New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Switcher Hangout The place for switchers to discuss their new machines, and how to work with OS X. General support can be had here for newbie stuff, like "How do I restart my new iMac?" :)

Viruses ?


Post Reply New Thread Subscribe

 
Thread Tools
discombobulated

 
Member Since: May 24, 2004
Posts: 23
discombobulated is on a distinguished road
Mac Specs: Ibook G4 1.33 ! 60 gig/external 250gig.

discombobulated is offline
Hey i've been surfing around a lot lately and I've been a pc user for pretty much my whole life (19 years). Planning on switching in August to an ibook. I read some post where people talk about how Macs can't have viruses or that I shouldn't have to worry about viruses. Why come Macs can't get viruses ?
QUOTE Thanks
ApplejustWorks

 
Member Since: Dec 28, 2003
Location: Long Island, NY
Posts: 911
ApplejustWorks is on a distinguished road
Mac Specs: 15" MacBook Pro & 23" ACD

ApplejustWorks is offline
they have a much more secure system, they aren't constantly logged on as root...(Windows is or something like that)uhhh....I don't really know exactly why...but I just know that they are!
QUOTE Thanks
Strider

 
Strider's Avatar
 
Member Since: Apr 09, 2004
Location: Dubai
Posts: 973
Strider is on a distinguished road
Mac Specs: 15" MBP 2.16GHz ^ATI Radeon X1600 256MB ^100GB @ 7200 rpm ^2GB RAM ^Glossy Screen +iPod 4G 20 gigs

Strider is offline
Of course Macs can get virii/worms. Its only a matter of time. If someone wants to write a virus for the Mac, they can do it. Its only a question of circulation. Macs are fewer, much fewer, than PCs. So virii don't circulate around the globe. Hence they are safer.
QUOTE Thanks
MAC-simus

 
MAC-simus's Avatar
 
Member Since: Jan 08, 2004
Location: Sweden
Posts: 442
MAC-simus has a spectacular aura about
Mac Specs: 2GHz C2D macbook

MAC-simus is offline
Quote:
Originally Posted by discombobulated
Hey i've been surfing around a lot lately and I've been a pc user for pretty much my whole life (19 years). Planning on switching in August to an ibook. I read some post where people talk about how Macs can't have viruses or that I shouldn't have to worry about viruses. Why come Macs can't get viruses ?
the OS X system is much secure then windows. I give you few examples:
1. no constantly open ports (5 ports are open on windows)
2. every software insallation requires administrator password (unlike windows)
3. apps require permissions to execute.

and there are many more that i dont know.
for these reasons, no viruses can sneak into system, if they do, they can not install themselvs and finaly they cannot execute unless the root permits it.

chek it out and deside

http://www.usfca.edu/~trembath/smon/macpc.html
QUOTE Thanks
technologist

 
Member Since: Mar 30, 2004
Location: USA
Posts: 4,744
technologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond repute
Mac Specs: 12" Apple PowerBook G4 (1.5GHz)

technologist is offline
Well, it's complicated. Here's the Cliff's Notes version:

For one thing, the Unix permissions structure that Mac OS X (like all Unix-like OS's) uses is very strong. No program (virus/worm/trojan) can modify a file without permission. Since the System is protected by a very high permission threshold (called "root") it is very difficult to infect.

Besides that, Macs are less common. Which means three things: firstly, that there are fewer people who know enough about them to write viruses/worms/trojans; secondly, that there are fewer potential victims, and thirdly, that it is much harder for viruses (etc.) to spread. (Remember, it's a chain reaction: one machine infects another, which infects another. On a platform with 95% market share, this is easy; when you have only 5% or less, it's much harder to find the next link in the chain.)

NOW. That said, there has been one (Yes, one) confirmed case of a Mac trojan. It was a simple program that deleted files, and was spread on filesharing networks (Gnutella/Limewire.)

But:
1. You first had to download it manually using Limewire
2. You then had to double-click it manually
3. Because of the OS X permissions system, it would only delete files belonging to the User who double-clicked it. Meaning, other Users' files, and the OS itself, were completely unaffected.
4. It would not run again unless the you double-clicked it again. (Since it had no way to infect the OS itself.)
QUOTE Thanks
witeshark

 
witeshark's Avatar
 
Member Since: Mar 09, 2004
Location: Miami FL
Posts: 2,860
witeshark will become famous soon enough
Mac Specs: G4 1Ghz OS X 10.4.7

witeshark is offline
Quote:
Originally Posted by discombobulated
Hey i've been surfing around a lot lately and I've been a pc user for pretty much my whole life (19 years). Planning on switching in August to an ibook. I read some post where people talk about how Macs can't have viruses or that I shouldn't have to worry about viruses. Why come Macs can't get viruses ?
One central reason Mac (and Linux/BSD) are so less prone is because they don't have the windows registry, which is often edited to the worm writer's convenience :cool:
QUOTE Thanks
discombobulated

 
Member Since: May 24, 2004
Posts: 23
discombobulated is on a distinguished road
Mac Specs: Ibook G4 1.33 ! 60 gig/external 250gig.

discombobulated is offline
Good stuff guys ! As of yet i can't afford my ibook... so i took all the cash i have and bought apple stocks on monday.. so far it's gone up $2.91 hooray.
QUOTE Thanks
TylerMoney
Guest
 
Posts: n/a

Right now the only way you can get a mac virus is to download it, and then run it...no virus can just come onto a mac and automatically run...at least not at this time.

So, if you do get a virus on a mac...you kind of diserve it...though, not really....it's just not as faultless as getting one on a pc.
QUOTE Thanks
d4rr3n
Guest
 
Posts: n/a

Quote:
Originally Posted by TylerMoney
Right now the only way you can get a mac virus is to download it, and then run it...no virus can just come onto a mac and automatically run...at least not at this time.

So, if you do get a virus on a mac...you kind of diserve it...though, not really....it's just not as faultless as getting one on a pc.
Wasn't there a big fuss made about a os x exploit? Wasn't it something you could program onto a website that allowed you to run any code you'd like on any os x machine that opened the website (essentially taking control of the machine)? Maybe i'm confusing this with something else :confused:
QUOTE Thanks
technologist

 
Member Since: Mar 30, 2004
Location: USA
Posts: 4,744
technologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond reputetechnologist has a reputation beyond repute
Mac Specs: 12" Apple PowerBook G4 (1.5GHz)

technologist is offline
Quote:
Originally Posted by d4rr3n
Wasn't there a big fuss made about a os x exploit? Wasn't it something you could program onto a website that allowed you to run any code you'd like on any os x machine that opened the website (essentially taking control of the machine)? Maybe i'm confusing this with something else :confused:
Well, firstly, this was a vulnerability, not an exploit. Meaning it was possible, but never actually used for nefarious purposes.

And secondly, it's been patched.
http://secunia.com/advisories/11689/
Quote:
Description:
A vulnerability has been reported in Mac OS X, allowing malicious web sites to compromise a vulnerable system.

The problem is that code silently delivered using variants of the "disk" URI handler vulnerability described in SA11622, can be executed without using the "help" URI handler.

Two methods have been discussed, allowing malicious websites to execute code from mounted disk images:

1) A disk image or a volume (e.g. AFS, SMB, FTP, or DAV) can register arbitrary URI handlers, which will execute code placed on the disk image when accessing the URI.

2) A disk image or a volume can change an unused URI handler (e.g. TN3270) to execute code placed on the disk image when accessing the URI.

This problem is escalated due to the fact that it by default is possible to silently download and mount disk images using two known methods (silent download and execution of "safe" files and the "disk" URI). Furthermore, it is reportedly also possible to mount volumes using other methods such as SMB, AFS, FTP, DAV and others.

This vulnerability has been confirmed on a fully patched Mac OS X systems (including the patch "Security Update 2004-05-24 for Mac OS X" released by Apple, which fixes the "help" URI handler vulnerability) running versions 10.3.3 and 10.3.4.

Reportedly, working exploits using "ftp" exist, but also "afp" seems to be a likely attack vector.
It may also be possible to use "ssh" to open a connection to a remote site allowing the remote site to gain direct access to a vulnerable system.

The core of the problem seems to be the design of URI handling in Mac OS X. It is likely that many other URI handlers are affected in various ways.

Attack vectors include browsers and programs supporting Mac OS X URI handling.

Solution:
Apple has issued Security Update 2004-06-07, which addresses the vulnerability by presenting users with a dialog box the first time a file is launched automatically.
It took Apple two tries to get it right (The first patch only fixed the Help Viewer vulnerability) but it was completely fixed about a month after the exploit. Not a great response time, but better than some Windows vulnerabilities.

One more reason to run Software Update regularly.
QUOTE Thanks
d4rr3n
Guest
 
Posts: n/a

Well what's difference between an exploit and a vulnerability? You are exploiting the vulnerability, so it's the same thing. What is the difference with this vulnerability and alot of windows vulnerabilities, seems both OS's are capable of being taken over by a website. Do all apples currently ship with this vulnerability fixed or do you have to update it yourself?
QUOTE Thanks
witeshark

 
witeshark's Avatar
 
Member Since: Mar 09, 2004
Location: Miami FL
Posts: 2,860
witeshark will become famous soon enough
Mac Specs: G4 1Ghz OS X 10.4.7

witeshark is offline
Quote:
Originally Posted by d4rr3n
Well what's difference between an exploit and a vulnerability? You are exploiting the vulnerability, so it's the same thing. What is the difference with this vulnerability and alot of windows vulnerabilities, seems both OS's are capable of being taken over by a website. Do all apples currently ship with this vulnerability fixed or do you have to update it yourself?
The main difference is that exploits can fully engage their task without aid by the target computer - or user. Vulnerability needs at least some user help to do anything
QUOTE Thanks
d4rr3n
Guest
 
Posts: n/a

Quote:
Originally Posted by witeshark
The main difference is that exploits can fully engage their task without aid by the target computer - or user. Vulnerability needs at least some user help to do anything
Well by connecting to the internet and allowing your computer to send and receive information aren't you providing some user help to an attacking computer?
QUOTE Thanks
witeshark

 
witeshark's Avatar
 
Member Since: Mar 09, 2004
Location: Miami FL
Posts: 2,860
witeshark will become famous soon enough
Mac Specs: G4 1Ghz OS X 10.4.7

witeshark is offline
Quote:
Originally Posted by d4rr3n
Well by connecting to the internet and allowing your computer to send and receive information aren't you providing some user help to an attacking computer?
To a minimal extent; because real system changes need admin permissions, so any attempt to make changes should cause a password prompt which allows you a chance to prevent it. In windows, registry edits can just happen without any sign. The system just goes pear shaped all in a sudden.
QUOTE Thanks
d4rr3n
Guest
 
Posts: n/a

Quote:
Originally Posted by witeshark
To a minimal extent; because real system changes need admin permissions, so any attempt to make changes should cause a password prompt which allows you a chance to prevent it. In windows, registry edits can just happen without any sign. The system just goes pear shaped all in a sudden.
So what about that website vulnerability? Did it give people a chance to prevent what could happen? From what i read the person exploiting it could basically set up the website to do/run whatever they wanted on your computer.
QUOTE Thanks

Post Reply New Thread Subscribe


« G3 vs. G4 benchmarks? | Easter Eggs.... »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
viruses mlecho Apple Rumors and Reports 14 03-07-2004 03:07 AM
WSJ: If you're tired of Windows viruses, consider a Mac Murlyn Apple Rumors and Reports 2 10-23-2003 01:04 PM
Open Source Community Developing Their Own Viruses Murlyn Schweb's Lounge 8 09-14-2003 07:36 PM
Mac viruses VS. PC viruses dziner OS X - Operating System 8 09-04-2003 09:35 PM

All times are GMT -4. The time now is 08:00 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?