Close
Are you sure? Are you sure you want to report this comment? I understand, report it. Cancel

Apple virus message tweak sparks vulnerability debate

Apple virus message tweak sparks vulnerability debate

Tue 26 Jun 2012 7:40am GMT / 3:40am EDT / 12:40am PDT
Security

Anti-virus companies play up breaches but analysts urge scepticism

A change to the message about virus vulnerability on Apple's website has sparked widespread debate over whether the manufacturer has made a tacit statement about potential dangers to the users of its machines.

Until recently, Apple had always proudly displayed a message proclaiming that its Mac machine family "Doesn't get PC viruses." Now, that message has been replaced with one that simply states that the hardware is "Built to be safe."

Predictably, the New York Times reports, antivirus manufacturers have pounced on this as a way to open up a valuable new market of paranoid users, whilst many analysts have pointed out that, whilst Apple Macs are no longer considered invulnerable, they're still far less likely to contract a virus.

The change comes after a recent spate of infections from a piece of malware known as Flashback, which hit half a million Macs last April, worming its way into systems via a vulnerability in Java software which required no clicking of links or confirmations to install.

Whilst that infection was quickly controlled with a simple patch, cutting infected numbers by over two thirds in a fortnight, public perception of Apple's claims of immunity was damaged. Apple's new statement is thought to be the first step in an increasing acceptance of the danger of malicious code to its users.

"I view the changes in the messages pushed out by their marketing department as some important baby-steps," said anti-virus manufacturer Sophos' Graham Cluley. "Let's hope more Apple Mac owners are also learning to take important security steps - such as installing antivirus protection."

Rich Mogull, founder of Securosis, disagrees.

"Two issues in two years is relatively minor compared with what happens in the Windows world,"Mogull tld the NYT. "Antivirus companies, in particular, can be pretty deceptive. They have been marketing Apple's immunity far more than Apple has and they are far more vulnerable. I no longer put stock in it."

A large part of the reason that Apple had for so long been untroubled by viruses was its relatively small market share. PCs were simply a bigger target. Now, with Apple's numbers skyrocketing, hackers' attentions are being increasingly turned toward it.

7 Comments

Antony Johnston
Writer & Narrative Designer

112 18 0.2
Mogull has the right of it -- antivirus vendors have loathed Apple for years (because 99% of Mac users spend nothing on antivirus products) and are constantly spreading FUD. Sophos is one of the worst, but by no means the only one.

Edited 1 times. Last edit by Antony Johnston on 26th June 2012 11:51am

Posted:2 years ago

#1

Stephen Woollard
Online Infrastructure Specialist

146 71 0.5
Much as I despise Apple and all they stand for, it's certainly true to say they don't get affected by malware much.

The trouble is, this tends to lull people into a false sense of security so when something does happen, it has the potential to be far worse.

The best thing is probably for Apple to follow the route of Microsoft's Security Essentials and offer a free basic AV product that can integrate seamlessly with the OS. Having said that, I suppose the issue there is that they'd be admitting to a vulnerability they've always played down.

Posted:2 years ago

#2

Andrew Ihegbu
Studying Bsc Commercial Music

447 158 0.4
Stephen has it in one. Building an AV into their product would be confession to a weakness they claim they never had. They actually have tons of weaknesses due to being built on Unix and thus inheriting most linux vulnerabilities as a bare minimum.(That increases their visibility a lot if you remember that Linux/Apache servers are massively widespread on the net and largely unmonitored. Anything that can be done passively on a server could spread like wildfire).

Its much easier to just patch OS X with slightly changed code so that the viruses no longer work then wait for the next one.

Remember the old Mac vs Linux vs Windows hacker world championship? Why was the Mac hacked in less than an hour? With a (Flash based if my memory is correct) vulnerability that could be utilised remotely and autonomously....


Apple. Security by Obscurity. It (Magically) Just Works.TM

Edited 1 times. Last edit by Andrew Ihegbu on 26th June 2012 1:37pm

Posted:2 years ago

#3

Antony Johnston
Writer & Narrative Designer

112 18 0.2
@Stephen: While it's not a direct AV product, that's pretty much what Gatekeeper is for. Although, of course, it wouldn't have prevented the recent Java exploit.

@Andrew: Surely that specific case was the fault of Adobe, not Apple. There are many things Apple could do better wrt security, no doubt, but exploits against third-party apps and frameworks is just as much of a problem for MS and OSS. Apple's problem is that it's historically been very slow to respond to such exploits, but that does appear to be changing.

Posted:2 years ago

#4

Jim Webb
Executive Editor/Community Director

2,266 2,404 1.1
Mac's do have a false security thanks to security by obscurity. It's not that they are more secure, it's just that malware writers don't care to attack a market that is just 2% of the whole. As that 2% grows, attacks will become more frequent.

Posted:2 years ago

#5

gi biz
;,pgc.eu

341 51 0.1
They actually have tons of weaknesses due to being built on Unix and thus inheriting most linux vulnerabilities as a bare minimum.
Could you be more precise about that? I am aware of rootkits, but to my knowledge they tend to get outdated pretty soon. I never heard of a widespread Unix infection either, despite all the web and mail servers out there.

Posted:2 years ago

#6

Barrie Tingle
Live Producer

374 148 0.4
As Jim mentioned, Mac's haven't had much in the way of malware and viruses because it doesn't make a massive impact like hitting Windows does. As Mac's become more popular they become more of a target for virus/malware makers.

So while some of the messaging is scare mongering from anti-virus companies I don't think Mac users should sit back thinking their system is untouchable.

Posted:2 years ago

#7

Login or register to post

Take part in the GamesIndustry community

Register now