We were intrigued to receive a press release from McAfee today, warning us of vulnerabilities in Apple's Mac OS X operating system. Not only were these vulnerabilities growing at an alarming rate, said the release, but "as more companies deploy Mac systems running on the Intel platform in mixed environments, the risk of infection will most likely increase." Fortunately for all of us, a second release had the answer: "McAfee today announced antivirus support for Intel-based Apple computers. "
Phew. At last, the world is safe from the thousands of Intel-specific Mac viruses, worms, trojans and other malware that make today's OS X experience one long struggle against evil. Or it would be, were there any. Which there aren't. Not one.
It may be true, as McAfee says, that from 2003 to 2005 the number of discovered Mac vulnerabilities increased by 228 percent while Windows only saw a 73 percent increase. But that's like saying that in the last decade, deaths caused by choking on ice cream were up by 200 percent while deaths from smoking only went up by ten. Like the ice cream, shining light on McAfee's claims makes them melt away – when we asked the company how big the risks actually were, it admitted that there was "no significant risk" at the moment. But there might be in the future. People on Macs are complacent. Better safe than sorry.
Safety in this context means having a sober assessment of the risks and how to safely and effectively counter them. For as long as OS X has been in the wild, discovered weaknesses and example code have been used by interested parties to predict actual attacks. Nothing remotely serious has materialised. In fact, if you look down the CERT list of alerts for 2005, the only one that mentions an Apple product by name is one caused by a bug in Symantec's AntiVirus software for the Mac. Safe, effective risk management here involves taking the longest bargepole you can find and using it to not touch the snake oil.
McAfee should be ashamed of itself, for raising fears of risks that do not exist, for coupling risks to Intel chips by association – which borders on the libelous – and for encouraging the very complacency it claims to cure. This push to sell inappropriate solutions will damage security and hinder the fight against malware. It will introduce more complexity at the system's most vulnerable point, and discourage people from thinking about stuff like firewall configuration and proper privilege-based security. If you understand security, you will not buy this software.
OS X, like any complex computer system, is not invulnerable to attack. Educating users about modes of attack, keeping up to date with patches, watching for independent analysis of problems – all these are good ways to keep your guard up. Listening to someone crying wolf is not.
Talkback
I'll tell you that IF (& when???) there IS a virus problem on my Mac the company I WON'T go to for a solution is McAfee.
The company I trust most to provide the an appropriate and timely response to any given security flaw is Apple through Software Update. No one can anticipate what the next problem will be, and as such no software can protect in advance (antivirus software only works when a corresponding definitions file is updated).
The problem is that the most recent and patched version of Windows does not immunize itself against all known viruses, and Microsoft can't keep up with new threats. This is where most people get the belief that AV software, on any platform, is a necessity. However, I believe that anyone running OS X 10.4.6 with all available software updates is safe against any known forms of infection.
Finally, a journalist who does his/her research and actually knows what they are talking about. It's about time.
Good for you for printing a balanced view of Mac security. I'm very suspicious of "security" companies who scream about security problems because they want to sell you their products. While their security products may be very good, there is a serious conflict of interest in this approach.
BEWARE SYMANTEC PRODUCTS FOR MACOS X!!
Congratulations for getting it right about the non-existent virus threat to Macos X and the very real threat to Macos X posed by the use of Symantec's antivirus product for Macos X .
We are a Mac retail and authorised service centre and by far the GREATEST SOURCE OF SOFTWARE PROBLEMS presented to us by Macos X clients are DIRECTLY ATTRIBUTABLE AND CAUSED BY the operation of NORTON ANTIVIRUS on their machines. When asked why they bought and installed this product WHICH ACTUALLY CAUSES THE PROBLEMS IT IS SUPPOSED TO FIX they invariably explain that they when they bought their computer from a box-pushing retail outlet the salesman, in his ignorance and greed for extra commission pushed the product onto them. We then have the unenviable job of UNINSTALLling any and ALL NORTON PROGRAMMES on their machines. Our experience is that ALL NORTON PROGRAMMES FOR MACOS X CAUSE MANIFOLD PROBLEMS WHENEVER THEY ARE INSTALLED AND OPERATE.
The latest "Mac virus" making the rounds turned out to be a trojan horse. The national media apparently does not know the difference. How sad.
I'm still waiting to see a problem on my Mac.
The FUD machines are in full force lately. Sad really.
Scare tactics for the masses, how quaint!
It's about time that someone in the media got this right! Good for you! I've worked supporting macs for some yearsand this is exactly the advice that I've given time and time again. In my time working in IT, I have only encountered one OSX virus... and it was a user installed (they were fooled into running it) macro virus for Microsoft Office that was only capable of affecting Office.
However, in the same period of time, I ran into numerous people whose entire machines had been hosed because Norton's antivirus screwed up system upgrades etc. From my experience (at this time at least) anti-virus software on the mac actually causes more problems than it solves.
An excellent editorial. It's good to read some common sense once in a while. McAffee should indeed hang their heads at this shameful attempt to scare people into buying their stuff.
I recently moved over to a Mac, mainly because I was sick of having to use security software that slowed thing sdown so much.
Keep up the good work guys!
I'm a sysadmin, and I do deploy an AV solution on my Macs. Not because it is necessary, but because The Boss likes it that way. The opinion is that soemthing is better than nothing. So I use ClamXav, cos it's open source, free, reliable and hopefully effective and doesn't hose the rest of the box.
Quite how these companies such as McAfee, can claim to block virii that don't exist, I'm not sure. Haven't touched Norton since OS9, and it was more trouble than it was worth then. Even if it did have to install AV for protection, I'll go with Open every time. At least the devs for that are ONLY concerned with the security of the computer and not how much they can gouge you for.
Well written article - the last paragraph hits the nail on the head.
of course we could say that even the less PC savvy windows users have realised that their products are rubbish and now they are trying to attract the new to Mac brigade, but that would be cynical wouldn't it