Widespread computer viruses and worms have gotten enormous media attention this week, and problems of this kind seem to be cropping up more frequently. Most of the destructive programs and attachments seem to be directed at computers that run Windows. Are Macs inherently less vulnerable to attack, or are they collectively just a smaller, less appealing target for sinister minds?
This’ll be fun to watch
Both.
The second part (smaller, less appealing target) is definitely true. That said, Microsoft does seem to have a knack for leaving the door open. A lot of it just comes down to having a plan for network security. It seems that home users have been slow in realizing that being on the internet means they are part of a network and do need security.
While the second part is true, even back in the Mac’s (it’s Mac not MAC) hay-day Mac the viruses weren’t usually as distructive to the system as DOS/Win viruses of the same time were.
I haven’t had a chance to really dig into Mac OSX but as long as Apple handled the Unix user/root seperation right it should be even harder for a virus to get in now.
The key to a “successful” virus these days is to get it on as many machines as possible in as short a period of time (you want to infect before anyone gets their antivirus updated). In the scenario, the more machines, the better. Windows has many more computers than Macs, so you program your viruses for PCs.
Another reason why Windows is targeted is because Microsoft is hated because it a big monopoly on the PC side, unlike Apple, which isn’t a monopoly on the Mac side at all. No, wait . . .
Though the recent Blaster Worm did take advantage of a security hole (as did Nimda a few years ago), there’s no reason why most mass mailers (the most common type of virus) couldn’t be designed to infect Macs. (Indeed, when macro viruses were the big threat, they did infect both.) But the virus writers just aren’t interested in Macs.
I’d suggest running Linux…plain and simple. The people that write viruses (most indefinitely) are people who probably run and develop using Linux or Unix alike. Why would they want to infect themselves? 
P.S.: I would know…wink wink, nudge nudge
Trying to start WW3 eh?
Not quite. Macs could be carriers by getting an infected file and passing it on but they didn’t spread on the Mac because of the lack of VB in Office For the Mac.
cough sendmail cough
cough bind cough
I love Linux and use it exculsively but lets not start holy wars were. Sure running a fresh install of Windows on the net without a virus checker and firewall is like having unpertected (sp) sex with every hooker in NYC. You’re just asking for it, but to be fair if you have an idiot as a Unix admin you can still get rooted and you have to remember that unlike Unix Windows is targeted for the masses so you can’t expect everyone to be a sys admin. Let alone a good one.
cough sendmail cough
cough bind cough
I love Linux and use it exculsively but lets not start holy wars were. Sure running a fresh install of Windows on the net without a virus checker and firewall is like having unpertected (sp) sex with every hooker in NYC. You’re just asking for it, but to be fair if you have an idiot as a Unix admin you can still get rooted and you have to remember that unlike Unix Windows is targeted for the masses so you can’t expect everyone to be a sys admin. Let alone a good one.
As said, both.
People that program Macs like Macs so why would they want to shoot themselves in the feet?
Office does have Visual Basic for Applications on the Mac. It’s just that Entourage doesn’t support it, I think, and unlike on the PC not just about everybody uses Outlook Express.
Security-wise, well, Apple releases security updates every month or so. But out of the box it’s not to shabby. No root access by default. Seems that these days most virii are of the email kind anyway.
That said, I do run virus protection on my Mac, but that’s only 'cos it was free with my .Mac account. It’s never caught anything, and I run the Mac demilitarized on the router, so my computer is wide open. I have the software firewall running with exposure to basic services, though, so I’m not really wide open. (DMZ is handy for games).
It’s more market share - if I wanna mass distribute spam, or even just do something for kicks, it’s easier and more effective to develop and deploy my virus for a Windows market. Also, MS is in the market of selling upgrades, and so tends expand products with features in mind first, and security in mind last.
P.S. - emacs, cats, toilet paper to the front.
D’oh! Think-o sorry. It does have VB but it’s not tied to the system as tightly as VB is in Windows. You can’t issue a reboot or worse with VB on the Mac.
Mac evangelist and harcore nut here. I think in all honesty it’s mainly the latter. You could certainly wreak havoc among Mac users easily enough if you set out to do so. For one thing extensions are not necessary on a Mac. Think of how you’d recognize PC viruses at a glance if they did not have .pif .exe .scr etc extensions - ??
That being said, Microsoft has had an astonishing tendency to release their software with all the doors and windows standing wide open.
Macs obviously. Whatever the reason - and I would say it’s probably mainly the fact that they’re a less appealing target, but also because the software appears less loopholed than PC software - I have never had a virus on my Mac, nor read about a major worm or serious virus threatening Macs.
And yet daily we get major virus, trojan, worm and hacking alerts for PC.
As long as you have a properly configured firewall, run antivirus, and patch regularly, any system will be safe.
Without a firewall, antivirus, and regular patching, any system is open to compromise.
The reason so many Windows computers get infected is because: a) There are more of them. b) There are more of them that are improperly configured and/or protected.
By chance, this article in today’s Washington Post answers my question in detail. For anyone interested, here’s the link:
http://www.washingtonpost.com/wp-dyn/articles/A34978-2003Aug23.html
Quoth FyreFiend:
There is a root/user distinction, but it isn’t enforced as much as it probably ought to be. When you start up OSX for the first time, you’re prompted to create an account, and that first account created is the owner of the machine. It’s not necessary to create any more accounts, and I presume that most users don’t. Software typically requires you to confirm your password before it can install, but it is possible to create and run executables without being prompted for a password.
But not the root. By default, in fact, there is no root user. You have to go to a little extra trouble to enable “root” and most nongeek / unsophisticated users aren’t ever going to need it.