Mac OS X: Vulnerable to new Trojans

Myth and experience

My experience with Windows and Mac OS X over the years is that Mac OS X really is fundamentally more secure. True, Apple has had some near misses, but I've seen Windows XP systems owned by users alert for malware become infected, and without them ever knowing that it has happened (until the system is seen to be sending 4000+ E-mails an hour or whatever!). I've found that one anti-malware suite doesn't spot or prevent malware that another one does, yet even the best fail sometimes. Reviews I've seen give detection rates from an abysmal 45% or so to a still poor 96% (4 in every 100 attacks undetected!).

Contrast this with Mac OS X, which I have only seen attacked with Trojan Horses (Apple closed off the Bluetooth hole exploited by the Inqtana worm before it did any widespread damage). Mac OS X's defences work well enough to alert even naive users that they shouldn't click through the 'Do you really want to download this possibly nasty item?' dialogue with the result that I've never seen an infected Mac OS X system.

Few of my friends and relatives have Windows Vista as yet, as several switched to Mac OS X to escape - successfully - the malware horrors of the last several years. I've heard rumours about Windows Vista systems being infected despite all the security, but have not experienced this myself.

download issues

The reports of download issues with regards to a virus or other malware are nothing new. I was calling Microsoft products "bloated virus magnets" when they were releasing Windows 3.x, and as of today see no reason to change my opinion of them. My Mac is (as have been all since I started using them around 1986) a Microsoft free zone, never a trace of Explorer, Vista, Mojave, or whatever the current incarnation is going to be called.
Jerry w
www.boskolives.wordpress.com

THE HORROR!! Macs vulnerable to open flame!

The author Mr. Gralla seems to do quite well recycling old story concepts. Certainly, this entire blog-post follows a tired old journalistic outline: the Mac OS (6, 7, 8, 9, X) is suddenly "infected" just like Windows PCs are routinely, which proves that Macs are not magic, yadayada and so on. File this one with the annual "Apple is doomed" columns we've all enjoyed since IBM+Microsoft invented the PC and Graphical User Interface (they didn't?). Both stories get both the Windows and Mac zealots so excited. Yawn.

While I share Gralla's general criticism of Apple's slow approach to malware defense, I also fully agree with the Anonymous commentator here who wrote, "This Trojan does not reveal vulnerability in the Mac OS X, but a vulnerability in the user. If a user willingly authenticates and installs a piece of software from a non-trustworthy website, then no OS in the world can protect them from any kind of malware."

One thing that helps Apple here is that Mac users are generally much less technically savvy, OR they are very savvy top-level IT, creative, academic, or science folks. The former avoids trouble by using mainstream security/antivirus utilities and by not installing anything that doesn't come from Apple or Adobe. The IT folks can easily anticipate and avoid online malware threats, and anyway they know better than to use their "personal" computers (often Macs at home) for online naughtiness when their "work" computers (Windows PCs) are good enough for that -- and furthermore were paid for by their company. ;-)

Ah, market share.... Quick, what percentage of Microsoft's "personal computer" market share is actually just the ticket-reservation terminals at all the world's airports? Or PCs in hospitals etc?

Come on, Computerworld, let's find better Mac coverage?

Viruses

As long as I behave myself the chances of passing HIV on to my wife are practically nil.

However, if I do things I shouldn't do, the odds of passing a SDT to my wife are greatly increased.

The same is true with Mac computing. Behave yourself and don't provide an admin password to programs you aren't installing and you will not have any problems.

Antivirus software is like a condom. They don't protect against everything and they do fail, however, if you behave yourself, the odds are a lot better.

As far as I have seen or

As far as I have seen or heard, malware for Mac OS X in the wild, in total, stands now at two porn-codec trojans. Period. All the rest are either proof-of-concept and harmless, have never been released in the wild, or require direct access to the user's computer and the hacker still needs the password. So I would not call one porn-codec trojan last November and another porn-codec trojan this November evidence of "growing attacks." Go ahead and chart it out year-by-year; you'll get a flat line. Not to mention that (as the article points out) the second trojan is probably the same trojan as before, just recoded a bit.

When will the bloggers and journalists learn not to take seriously every lame press release from "security vendors" calling themselves "security experts" sounding exaggerated alarms so they can sell people software they don't yet need? I would also point out that the "Macs are invulnerable" myth is propagated not by Mac users, but by Mac naysayers, who take the factual claim of "no viruses or worms for the Mac yet exist" and blow it out of proportion. Macs are not invulnerable, and I do not recall anyone ever actually saying they were.

To the author of this article: I know you need to write about something, but try not to look so gullible to every alarmist re-hash that gets released by antivirus vendors.

Subject line is not correct

It's good information, but the subject is not right. This Trojan does not reveal vulnerability in the Mac OS X, but a vulnerability in the user.

If a users willingly authenticates and installs a piece of software from a non trustworthy website, then no OS in the world can protect them from any kind of malware.

Problem is with the user, not with OS X.

Just do a search of

Just do a search of vulnerability and Vista and there is multiple new threats in the past few hours. As long as when your surfing porn you dont download a new codec your fine with a mac. If your not surfing porn all the more secure.

Looks like if your driving in XP or Vista land, expect to get yanked off the bus at any moment, even if your trying your best to be secure after spending $$$ on security upgrades that dont work.