Ed Bott at ZDNet, talking about malware on Macs:[1. via Daring Fireball]
Now I am seeing evidence that the next target is OS X. That’s potentially very bad news for Mac owners who have abandoned their PCs in the belief that switching to a Mac somehow immunizes them from malware.
Security experts know, of course, that there’s nothing magical about Macs when it comes to security. They just haven’t been targeted because Windows has been such a big juicy target for so long.
Oh man, this is good stuff. Clearly, Bott’s article — and the others listed in Gruber’s aptly titled article — isn’t entirely accurate.
To date, there have been very few security threats made against OS X users. I can count them on one hand.
The malware attempts that have been made have made in the form of trojan horses — applications that aren’t what they seem. The most famous examples are Background on OSX.Trojan.iServices.A & .B, which was some dormant malware hitched to a hijacked, stolen copy of iWork.
(I wrote about this in depth back in April 2009 if you want to know more.)
In that article, I wrote about what Bott and many others have written about — that the Macintosh is safe because worldwide, Apple’s market share is very small. It simply makes more economic sense to invest in malware that can hit a much wider base of targets.
While the Mac is growing, this continues to hold true, but Bott spoke of the technical end of things.
In that April 2009 piece, I also wrote this:
OS X requires the user to enter their admin password to install software. The iWork trojan horse gets around this by simply adding another package to the payload for OS X’s Installer to process. This is probably how future trojan horses will work as well, since it is so simple and elegant. Very, very few people log at Installer’s log files during or after an installation, letting the additional files to be installed right before their eyes without them knowing.
This is a very important piece of the puzzle. For many Windows years, most Windows users ran as a Local Administrator, allowing malware to be installed without their expressed permission, as older versions of Windows didn’t require the user to enter their password to install software. Windows 7 and Vista, however, require it. Today, if I want to install something on my work PC (running Windows 7), I have to enter my password, even though I’m running as the administrator user.
The Mac, of course, has had this in place since OS X launched 10 years ago.
While I think anyone running anti-virus on a Mac is probably the same type of person who I could sell some snake oil to, there are some things that every Mac user can do to make the world a little bit of a safer place. The biggest thing is to not allow Safari to open “safe files” upon download.
But the single biggest thing you can do to stay safe? Use common sense. Don’t install pirated software, and don’t believe everything guys like Ed Bott publish.