[Macpilot]

So, my buddy, who is a WindowsXP user, tells me that some day all Mac users are going to be screwed by viruses because they think their machines are immune to viruses and most are not running anti-virus software.

I have told him what I read here, that OS X has no known viruses.

Now, I have been using Mac OS X since the public beta, and have never run any anti-virus software and no firewalls (other than turning on the Firewall in Sharing). I have never had a virus that I was aware of.

I am sure there are people out there who are trying to write viruses for OS X.

My understanding is that it is very difficult to get a virus on OS X because all critical system stuff that can be modified can only be done when the admin enters his password. My confusion is that not all applications/utilities require this in OS X. I have installed stuff that never asked for my admin password.

Apparently, a lot of Windows-users get in trouble when they open up email attachments that then attack their system.

My XP buddy tells me that Windows security is all about the user being vigilant in downloading the latest updates, running virus software, etc. He says he has never had a virus or security problem with any of his Windows machines.

Should the OS X users be concerned about viruses?

Will we someday be attacked on a large scale because of this indifference to viruses?

Didn't anybody ever write viruses for UNIX and why have those viruses not migrated to OS X?

[King Bob On The Cob]

Maybe...
But one of the largest Virus Problems (Automatic execution of code when viewing an E-Mail with or without permission) doesn't exist on the Mac side.
There still may be a problem with exploits (Like there could've been a problem when OpenSSH had that exploit) but it's off by default (unlike most Window's services) and it would take alot longer to spread because of lack of machines that have the exploit on.

[cpac]

no need to be concerned.

if you're a virus writer, why would you write a virus that can at best be spread only to 3%-5% of the computers worldwide? Doesn't make for great propagation rates does it?

The problems with email attachments are that MS provided hooks for javascripts and similar in emails to access various system files - it made for great integration and incredibly swiss-cheese like security.

nothing really executes on your Mac without your say-so - this isn't to say that there aren't possible security holes out there, but just that there are no viruses being written for OS X, and that windows, by virtue of its market share will ALWAYS be less secure.

[Drizzt]

Virus for Unix did exist.. but never really got out of the laboratory and stayed to the prototype status.

The problem with Windows is that there is no security on the system files. By default, anyone can write anywhere on the disk and modify any file. Also, every service is on by default.. and Microsoft doesn't have a good record count on building reliable and secure network services.

I am not saying that Unix OSes are without problems.. there is some. The thing is, there is less chances, with the default install, of being hacked or infected.

It will be even more so when all services will run in their sand box..

[natty]

I guess what I was getting at is that, while difficult to write a working virus for OSX, nothing is impossible. If by chance someday someone does do that, it will propagate like wildfire since OSX users seem complacent about viruses due to the fact that a working one has never been written for them. I may be wrong but, most Mac users don't run anti virus due to this. I realize the track record for Mac has been very good in this respect but...it could happen it would seem. I mean, what a perfect scenario for a motivated hacker to be the first one to succeed.

Second point is that I feel that XP is not an unsecure os by nature but by default. If it was idiot proofed out of the box as well as OSX then I think it would be just as secure. It has more to do with the default settings than the os itself. An XP user could configure their box the same way but they would have to do it manually. Admittedly, most XP users are not advanced enough to do that so I agree that Mac default setting are better for the real world user and Microsoft needs to take a hard look at their default settings out of the box.

Which leads me to the real difference between the actual os's and that is: interface, usability, software etc. That is to big of a debate for this thread and comes down to personal preference. As far as stability, I have had no problem in this regard in the year I've been using it. Microsoft made a huge step in stability since the release of XP. Yes previous versions were dogs in this respect. But with XP these problems are a thing of the past. All in all I'm primarily a gamer and for that reason XP is a better choice for me. Had to chuckle when someone posted a thread saying that Mac should give away a PS2 with every unit to solve this argument... not a bad idea.

[Macpilot]

Originally posted by natty:
I guess what I was getting at is that, while difficult to write a working virus for OSX, nothing is impossible. If by chance someday someone does do that, it will propagate like wildfire since OSX users seem complacent about viruses due to the fact that a working one has never been written for them. I may be wrong but, most Mac users don't run anti virus due to this. I realize the track record for Mac has been very good in this respect but...it could happen it would seem. I mean, what a perfect scenario for a motivated hacker to be the first one to succeed.

Second point is that I feel that XP is not an unsecure os by nature but by default. If it was idiot proofed out of the box as well as OSX then I think it would be just as secure. It has more to do with the default settings than the os itself. An XP user could configure their box the same way but they would have to do it manually. Admittedly, most XP users are not advanced enough to do that so I agree that Mac default setting are better for the real world user and Microsoft needs to take a hard look at their default settings out of the box.

Which leads me to the real difference between the actual os's and that is: interface, usability, software etc. That is to big of a debate for this thread and comes down to personal preference. As far as stability, I have had no problem in this regard in the year I've been using it. Microsoft made a huge step in stability since the release of XP. Yes previous versions were dogs in this respect. But with XP these problems are a thing of the past. All in all I'm primarily a gamer and for that reason XP is a better choice for me. Had to chuckle when someone posted a thread saying that Mac should give away a PS2 with every unit to solve this argument... not a bad idea.

Nice post dude.

Well, it appears that my XP friend is now a member of MacNN Forum. Let's welcome him. He is really not a bad guy, just a little misguided. Let's see if we can enlighten him to the good games on OS X so he can stop tinkering with his security settings!

[vsurfer]

Macs have experienced occasional but rare viruses.

Last one I received that affected my Mac was a worm contracted from a floppy disk from a design agency -- I think the OS we were using at the time was System 7.

[jfinete]

One of the main reasons UNIX and Mac OSX are more secure than Windows is the way they grant privileged access. Both Windows and OSX require the user to have "admin" privileges in order to install software, change system settings, etc.

On Windows, the user gets admin access by being a member of "Administrators" group. That allows the Windows user to do admin stuff without having to type in a password. This also means that every single process launched by the user also automatically has admin access. So when the typical Windows user downloads a virus, the whole system is compromised.

On Mac OSX, the "admin" group does not give the user any special privileges. The admin group just means that the system will prompt the user for a password. This forces the user to confirm they are who they say they are. So a virus download by an OSX admin user can only affect the user's personal files, not the whole system.

[DanielPritchard]

As far as stability,... Microsoft made a huge step in stability since the release of XP. Yes previous versions were dogs in this respect. But with XP these problems are a thing of the past.

I won't hand you that just yet, Natty. My ex-gf's Compaq laptop has been having Blue Screens Of Death since she got it. It has been running WinXP Home or Pro the whole time. I'm an expert on Windows and I've done everything I can to fix it. I wiped the hard drive last weekend, did a fresh install, and still the BSODs continue. I know, not all windows PC's experience the same thing. But it's particularly stupid the way when they BSOD, by default they instantly restart so you don't even get to read the BSOD to see what's going on. (I can understand that on an unattended server, but on a workstation you might want to investigate your three-times-daily BSODs.) I'm still working to fix it, but I suspect it's just a bad flaw in a vital driver like video or sound. What do you do then? Revert to 640x480 and take off the driver?

Meanwhile, my PowerBook has kernel panicked for the first time, this week. The first time since I bought it in early June. While I was messing around with some hardware thing, can't remember what. Not brought down by a driver in the middle of my work, like my ex-gf's is constantly.

My point is, don't get all high and mighty talking about Windows XP's stability. About 2/3 of the machines I've encountered were way better with Windows XP, and that's nice, especially compared with the Win9x line. But I've also seen plenty with severe problems, like the one I described, and my roommate's constant freezing problem.

All in all I'm primarily a gamer and for that reason XP is a better choice for me.

You just hit on the only reason I would ever voluntarily use Windows.

Although, my answer is, I have both--Windows for games, Mac to get my work done and everything else. I just think of my PC as a glorified game console. But I'm primarily not a gamer, so it's very worth spending the money to have the mac too, whereas if you don't really do much besides play games on your PC, I can understand that you wouldn't get as much out of having a Mac as I would.

Later
-Dan

[sniffer]

I can see there is some architecture differences between XP and X, but I still have a hard time understanding why there is no reported viruses (that i am aware of anyway). Marked share is one thing, but on the other side 3+% marked-share should theoretically still be more than enough for virus existence.
This is a very strange enigma IMO..

[himself]

Originally posted by sniffer:
I can see there is some architecture differences between XP and X, but I still have a hard time understanding why there is no reported viruses (that i am aware of anyway). Marked share is one thing, but on the other side 3+% marked-share should theoretically still be more than enough for virus existence.
This is a very strange enigma IMO..

I've always been of the belief that there is always someguy trying to create a virus or someother "exploit" for every computing platform... and not necessarily to hit as many computers as possible, but just to prove the point that it could be done. The same reasoning applies to why a dog licks his own balls... But, none of the viruses have been successful to this point, or the successful ones haven't been widely distributed, or whatever. The only Mac virus i've been hit with was the old harmless autostart worm that had a simple fix back in the System 7 days.

And in response to natty's assumption that mac users don't run virus software... while I can't speak for every mac user, I can say that any Mac-using professional (design, video, audio, etc) worth their salt wouldn't think of not running a virus utility, not to protect their system, but to protect their data. Often times you'll never know when your Mac is a carrier for some windows virus, and that virus can be retransmitted through email, web/ftp server, or sharing files with other vendors or third parties. For instance, every printer I work with wants any files delivered to them to be free from any viruses, or they'll charge you to clean them up in the event that they do find infections. It only takes one copy of a virus to propagate itself and take down some company's entire network, and god forbid that vendor traces the source back to you. Add to that the fact that many "Mac only" operations have some flavor of windows running (because Micrososts presence is so pervasive, it's nearly impossible for some folk to avoid it), and you learn to be careful with your systems and data.

[natty]

Ineresting insight, thanks.

[calumma]

The question has to be then, which is the best anti-virus software to use? I have tried several but I've not really been happy with any of them - they all seem somewhat slow...

[Mr Scruff]

There is one breed of virus that OS X is vunerable to - MS Office VBA viruses.

They infect Macs just as well as they do Windows machines. At work all the Macs have virus protection installed and that's the only type of virus they ever get.

But in answer to your point, I think where Macs are used in business they are generally virus protected. And without outlook viruses large networks are the only place where viruses can propogate easily.

[typoon]

Very true. While there are no known viruses for OS X you can still be a carrier. If you belong to .Mac you can get Virex or you can go out and buy Systemworks for Mac, or Virus barrier from Intego. I need to re-download Virex from .Mac myself talking about virus software.

[mitchell_pgh]

I think of it this way.

XP is like having a key to your house... once in, you can go everywhere.
GOOD: Very convenient
BAD: Virus prone.

OS X is like having a key to your house and a key to every room. (yes, you can have master keys made for the first floor, second floor etc.)
GOOD: Virus resistant
BAD: Passwords all the time.

[natty]

Well put. I am set up as administrator (admittedly by default) and would hate to have to enter a password any time I wanted to do something as I am the only one that uses this computer. But I agree that this configuration should have to be manually set up. If I had any other regular users I would simply setup a custom or guest account for them thus effectively limiting their access much like OSX. Again it goes back to fault of the default, shipped configuration rather than the os itself.

[Wiskedjak]

Originally posted by Macpilot:
... some day all Mac users are going to be screwed by viruses because they think their machines are immune to viruses and most are not running anti-virus software.

I think that is true, to some degree. Should someone decide to sit down and write a nasty virus for the Mac, the Mac population will be screwed. However, as posted earlier, that begs the question as to why someone would write a virus for the Mac. Virus writers have one of two objectives: recognition and disruption. Neither would likely happen through a Mac virus.

I actually think that Windows has done the world a favour by having such an insecure OS. If it were more secure, Virus writers would be much more skilled and the viruses much more nasty. Plus, we're all much more aware of the problem.

[typoon]

Originally posted by natty:
Well put. I am set up as administrator (admittedly by default) and would hate to have to enter a password any time I wanted to do something as I am the only one that uses this computer. But I agree that this configuration should have to be manually set up. If I had any other regular users I would simply setup a custom or guest account for them thus effectively limiting their access much like OSX. Again it goes back to fault of the default, shipped configuration rather than the os itself.

Under OS X luckily the only time you have to enter a password is if you are installing something.

[K++]

Why OS X is more secure/less virus prone than Windows.(The short version)

There are several reasons why Mac users have the luxury of being lax as far as Viruses are concerned.

1. Default Configuration
This is an important one, it is important because by shipping with no ports open and requiring users be trusted to perform operations if a user were burdened with a virus it would have a hard time making contact with the outside world.

2. Script Access
Most viruses are simple shell scripts that take advantage of idiotic mistakes made by developers. Apple tests meticulously and writes very secure code. Most problems arise from buffer overflows an all Mac OS X apis have several protections against that happening. Furthermore exploting buffer overflows on the PPC architecture is magnitudes harder than on the x86 platform. There is an article on this very topic out there somewhere it should be in the archives of both MacNN abd slashdot.

3. OS flaws
No, Im not taking a swipe at windows, merely pointing out something. The reason that MSBlaster worm came about was the RPC explot made possible due to lax security policies in Windows. On the mac we don't have that issue becuase even though our system supports RPC calls and methods, RPC is not even on at all unless you turn it on.

4. Programmer Ideology
Bill Gates himself has a very lax very on security saying things that would lead you to believe that things are secure because we don't know how they work. That is really a swipe against Open Source, but security through obscurity is not security at all, because they don't even protect against people who do know what they are doing. Those that don't are teh easiest to protext against and provide the invaluade ability to see what other more able hackers might attempt.

5. Feasability
In order for a Mac virus to do real damage it needs to propagate. How to Mac's get together and talk to one another so that they would have chance to take each other down?
They don't. Only in networks do several Macs ever have the ability to pass harmful material around, but they can't get it ontu the harddrive of another machine since there are no ports open to send it through. If we try the good old email method, that won't work since the majority of people in thier address book would not be mac users, and there is no way to tell either way.

With the most important tool of a virus, propagation, being almost completely moot from Mac to Mac, the spread of a Mac Virus greatly limits any chance it would have to "devastate" mac users as you state.

6. Glory
Programmers are vain, they enjoy exploring new worlds and galaxies, boldly going where no one has gone before. Script kiddies are no less vain. They want people to know thier name [345]Cr4xy1337 and fear it. So when looking at the 3% and knowing that they will most likely be unable to get it to other machines, they say "well windows is everywhere and easier to penetrate, lets get them"

[Love Calm Quiet]

re: 6. GLORY....

Mac users need to keep secure. You just gotta *KNOW* that when somebody writes a virus to knock out 10,000 Macs around the country (maybe using PCs as 'carriers'?) that there's going to be BIG news coverage - just because it's NEVER in the news - and because there's lots of people that have Mac-envy or think Mac owners are arrogant or whatever. Just look at how the IT press is quick to cover Apple any time it needs to issue a security update.

If Apple ever gets on the upswing in % of market - and starts gaining credibility in the eyes of the public and business world (e.g., 3rd faster supercomputer, etc.) then there's going to be some joker wanting to be "the first hacker to bring OS X to its knees."

All just to say: keep safe! ( not complacent)
[advice that I hope APPLE has as a topmost priority]

[CharlesS]

Well, this doesn't apply to all Mac users, but to us here on this board, just think about it. If there were a new virus for the Mac that came out, it would be all over MacNN. We'd know about it right away. And someone would probably come up with a freeware or cheap shareware utility like AntiGax to kill that particular virus quite soon after the virus appeared.

So why spend $70 on Norton AntiVirus when no viruses even exist yet, and when they do, there will probably be a downloadable solution?

[typoon]

Originally posted by CharlesS:
Well, this doesn't apply to all Mac users, but to us here on this board, just think about it. If there were a new virus for the Mac that came out, it would be all over MacNN. We'd know about it right away. And someone would probably come up with a freeware or cheap shareware utility like AntiGax to kill that particular virus quite soon after the virus appeared.

So why spend $70 on Norton AntiVirus when no viruses even exist yet, and when they do, there will probably be a downloadable solution?

Very true.

[Millennium]

There are no known viruses for OSX. However, OSX users can still carry Windows viruses (even if they can't actually become infected) by containing the files which host those viruses. This means that running anti-virus software is still prudent, even if only to clean out the hard drive space that virus-hosting files take up.

Can a virus for OSX be written? Yes, it can. It wouldn't even be terribly difficult to write a basic one. However, OSX is written such that the damage a virus can do is quite limited, unless it infects the root account. Unless you are dumb enough to actually run things as root all the time, a virus just plain won't be able to do all the things a virus on Windows does.

This is a major issue with Windows, for example. It's not just that it's easy to write a virus for Windows, though that is a problem. The bigger problem is that Windows has virtually no security model in place to limit the damage a virus can do, once the system has already been infected.

This is the problem with Microsoft's security model. There are three lines of defense which need to be taken into account, and Microsoft only ever bothers with one.

The outermost layer of security is the ability to keep The Bad Guy out of your machine. Firewalls are the most common example of such security. According to Billy himself, this is the only layer of security you really need. This because Billy knows little to nothing about what real security is.

The middle layer of security is intrusion detection. If someone manages to break through your firewalls, you need to know that it has happened. Many hackers only break into a machine one time, and use that time to install backdoors so that they can get in later without having to go back through the rough stuff. Sometimes they even lay low for a while after first breaking in, counting on you to not find their backdoors while keeping a low profile so that by the time you do get around to checking your logs, they will be long gone. Currently both Windows and OSX are poor in this regard out of the box, but intrusion-detection systems are available for both platforms.

The third layer is damage control. If a user gets into your system, you need to make sure that they can't do much damage. Windows doesn't even bother with this level of security, and this is why they get smacked down so hard by viruses. OSX (and most other Unices) do pretty well in this regard, though there are some operating systems out there which do even better.

[voyageur]

Thanks for the enlightening discussion. Now here's what's probably a dumb question, but I'd appreciate it if someone could answer this. Can OS 9 Word Macro viruses be contracted by a computer running only Word X?

I ask because one user who uses OS 9 exclusively found a Word macro virus on his machine. But none of the OS X machines he sent the infected files to caught the virus, even though they had no virus protection installed. A virus scan of the OS X machines with Norton came up clean.

I noticed Microsoft Word X's option to Enable Macro Virus Protection is turned on by default in its preferences. Could that be enough protection against macro viruses?

Just trying to understand things, as this is the first time in many years of Mac use I've ever run into anyone with a virus.

[Millennium]

Originally posted by voyageur:
Can OS 9 Word Macro viruses be contracted by a computer running only Word X?

In theory, yes. Word macros are Word macros, and so they should be able to run on anything that Word runs on. However, such a virus on OSX is still limited in what it can do (as opposed to OS9 and Windows), and this may break some of the viruses out there.

I noticed Microsoft Word X's option to Enable Macro Virus Protection is turned on by default in its preferences. Could that be enough protection against macro viruses?

That can protect against many macro viruses, but it can be circumvented by a clever programmer. Fortunately, those means are beyond the skills of most Word macro virus writers.

[Richard Edgar]

If there were a new virus for the Mac that came out, it would be all over MacNN. We'd know about it right away

Are you sure? How do you know that you don't have something on your machine right now that is lying dormant, waiting to be activated? The most effective way to wreak havoc would be to do something like that - infect, and then go quiet.

The bigger problem is that Windows has virtually no security model in place to limit the damage a virus can do, once the system has already been infected

IIRC, NT's security model is theoretically much better than the UNIX one (this is not desparately hard). Implementation is, naturally, another matter entirely. And on a UNIX, box, once the root account is gone, there are no further limitations. How many OSX users have admin priviledges on their normal account?

Apple tests meticulously and writes very secure code

Like that iTunes installer which, IIRC, zapped hard drives which had a space in the name?

The biggest defence that Apple has at the moment is its small market share. As others have pointed out, there aren't enough to give much 'glory.'

[- - e r i k - -]

Originally posted by Richard Edgar:
Like that iTunes installer which, IIRC, zapped hard drives which had a space in the name?

If I recall correctly it only affected people who had partitioned their HDs and called them Classic and Mac OS X. Unfortunally this was at a period where many people did just that.

It was one mistake, and even Apple does them. Even I have been affected by a recent one, the dreaded FW800 bug. Fortunally it was a new HD with no critical files on it. I just shrugged it off as I knew of the update, but hadn't had time to install it. I am lucky enough to run the best OS in the world on the best hardware, so Apple's mistakes seem like a drop in an endless ocean of Microsoft f*ckups.

[ryaxnb]

Originally posted by Drizzt:
Virus for Unix did exist.. but never really got out of the laboratory and stayed to the prototype status.

The problem with Windows is that there is no security on the system files. By default, anyone can write anywhere on the disk and modify any file. Also, every service is on by default.. and Microsoft doesn't have a good record count on building reliable and secure network services.

I am not saying that Unix OSes are without problems.. there is some. The thing is, there is less chances, with the default install, of being hacked or infected.

It will be even more so when all services will run in their sand box..

And Windows has 5 ports open. OS X has 0

[Millennium]

Originally posted by Richard Edgar:
Are you sure? How do you know that you don't have something on your machine right now that is lying dormant, waiting to be activated? The most effective way to wreak havoc would be to do something like that - infect, and then go quiet.

This is theoretically possible. This is why I said there were no known viruses. If you don't know that a virus exists, then it doesn't matter what OS you're using.

IIRC, NT's security model is theoretically much better than the UNIX one (this is not desparately hard). Implementation is, naturally, another matter entirely.

Exactly. NT has a security model whose basic concepts are better than those of Unix in most situations. However, NT doesn't use this security model in an effective way, which is in some ways worse than no model at all because it engenders a false sense of security.

And on a UNIX, box, once the root account is gone, there are no further limitations. How many OSX users have admin priviledges on their normal account?

The only difference between an admin account and a regular account is that admins can su/sudo to root. They have no extraordinary powers until they do that, and doing it requires a password.

The biggest defence that Apple has at the moment is its small market share. As others have pointed out, there aren't enough to give much 'glory.'

That's not the biggest difference, as I've pointed out above.

And actually, at the moment there is still quite a bit of glory to be gained, because the first person to write a Mac virus will be just that: the first person to write a Mac virus. There is some glory in that.

OSX does presently enjoy a little security through obscurity. What makes it different from Windows is that it doesn't rely on that obscurity, and implements real security to back it up.

[Richard Edgar]

The only difference between an admin account and a regular account is that admins can su/sudo to root. They have no extraordinary powers until they do that, and doing it requires a password

And how difficult would it be for a trojan to pop up a dialog box, requesting the admin password? How many people really think carefully before typing that in? I bet the sort of people who get hit by Lookout (or Lookout Express) viruses wouldn't.

In any case, very few systems are secure against their local users. Once a program is running, it is a local user.

[G-Force]

Originally posted by Richard Edgar:
And how difficult would it be for a trojan to pop up a dialog box, requesting the admin password? How many people really think carefully before typing that in? I bet the sort of people who get hit by Lookout (or Lookout Express) viruses wouldn't.

In any case, very few systems are secure against their local users. Once a program is running, it is a local user.

Does this mean that admin accounts without passwords would be especially vulnerable to viruses? Are there any other issues that could cause problems by not having a password in an administrator account? I am behind a netgear firewall and I don't have any open ports, and I am the only one who has physical access to the machine.

[Drizzt]

Originally posted by G-Force:
Does this mean that admin accounts without passwords would be especially vulnerable to viruses? Are there any other issues that could cause problems by not having a password in an administrator account? I am behind a netgear firewall and I don't have any open ports, and I am the only one who has physical access to the machine.

Even if you do not have a password, MacOS X requests it. I believe some updates required having a non blank password for at least one admin.

Having a password is always a good thing, even if it's something trivial like 'sex' or 'god'

[Millennium]

Originally posted by G-Force:
Does this mean that admin accounts without passwords would be especially vulnerable to viruses? Are there any other issues that could cause problems by not having a password in an administrator account? I am behind a netgear firewall and I don't have any open ports, and I am the only one who has physical access to the machine.

A Trojan could indeed do this. This is why OSX needs to implement a mandatory unmaskable keystroke that needs to be put in before the password is typed in. This is one of the few cases where Windows almost gets it right, except that as of WinXP the idiots at Microsoft actually allow users to turn this feature off, thus rendering it worse than useless.

The reason for such a keystroke is simple: if you use an unmaskable keystroke (like Ctrl-Alt-Delete on Windows; presumably it would be Cmd-Ctrl-POWER on Macs), then a password dialog cannot be faked. If it doesn't ask for the keystroke then it is obviously fake, and if it asks for the keystroke but is fake, the dialog won't work. The machine may reboot, which is certainly a Bad Thing, but it is much better than being hacked.

[proton]

Contrary to popular belief, you do not need to enter your password to modify applications on a Mac OS X system. /Applications is writable by anyone in the admin group, without typing their password. Most of the applications in this folder are installed by default so that anyone in the admin group can write to them. In short, if you're in the admin group, and some malicious code is run as you, it can go to town in the /Applications folder.

Originall posted by ryaxnb:
And Windows has 5 ports open. OS X has 0

Sorry to break it to you, but for a start, UDP/5353 is open for Rendezvous' multicast DNS. There may be some other ports that are open, but I don't have time right now to check a truly vanilla OS X install to verify this.

Mac OS X is a secure and well configured OS, but it's not as brilliant as many people seem to think.

- proton

[OMGWTFBBQ]

FreeBSD is very secure - the Mac variant of it is less so from what I have observed.

I admin a small/medium size Windows network and have written a ton of code for Windows.
I admin some Linux and FreeBSD server clusters for distributed computation, I have written code for that.
I just now got an AlBook - so I am learning the Mac world.

From what I know of Windows - as people have said, it comes too open straight out of the box. I personally hate being a Windows network admin (I was supposed to be the programmer and do some IT here, it has become that I am the IT guy and do very little programming - as a result, I'm leaving here very shortly).
Windows is open to break-ins, viruses, and worms.

Linux/FreeBSD is harder to exploit - instead of being wide open, you have to exploit harder to follow issues, and then it is usually a buffer overrun issue, especially if you already have a user account on the machine and want to get to root.
Of the two, I would say that Linux is much "easier" to break into, but that doesn't mean that it is open to viruses or worms. More in just plain security terms.

All of these are open to trojans - that is a matter of what you install.

That is my main issue - are there spyware issues on Mac? That was going to go in a new post and then I saw this thread.
I spend all of my day tracking down spyware, viruses, and possible security holes in/on our network and monitoring our firewall and I pretty much ignore the Mac laptop assuming that it doesn't have anything - but I know that is possibly a bad idea to assume that.

In the end, it comes down to being careful. I have run a Windows machine in various forms for over 10 years and have never had a virus or worm or trojan. I have had them on my machine but not executing just to read the source code and try to learn more about what they were trying to do on our network - but that is different than actually having the virus running in your system.
If you are downloading executable files off of p2p networks or you are executing files that you get from e-mail that aren't something you know exactly what they are, then you are going to get in trouble.
P2P is an area where it would be very easy to get trojans spreading - and I think that is what worries me the most in terms of the Mac.

On Windows, you can get spyware through ActiveX as well - people in my network are really stupid and will click and agree to things that pop-up without reading them - this leads to spyware getting installed.

[Richard Edgar]

All of these are open to trojans - that is a matter of what you install

Quite. How many Windows worms would have been stopped if people had just taken the simple step of telling Lookout not to run attachments. Or thinking about who was sending them helpful advice or programs? Probably most of them. Those are the flaws that tend to be used, not buffer overruns (you can probably find as many of those for Unix variants as you can for Windows) But people don't stop to think - and that leaves OSX quite, quite open. Worse, people might have a false sense of security.

I can quite believe that OSX is better 'out of the box' than any form of Windows. But it will not be immune - and a belief that it is will make the fall all the nastier.

[natty]

Wow, this has turned out to be quite an informative thread. It does serve to reinforce my belief that the security issue is more related to security default setting rather than os itself. I don't know if much can be done to change the shortcommings of the XP default setup (and to a much lesser degree OSX) besides educate your friends and relatives that, with regard to threats, just use smart and prudent computing practices. I've never had a virus and get ZERO spam by doing that.

[pb_lee]

as many people have pointed out - mac users can participate in the distribution of Windows viruses, while not suffering any of the effects.
it is for that reason that i would encourage all mac users not to install any anti-virus software at all...
spread the virus i say! let em have it!
<insert evil laugh here>
it may be one way to get more people to swich to OS X!

[Richard Edgar]

It does serve to reinforce my belief that the security issue is more related to security default setting rather than os itself

To be more accurate, most security systems fail because of people, not the (notional) weaknesses in the systems. People not changing default settings is a special case of this (and I should be fair and point out that many early UNIX systems - and I believe that 'early' can cover the first twenty years - also had mind bogglingly stupid default settings, leaving huge gaps in the security model. UNIX was lucky - the networks were much smaller).

I'm not cryptographer, but I my impression from my reading about Enigma is that even the weakness in that system (no letter as itself) would have been of little use to Station X if the messages hadn't often had standard headers.

[himself]

Originally posted by Richard Edgar:
To be more accurate, most security systems fail because of people, not the (notional) weaknesses in the systems. People not changing default settings is a special case of this (and I should be fair and point out that many early UNIX systems - and I believe that 'early' can cover the first twenty years - also had mind bogglingly stupid default settings, leaving huge gaps in the security model. UNIX was lucky - the networks were much smaller).

I agree. You could have the most secure system in the world, but the OS can only do so much. There is an inherent degree of insecurity in all OS's, due to the simple fact that people need to use the system. An absolutely impenetrable, secure system would be usless to a user becasue 1) it would be far too restrictive for the user to get any work done, or 2) the machine would never get turned on (the only secure computer is the one that is never used).

[theolein]

From reading this thread there seem to be many conflicting and some misinformed opinions about security, viruses, worms and security models.

I am not some hot shot security specialist, but I've done Linux, Netware and Windows system administration and I do understand a fair bit of the security issues involved.

The Windows security model has a finer grained mechanism than the Unix one for access control, but the implementation of security levels in Windows in flawed. It has some bad inconsistencies. The OS runs as the "System" user, which would be the equivalent of the "root" user in a Unix system. The problems start when "admin" and "standard user" users on Windows can delete or install system dll's without actually running as "System". Added to this the Windows and System folder aren't protected as even standard users can run installers that can overwrite system dll's. ActiveX components can basically do what they want if they are allowed to run.

The Unix model depends on root access as all system critical components either are root owned or in a directory belonging to root, so one could theoretically equate it with Windows, but the similarities end there. No standard user can write or delete in the root owned directories. One can use su or sudo, which is the same as the Windows "Run As" command, except that one can limit the availability of sudo with the sudoers file.

The fact that authentification is required to install system software in OSX (and Linux) is good, as it means that critical software always needs to be authentificated before it can be installed. While it is possible that some maliscious software could trick the user into supplying a password, the same would be true for any OS that didn't use some sort of obligatory signing mechanism for installers. (Perhaps MS's Palladium will actually do some good here, but what about legacy code?)

The theoretical masking of the login screen (ctrl-alt-del) in Windows is a bit out of date because that key combo can be caught in the meantime. It no longer provides that much security as it once did.

But the second worst flaw in Windows is the Windows Scripting Host (WSH) which is the thing that allows VBS scripting exploits of the most serious flaw, which is the Windows Registry. Almost all Windows attacks use the Registry by overwriting files types or inserting their own keys to run software at startup. The fact that a VBS worm can write into the registry even though it has been started by a standard user that has no access to the registry is a major flaw, and one that one of the most common exploited holes in windows. (This usually gets plugged by AV software).

MS leaving ports open and the firewall off by default is less of a flaw as simple negligence by MS.

The Autoexecuting of scripts in Outlook is still there even if it still turned off by default.

Buffer overflows constitute the next major set of exploits, and all OSes have had them. If they are fixed, fine, if not it makes the OS easy to exlpoit. Some OS's such as Linux have the chroot ability which makes a programme such as ProFTP unable to get out the users toplevel directory so that if the programme is cracked the cracker cannot get out of the directory to access other parts of the OS. OpenBSD has started implementing a non exectutable stack which makes a buffer overflow much less dangerous. OSX might get this eventually, but it doesn't have it at the moment.

If someone wrote a virus for OSX, it would NOT automatically spread to other computers as some here are claiming. The virus would have to involve some form of social engineering such as the faked MS security patches going around the net. If the user executed the virus it would have the ability to destroy user files but the system itself would be untouched. There is no form of autoexecute on OSX that would make a virus propagate as it can on a Windows network.

So, finally after all that blabbing, I would say the following:

At the moment OSX is a more secure OS than Windows. Longhorn will improve things on the Windows side and I'm sure eventually someone will write an OSX virus or worm, BUT, as long as you don't just execute random code off the net, you should be ok if you make regular backups. AV software might eventually be needed on OSX as well, but I think the fact that Windows is so popular will always mean that more people will be attempting to crack it.

[stevesnj]

So if there are no known viruses for OS X then the Anti-Virus software for OS X is made to protect Windows users not Mac users? Seems like unless you constantly share with Windows users the Anti-Virus software companies are raping the Mac user of their money.

[kampl]

Originally posted by Richard Edgar:
Are you sure? How do you know that you don't have something on your machine right now that is lying dormant, waiting to be activated? The most effective way to wreak havoc would be to do something like that - infect, and then go quiet.
IIRC, NT's security model is theoretically much better than the UNIX one (this is not desparately hard). Implementation is, naturally, another matter entirely. And on a UNIX, box, once the root account is gone, there are no further limitations. How many OSX users have admin priviledges on their normal account?
Like that iTunes installer which, IIRC, zapped hard drives which had a space in the name?

The biggest defence that Apple has at the moment is its small market share. As others have pointed out, there aren't enough to give much 'glory.'

OK, I can't stand by and listen anymore. I would love to hear of a worm for Mac OS X that has such free reign over a system like say Blaster, CodeRed, Slammer. See a trend here? These are all exploting server daemons and were/are all very serious. How many server daemons are running on OS X waiting for exploitation?

With that, I have yet to see a serious remote exploit for any code on OS X that runs by default. I've seen local sploits and remote, but on nothing that is running out of the box for remote exploitation. Which brings me to an example, Blaster. MSRPC runs out of the box at "SYSTEM" level privileges. Boom, stack smasher sploit comes along, runs as the equivalent of root and has its nasty way with your precious machine and data. Same for CodeRed, same for Slammer (my fav, single packet to infect and spread. genius exploit/worm).

My next big peeve(sp?) is the market share cop out. OK, MS has a huge market share. That's nice. This begs the question that if market share is such a key driver for exploitation, why is it that Apache is the most widely used http server yet IIS seems to be the most exploited of all http server software ever? Hmmm.... There's a question wrapped in a riddle stuff inside a cunundrum. Or is it.

Onto XP/2k security model. Theory is all well and good, in theory..... With this theoretically sound model, I'm trying to figure out how Joe user can open an attachment in his IMAP client and suddenly open listening TCP ports on his workstation (which remain after logout as well) without soo much as a reach-around to ease the ripping pain? Never been able to do that on a proper *nix box, yet Windows seems not to care.

I don't mean to rip you personally, and I apologize if you feel wronged, I just don't think the ideas behind the arguments are sound. Please continue to make your points on the subject, I really want to know the lowdown on where we stand at this point in time.

*quickedit*
I did not mean to write that CodeRed and Slammer aer builtin exploitable daemons. Just more swiss cheese daemons. Sorry for the confusion.

[Richard Edgar]

I would love to hear of a worm for Mac OS X that has such free reign over a system like say Blaster, CodeRed, Slammer

In the matter of security, the question is not "Is such a thing known?" The question is "Is such a thing possible?" The answer to that is definitely positive.

It is true that most UNIX systems are better 'out of the box' than NT. It is also true that the 'not-so-good ideas implemented well' security of UNIX is preferable to the 'good ideas implemented poorly' security of NT.

However, I do feel that a double standard is usually being applied (admittedly, this has been partially of MicroSoft's own making). People conveniently forget that for decades the phrase 'secure UNIX system' was regarded as an oxymoron. The Internet Worm (exploit for a service running by default) struck in 1987 - roughly a decade and a half after UNIX was first released. I'm not sure that NT has even been out that long, yet UNIX was forgiven, and NT is condemned. As for 'no services running' on OSX.... has it been mathematically proven that the TCP stack contains no exploits?

So, I'm not impressed by anything. NT ought to be far better than it is, but the security track record of UNIX systems is nothing to be proud of either. Finally, a baseless belief in the security of OSX (or any OS), is the best way to ensure that when the security is proven to be less than perfect, the fall is all the more terrible.

[himself]

Originally posted by Richard Edgar:
In the matter of security, the question is not "Is such a thing known?" The question is "Is such a thing possible?" The answer to that is definitely positive.

It is true that most UNIX systems are better 'out of the box' than NT. It is also true that the 'not-so-good ideas implemented well' security of UNIX is preferable to the 'good ideas implemented poorly' security of NT.

However, I do feel that a double standard is usually being applied (admittedly, this has been partially of MicroSoft's own making). People conveniently forget that for decades the phrase 'secure UNIX system' was regarded as an oxymoron. The Internet Worm (exploit for a service running by default) struck in 1987 - roughly a decade and a half after UNIX was first released. I'm not sure that NT has even been out that long, yet UNIX was forgiven, and NT is condemned. As for 'no services running' on OSX.... has it been mathematically proven that the TCP stack contains no exploits?

So, I'm not impressed by anything. NT ought to be far better than it is, but the security track record of UNIX systems is nothing to be proud of either. Finally, a baseless belief in the security of OSX (or any OS), is the best way to ensure that when the security is proven to be less than perfect, the fall is all the more terrible.

From what I can surmise, UNIX was "forgiven" back in the day because it was in uncharted territory. The virus/exploit/worm thing was relatively new, and the developers had to retrofit their software to accomodate those threats. Now, the developers have primarily learned their lessons, for the most part... which is the reason why Windows (or, NT) has been "condemned," as you say. This is now largely charted territory. The vast majority of the mistakes and weakness in Microsoft's software should never be allowed to develop, because those lessons have been (or should have been) learned already.

The *nix developers (and the computing industry as a whole) have identified how all of this malicious code works, and have developed methods for effectively defending against it, so now the focus can be placed on uncovering those obscure holes that may still exist within any given system, and also researching and preparing for newer potential methods of bypassing existing security. Microsoft is a step behind in this regard, because they don't have all of the vital elementary security components in place. As a result (and also due to Microsofts pervasiveness), nearly everyone with a computer on a network is at risk.

The real issue isn't whether or not an exploit or anything else exists for any given system. I'm confident that they exist for every system actively in use. The issue is how prepared is your system to defend against it? No one here has any power to stop an individual determined enough to create malicious code, for any platform. But users and developers alike do have the power and responsibility to secure their own systems... and a software developer that takes a half-assed approach to system security is just plain irresponsible.

[kmkkid]

Bottom line for any platform :


Run a good firewall with a good set of features (i.e. check for app changes, block ip ranges etc.).

Run Antivirus software.

Don't download or open things you arnt sure of.



Follow these simple rules and you'll do fine.



Chris

[Love Calm Quiet]

You guys have been addressing this at a sophisticated level of system operation that I only vaguely understand, and these issues sound critical to major installations, business networks, etc.

What about the average, naive user (like my father-in-law) that Apple would like to entice over to OS-X some day - the kind that gets AOL service or some such? What are the protections in place against "user stupidity" to limit the amount of damage that can be done.

I have in mind the ubiquitous email attachment, "You are one of five finalists in the (Powerball or whatever) contests. To discover your elligiblity, click on the link below, enter your username and password, and our software will examine your computer to determine if you are the BIG WINNER!"

Nobody reading this forum is going to fall for that (unless it offered pix of Pamela?). Anyway...
1) is there really any difference between OSes in vulnerability to suckers that fall for executing .exe or performing password-requiring installs?
2) what sort of system protection (short of automatic backing up & archiving of user data) is conceivable to guard against the huge "Stupid User Security Hole"?

[theolein]

Originally posted by Richard Edgar:
In the matter of security, the question is not "Is such a thing known?" The question is "Is such a thing possible?" The answer to that is definitely positive.

It is true that most UNIX systems are better 'out of the box' than NT. It is also true that the 'not-so-good ideas implemented well' security of UNIX is preferable to the 'good ideas implemented poorly' security of NT.

However, I do feel that a double standard is usually being applied (admittedly, this has been partially of MicroSoft's own making). People conveniently forget that for decades the phrase 'secure UNIX system' was regarded as an oxymoron. The Internet Worm (exploit for a service running by default) struck in 1987 - roughly a decade and a half after UNIX was first released. I'm not sure that NT has even been out that long, yet UNIX was forgiven, and NT is condemned. As for 'no services running' on OSX.... has it been mathematically proven that the TCP stack contains no exploits?

So, I'm not impressed by anything. NT ought to be far better than it is, but the security track record of UNIX systems is nothing to be proud of either. Finally, a baseless belief in the security of OSX (or any OS), is the best way to ensure that when the security is proven to be less than perfect, the fall is all the more terrible.

The problem with security in Windows has been due to negligence (leaving ports open, firewall switched off by default), unchecked buffers (the majority of the remote exploits on any system use these) and the Windows Scripting Host (The autoexec scripts in Outlook attachments).

The last one has been the source of most of the recent worms. This is and was definitely a bad design from a security perspective. No other platform allows things like that.

You're right when you say that one should not be relaxed with respect to security on any OS, but the chances of getting bitten are definitely smaller on OSX (or Linux for that matter) at the moment, than they are on Windows...

...in the default installation.

Microsoft has improved their security after complaining loudly about security experts aiding crackers for a long time, in order to cover their butts. The bad PR that Microsoft got in the past few years was the reason that Microsoft started becoming proactive about security, not due to their own initiative.

Still, if all I'm going to be doing with a computer is surfing the web and writing e-mails then I would just use a Linux box with Mozilla as that would the cheapest and most secure way to do it.

[dharknes]

There is one point that is being over looked.

Several of you have stated that NT has a better security model then Unix. I'd like for you to define better? I'll admit that its more flexible but it's also more complicated, especially in a networked environment. But this isn't the biggest problem.

The biggest problem is that MS hasn't learned from 30 years of Unix mistakes. Someone pointed out that Unix has had its problems, the Internet worm, the lion worm on Linux, and I'm sure there are others. But these worm propagated on what today are considered in secure systems. Because those system were running services as root.

On Windows all services: webservers, file services, print services, database servers, etc. all run as the System. Which means if someone exploits any one of them then your whole system is hosed.

On a modern Unix system (including OSX) most all services run as a normal non-root user. So, if someone exploits that service then they are only a normal user. As pointed out, most Unices support chroot which goes even further to limit access.

So basically MS just needs to apply the idea of least privilege. Which is simply answering the question "what is the minimum access required to accomplish the task?".

Just my .05 cents.