The Inevitability of a Mac Virus
Mac users often gloat about how they’ve never gotten a virus (I’m certainly known to do so myself), but it really only seems like a matter of time before mac users get a taste of this deviousness. Mac OS X is very secure, especially with it’s firewall turned on, and Apple seems to be using their software update functionality aggressively to keep newly discovered vulnerabilities patched up as soon as possible, but the Mac will always have one soft spot ready to be exploited: the user at the keyboard.
Social viruses are usually distributed via email disguised as image attachments. Anyone who has laughed at a friend for their gullibility in thinking they were getting a nude picture of some tennis star and instead gets their address book spammed knows exactly what I’m talking about. Those who are among the tricked are loathe to admit it. Windows users have learned to scrutinize the attachments they receive, but Mac users are lax when it comes to this duty and with good reason: they’ve never had a problem. How long though until you receive an email with what looks like an image attachment labeled “Hot iPod on iMac Action” and you open it without a second thought.
A Mac virus breakout probably wouldn’t get very far in today’s computing environment. If a virus infected my powerbook and sent itself to everyone in my address book, only a small percentage of those people would be running macs. The virus would be dead on the Windows machines it arrived on and only a certain percentage of my Mac using friends would be foolish enough to click on it. But it would spread and some of us would get hit and would be more wary from that point on, perhaps even buying and running anti-virus software. As Apple’s user-base expands, the potential becomes even greater.
The real loss at the end of the day, at least for those of us who do regular backups, is that we’d no longer be able to brag that our Macs never got a virus.
Permanent Link
I have this “conversation” with friends frequently. Personally, I don’t think there will ever be an “effective” Mac virus, and I don’t think that the proficient virus writers will ever waste their time with the Mac world. As you alluded to in your comments, you need a large user base for a virus to be effective. Well, how many people would you say constitutes a large enough user base? Better yet, what percentage of the PC world would you say that Apple needed to command in order for a virus to be effective? My answer is that it doesn’t matter, because Apple will never command that large of a user base. Even if they grabbed 10% of the worlds computers, would a script kiddie even bother? I doubt it, and I doubt that Apple will ever get that much of a market share (although I would be thrilled if they did). So I’m not worried about viruses for the Mac- at all!
Add to that the inherent security advantage that Mac’s have over the Windows world and you’ve got yourself a pretty secure system.
what you are describing is a trojan horse, (an attachment that is not what it seems), rather than a virus. to go further in the analogy, if the attachment (trojan horse) were also a virus (something that reproduces itself), it would not be able to propagate on it’s own, robbing it of it’s virus status, because it would need permission to run, or install at a level that would have access to the internet, and no one downloading a picture is going to give the “picture” permission to install a program at a level that needs a password, (which implies it can get to the internet)….
so only people who email it will make their friends vulnerable, (which again, is a trojan, not a virus).
not too many people run at root level… so any “attachment” would be a dud.. and why Apple still has had no successful viruses…
not because of only having 5% market share, but because it would be nearly impossible to get a virus to propagate, even if Apple had 90% marketshare…
the only reason MSFT products are so vulnerable, is because their employees are stupid enough to ship products without firewalls, and without firewalls turned on….
pure and simple stupidity….
jon.
FYI Market share and installed base are not the same thing. Macintosh has an installed base of anywhere between 12% to 17% of PCs worldwide. Market share is how much was spend, in dollars, buying PCs. Windoze is of course more because of their shorter life span.
Virus is the general term that people understand, so I just went with virus. You’re right though. My bad.
Your “social virus” analogy is innaccurate and misleading.
Windows users don’t get hit with a Permissions logon that requires a password when they click on that ‘Anna Kournawhoever’ email attachment executable. Such trojan horses just run on Windows.
On the other hand, Mac OS X users must key in a password that allows a level of access that would allow an executable to run.
Big difference.
And quite possibly enough of a difference to quell any meaningful virus propagation on computers running Mac OS X.
Congratulations for joining those who cast F.U.D. on the Mac platform.
Lefty clear
Ranger Lefty,
From what I’ve seen, current installs of Windows XP actually pop up a warning dialog when opening certain files in local email or over the Internet. Not quite the same as entering a password, but a cautionary step regardless.
I agree that a password prompt will halt a certain number of infections, but certainly not all. I’ve seen the more novice end of users react to a password dialog by simply typing in their password with no curiosity as to why they’re being asked.
Lastly, I’m absolutely not trying to spread FUD as I stated that I didn’t think a mac virus would get very far and the only real casualty would be public bragging rights. The Mac is extraordinarily secure, as I stated, and I wouldn’t recommend anything else for a personal computer.
“The virus would be dead on the Windows machines it arrived on..”
Not necessarily true. Cross-platform viruses exist!
http://vil.nai.com/vil/content/v_99060.htm
This one appears to be GPL, too. Go figure.
On the same note I have a question specific to Mac. I am pretty sure all PC users are aware of the insidiousness that is spyware and adware. Has there been any difficulty with SPY WARE or AD WARE on OS-X or previous Mac environments?
Robert,
No difficulty of note. Mac OS is dramatically more secure, a benefit of it’s BSD underpinnings and Mac specific viruses would have some difficulty becoming widespread thanks to it’s smaller installed base.