Mac Forums

Mac Forums (http://www.mac-forums.com/forums/)
-   OS X - Operating System (http://www.mac-forums.com/forums/os-x-operating-system/)
-   -   The Possibility Of Mac Viruses (http://www.mac-forums.com/forums/os-x-operating-system/121481-possibility-mac-viruses.html)

ojdude 08-28-2008 09:42 AM

The Possibility Of Mac Viruses
 
With Macs getting ever more popular and the OS getting more advanced and widespread.. Is it only a matter of time before Viruses on a mac start becoming a problem?

I, like many of you reading this, really enjoy the fact that my Mac has been running smoothly and problem free since day one - which is alot more than I can say about my experiences with PC's. Not that PC's are inferior machines, let's not get into that debate!

But as my girlfriend's PC is currently yet again bugged with spyware and a new virus it leads me to think that will it always be this way - that macs will be free of these troubles?

I've heard that there's been a virus written for mac, but one virus is easy to stomp out - will there be more, possibly many more on horizon?

Sherman Homan 08-28-2008 09:55 AM

I think I disagree that market share has anything to do with virus writers. The first hacker who writes a successful OS X virus would get enormous street cred. And that has been true for the last several years since the introduction of OS X.
That said, the true definition of a virus is something that can install itself without your admin authorization. That porno DNS redirect worked because the admin user gives it permission to install itself. There will never be protection against user error!
Ultimately, though, your fears are well founded. This month we saw the Flash vulnerability and even though it is stupid, it clearly does something to the OS that you the user did not allow.
http://news.cnet.com/Multiplying-Mac...3-6217540.html
http://blogs.zdnet.com/security/?p=1733

cwa107 08-28-2008 10:01 AM

This is a pretty frequent question around here. I think this thread says it best (it gets a little more in depth after page 2)...

http://www.mac-forums.com/forums/sho...d.php?t=120723

At this point, it's been pretty well established that "security through obscurity" is mostly a myth.

y0itsj0hn 09-22-2008 05:44 PM

on the topic of malware.. starting a week or two ago, any video i try to view within firefox (on quicktime) is very choppy, doesn't stream smoothly and the audio is off..


if i try and view the same video on safari, which i haven't used in months until i noticed this problem, the video streams fine once it is completely loaded, although takes significantly longer to load..

i'm talking about short clips of only a few minutes or so taking like a full minute to load, on my 2.16ghz intel with 2gb ram and plenty of free HDD space..

what can this be?!?!

(i don't really know how to start diagnosing the problem at all, but i did try the old uninstall/reinstall process.. no luck..)

BlueMac 09-22-2008 07:46 PM

Quote:

Originally Posted by Sherman Homan (Post 717362)
I think I disagree that market share has anything to do with virus writers. The first hacker who writes a successful OS X virus would get enormous street cred.

I disagree with your conclusion that market share doesn't affect virus writers. As it [mac] becomes more and popular with people for being virus free, hackers and virus writers will become aware that they need to start writing viruses for mac. Of course, there have been small 'viruses' before, that I consider pranks. I remember reading in MacWorld about a few early viruses for mac, and it was mentioning about inserting floppy disks into the older machines and causing viruses. Which would be a great idea for current hackers. Pop a disk into 50 machines, save the file, open it. Bam, there goes that machine. Put your file up on a torrent site, like mininova, and 500 people download thinking it's, say, Adobe Photoshop CS3, and their machines are infected. I don't think viruses for mac are too far in the future. Everyone, buy Norton Utilities! ;)

BlueMac 09-22-2008 07:48 PM

Quote:

Originally Posted by y0itsj0hn (Post 730103)
on the topic of malware.. starting a week or two ago, any video i try to view within firefox (on quicktime) is very choppy, doesn't stream smoothly and the audio is off..


if i try and view the same video on safari, which i haven't used in months until i noticed this problem, the video streams fine once it is completely loaded, although takes significantly longer to load..

i'm talking about short clips of only a few minutes or so taking like a full minute to load, on my 2.16ghz intel with 2gb ram and plenty of free HDD space..

what can this be?!?!

(i don't really know how to start diagnosing the problem at all, but i did try the old uninstall/reinstall process.. no luck..)



Not sure what it is- Firefox and Safari are two completely different browsers, and I think you would be better off starting a thread about your problem at hand here, it'll get more attention.

macgig 09-22-2008 08:01 PM

norton utilities? I use to love that app years ago. but over the years it went downhill... most mac users avoid anything norton last I heard :)

I still think (hope?) that because of the macs low market share, virus writers will stick with windows mostly. Lets face it, windows has more holes in it anyway imho.

Not to say that OSX is flawless, but compared to windows, it's close.

cwa107 09-22-2008 08:28 PM

Quote:

Originally Posted by BlueMac (Post 730151)
I disagree with your conclusion that market share doesn't affect virus writers. As it [mac] becomes more and popular with people for being virus free, hackers and virus writers will become aware that they need to start writing viruses for mac. Of course, there have been small 'viruses' before, that I consider pranks. I remember reading in MacWorld about a few early viruses for mac, and it was mentioning about inserting floppy disks into the older machines and causing viruses. Which would be a great idea for current hackers. Pop a disk into 50 machines, save the file, open it. Bam, there goes that machine. Put your file up on a torrent site, like mininova, and 500 people download thinking it's, say, Adobe Photoshop CS3, and their machines are infected. I don't think viruses for mac are too far in the future. Everyone, buy Norton Utilities! ;)

One of the commenters out on Digg.com left this comment on a story that claimed that since Apple's market share has increased, Mac OS will now be more likely to have viruses. I think he/she said it pretty well, so I'll just quote him here:

Quote:

Originally Posted by lead2thehead
I was at DefCon this weekend and there were actually several talks about OS X vulnerabilities. And yes, they are real threats, but media tends to exaggerate them because:

1) Reporters are not engineers and thus, do not fully understand the problem.
2) Their articles get more circulation if they over-hype the problem.

Nobody is saying that OS X is malware-proof. But OSX, BSD, Linux and Unix all have inherent design features which make them more secure than Windows. The biggest and most important is a concept called Discretionary Access Control. Allow me to explain...

Alll *nix-based systems have a user called "root". This is a super user that can control the entire computer. In order to install software, you must first become root. In order to read or change configuration files, you must become root. If you want to modify an executable, add a shared library, modify a device driver, or change anything meaningful, you must first become root. This makes it next to impossible for a regular user to unwittingly install a virus or any piece of malware on his computer because, in order to do so, he would need root permission. This is called "Discretionary Access Control", or DAC for short.

Most Windows users will tell you that this is akin to the "Administrator" account on your PC, but that is not exactly the case. Microsoft has attempted to emulate this technique many times, but always fails miserably in its implementation. On a typical Windows PC, THE DEFAULT USER ACCOUNT has Administrator access! This makes it very easy for users to unwittingly install all kinds of malware on their computer without realizing it. Think about that for a second... why would you ever need to run a word processor or a web browser as a super user? That would mean that Internet Explorer, for example, would have permission to write to your system32 directory! Why would IE ever need to do that? And what person in their right mind would ever allow it to? It's a virus writer's dream come true.

Now let's talk about software vulnerabilities. Try to stay with me here, because this gets complicated. The vast majority of software vulnerabilities (greater than 90%) involve buffer overflow attacks. This is an attack, where by a malicious user takes control of a running program and shoe-horns its own malicious code onto the instruction stack. When this happens, the malicious instructions have the same permissions as the program it just took over. And what permissions would those be?... it depends on which user is executing the program. When you run everything as Administrator, as is the default behavior in Windows, EVERY vulnerability becomes a critical vulnerability and EVERY piece of malware can run as a super user.

Let's back up... I'm sure that by now, the Microsoft crowd is saying "Wait a second! You don't have to run everything as Administrator! You can create regular user accounts and restrict their permissions too." And they would be correct. I have never met anyone who does this on their home PC, but the option is certainly there. But even if you do that, you're still screwed because EVERY SINGLE BACKGROUND SERVICE runs as Administrator. Oh, you forgot about the background services, didn't you? Don't feel bad... Microsoft forgot about them too. Right click on "My Computer", select "Manage", and click "Services" if you want to see I'm talking about. There you can see nearly a hundred services, all running as Administrator! Break any one of them and you have Administrator access to the entire computer. Nice, huh?

But wait, you say, doesn't Mac OS have that same problem? Of course not. Only an idiot would run everything as super user. Mac OS comes from the factory with FORTY different user accounts, one for every background service that it runs. (Most flavors of Linux do this as well.) So if you happen to exploit one of them, you can only do what that small, very restricted user account can do... and it isn't much. In fact, when you buy a computer from Apple, they don't even give you the root password! You only have access to your user account... your own little world. And if you mess it up, you're not going to take down the entire computer. You'll only screw up your own account because you don't have the required permissions to screw up the rest of the OS. So the underlying architecture of Mac OS is inherently more secure.

Keep in mind that this *DARN*-poor excuse for a DAC is one of a thousand flaws with Windows. I could go on for days about the absolutely retarded design decisions made by Microsoft. Remember the outbreak of email viruses about 5 years ago? Know why those were such a big problem? Because some genius at Microsoft said, "Hey! Let's invent a scripting language that allows user to embed executable code into email messages and then execute that code automatically when you open the message!" Brilliant, huh? It's like they put that hole there on purpose so that every script kiddie with a copy of Microsoft Word could write CRIPPLING email viruses that took down servers and cost billions of dollars to fix.

The issue is much more fundamental than people think. People who use the "security through obscurity" line clearly do not comprehend the issue.

Link to the story he/she was commenting on.

y0itsj0hn 09-22-2008 08:58 PM

Quote:

Originally Posted by BlueMac (Post 730153)
Not sure what it is- Firefox and Safari are two completely different browsers, and I think you would be better off starting a thread about your problem at hand here, it'll get more attention.

will do

Robert 09-26-2008 06:30 PM

Hi there,
I have an G3 ibook with Osx 10.4. I also just upgraded to a Power Book G4. I do not have the Install CDs for the Ibook and I cannot for the life of me remember the username and password for the ibook. I do however have the 2 install CD's for the G4 Powerbook. Can I install the G4 disks on the G3 ibook? Please let me know if this is possible? Sincerely, Robert


All times are GMT -4. The time now is 06:22 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.