News, Reviews and more from Australia's Macintosh Authority
News, Reviews and more from Australia's Macintosh Authority
ADVERTISEMENT
People who live in areas of great geographic instability — I'm thinking here of the San Andreas fault, or the guy whose job it is to sweep Krakatau clean — live in a certain amount of trepidation, never quite sure when the next big earthquake will hit. Earthquakes are big, nasty events that change the landscape for the worst, and all too often, irrevocably.
The reason why I'm pontificating on earthquakes? I reckon the Mac world isn't just due, but quite possibly overdue, for a major shakeup.
I was recently at the launch of this year's revision of a well-known anti-virus vendor's products in Sydney, when the usual alarming statistics for Windows users were trotted out . So it is claimed, around 15 percent of the Australian Windows population don't run any kind of security package at all. Now, you may well be thinking that the lack of viruses is exactly why people should switch to Macs — right?
Dead wrong.
As anyone who's read this month's Australian Macworld will now know, many moons ago I worked as a lowly tech support grunt for a now defunct major IT vendor. Back then, viruses were simple things — if you got a customer call with a virus, then you'd rebuild the system, and as long as they'd steered clear of some of the really nasty BIOS viruses, then they'd have a refreshed system. And all it would cost them would be their data. Not a mistake that many people make more than once, as it's a rather painful learning curve.
The problem is, those days are long behind us. Malware today isn't about destruction, or mindless genital waving from fourteen year olds. Malware today is about money and information, and ideally, Malware authors (and those who benefit from having Malware on your system) don't want you to know they're ever there. As such, they'd be very happy with the behaviour of a large group of computer users who don't run security software. Does that sound much like a fair proportion of the Mac community to you?
The second problem is that the vectors for attacks are, by and large, no longer the operating system per se. Sure, it helps if you have a security model that can also be used for straining pasta if the bad guys want in, but these days the attacks are just as likely to come from applications. Like e-mail. Or browsers. Ever used one of those?
Even now, you may be thinking that I've just drunk a little too much of the security industry Kool-Aid, and your beloved Mac is still safe. But that's where the Big One rears its ugly head. OS X is a superior operating system in a whole bunch of ways, but at the end of the day, it's still several billion lines of code, written by people. People have an almost infinite capacity to make mistakes. It's called being human. Just because there’s a vulnerability that hasn’t been made public doesn’t make it any less of a vulnerability.
Given the general perception that Macs are “safer”, all it might take would be a single “good” (as in “exploitable”) security flaw, and a Malware exploit could rip its way through the OS X systems of the world at a frighteningly rapid pace. It's how the worms of six to eight years ago propagated so very quickly in the Windows world, and with the growing popularity of the Mac platform, I suspect it's just a matter of when — not if.
That statistic of 15 percent of Windows users having completely vulnerable systems is also a worry for any Mac user. Not because it’d be fair to point and laugh, but simply because if a vulnerability exists in a cross-platform application (Firefox would be a good example, but then, so would Safari these days), the infected and unprotected Windows systems of today can and will be hitting Mac systems simultaneously. By all means laud OS X where it can be lauded, but it would also be a good idea to nudge any Windows users you know and check that their security is up to date. It is, in effect, your security they’re risking too.
Of course, there are things that every Mac user can do to lessen the blow. AV packages are a decent start, although realistically viruses aren’t really the problem any more. It’s arguably more vital to stay on top of system updates — and thankfully, on a Mac that’s a very painless prospect. Ever noticed how, just underneath the details of how the latest iTunes update “adds Apple TV 2.0 functionality”, there’ll be a line about security improvements? That’s not there for the fun of it — Apple is just as aware as the hackers that today’s security battlefront is as much a function of applications as it is operating systems.
wrote on March 6, 2008 11:35 PM
I do not agree with this article at all. In fact i think it's a little bit of scaremongering! Where is your proof? where is your cold hard facts. Well done on getting my blood boiled.
wrote on March 7, 2008 9:14 AM
To be honest, I'm glad you consider it scary, at least -- it's something that everyone should be concerned about. Sure, I don't write Malware myself, but the prevailing trend of the past five years -- which is what I've alluded to in the article -- has been for financially-motivated malware that uses a blended threat (if I can't get in from the OS, use the browser, once identified, for example) to sneak into user systems for whatever purpose. There have been proof of concept Mac viruses, and the point of the article is (or attempts to be) that the rising popularity of the platform is only more likely to attract the bad sort of people, no matter how secure we might think the OS is right now. Security through obscurity does obscure the holes that are there; it doesn't stop them being holes. By no means put on the tinfoil hat and load the shotgun next to your Mac up with buckshot, but at the same time, complacency online, no matter what your operating system is, is a dangerous thing.
The protection of children on the internet has been a regular feature in many media for some time now and it’s been capped off recently with the Federal government offer of an internet filter for free (for three years) to every Australian family.
Martin Levins | Dec 10, 2007
Listen — do you hear that? That distant pounding, gradually building and becoming more insistent? That is the sound of a thousand terrible things headed this way. Are you scared yet? You shouldn't be. Yet. But you should at the very least understand that the days of not having to worry about problems like security and viruses and Windowsy stuff like that just because you're on a Mac are soon to be over, if they aren't already. This is far from being an entirely bad thing. For one thing, every user of the internet with an awareness of -- and tools to combat -- malicious software is one less point of weakness for the bad guys to target.
Matthew JC. Powell | Feb 15, 2008
The transition from .Mac to MobileMe could have gone a little smoother. OK, a lot smoother. Let's face it, it was a debacle. When a company like Apple — notoriously reluctant to admit anything is wrong — is forced into two apologies in a week, something is definitely up. What's more, the time may well be ripe for a third. Apple has apparently decided the right way to win friends and influence people is to install software they don't want on their machines — software that advertises MobileMe.
Matthew JC. Powell | Jul 23, 2008
