OSX Malware not taking off yet

It’s not just the popularity or lack of granular permissions of Windows that makes it a good target, it’s also that the sprawling interfaces into the OS expose a huge amount of surface area for attackers. For example, HTML+Time support in IE is a paper thin layer over COM interfaces to WMP. And there’s the general issue of Microsoft’s rock-bottom quality standards letting a lot of bugs get out into the wild.

It is interesting to note that while you hinted at it, you never actually came out and said it. One of the biggest, if not the biggest obstacles to malware on *nix and OS X is one of permissions.

You speak of packages coming with code that can recompile with gcc and go on to state that they usually fail. This begs the question of “Why?’. The answer is in permissions. If your permissions are set properly, and if you haven’t gone in and mucked about with them, then the default permissions are usually adequate, then the package probably can’t compile or install, because the user does not have permission to write to that particular directory.

This is just one small, brief and not very in depth example.

While I appreciate the fact that you are probably constrained by time, space etc. A follow up with the actual reasons why these malware packages for *nix (And yes, OS X belongs in that category, because it is based on the BSD Kernel) fail and/or are of such a low number, would be in order.

I appreciate the one un-noticed fact of the mac world verses the pc world. It didn’t hit me until I read this article……when you do not have to worry about some malicious virus lurking in the background just waiting for you open your computer, then and only then can you just “jump in” and begin your task on the computer.

I never gave this a second thought. I have been using a Macintosh since 1985 and not once have I worried about, “is there a virus going to hit me today?” Not once! And I believe because of this my production on my Mac has definitely shot up.

When you can just boot up your computer and get to work on your project without the worry of a virus attacking you, it certainly says something about the OS coding of the Mac! Now this isn’t to say anything negative about the PC world. I just say that it’s too bad that people have to be so very concerned about ANOTHER patch; ANOTHER this, or ANOTHER that!

I feel that those who grow tired of attacking the PC computers will someday begin to try to foil the mac world. However, we need to understand that in the mean time Apple continues to stay ahead of these people with their security updates. And, by the time the attack begins, it’s going to that much harder to get into the OS of any of the Mac’s.

Richard Cornelius

Please list the “7 known malware apps” that affect Mac OS X – and which versions of Mac OS X are affected – and which Security Updates correct those Vulnerabilities or Exploits.

I know of at least 2 rootkits for Mac OS X – but they require access to root and a person needs to be physically at the machine to install. And there is one commercial app (Spector) for monitoring a machine – with permission.

So what are these others mentioned?

First, thanks for the article. I’ve been trying to find statistics on how malware affects different operating systems. The numbers you referred to are just the type of information I’m looking for. Could you point me to your sources, as it would be greatly helpful to me.

Thanks!

You are being misquoted and/or misrepresented by VNUNET.COM which says of you, “The Mac OS X system is not inherently more secure than other operating systems, according to the researcher.”

I can find no such assertion in your article.

The misrepresentation can be found here:

http://www.vnunet.com/vnunet/news/2186013/dearth-mac-malware-continues

Respect is the reason I believe. Those who use macs love them, not hate them. The New OS X is more elegant than ever before and as a long time mac user I would NEVER do anything to hurt the platform.

I also use Windows XP SP2 side by side and loathe everything about it. It is designed not for use but to manipulate it. The whole OS gets in the way before programs, irritates the dickens out of me, hours researching how to do some simple add on or driver, etc. It is insane. Plus at colleges or wearever the kids are taught to maipulate in order to understand them. My son, raised on MACS, became a network specialist and learned and showed my how to do so many BAD things. He even hacked the treachers computer that even the teacher could not figure out, got in trouble, but got his degree. People who use macs simply appreciate them, and since using macs since 1989 I have never came across anyone who ever wanted to hurt the platform, learn about yes, but not harm.

What is the basis for your assertion that source code availability “can make it easier for malware authors to write malicious code/exploits” — is there any research or data anywhere which suggests this to be true? It is a reasonable hypothesis, but so is the contrapositive. Absent any research one way or the other, it’s rhetorically irresponsible to make a statement like that.