Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
Apple Computing Products:
macOS - Operating System
Best Way To Migrate To A New Mac?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="MacInWin" data-source="post: 1861818" data-attributes="member: 396914"><p>Oh, they know the difference. But "malware" doesn't have the scare-factor of "virus," particularly for new Mac owners coming from the Windows world. So they fuzz up the language in the ads to be able to use the term "virus" when they know **** well there aren't any. The way the better A/V works in Windows is that the vectors by which a virus can possibly attack the system are mostly known, so the A/V software can look for anything doing anything in that vector, even if it's not already stored in the database of identified viruses. The zero-day exploits, where the attack vector is not known before the first virus uses it are the ones that do the most damage, but the Windows A/V guys are pretty good a shutting the door, once they know where it is.</p><p></p><p>But for the *nix version that became macOS, there aren't any known vectors for the A/V software to monitor. Even though the first "virus," the Morrise worm, was a Unix virus, the Unix system was inherently designed to be more secure from the very beginning. The victims of Morris were sloppy and left holes open. As I said, we didn't get affected because we had closed all the holes. This was at a major university and we were in the Administrative section, so we had lots of practice at security as the computer science majors in the Engineering school tested us every day, some for fun, some to try to change grades we stored. My sysadmin had worked on the security functions of Unix for AT&T, so he knew the innards of Unix like the back of his hand. Those poor students never stood a chance. But the Engineering school's own Unix boxes all got hit by the worm, every one of them! The sysadmins from the E-school came by to get our patches to close up the holes. Heh! That was a GOOD day!</p><p></p><p>Exploits of previously unknown weaknesses are called "zero day" exploits because there are zero days advance notice. Given that a zero-day exploit is going to be in some place that nobody knows is there, the A/V software can't watch for what it doesn't know about. In the meantime, the security functions in macOS are made stronger and stronger with every release. The most recent threats to macOS have been through hardware/firmware exploits, not through the OS itself. And Apple has responded well to block the weaknesses in the Intel hardware. I think those weaknesses may have be one of the factors in the push for Apple Silicon. Not the major one, but I bet it's on a briefing slide somewhere in the deck.</p><p></p><p>As for Apple Silicon, you can bet it will be heavily attacked as soon as the black hats can get their hands on one. But I suspect Apple has already been attacking that silicon pretty heavily internally, just to see what can be done. The ability of some intel companies to hack into an iDevice has certainly set off alarms in Cupertino. The war never ends.</p><p></p><p>As for how malware gets on a Mac, that is user self-inflicted. When naive users download "free" stuff from dodgy aggregators they can get burned pretty badly. To install what they want, the user has to give permission via an admin password, the bad guys piggy-back on that authority and install what THEY want and then what the user wanted, all under that same authority. That trick is why you should never download and install software from anywhere but the Mac App Store and maybe a trusted developer website. But places like Softonic, Download.com, macupdate.com, etc, have all been purveyors of malware at one time or another, some intentional, some not. So to be safe, stick with the Mac App Store. It's not perfect, but at least they do inspect the installation process before they put it up.</p><p></p><p>If you want to read a bit more about the battle between security and bad guys, here is a good article on the most recent malware for Macs, called Shlayer: <a href="https://eclecticlight.co/2020/09/06/last-week-on-my-mac-has-notarization-burned/" target="_blank">https://eclecticlight.co/2020/09/06/last-week-on-my-mac-has-notarization-burned/</a> . The article has links to other articles on security if you have the time to follow them and read.</p><p></p><p>Trust me, the first new virus for Mac is going to be a front-page event!</p></blockquote><p></p>
[QUOTE="MacInWin, post: 1861818, member: 396914"] Oh, they know the difference. But "malware" doesn't have the scare-factor of "virus," particularly for new Mac owners coming from the Windows world. So they fuzz up the language in the ads to be able to use the term "virus" when they know **** well there aren't any. The way the better A/V works in Windows is that the vectors by which a virus can possibly attack the system are mostly known, so the A/V software can look for anything doing anything in that vector, even if it's not already stored in the database of identified viruses. The zero-day exploits, where the attack vector is not known before the first virus uses it are the ones that do the most damage, but the Windows A/V guys are pretty good a shutting the door, once they know where it is. But for the *nix version that became macOS, there aren't any known vectors for the A/V software to monitor. Even though the first "virus," the Morrise worm, was a Unix virus, the Unix system was inherently designed to be more secure from the very beginning. The victims of Morris were sloppy and left holes open. As I said, we didn't get affected because we had closed all the holes. This was at a major university and we were in the Administrative section, so we had lots of practice at security as the computer science majors in the Engineering school tested us every day, some for fun, some to try to change grades we stored. My sysadmin had worked on the security functions of Unix for AT&T, so he knew the innards of Unix like the back of his hand. Those poor students never stood a chance. But the Engineering school's own Unix boxes all got hit by the worm, every one of them! The sysadmins from the E-school came by to get our patches to close up the holes. Heh! That was a GOOD day! Exploits of previously unknown weaknesses are called "zero day" exploits because there are zero days advance notice. Given that a zero-day exploit is going to be in some place that nobody knows is there, the A/V software can't watch for what it doesn't know about. In the meantime, the security functions in macOS are made stronger and stronger with every release. The most recent threats to macOS have been through hardware/firmware exploits, not through the OS itself. And Apple has responded well to block the weaknesses in the Intel hardware. I think those weaknesses may have be one of the factors in the push for Apple Silicon. Not the major one, but I bet it's on a briefing slide somewhere in the deck. As for Apple Silicon, you can bet it will be heavily attacked as soon as the black hats can get their hands on one. But I suspect Apple has already been attacking that silicon pretty heavily internally, just to see what can be done. The ability of some intel companies to hack into an iDevice has certainly set off alarms in Cupertino. The war never ends. As for how malware gets on a Mac, that is user self-inflicted. When naive users download "free" stuff from dodgy aggregators they can get burned pretty badly. To install what they want, the user has to give permission via an admin password, the bad guys piggy-back on that authority and install what THEY want and then what the user wanted, all under that same authority. That trick is why you should never download and install software from anywhere but the Mac App Store and maybe a trusted developer website. But places like Softonic, Download.com, macupdate.com, etc, have all been purveyors of malware at one time or another, some intentional, some not. So to be safe, stick with the Mac App Store. It's not perfect, but at least they do inspect the installation process before they put it up. If you want to read a bit more about the battle between security and bad guys, here is a good article on the most recent malware for Macs, called Shlayer: [URL]https://eclecticlight.co/2020/09/06/last-week-on-my-mac-has-notarization-burned/[/URL] . The article has links to other articles on security if you have the time to follow them and read. Trust me, the first new virus for Mac is going to be a front-page event! [/QUOTE]
Verification
Name this item 🌈
Post reply
Forums
Apple Computing Products:
macOS - Operating System
Best Way To Migrate To A New Mac?
Top
