Andrew Adamson
Got root? Sudoes.
Lately, I've been getting into a bit of a shoving match with a few of the members here over the issue of security in the Mac. Every few days, someone posts a question, "Should I use Company X's Anti-Virus Miracle Cleanser?" The immediate reply is, "You don't need anti virus protection because OS X has no viruses."
I am willing to admit that at the moment there is not a lot to gain from installing anti-virus software, since the number of KNOWN malware threats is so tiny. You can't really expect an anti-virus program to protect you against unknown threats, right? Okay. But as long as the number of known threats isn't zero, there might be some value in having an anti-virus program running.
Another common thread to pop up from time to time is the message, "Something strange is up on my computer. Do I have a virus?" Or, "My anti-virus program FOUND a virus. Should I be worried?" Immediately, the same reply is given. It's this one that kills me.
The assertion that there is no malware for the Mac or that Macs are somehow immune to hacks is begining to seriously get on my nerves. There IS malware available for the Mac. While rare, it exists. And while OS X is inherently safer than Windows (true) does not mean it is inherently safe (absolutely stupifyingly false).
Whoever the posters are and whatever the question is, most of the time there is no indication what sort of environment they are in. The assumption is that they are on a single-user machine on a trusted network with no other cracked boxes and that their Mac is properly patched and has their firewall turned on and unneeded ports turned off and the passwords are strong and that they haven't installed warezed software, and so on, and so on, and so on.... These are pretty big assumptions to make, especially when a user is concerned about an actual infection.
Probably the best thing I've read on the issue was Jason Miller's column on the subject in SecurityFocus. If you intend on flaming me, please read it before you do. It's a pretty easy read and though he doesn't go into specific threats against the Mac, he does link throughout the article to very real examples. Already, there are some parts of the article that are out of date, but since writing it, plenty more vulnerabilities have been discovered.
What are the odds that YOU've been rooted? Pretty remote, I agree. But there are 30,000 registered users on this board. More register every day. Most join because they have a serious problem they can't fix on their own. What are the odds that NO ONE on this board has been rooted? Pretty darned low. What are the chances the next person who posts a message about viruses has been rooted? Do you really want to gamble? Do you really want to gamble with strangers who are asking for your help?
I know I am a new-comer here and all, but.... By telling people who have legitimate security concerns that Macs are bulletproof, you may be screwing them. Please stop it.
I am willing to admit that at the moment there is not a lot to gain from installing anti-virus software, since the number of KNOWN malware threats is so tiny. You can't really expect an anti-virus program to protect you against unknown threats, right? Okay. But as long as the number of known threats isn't zero, there might be some value in having an anti-virus program running.
Another common thread to pop up from time to time is the message, "Something strange is up on my computer. Do I have a virus?" Or, "My anti-virus program FOUND a virus. Should I be worried?" Immediately, the same reply is given. It's this one that kills me.
The assertion that there is no malware for the Mac or that Macs are somehow immune to hacks is begining to seriously get on my nerves. There IS malware available for the Mac. While rare, it exists. And while OS X is inherently safer than Windows (true) does not mean it is inherently safe (absolutely stupifyingly false).
Whoever the posters are and whatever the question is, most of the time there is no indication what sort of environment they are in. The assumption is that they are on a single-user machine on a trusted network with no other cracked boxes and that their Mac is properly patched and has their firewall turned on and unneeded ports turned off and the passwords are strong and that they haven't installed warezed software, and so on, and so on, and so on.... These are pretty big assumptions to make, especially when a user is concerned about an actual infection.
Probably the best thing I've read on the issue was Jason Miller's column on the subject in SecurityFocus. If you intend on flaming me, please read it before you do. It's a pretty easy read and though he doesn't go into specific threats against the Mac, he does link throughout the article to very real examples. Already, there are some parts of the article that are out of date, but since writing it, plenty more vulnerabilities have been discovered.
What are the odds that YOU've been rooted? Pretty remote, I agree. But there are 30,000 registered users on this board. More register every day. Most join because they have a serious problem they can't fix on their own. What are the odds that NO ONE on this board has been rooted? Pretty darned low. What are the chances the next person who posts a message about viruses has been rooted? Do you really want to gamble? Do you really want to gamble with strangers who are asking for your help?
I know I am a new-comer here and all, but.... By telling people who have legitimate security concerns that Macs are bulletproof, you may be screwing them. Please stop it.