Tech Talk: The Mythology of Macs and Malware
Sunday, March 30, 2014
At Sunday’s Computer Q/A at the Commons, one of the participants shared her experience at a local Apple store while buying a new Mac. Multiple employees assured her that she didn’t need any anti-virus software. I was shocked that they told her the only reason they needed malware protection was if the system would also be booting Windows.
What?
Yes, Macs can “dual-boot” between Apple’s OS X and Microsoft Windows if set up to do so. If you do that you should definitely add an anti-virus to your Windows installation if one is not already available.
However minimizing the risk of malware inflection on OS X itself is a kind of response I would have expected a few years ago, not in a contemporary Apple Store.
My Virus Roots
Ironically, the first virus I ever personally encountered was a Mac virus called WDEF in 1990. I was managing tech support for a small company making both Mac and PC software. Like most viruses of that period, WDEF’s primary goal was to simply keep replicating itself, hitching a ride on any available floppy disk to go to from Mac to Mac.
While WDEF did cause some specific Mac II models to crash, that was due more to bugs in the virus than any malicious intent. WDEF first made its appearance in 1989 amongst colleges and universities. It was accidentally shared through some disk-based computer magazines and some commercial software, including a version of Microsoft Excel for the Mac, released in 1990.
It made its way to our door through Grammatik, one of the first grammar-checking programs available for either the PC or the Mac. It was also easy to remove, thanks to one of the first commercial anti-virus programs available, Symantec AntiVirus for the Macintosh or SAM as it was more commonly known. This was about the time that Peter Norton’s company merged with Symantec but a good five years before Norton launched Norton Anti-Virus for Windows 95.
So Why Do People Think Macs are Immune to Viruses?
For people aware of the Mac’s viral past, they say that OS X’s multiuser functionality, improved component isolation and better security eliminated most technical concerns about viruses. Of course, that was the same argument used about the same time for Windows XP over earlier versions of Windows. While both OS X, Windows, and malware have continued to evolve, these opinions also continue to be shared as fact.
“OS X has fewer flaws than Windows”
A flaw is a general term, but if we narrow the definition to a vulnerability that can be exploited by malware, there are some good reasons why people might think this. Because of business customer needs, Microsoft has created a predictable and quite public monthly update time knows as Patch Tuesday to provide updates and security patches. This and regular press coverage of these security updates can give the impression of Windows as an extraordinarily flawed system.
Apple’s update and security patches are less predictable or publicized. Apple's only security update this year was at the end of February. It lists 19 security fixes and one additional update for its Safari web browsers version to fix in recent versions of OS X. Microsoft’s total security updates this year for all Windows versions and Internet Explorer was two for January, seven in February, and four released in March, a total of 13.
“OS X does not get viruses like Windows does”
Yes, OS X does not have the same technical “attack vectors” (as security experts call them) that Windows has. However, there are many similarities in how malware can infect Mac and Windows systems.
Third-party components like Oracle’s Java or Adobe Flash have been a popular vehicle for Mac malware. Mac are the only OS with this problem. Most of Windows 8.1 security updates have been to fix problems with Flash.
Social engineering is a prime cause of inflection on both the Windows and Mac systems. Anti-virus software not only monitors system vulnerabilities but protects users who may be deceived into installing something unknowingly harmful. Some people have argued that adding an anti-virus to a Mac will lead to a false sense of security. Telling people that Macs don’t get viruses could have the same result without any protection.
“OS X is a less attractive a target as Windows because of its small user base”
It is true that OS X Mac users make up only about 7.5 to 15 percent of the computer market, depending on who is counting (examples, NetMarketShare, StatCounter). While Windows has a bigger bull’s eye for malware developers and distributers to hit, it doesn’t mean that Mac users are more secure.
Some Apple employees discovered that first hand in February 2013 when their systems were inflected through flaws in a third-party plug-in. As security expert Charlie Miller said at the time, "The only thing that was making [a Mac system] safe before is that nobody bothered to attack it. That goes away if somebody bothers to attack it."
Last year at their Worldwide Developers Conference, Apple announced its Mac install base had grown to 72 million machines. Though still a low percentage of system overall, if a majority of that installed base is not using anti-virus protection, it sounds like fertile ground for an attack.
So what can you do to protect your Mac?
Start with a greater awareness of how your system can be attacked from a technical and social standpoint.
Update OS X promptly. Any system vulnerabilities for which Apple has released fixes need to patched as soon as possible. Otherwise Apple’s security update notices simply become a menu for how the bad guys can attack your system. If you are still running an earlier version of OS X, consider upgrading to Maverick as it will protect you better than previous OS version.
Update or Eliminate third-party apps and plug-ins. Old versions of Java and Flash provide plenty of opportunities for malware infection. If you need them for programs you run or websites you visit, update them. If you don’t, remove them.
In addition, unpatched applications like Microsoft Word 2008 can be susceptible to “boobytrapped” documents. Documents of this type were circulated amid allegations of abuse in Tibet, Syria and East Turkestan in the last year.
Be mindful of what you install or consent to. With human factors a major input point for Mac malware, you need to be smart about your actions.
Think twice about opening email attachments, especially if the sender is unknown to you or is something a known sender would not normally do.
Know what you are actually clicking on in an email message or unusual web link.
Avoid peer-to-peer networking connections like “torrents” as they can often contain malware.
Add an anti-virus monitor. As in Windows installations, these are free tools like Sophos’ Antivirus for Mac or avast! Free Antivirus or paid versions like ESET Cyber Security or Kaspersky Internet Security. An added benefit of many of these tools is the ability to detect Windows –based malware and avoid passing them on to others.
Those of you who have heard me speak before on security know this is the same advice I share with Windows PC users. Since Windows and Mac users live in the same world, it makes sense to take the same precautions. Even if statistically, Mac users are less likely to be infected, the distinction fades pretty quickly the moment you become that statistic. Protect yourself from that moment.
Do you have a follow up on this topic or technical question on that needs to be answered or explored? Please share it with me at brian@bostonlegacyworks.com. Your question may show up here on Tech Talk.
Brian Boston supported Microsoft products during his 18+ years with the company and now teaches, consults, and troubleshoots a wide range of software and hardware devices for Boston Legacyworks.
0 comments:
Post a Comment