Is Mac OS X really safer from virus attacks?

D3v1L80Y · Nov 25, 2006

It shouldn't be a surprise, really. Absolutely NO computer or operating system is impervious to a virus attack, not even Mac OS X.
The likelihood, on the other hand, is not very high. There are over 100,000 different viruses that plague the Windows OS. There currently are none for OS X. This doesn't mean that there couldn't be, it just means that as of now there aren't any.
Mac OS X does come with a firewall, but no anti-virus protection. You will likely be fine without any. It has nothing to do with market-share but more to do with how the OS handles files and such. Even if you did get a virus (should one ever exist), the steps you would have to go through to get it installed and working on your system, then transfer it to someone else and have them follow the exact same scenario are far too lengthy and involved for any virus to truly be successful on the Mac OS X platform.
A virus is only truly successful if it can be transmitted and replicated on another machine quickly and efficiently. The very structure of the Mac OS and how it handles files prevents that smooth and easy transmittal, so virus writers are not apt to bother with writing viruses for Mac OS.
:black:

Gambuchi · Nov 25, 2006

Beware of Norton on Apples

schweb said:
I'm part of the better safe than sorry crowd so I do run Norton Antivirus 9.0 on my iBook and will on my Mac desktop when I get it. I do this for several reasons:

1. You never know when a worm or virus might be written for OS X
2. I work in a mixed computing environment and I want to be a good citizen by protecting myself from passing on Windows viruses even if I can't be infected by them. This has already happened more than 1 time.

The sad part is that in using Norton, you are exposed to even more problems...you will find much information (negative in nature) about running Norton on Apple computers... be warned.

Click to expand...

......

kevin270 · Nov 25, 2006

D3v1L80Y said:
A virus is only truly successful if it can be transmitted and replicated on another machine quickly and efficiently. The very structure of the Mac OS and how it handles files prevents that smooth and easy transmittal, so virus writers are not apt to bother with writing viruses for Mac OS.
:black:

Interesting!

It sounds like I will have a big learning curve ahead of me because I've never used a Mac in my life. I've always been IBM, but the last 2 computers I purchased could not handle the things I want to do when it comes to producing movies on my PC. I'm tired of the lock-ups, and I was also thinking about all of the software that I have purchased over the years to protect my OS from viruses, spyware, and other horrible things. Not only that, but every one of these programs that loads stuffs itself into memory. It is such a huge waste of memory as well as disk space to have to install all of the different software packages just to protect yourself. My computer takes about 8 minutes to boot up now because of the number of software products it loads. It's ridiculous!

I installed Windows XP on my sister's computer during the summer. Her computer was connected to the internet, so when the system started it obtained a virus immediately and shut the system down. I could not fix it. I'd turn the computer on, and within 30 seconds it would shut down. I had to spend a lot of time formatting the hard drive and re-installing Windows again (the second time without connection to the internet until I had the time to install the virus protection). It's really a severe problem. I hope that Vista will be a better OS.

How different is the file system on the Mac? You can still download software and files can you? If you can, then how would you protect yourself from executing a file that might release a trojan horse into your system?

Ice Cream Man · Dec 1, 2006

lonerider said:
It isn't really by virtue of it being Unix, but rather that unix and esp the FreeBSD core of OS X has been open for a long time (unix was developed in the 70s), so the core code of the OS has been viewed by millions of programmers and attacked by millions of hackers. Unix had some nasty virus' in the late 80s and early 90s.

As the old saying, what doesn't kill you makes you stronger. Unix has been made a lot stronger.

That said, the post about ActiveX was dead on. Windows securty nightmares really can be traced to Internet Explorer and all the apps that use the interoperability features of it (like Outlook, Outlook Express, Windows Media Player, Windows Messenger, and all the MS Office apps).

The ability of IE to run ActiveX and Visual Basic programs off the internet without the user knowing it, combined with weak protection for the UI and controls such as OLE, are what is killing Windows. As an aside, If you want to see the future for Vista security, look at the fiasco surrounding IE 7.

All of this is so heavily integrated into Windows now, I really don't see it going away.

I second this post. There are some MS fanboys that will claim that OSX hasn't bee around long enough. But this mainly reflects the overall pride of MS. Which is exhibited in their long time belief that "NT is superior to Unix"

I will admit that Vista is supposed to fix some of those ActiveX, or VB, permissions issues. However they are opening up allot of security holes that I can already see.

Vista is also not much better than XP, and definitely not as good as OSX, I sat thru the Vista seminar mirroring everything he did. Only I did it in OSX on my MBP. It further illustrated MS's history of copy and sell.

To me this is like when people compare hybrid cars to traditional. And say "it's a new technology". When in truth some of the first cars were hybrids(in the 1800's). And thus hybrids don't need to prove anything. They already did. It's just that at the time plain internal combustion was cheaper to run, but not cleaner or efficient.

And in that same sense Unix/OSX is only new to the public eye. It, however, is not new at all. And is quite secure. And lots of servers run a version of Unix. IBM, Sun Microsystems, and others, run variations of unix. Some of which are running PowerPC CPUs which Apple had been running on for the past 10 years. And people have been running Unix, and Linux on Mac's for years.

claven2 · Dec 7, 2006

Speaking of internet explorer 7 - am I the only one that finds the IE7 GUI to be a blatant copy of Safari (tabs and all)???

dtravis7 · Dec 7, 2006

claven2 said:
Speaking of internet explorer 7 - am I the only one that finds the IE7 GUI to be a blatant copy of Safari (tabs and all)???

I really don't see it as a copy of Safari, but the GUI is confusing to me. Nothing is where it should be. Every time I have used it I am looking trying to find where things are. Microsoft changed the whole interface and it's' confusing. Sure with time I will get used to it, but I would have rather they kept the basics the way it was and just improved the browser which they did do. Tabs have been around a long time. Opera had they way back and Firefox for a long time. I am glad that Microsoft took the time to give it's users Tabbed browsing.

mac57 · Dec 7, 2006

kevin270, the answer to your question about how different the file system can be is contained in the observation that all files are not equally accessible in *nix systems (and this includes Mac OS X).

In Windows, all files are equally accessible. You the user can open, run, delete, modify etc any file on the system. Virus and worm writers thrive on this. If you can get a piece of malware into execution on Windows box, it can wreak havoc not just with your individual files but with ALL files on the system. This means that it can infect Windows itself, after which it has free run to do anything.

Now lets consider *nix. There is a file user security model. All files are NOT equally accessible. Each file is owned by a particular user and a particular group, and there are defined per-file permissions that regulate which users/groups can do things to the file. For purposes of this discussion, consideration of two users is enough. There is "root", the userid that is set up as the owner of all the system (Mac OS X) files and there is you, the individual user.

In general, all the system files are owned by root, and permissions are set such that no one else can access them. This all by itself is a huge advance over Windows. Yes, if I was dumb enough I could unleash a virus onto my system, but since it runs under my userid, it cannot touch any of the system files. In essense, it cannot disturb Mac OS X itself, only my personal files.

If I share my Mac with others, and we each have our own userids, the same is true. The horrid virus that I have unleashed on my Mac can't touch the files of the other users either, since in general, the default permissions only allow read access to other users files (if any access is granted at all), not write access.

This simple but powerful concept of users and permissions makes *nix systems hugely more secure than Windows.

Hopefully, this helps you understand why the Mac OS X file system is so superior? Per the above, this applies to all *nix systems (unix, Linux, Mac OS X, FreeBSD, OpenBSD, etc.).

kevin270 · Dec 7, 2006

Hi Mac57:

Thank you so much for this explanation along with great examples. This is the first time that I have read anything pertaining to this aspect of the Mac OS X operating system like that. So even though I am the "master" user of this computer - I understand that even I cannot alter the system files. You are correct, this is something that you can do on the Windows platform. I wouldn't even know where to look for the Mac OS X operating system files.

Most of the viruses that I know of attack the Windows kernals, or DLLs or they replace Windows operating system files with their own flavor of executable that causes harm. Another form of virus imbeds itself into the boot sector. I guess with the OS X operating system you don't have to worry about any of that stuff. This is great!

I have to say that I have only had my Mac for about a week, and already I feel quite comfortable with it. I've managed to figure out most things that I would like to know about. It does seem strange not to have a visible firewall on the Mac. I haven't really delved into that aspect of it, but on the PC, my firewall would often pop up and say, "Such and such is trying to access port xxxx. Allow or Deny". What happens if an outside predator attacks one of my IP ports. Will the Mac automatically deny them access without letting me know about it?

maz94protege · Dec 7, 2006

kevin270 said:
Doesn't the Mac Operating system already come with a firewall and anti-virus protection? If yes, doesn't Apple update it to keep up with the attacks?

yea OS X (10) has a great firewall already installed....i love it. its very secure and ive tried hacking into it via my old dell laptop...still cant get through. its great. plus if you want more security you can always add more advanced firewall/virus protection....not needed though

I love my Macs....

lonerider · Dec 9, 2006

kevin270 said:
Hi Mac57:
I haven't really delved into that aspect of it, but on the PC, my firewall would often pop up and say, "Such and such is trying to access port xxxx. Allow or Deny". What happens if an outside predator attacks one of my IP ports. Will the Mac automatically deny them access without letting me know about it?

For the most part, the Mac firewall by default prevents any kind of remote access. You can turn on things like ssh (ie, secure telnet), but they are off by default.

This is one of the areas where OS X's unix roots helps it. The core of OS X is FreeBSD, and it's been through the grinder with hacker attacks already. So by inheritance, OS X is pretty secure even with its ports open.

DrQuincy · Dec 11, 2006

mac57 has hit the nail on the head. I've run Linux distros that have the UNIX kernel for ages without firewall or anti-spyware and never had a problem. While it's not impossible to get a virus it is improbable. If youvre got your system set up properly a virus can't do any damage without your permission. If you're running XP and you're an administrator of it it's like being logged in as the root user on Linux / UNIX (which you can't do*).

* well, it can be done but it's very hard and not advisable to do so

BuzWeaver · Dec 13, 2006

Microsoft just has a lot more enemies than Apple, so to speak.

kfdan · Dec 19, 2006

Been using ClamXav for a while. It's free and works well so far!

baggss · Dec 19, 2006

Well, then this should be interesting:

The Month of Apple Bugs...

deus_ex_machina · Dec 19, 2006

OSX is safe as long as they have minimal market share

BuzWeaver · Dec 19, 2006

baggss said:
Well, then this should be interesting:

The Month of Apple Bugs...

Its possible.

Ice Cream Man · Dec 19, 2006

deus_ex_machina said:
OSX is safe as long as they have minimal market share

That's so ridiculous. That's as silly as the people who claim that the OS hasn't been around long enough to experience those problems. Despite the fact that it's unix-bassed. and unix has been around longer than windows, and has already been thru what they are going thru now. Which is a major part of why it's so secure now.

mr g5 · Dec 19, 2006

what should I do to keep to mac safe? I have the firewall on.

I am set as an admin is this right?

Should I have a password?

NanoBite · Dec 19, 2006

mr g5 said:
what should I do to keep to mac safe? I have the firewall on. I am set as an admin is this right? Should I have a password?

These are some articles which are helpful:

http://www.macgeekery.com/tips/security/basic_mac_os_x_security

http://www.macworld.com/2005/02/features/8macsecuritytips/index.php

http://www.macfixit.com/article.php?story=20060308081610672

deus_ex_machina · Dec 19, 2006

Ice Cream Man said:
That's so ridiculous. That's as silly as the people who claim that the OS hasn't been around long enough to experience those problems. Despite the fact that it's unix-bassed. and unix has been around longer than windows, and has already been thru what they are going thru now. Which is a major part of why it's so secure now.

My comment was really meant to be facetious. The system is tried and true but not infallible. Part of its security is that it doesn't allow root access out of the box. The admin still requires passwords to complete important tasks. Most vulnerabilities come from user error. And as for market share, being in the 5% leaves you more time to develop groundbreaking software rather than defending the endless barrage of malware and security issues that has plagued Windows for so long.

Nice sig BTW