New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Schweb's Lounge Forum for general conversation, chit chat, or most topics that don't fit in another forum.

Malicious code .... how much of a risk taker are you ?


Post Reply New Thread Subscribe

 
Thread Tools
McBie

 
McBie's Avatar
 
Member Since: Apr 26, 2008
Location: Belgium
Posts: 2,290
McBie is a name known to allMcBie is a name known to allMcBie is a name known to allMcBie is a name known to allMcBie is a name known to allMcBie is a name known to allMcBie is a name known to all
Mac Specs: 2013 MBA 13" - 10.9.3 & iPad - iOS 5.1

McBie is offline
Over the last couple of weeks there have been a couple of posts on antivirus for OS X and the conversations almost always ended up with " you are either for AV or against AV " on your Mac.
But I felt something was missing from the conversations.

In this thought-provoking post I would like to approach the issue of " malicious code " ( Not just virusses ) from another angle, ..... Risk Management.

Every OS and application has vulnerabilities ( flaws in the code ) that can be exploited by threats, threats that are present 24x7.
And it doesn't matter if you use your computer for school, in a business context, or as a pass-time on the internet.

What is the likelihood of a Mac OS vulnerability being exploited by a threat ?
You are right in saying that the number of remote threats for OS X is lower compared to other OS's, but they do exist.
Without proper protection, you need to be lucky all the time and the bad guys need to be lucky only once.
In other words, you need to close all identified vulnerabilities while they need to exploit only one.
For the sake of clarity, I will not talk about exploiting vulnerabilities when you can lay your hands on the keyboard.

Things that did ( not ) happen in the past, are no indication for the future. If you have been using computers
for some time and never experienced any impact from malicious code, was that because you were protected or have you just been lucky ?

Protection is a combination of human behavior and technical controls like AV, Firewalls, Patch Management, ... where the golden rule is
that " it is more about people and their behavior than it is about machines and their settiings ".

Consider this ...
1) What is the value that you are trying to protect ?
This is not only the economic value of your computer, but more the information stored on it.
If your Mac is a component in a revenue generating process, what would be the impact if you would be
without your Mac for the duration of the repair ( ie. get the malicious code removed )
If you use your Mac at school/university to deliver projects, then consider that part of your ( future )
revenue generation.

2) Do you need to run your Mac with admin privileges ?
Privately owned computers are frequently run with admin privileges because it is convenient, not because you have to.
Admin equals power .... right

3) If your Mac were compromised ... how would you know ?
Most of the malicious behavior is not visible on the screen ...
If you do not actively search for malicious code on your computer how can you contain & limit the damage.
What if you do not detect malicious code and you are happily making ( infected ) backups.

4) If your Mac were compromised, and used as an in-between to cause harm to other computers, do you care ?
Even if the malicious code can not harm your Mac, would you pass on malicious code to your friends ... would you ?
In some countries, there is a legal obligation of " Due Care ", even on the usage of the Internet.

5) If you were to loose all your data, or your data got modified and became unusable, .... can you recover ?
Do you have reliable & clean backups on external media that allow you to recover, even more important,
can you restore your Mac OS to a clean state.

6) What is the definition of a " trusted web site " on the internet ?
Let me put this in another way ..... When you connect online to your bank, the bank will identify you
using 2 factor authentication ( something you have and something you know )
So the bank will know who you are, but how do you know you are talking to your bank before you
type in your credentials

7) What is your human behavior on the internet and on data/application exchange in general ?
On the internet, if something looks to good to be true, it probably is.

If you looked at all this and decided to " not give a sh*t ", then that is perfectly fine,
but people who do not assess risks to their computers are bound to get in trouble. It is not a matter of " If " it is a matter of " when ".

If you do care, then consider the following:
a) Assess your level of risk
In other words, how much time and money are you willing to invest to get back up and running in a clean state.
Also known as " The Pain Threshold "

b) Decide how you want to respond to those risks knowing there is no " one size fits all " approach.
Accepting risks is fine as long as you understand and accept the impact as well.

c) Decide on how to prevent / reduce the potential impact
This has to be appropriate to the level of risk you accepted in point a.

It is always great to see how a headline in the news focusses the mind .... do you want to be ( part of ) that headline ?
So far, inteligence shows that the number of threats to a Mac is low, but what if it does happen to you.
Are you going to be surprised and say " I thought this could never happen " or did you consider the risks upfront and got prepared.

This is what I do on my Mac technically :
- Have reliable external backups of both the OS and data, that I can restore quickly ( Time Machine & SuperDuper )
- Keep up to speed with internet based threats, there are some great intelligence web-sites out there
- I run AV occasionaly ( not permanently ) and before I take a full backup of my HD using SuperDuper
- Mac OS firewall is switched on
- I run OS X without admin privileges for my day to day work.
- When there are updates for the OS and the applications, I apply them weekly, after taking a full backup
- I use standard OS X functionality to the fullest and only download applications when I can increase my efficiency in doing my job.
Oh, and I do trust applications for which I need to pay better that the free stuff....

Let me end by quoting someone
"In any business, there is always a balance between competitiveness and the level of risk. Problem is that cybercrime does not follow the same rules. "

Before you hit the " reply " button, take a step back and think about all this for 5 minutes.
This is not rocket science, it's common sense.

It is not my intention to scare anyone and by all means DO ENJOY your Mac, because she is worth every penny.
( I switched last April 2008 )

Human behavior, that is what makes the difference, not only in the land of computers.

Cheers ... McBie

P.S. Happy to answer any E-mail on the subject as well.

A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
The problem is not the problem. The problem is your attitude towards the problem. You understand ?
QUOTE Thanks
xj6jaguar1985

 
xj6jaguar1985's Avatar
 
Member Since: Jul 06, 2008
Location: In a van down the river.
Posts: 661
xj6jaguar1985 has a spectacular aura about
Mac Specs: 933 Mhz Powermac Quicksilver,1.5GB RAM, OSX 10.5, Tangerine 300MHz Clamshell, OS 9.2

xj6jaguar1985 is offline
That's why my IP address is 000.0.000

Yes my name is Jaguar.
No, it is not a joke.
I don't find your "I'm a cheetah." joke funny.
QUOTE Thanks
Aptmunich

 
Aptmunich's Avatar
 
Member Since: Mar 09, 2004
Location: Munich
Posts: 9,075
Aptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant futureAptmunich has a brilliant future
Mac Specs: Aluminium Macbook 2.4 Ghz 4GB RAM, SSD 24" Samsung Display, iPhone 4, iPad 2

Aptmunich is offline
My problem with Anti-virus on the Mac is that I know none of the currently available apps would actually protect me from anything.

Whenever a virus does pop up, it's usually sensational news and covered everywhere, so it's not really a threat. But the anti-virus software manufacturers don't know about these things in advance either, so what's the point of running their software?

It's different in the windows world where there a millions of viruses and malicious apps - the likelihood of accidently installing something malicious is so much higher that it's a good idea to protect your PC.

Case in point: We had someone post a malicious app disguised as an camera app here recently. The only way you could tell it was malicious was by looking inside the package file. There's no way anti virus software would have caught that, but it looked sketchy enough to me that I checked it out first.

Taking basic security precautions (firewall, paying attention to what you download etc) is a very good idea. I'm just not sold on mac anti-virus.
QUOTE Thanks
Derek McNelly

 
Derek McNelly's Avatar
 
Member Since: Feb 04, 2008
Location: Center Line, Michigan
Posts: 1,587
Derek McNelly is just really niceDerek McNelly is just really niceDerek McNelly is just really niceDerek McNelly is just really nice
Mac Specs: MacBook Pro 15" - 2.3 GHz Quad i7- 8GB RAM - 750GB Hybrid HD - OS X 10.8

Derek McNelly is offline
Every "virus" for OS X thus far has required user input to execute (i.e. admin password). In the instances it did get people, it was definitely a pebkad situation.

Am I worried? Not too much. I have offsite backups of all my important data in case of natural disaster, or what have you, I've done that since the days of Windows 2000, and I've never ran an anti-virus on any of my Windows machines, because 90% of infections are common sense failures, not just good haxorz.

MacBook Pro 2.3 GHz Quad i7 - 8GB RAM - 750GB HHD - OS X 10.8
MacBook 2.0 GHz Core 2 Duo - 4 GB RAM - 320 GB HDD - OS X 10.6

MoTM February 2009
QUOTE Thanks
xj6jaguar1985

 
xj6jaguar1985's Avatar
 
Member Since: Jul 06, 2008
Location: In a van down the river.
Posts: 661
xj6jaguar1985 has a spectacular aura about
Mac Specs: 933 Mhz Powermac Quicksilver,1.5GB RAM, OSX 10.5, Tangerine 300MHz Clamshell, OS 9.2

xj6jaguar1985 is offline
Quote:
Originally Posted by Derek McNelly View Post
I've done that since the days of Windows 2000, and I've never ran an anti-virus on any of my Windows machines, because 90% of infections are common sense failures, not just good haxorz.
Oh lawd the days of Windoz 2000.....

Awesome OS but I'm surprised it couldn't get viruses by you sneezing near the computer - That's how vulnerable it is.

After reading this thread, I have the insatiable urge to listen to "Flagpole Sitta" by Harvey Danger.

Yes my name is Jaguar.
No, it is not a joke.
I don't find your "I'm a cheetah." joke funny.
QUOTE Thanks

Post Reply New Thread Subscribe


« New iPhone/iPod Touch Online Ad | What is Santa bringing you? »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Microsoft Office: Mac 2008 - product code Nienke OS X - Apps and Games 2 08-16-2008 02:35 PM
XCode Debugging From Source Code deanrayj OS X - Development and Darwin 0 04-25-2008 09:33 PM
DVD region code contradiction... NanoBite OS X - Operating System 10 11-07-2005 04:38 AM
Ran Apple Hardware test found an error code what is this code/ Mark Eggers Apple Desktops 3 07-02-2004 09:13 PM

All times are GMT -4. The time now is 03:54 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?