an operating system can't prevent someone from being pants-on-head retarded. If a virus requires zero interaction to take over your computer then the authors need to fix it ASAP.

Secondly, the OSX security model (which is based on unix which is what linux is based on) is quite a bit better than Windows' legacy security model. In OSX and generally any *nix you never fucking run as root, you run as a user. Nearly all programs are written in such a way that you don't have to be root to use it. This way if an application has a hole in it and the application is compromised by a malicious program (through no interaction of the user), then all it can do is trash what the user has access to, which is severely limited. It will have to find an exploit that allows it to elevate to that of the root user in order to do any real harm.

Now let's contrast this with Windows. Traditionally programs for windows have required root access. You have to install the thing as root, run it as root, and basically be root the entire time. So if there's a hole in the application and it's compromised, you're fucked. Complete and total access to your system. Of course Microsoft improved this in Vista so you're a regular user but people still program assuming they have root access to the machine. Horrible, horrible coding practices. Then everyone complained about UAC being annoying as hell but they should be yelling at the developers for requiring root access so fucking much.

Lastly and most importantly, Apple has been recommending the use of AV software for years. They just updated that webpage, it's been around for longer. This is being reported everywhere as if it's a new development, it's not.

As an aside, I don't run antivirus software on my macbook. I'm not retarded and there's currently nothing even remotely dangerous out in the wild that people with more than two brain cells should be worried about.

Itch
2 Dec 2008, 10:45am
I agree Astrum.. I run primarily Solaris servers at work. And good luck finding a "real" anti-virus for that scenario.

Anti-virus isn't the best solution. Lowered account privileges, and education on how these things get in is the best option.

The whole don't run as root applies fully to windows as well. I don't login to any of my windows boxes as administrator unless I need to. A vast majority of virus/spyware infections would be stopped if the average user stopped logging in with an admin account to browse the web and search for stupid shite. Only use an admin account when you have to.

Zero001
4 Dec 2008, 08:57am
If you willingly open a virus then you're an idiot, an operating system can't prevent someone from being pants-on-head retarded.
Sure it can. Windows Vista with a non-admin account with a software restriction policy and router firewall. Even if I tried to install a virus under the non-admin account it wouldn't get anywhere.


Anyway, the news is nothing new. All OS' are susceptible to exploits. PC's are just a greater target because of the market share.