Macintosh Hacker Attacks Are on the Rise -Symantec
 

I remember many mac users on this board touting the fact that their mac's were untouchable. The times, they are a changin'...

story: http://story.news.yahoo.com/news?tmp.../tech_apple_dc

Every system has vulnerabilities... But you won't be affecting nearly as many people if you target Macintosh.

good to see you concur w/Martin Reynolds, who basically said what you said, but better, in the article. :lol:

Anyone who thought Macs were immune shouldn't be trusted with their Mac information. Any system can be hacked. They are not an accurate representation of the "Macintosh computer community", becuase they probably don't know the first thing about computers. As, myself, an acurate representative of the "Macintosh computer community", I say it was bound to happen. Those iPod commercials piss a lot of people off. OSX may be more stable and less likely to be hacked, but it is far from immune. It's a shame that Macs will be less safe now. This is not a good day for Mac shareholders like myself.

I didn't see anything particularly newsworthy in that article. Mostly, it seemed to be Symantec trying to drum up sales for their software. No concrete examples, except that they said that Apple has patched any issues that came up:
They say that there are vulnerabilities, but not that any hackers have attempted to exploit them. They merely claim that future hacking is inevitable.

I'm not saying that the Mac is invulnerable, but I don't thing Symantec has made a good case to the contrary.

will, I remember reading some of your posts, and I don't believe you're an accurate representation of the Mac community, or the PC community in general.

why? because you seem to know what you're talking about. the PC community, as a whole, is pretty fuckin' clueless IMO hehehe.

Shock Headline!

"Macintosh Hacker Attacks Are on the Rise - Says Security Sofware Firm"

I'm still laughing now!!!

McAfee said the same thing about the Palm platform in the late 90s. Marketing Marketing Marketing.

Hey, my dream is to become teh 1337est PDA h4x0r eva!!!1! :|

Just remember that security is a process. Microsoft's security process is getting better. Now Apple's security process is being tested. We'll soon see just how good their process is.

"Security is a process, not a product"

Me too!! People - check your sources!
OS X is certainly not invulnerable, but it's not nearly as easy a target as a windows box regardless of marketshare.

For those not familiar, os x asks for your administrative password any time a major system change is about to occur. So even if a hacker was to exploit, say, a safari bug and execute code they can only do as much damage as you have priveleges for (which can be pretty bad, but not erase-your-whole-computer or infect-the-boot-blocks bad).

Opinion: Despite Symantec's security warnings for Mac OS X, Macintosh users pay too much for protection they don't really need.

In a perfect world, people might pay for security software based on the number of attacks prevented and the severity of those threats. The bigger the threat, the harder the software works and the more it protects, the more you pay. Seems fair enough.

In the case of Mac OS X, if you paid for what you got, the price for security software would be zero. The price would thus equal the number of virus and malware threats that target Apple's Unix-based operating system.

So why do Mac users pay so much—often as much at $70 for anti-virus alone and as much as $150 for a security "suite." Using the same math, Windows anti-virus software would probably cost $1,000 a desktop, yet it's easy to find software for as little as $20 in the stores.

Mac OS X users pay significantly more for protection than Windows users, protection so far they have needed only in theory or "just in case" a big new threat appears. People are getting wise to this. So is it any wonder that Symantec, in the eternal search for the next dollar, is out with a report that seems to predict dire consequences for future Mac users? It's like a teacher once told me, "Sell the sizzle, not the steak. Especially when you don't have any steak."

I suppose it's to the anti-virus industry's credit that some bored anti-virus developer hasn't launched an OS X threat merely to justify his or her continued employment. Still, with no threats, it's not like the software really requires much dev time.

Indeed, a Morgan Stanley report out this week predicts Apple could nearly double its share of the worldwide PC sales this year, thanks to iPod users buying a Mac as well. Going from 3 percent to 5 percent will be dramatic for Apple, but hardly noticeable in the broad marketplace. Given OS X's small global installed base, even this projected doubling of sales may not be enough to attract too much unwanted attention.

"Contrary to popular belief," the Symantec Threat Report continues, "the Macintosh operating system has not always been a safe haven from malicious code. Out of the public eye for some time, it is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems."

Is it any surprise that Symantec would beat the drums of fear as loudly as possible? This is, after all, a company that has for years persuaded Mac users to pay $70 for software "necessary" to protect their computers against nonexistent threats.

This makes me wonder whether the real threat that concerns Symantec isn't from Mac OS X viruses and malware. Rather, it's customers noticing that they've paid a lot of money for Norton anti-virus software that they didn't really need.

How can Symantec keep those customers in line and writing checks? By scaring the living daylights out of them, that's how. They even invoke the "M" word as a warning of what could be in store!

It's prudent to protect yourself. But what you pay for the protection ought to have some relationship to the threat.

While the "value pricing" concept will never fly, there really should be some relationship between what we pay and the protection we get. Compared with what Windows users pay, $70 is more protection than any Mac requires. Yet that's what Symantec and some competitors charge.

Mac users deserve a break.

It's just not time-effective for a hacker to write code for Macs. A virus wants to be able to spread through as many machines as quickly as possible before it is discovered and patched against - to achieve this spread, all those machines need to be connected to the internet at the same time and running the same application (SQL Server, IIS, Outlook or whatever) - if anything having Macs in the loop should slow the propagation of many of these things down (the way a control rod slows down a nuclear reaction by absorbing the particles flying about)

Yes, a determined hacker could write a virus that targets Macs, but why bother? It wouldn't get the population necessary (due to the low numbers) to make it worth-while. As the number grows, expect more threats.

As for selling sizzle, it's what software vendors are renowned for. Wouldn't expect anything different. However, it's such well documented behaviour, I'm still amazed anyone really takes it seriously.

Good hackers do something to prove it can be done. They like the challenge. This proves that virus writers must not be made up of very many 1337 hackers if there are still <10 linux viruses and whatever small number for macs.

What would be really awesome (well, awesome isn't really the word...) is if somebody managed to come up with a cross-platform virus. It'd have to have some way to perform OS fingerprinting, and then choose what to do from there. Probably make for a bulky virus, but even a 2 meg proof-of-concept would be cool.

*nods...

I know my OSX machines are not invunerable. But they are, for day to day operations, not subject to the same threat level that wintel machines are. i've been quite happy with apple's response time with patches, and my security experience...and i've been a mac user since about 1987.

Most importantly, OS X is far easier to secure from an engineering standpoint. For starters, a large portion of the OS is open-source, and the parts that are are typically the ones that are important as related to security. And it's not nearly as easy to run malicious code as it is on Windows, where things like ridiculous DLL conflicts, ActiveX and MS Office Macros run rampant. And of course there's no registry.

So yes, hackers will devote more attention to it if its market share increases, but I still think that it will prove more secure, proportionally speaking, for the amount of hacking attention devoted to it.

:: points to OpenBSD ::

Problem solved.