Apple has apparently become a victim of its own success — since Mac OS X is gaining in popularity, Symantec expects it to become a target for more attacks and intense vulnerability scrutiny.
This trend was published in Symantec's Internet Security Threat Report for July to December 2004.
To back its claim, Symantec cited several reasons — ranging from Mac OS X's heredity to attacking the intelligence of loyal Mac fans.
"With a newly designed operating system based on a BSD-Unix lineage, Mac OS X has begun to not only capture the attention of users but of vulnerability researchers as well."
"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," the report said. Sure, Microsoft's attempts at security are often scoffed at but to infer that Mac users (or those of Unix, Linux etc.) are living in a bubble is ignorance on Symantec's part.
Another point of contention was Apple's new products. Increased adoption of the Mac mini — the company's low-priced computer — will escalate malicious activity since it could be purchased by less security-savvy users, the report stated.
I can understand how non-IT literate users — at large — struggle to understand the difference between a virus and a worm but is Symantec saying only technologically-competent people purchase Windows machines? Rebooting a machine multiple times a day can't be that hard (I should know).
It's difficult to grasp the reasoning behind these statements. Symantec's only piece of solid evidence is reference to 37 previous high-impact vulnerabilities in Mac OS X — all of which have been patched. Juxtaposed against the 17,500 Windows-based viruses and threats, it's clearly an uneven contest.
One telling finding in the report was the decline in bot-scanning activity during the second half of 2004 — Symantec recorded a dip from 30,000 per day to 5,000 on a daily basis. The company concluded that the decrease corresponded with the availability of Windows XP Service Pack 2.
"Ports 445 and 135 are common paths for bot networks to spread onto computer systems, either through unpatched vulnerabilities or bad user name and password choices.
"Many common bot network applications, including Gaobot, target vulnerabilities that are accessible through these Windows ports as a method of infecting new systems. The sudden drop in bot network scanning indicates that Service Pack 2, in addition to cumulative patches, may have been successful at reducing the number vulnerabilities in Windows XP systems that are subject to remote compromise," Symantec said.
If Microsoft does a stellar job at improving the security of its products — coupled with the availability of proprietary anti-spyware and antivirus solutions — which platform will be Symantec's new engine for growth?
Talkback
And of those 37 criticals, not all were in the OS itself. Most were in the applications...
Seems Symantec is trying to tell people WinXP+SP2 might be a more secure choice than MacOSX. In any case: "buy our stuff, we know what security is all about" duh!
Methinks, Symantec is fearing for its own future.
Since security on the Windows platform improves, partly due to Microsofts efforts, partly due to user awareness and the use of non-Microsoft applications for web and email, Symantec sees its customer bases and sales dwindling, so they seek out the Mac-platform to find gullible fools there to buy their overpriced, overly bloated and mostly useless tools.
Regards
Nohab.
The combined market share for OSX and Linux desktops is somewhere are 6%. Does Symantec suddenly think that either or both is going to suddenly wrest leadership from Microsoft?
Apple would dearly love to see their own market share rise to 5%, as forecast by a few analyists. The Linux people keep hoping and praying for a GUI that's never going to be competitive.
If port scanning reductions can be attributed to the recent Microsoft then I say (with teeth clenched) more power to them. I'm tired of helping friends with their Windows PCs.
But this has to be some inane idea from the mind of a PR type at Symantec which has always done respected work on viruses and assorted malware. It's little more than pure speculation. It flys in the face of Bill Gates' own admission (apology?) a few years ago to Windows users that Windows was always built with the profit motive first and foremost while anyone who knows a ^nix geek knows that safety and reliable functionality are foremost on the list of all vetted software.
Many of the reported vulnerabilities in OSX (and many other *nix OS) are often based on popular features like Apache where open source programmers are continually tweaking their code and finding their own vulnerabilities which Apple then passes on with their security updates because Apache (only an example; not picking on them as they do great work) happens to be included in both client and network versions of OSX.
What a joke. Mac software from Symantec like the famous Norton Utilities has gone downhill and is so bad anymore that they might look at fixing what they presently sell to Mac users before raising a cry about dangers to OSX.
Most "Symantec" software for the Mac (Norton Utilities, their nuisance firewall software) they bought from someone else and screwed up. Pronouncements like this only add to what little credibility they have left in the Mac community. Their Mac "anti-virus" software is coded solely for Windows viruses and worms. A friend tried to run it recently and had to force quit because it found so many (harmless) Windows bugs.
PR stunt. Duh.
Symantec is fearful of its slip from the top. MaAfee has been better for a long time. Trend Micro has taken over in the enterprise market. and AVG by Grisoft has made a huge surge as the "cool" consumer tool of choice.
Symantec's products have slowly become stale and irrelevant. Most of the time they do not even work as advertised.
Symantec needs to resort to scare tactics in order to drum up new business and try to be the first to expand in a "new" market segment.
Good luck. Your time is done...
This is the same company whose useless OS X virus software would delete a whole Mail.app folder of email because one email contained a Windows virus. This is such an obvious and easily testable flaw that I suspect that they do not even have a Mac QA department.
I wouldn't believe a word of what they say. They are just looking to generate some FUD which for them could me extra revenue.
Symantec is really going down the tubes. I'm sure they wish the Mac was under worse attack. So maybe they could make more $$$. What a bunch of self-serving tripe. Anyone else want to get a steam roller - bring all our Symantec products and run over them a few good times? Flat products. Like the flat world Symantec lives in. GET A LIFE SYMANTEC!
Time for a new anti MS lawsuit.
Despite everyone clamouring for free software MS has been hammered for providing IE free with the OS and hammered for providing media player free with the OS.
As MS in-built security improves in line with user demand, third party security solutions will become less important.
This must be anti competitive practice. MS should be forced to provide software without in-built security in order to maintain competition in the industry.
Sue, Sue, Sue, I say!!
Nigel, it's free as in 'free speech', not free as in 'free beer'.
The 'free' software that MS provides has a long line, a large hook and an even bigger sinker. You better not touch it, even with a 10 foot pole.
As for the lawsuit, please keep them coming :-)
Or maybe i missed the clue of your message, being a non-native English speaker ?
Symantec, in my opinion, has never taken the Mac seriously unless it has been self-serving. I was the System Administrator once for a group of Mac's that were in an Windows environment. Symantec was the vendor for anti-virus software for the entire company. I spent over a month dealing with crashing Macs, that were "protected" with Norton that was up-to-date. Yet the problem turned out to be a somewhat older and common virus that was detected by a shareware program from Australia. Symantec promised to include the detection of this virus in an update, but after three months still had not done so. At that point their contract was up for renewal and the company decided, on the basis of this performance to switch its entire contract to a competitor, that had always detected the virus. Countless hours and data were lost due to Symantec's attitude about Mac's. They left an impression that they only sold anti-virus software for the Mac so that they could say they did, and make money off of it. However they seemed very unconcerned about it actually working.
This is evidenced by the fact that soon after OSX came out and the utilities market became more competitive, they essentially abandoned the Mac market rather than improving their Mac software. Now, as you point out, with Windows starting to become a more secure environment, and more interest shown in Mac, they are starting to look for fresh, untapped, markets. What is more obvious than Mac.
They pulled it off once, why not again? After all, history does have a habit of repeating itself and there is money to be made, especially when the source is naive users.
But as I said, Symantec seems to have never taken the Mac seriously before, other than as an income generator. Why should they now? Just how often does a Leopard change its spots?
Symantec and Malware, virus and wormcheck on an Apple with MacOSX? LOLROTFBTC.
They're not even able to program their website to be used with a Mac ... Did you try their "Security Check"? I did some weeks ago, with no luck.
Excuse my bad english, I'm not a native speaker.