Mac security

Woden

I'm a pc user and i was just wondering off hand is mac os typically more secure then windows for example. (just considering the likes of the blaster worm and stuff). or is it that apple have such a niche market that people don't bother developing viruses for them typically and perfare to attack the masses for maximum damage?

Gordon

I've never had a virus in the 5 or 6 years I've had a Mac. I think your latter statement would be more correct to be honest.

Also OSX has a built in firewall.

Woden

xp has built in firewall also (well the pro version anyway not sure about the home edition)

anyone else any opinions?

Hecate

Well, I reckon that since Apple have migrated to a unix-based OS that vulnerability to virii is much reduced.

Because of the strictly enforced file ownership and permissions structure that unix has, it's extremely difficult to write a virus that could do any kind of damage, unless you were braindead enough to run it as root. Doesn't stop people from trying though. The first Internet worm (c 1988), the Morris Worm, cleverly exploited weaknesses in the finger daemon.

This does not mean your OS X system is ironclad however, far from it...there is still the problem of poorly written suid programs, and I wouldn't be surprised if there are still a few strcpy() functions lurking around the old NeXT codebase...

Woden

well i didn't understand most of that post but i'll take your word for it you sound like you know what your talking about.

i get the general gist of it though thanks

Capt'n Midnight

Originally posted by Dataisgod
xp has built in firewall also (well the pro version anyway not sure about the home edition)

anyone else any opinions?

XP also has built in IE (so does 2003 even thought it's supposedly secure) and code from 1985 still lurks under the bonnet - (eg: start - run- CMD) also look at the copyright notice when booting .. also the MsBlaster hole was inhertied from NT4 (and was probably in NT 3.X too)

AFAIK Virex is the leading AV for MAC (McAfee) and If you use Microsoft Office You may be still vunerable to macro viruses...

Cake Fiend

Originally posted by Dataisgod
or is it that apple have such a niche market that people don't bother developing viruses for them typically and perfare to attack the masses for maximum damage?

Nail, head, bang. There are comparatively so few macs in use (as opposed to windows PCs, which ever moron and their dog uses) that it wouldn't make much sense to write a mac virus if you were looking for maximum carnage/recognition/experiment feedback. Also, a large proportion of viruses today are written by people who don't have much real programming skill, they use 'virus creation kits' and the like to create modern worms for windows machines and wouldn't be capable of finding exploitable avenues on macs for viruses to use. Another thing to bear in mind is that, as Hecate mentioned, OSX is based on BSD, an inherently more secure system.

csaddict

Another point to keep in mind is that out of the box, a Mac running OS X will have most of the services (such as FTP, remote access, file sharing, web server, etc.) turned off by default. Also, the root user (akin to the administrator user in Windows) is disabled and requires a slightly involved process to enable. To really screw the os up accidentally requires some dedication & a knowledge of Unix.

On the other hand, Windows NT, Me, XP etc. come with most if not all of the services enabled by default & the basic first time user has full admin rights (i.e. they could quite easily go into the C:\Windows\System32 directory and delete away if they wanted to). A lot of the services that are being exploited by these viruses are actually not required by your average home user (some of the RPC stuff & the Windows Messenger service) but are turned on from the start. Therefore more viruses for Windows because there are more holes to exploit.

For example, there was a vunerability in OpenSSH a while back that affected Mac OS X (amongst other *nix variants). However, to be attacked using this exploit, you had to have SSH enabled to begin with. Joe Average's Mac didn't have that enabled - therefore no security issue.
The Blaster virus attacked using the RPC service - enabled on every Windows PC from NT up - Joe Average's PC gets the virus despite not even knowing what RPC was or why (and if) they needed it in the first place!

Capt'n Midnight is right about Mac Office being affected by Macro viruses - however unless it's specifically coded for the Mac it won't be able to do much damage to your OS - plus because the user running it won't have admin privileges out of the box it wouldn't be able to access the stuff it wanted to even if it was coded for it! Basically the end result with the macro viruses is if you get infected your mails get bounced back from Windows users with virus scanners - which is a minor enough annoyance.

Hope that all makes sense... .

luckat

Any script kiddie can download a template from a h4kr site to use as a basis for a Windows virus.