NYT/AP: Macs Are Virus Targets, Some Experts Warn

Macs Are Virus Targets, Some Experts Warn
By THE ASSOCIATED PRESS
Published: April 30, 2006

SAN FRANCISCO (AP) -- Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computer's operating system.

Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone -- or something -- else.

Daines was the victim of a computer virus.

Such headaches are hardly unusual on PCs running Microsoft Corp.'s Windows operating system. Daines, however, was using a Mac -- an Apple Computer Inc. machine often touted as being immune to such risks.

He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years....

http://www.nytimes.com/aponline/technology/AP-Apple-Security.html

for Macs in all these years.

Ooooh. Run and hide.

Bullshit. Its not the only OSX virus:

OSX/Leap-A, OSX/Inqtana-A (and a variant OSX/Inqtana-B), Opener, Switchback. All of these are OSX viruses.

Also, it is not the first Mac virus. In fact there are at least 40 known viruses that affect earlier versions of Mac OS. Of course if you listen to Apple PR, you wouldn't know this...

They do not spread except when the user runs them.

They are trojan horses.

And the earlier viruses cannot attack any current system.

because most of them (by a very large margin) also have to be run by the user to infect the computer. In fact being run by the user is NOT a determining factor as to whether a piece of malware is a virus or a trojan. The determining factor is whether the malware self replicates, and in the case of Leap-A etc they do indeed self-replicate.

In other words you are wrong and all the wishing in the world on your part won't change that.

There is virtually no risk in using a Mac. And never will be.

I can see some hacker learnignt he mac system just because he heard that macs were "immune' to viruses.

there are plenty of holes there.

No real virus problems on Macs in its entire history. Over 20 years.

The Army replaced their accessible servers with Macs in the nineties for better security. And that was long before OSX.

Even if there was a major problem tomorrow, I can proudly say that for 20 years, I haven't had the worries and headaches that Microsoft users do.

That's all. If market share were reversed, and MACS dominated the commercial market, it would have its share of trouble with hackers. That's because not everything hackers do exploits a failure to write quality code, and not every creative product of a hacker can be forseen. And hacker's attention is not on macs - and no, as much as you want to believe it, that's not because they're "impossible" to mess with. It's because there's no glory in it because its a niche machine without market dominance.

I do believe Macs would fair better, assuming they kept their same business and quality standards, than PCs have. But to gloat about them being "immune" or promising that there will "never be" a problem is just ignorant.

What a hacker wants is either access to lightly protected systems to send Spam or access to people's personal data.

If Macs were in any way shape or form as easy to attack as Windows systems, hackers would be all over them because there is such little awareness of the virus problem on the part of Mac users.

But they are not!

A hacker does want access to information, but ALSO to varied sources. In any case there are at least two known viruses/worms/trojans that are designed to allow a hacker to have access to OSX:

"The Mac/Cowhand-A Trojan horse allows remote hackers to use an infected computer as a proxy to connect to the internet."

and

"The SH/Renepo worm (also known as Opener) can turn off the Mac OS X firewall and other security software; will download and install hacker tools for password-sniffing and cracking; will make key system directories world-writeable; and will create an admin-level user for later system abuse. Renepo also turns off accounting and logging to help hide its presence."

But hey don't let reality get in the way of your love affair with Mac!

Uncheck that box, and the "problem" goes away. Just. Like. THAT. Sheesh.

And now they have further qualified what "Safe" is. And the OS asks you each and every time a new application is run for the first time if you really want to run it.

saying "XXX contains an application. Are you sure you want to continue downloading 'xxx'?" There are PLENTY of warnings.

At the same time you say virtually no risk? You don't know that there "never will be." Here's what SANS says:

"Although Mac OS X has security features implemented out of the box such as built-in personal firewall, un-necessary services turned off by default and easy ways to increase the OS security, the user still faces many vulnerabilities."

And then goes on to list a load of vulnerabilities.

http://www.sans.org/top20/#u2

I've used mine for years and have never been infecte,,D@$6GDt or


Had any..n."(&

PRoblemjJ$!
$gEtWith..%&^32

any BaDDDDDDDDDDDDDDD

StuF54$&J,m<>
.



It's raininreeeAnd Kallabazoo&^5$3..

but I really wouldn't be too worried about computer viruses if I were a Mac user. It's simple a matter of probability. Considering there are so many fewer Macs in use, there are fewer viruses. Also, Windows has plenty of security risks.

But for all the stuff I do, Macs wouldn't be optimal.

But if you want a real "plug and play" system (rather than "plug and pray" for Windows), with little messing around required I recommend Macs for sure.

Just curious?

.

I just bought a 1.42 GHz G4 eMac with 512 MB RAM, 160 GB HD, Firewire, USB 2, 10/100 Ethernet, FAX/Data modem, 17" 1280x960 screen, ATI Radeon 9600 display hardware, external screen connector, DVD-RW (2 layer) drive, Speakers, microphone, Keyboard, Mouse, Software (OS + Appleworks + iLife + Quicken + World Book + etc), condition new open box, 2 year warrantee, for $548 including shipping.

I'm in the market for a newer machine as my ancient one gets confused on some net pages.

What a deal.

This merchant;

http://feedback.ebay.com/ws/eBayISAPI.dll?ViewFeedback&userid=etoys4less&item=9714425900&iid=9714425900&frm=1883&ssPageName=STRK:MEWN:SID

Who was great about the whole transaction. All by the numbers!

Here is the key to getting a good price on Ebay;

1. Decide the maximum you will pay and never get into a bidding war.

2. Bid only in the that two minutes of the auction; Place ONE bid for the price decided in #1. If you get the goods, great. If not, go find another similar item to bid on.

when I bought my MP3 player. Those are the basic rules of bidding. Thanks for the advise though. I'll be hunting for my apple soon then.

If so, them good choice to use a PC.

But I find very little that I really need my PC for except a few games and one stream recording application that used to a better job of recording one type of content than the ones that exist not for a the mac. New choices are not available and I could dispense with it now were it not still doing a good job. (Never change what is working in production.)

..as a lazy, non-geek consumer, I simply want things to work. I don't want the added obstacle of having to worry about whether the app I want to run or the game I want to play has a mac version. This happens quite a bit with games.

Having said that, the compatibility keeps going up, and my need to play games keeps going down, while my need to do work on my computer keeps increasing. Buying a mac keeps getting more and more likely in my future. :)

All they want is more business from Mac owners. Every time they find the 'first' virus for Mac, I just yell " oh yeah? and how many viruses are there for windows?"

the user. The best hope to infect a Mac is through social engineering.

open source. That makes for more people looking at, changing and improving the code. Though we can't change human behavior, we can make the BSD core as secure as possible.

And I do a lot of my programming for White Rose in the BSD level of things. No need for a GUI for 99% of what I do. For my purposes, OSX is just another Unix machine.

If some UNIX programmer finds a potential problem with sendmail, it gets publicized world wide. Apple developers have access to the problem and maybe within hours or days will have a fix from either within or from the world wide community.

I use my terminal every day. Some days I post here using Links. I also use the CLI folding@home client.

...and post-processing recorded audio that I cannot run any of the @home clients.

you are taking action that goes beyond sacrificing a few CPU cycles.

And never amount to anything. Is there a prize for a journalist to actually find a problem?

I think these reports are paid for by Microsoft to say, "See, It's not just us!"

"Some experts" Yeah, right. Bullshit.

Keep on buying your Dell and HP Windows systems. Help out those red companies.

Just kidding. Or am I? :evilgrin:

I am surely not the only MAC user that has just started receiving more spam from software vendors selling Virus Protection for MACS, in the last few months. I can't remember who it is that is sending it out but the Email is all about creating fear and panic. I doubt that very many MAC users are all that susceptible, seduceable or ingenuous

I have never had a virus problem on any of the many Apple MAC computers that I have owned over the last 15 years plus.

Now that most of the MACS using OS X, that are using the Internet, are actually communicating with AAPL on a weekly basis, or when needed, patching an OS X weakness can be done world-wide, quickly!

We live in interesting times...

...and NO operating system is entirely immune to trojan horses. Can't be done, unless you don't allow any users to use the computer. With a trojan horse, a user is tricked into the executable using social engineering. It's analagous to 'phishing'. If you don't tell Safari to automatically run any executables you download (a dubious idea at best), you're immune to it unless you double-click on it yourself ("Click here to infect your Macintosh"...).

That's an entirely different prospect than a document file carrying a self-replicating bit of code that spreads to all of your other document files or a worm that breaks in over the network. In addition, unless a trojan horse can trick the user into entering the administration password, only that particular user's account can be affected, for the most part.

"With a trojan horse, a user is tricked into the executable using social engineering." - Like me. :D Actually, it was given to me by a friend who said it was a "game," so I wasn't fooled by some sort of elaborate propaganda. But your statement is spot on. I've had to rescue my elderly father from bad clicks while surfing the Internet.

I came across a trojan horse a long long time ago, in a faraway galaxy called Macintosh Classic II w/OS 7. :)

It unmounted my hard drive. I recovered from it and chalked it down to 'lessoned learned'.

As for Apple OS today, UNIX/Darwin, X11, I'm very happy with it. I love going from a Mac GUI to a terminal to compiling open-source software. :)

What is the difference between this method, an apparently compressed image file, and a document file? There is NO difference. You still have to open the document. So you description is false.

The fact is a trojan is malicous software that does not self-replicate. A virus or worm DOES self replicate, as does this and a few other OSX viruses.

From what Ive read on this thread, the typical Mac anti-virus strategy is to deny the virus is a virus! That is really gonna help when the big one comes :)

Which is sad, really.

it is you that is totally ignorant of the facts. I've listed BY NAME the various known OSX viruses, and included descriptions of how they work, with links to the security sites that describe them. You on the other hand have made an assertion, with no supporting evidence nor links to related information.

Find a link to an authoritative source that backs up your assertion and I might be tempted to modify my view. Until then I will just have to assume that your faith-based approach to anti-virus is going to result in a very bad headache for you sometime in the possibly near future.

and over 40 known viruses that targetted previous Mac OSes.

You know what is going to be really funny? When the big one finally hits, 99% of Mac users are going to be completely devestated because they think it can't happen to them.

Not ONE targets Mac OSX. Even this one is not properly a virus because you have to choose to run it. It is a trojan horse and does not spread by infecting applications that travel to other machines.

All of the others applied to ancient (really ancient) versions of the Mac OS "Classic", and exploited holes long since closed. And even when they were current there was a free antivirus tool that avoided all of them.

Also, all members of Apple's .Mac service get Virex 7 for free, so there is a large installed base of antivirus software, even though that software has little or nothing to do other than disinfect windows viruses that come into the mac in email attachments (and of course are harmless to the mac.)

The only real danger comes from Microsoft Word and Microsoft Excel word macro viruses. Easily avoided, though.

You dont even KNOW what viruses there are for OSX, and yet you claim certainty that Mac will never be affected. Total head in the sand attitude.

For example:

"OSX/Leap-A is programmed to use the iChat instant messaging system to spread itself to other users. As such, it is comparable to an email or instant messaging worm on the Windows platform. Worms are a sub category of the group of malware known as viruses.

Therefore, it is correct to call OSX/Leap-A a virus or a worm. It is not correct to call OSX/Leap-A a Trojan horse."
http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html

Here is an example of an OSX trojan that does not self-replicate:

"Mac/Cowhand-A is a proxy Trojan for the Mac OS X platform.

The Trojan may copy itself to the user's Preferences folder. In order to run itself on startup, the Trojan may add itself to the user's Startup Items."
http://www.sophos.com/virusinfo/analyses/maccowhanda.html

Here is another OSX Virus/worm:

OSX/Inqtana-B is a worm for Mac OS X.

The worm spreads by copying itself to other computers via a bluetooth connection.
http://www.sophos.com/virusinfo/analyses/osxinqtanab.html

A worm is a subset of viruses, a trojan is a malicious program that does not self replicate. A trojan needs human intervention to SPREAD, while a worm/virus does not. How they are executed is NOT part of the definition. The vast majority of windows viruses also need to be run by the user in order to affect the system.

But don't worry, if you insist on a definition that includes no user intervention in order to infect the computer, then OSX also has the Opener virus that self installs and executes when the user visits a web page.

Like I said, the attitude of people like you is what is going to be the cause of the first MAJOR OSX virus infection - you don't believe it is possible so when it happens you won't be prepared.

Seems you are trying to steer many people away from Macs... what gives?

Rationality does not enter into it for them.

It's a tool, not a national flag. I'm saving for the Quad Processor.... I need a "render engine" and the Quad looks to be that very engine I need.

Too bad you fail to see that it is YOU that is operating on faith and refusing to see truth when it is placed right in front of your eyes.

With extensive experience in both Windows and Mac OS.

I know the insides of both better than you do.

I do not act on faith.

"I slept with Faith, and found a corpse in my arms on
awaking; I drank and danced all night with Doubt,
and found her a virgin in the morning."

The number one way to get yourself in trouble "I know more than you do!" For a start you have no idea who I am or what I know, so that assumption of yours is both ARROGANT, and likely to cause embarrasement.

First of all, I have listed the several known OSX virues by NAME. You seem to think there is NO OSX virus, let alone several. Straight away you lose. I have linked to the computer security sites that describe them. I have shown why your assertion that they are not viruses is wrong. In fact I have blown away every one of your arguments.

And I have not had to resort to childish "I know more than you do!" arguments.

"I do not act on faith."

You must do, simply because you deny the existence of something that is proven to exist, then rely on that mistaken belief of absence to assure youtself that you are safe. Sorry my friend, but there is no better word to describe that attitude than faith.

Do you work for Apple or what?

All I am doing is letting arrogant Mac users know they are NOT immune, and sooner or later they WILL be the victim of a major viral attack. When they are, they better be prepared, but the attitude of some on this thread lets me know they won't be.

to make such an insult. Stop disrupting the thread. It's obvious...

their comments on this very thread prove my assertion. For example:

"There is virtually no risk in using a Mac. And never will be."

"Bring 'em on!" (in response to a claim that the above assertion was nothing more than a challenge to virus makers and hackers)

"Not ONE targets Mac OSX." (A claim that not one virus targets OSX - even though I have listed by name SEVERAL)

"I know the insides of both better than you do." (A claim that the poster somehow knows who I am and what I know, and that he therefore knows more than me, even though he has not provided any evidence for his claims, while I have documented my claims with links to the computer security sites that support them)

If that is not arrogance, what is? And that is just one poster. I'm sure If I could be bothered to take the time, I could find more examples from other posters on this thread - perhaps even you.

Nobody gives a shit how you feel about Macs and what stereotypes you have for those who use Macs. Get over yourself.... it's a computer some really like and know is reliable in comparison to PC's. For some reason, you seem to dodge that debate, and instead resort to personal attacks... so here is my insult back to you.... jealous dweeb.

I have not dodged the debate! The thread was about an OSX virsu being called the FIRST. I proved that not only is it NOT "the first", its not even "the only". I documented my claims. I linked to sites with more information.

What have YOU claimed? It seems to me that YOU are the one dodging the debate. This was not a thread about Mac being better or worse. In fact I made no such claim in either direction. Like I just said, I simply pointed out that there are several OSX viruses. It was a few Mac users (such as yourself) who reacted with unfounded vitriol to my claims, without even trying to argue them on their merits.

Why dont you go and look up those sites I listed and tell me why those computer security sites that list several OSX viruses are wrong? Or do you prefer to argue from a lack of knowledge?

In fact, for all you know I am a Mac user. So your argument is totally stupid. And arrogant.

is like a GM car. Windows is always broken. Macs mostly delite.

I have used Windows and MSDOS before it for longer than that, and I have been on the internet for over ten years, and I have NEVER caught a single virus. Not once. I guess you just have to know what you are doing...

But have used and still do windows (on server class machines), worked with macs off and on over the years and liked them as well, linux variants on several x86 systems, and of course Solaris on sparc machines (have not tried the x86 version).

I think most hackers and coders have focused on windows and unix systems in general because that is where the most fun data exists - ie banks, government, stores, etc and so on use those OS'es in their data centers. And the laptops most use at work (or desktops) are a flavor of windows.

The macs I have worked around were primarily in newspaper settings and previously some government installations (which were converting to pc/windows which I was helping to install). The ones at the papers had some serious issues over time with locking up, choking on large print ads, etc - but they would have with windows as well most likely.

Each person has their own needs so it is good we have a choice in systems. I like em all, but then I like computers in general.

> Personally, I like Sun Solaris 10 better than
> either of em :)

Spend more time in the Mac terminal and less in the GUI. ;-)
Well, you'll have to accommodate the BSD (versus SVR4)
differences, and I still get tripped up by the fact
that it's vim and not vi (so I'm always surprised
when an arrow key doesn't take me out of insert mode),
but I think you'll find it a lot of fun.

(Just FYI: What little experience I have with Sol 'X86
was very positive too. Well, unless your codes are very
endian-sensitive.)

Tesha

It feels like a very hemmed-in UNIX to me. I've been Linux-exclusive for the last 5 years, and when I use the Macs at the office it's nice to have some of the same utilities, but there's always the knowledge at the back of my head that Apple controls the system with an iron fist. Under Linux I can change damn near anything, and my distro has online repositories with more than 16,000 free software packages I can install with a single click or command--something Win and OSX will never be able to touch. OSX only lets you change the most trivial elements of the system and interface, and I was shocked to find how many utilities (like a decent graphical FTP client) are only available for pay in Macworld. Not to mention that you have to pay through the nose to update the OS and access services that Linux users can get absolutely free. Add to that the fact that my computer costs half as much as a Mac with the same specs, and I don't see why someone computer literate enough to run Linux (which is getting easier every day) would want to bother with one, unless you can't live without Final Cut Pro.

Redstone

The idea that good engineering can keep a computer from getting infected is absurd. Even SELinux can get a virus if the user executes it and gives the root password. Whatever the dominant computer platform is, there will always be users ignorant enough to download and install programs attached to emails saying things like "Check out this cool screensaver!" Windows attracts more attention because it's installed on such an overwhelming majority of machines, and because MS made some really dumbass mistakes that allowed it to execute arbitrary code sent over the net, though most of those have been patched by now. Macs might attract more attention in years to come, though, because most Macs are home computers with credit card info stored on them, while a large portion of Windows machines are office computers with no valuable data. Mac users' general ignorance of computer security also makes them a tempting target.

> No computer is immune to viruses.

Have you ever used a computer that is running
military-class non-discretionary security?
You'd have a hard time infecting one of those
(or even causing one to be infected by playing
"dumb user").

Some machines are far more secure than others
and, yes, it's mostly a matter of how much care
went into architecting, designing, and implementing
the system.

Windows, above the NT kernel, is slap-dash
Swiss cheese at best, and many of the holes were
deliberately placed there in the interest of
provding compatibility for archaic programs.

The MacOS, like most Unixes, is far better.

But there are many systems that are even better
still. VMS, MVS, and systems based on compart-
mentalized hypervisors come to mind.

Tesha

waaaaaaaaaaaa

pointing out how virus suseptible Winbloze is.

These "some people" must be heavy MS investors...