Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Mac security: What you can ignore

Do Apple users need antivirus software?

Article comments

When you say "computer security," most people think "viruses," "worms," and other forms of malware. They also think, "Mac users don't have to worry about it." And they're correct. But that could always change. So it pays to keep your eyes open for credible reports of new Mac security problems and to change your computing habits accordingly.

Viruses and worms

Let's be completely clear: there are absolutely no technical barriers preventing worms or viruses from infecting the Mac platform. A cursory review of Apple's own security updates will reveal a long list of vulnerabilities that a knowledgeable attacker could easily exploit in a Mac virus or worm. Some of these flaws have been public for weeks or months before Apple released fixes for them.

But despite the opportunities, we have yet to see any widespread malware for Macs; your risk of infection is essentially zero.

The extremely low incidence of Mac-specific malware is a source of continual debate in the security community. It might be due to Apple's still relatively low market share. It might be because malware authors have years of experience exploiting PCs. I think it's probably a combination of factors.

Whatever the reason, it's frustrating for Mac security vendors, who see the potential for widespread attacks, but never the execution. And until those attacks appear, there's little reason for the average Apple user to invest in antivirus software.

The major exceptions: If you're a corporate user on a network with Windows users, or you regularly download software from risky parts of the Internet. And I would advise you to use an email service that filters for viruses, since email is the most common vector of attack.

All major services, including MobileMe, Google Mail, Hotmail, and Yahoo, filter for malware, as do many Internet service providers.

Botnets

The terms virus, worm, and Trojan horse differentiate malware based on how it infects your computer. The term botnet refers to what the software does once you're compromised.

A botnet is a collection of infected computers tied together and controlled by the attacker. Bad guys use these to send spam, distribute other malware, launch anonymous attacks over the Net, or coordinate large, distributed denial of service attacks (in which thousands of computers hit a single site at once to overwhelm its bandwidth).

In the past year, we saw one small botnet built from Macs, which had been compromised by a trojan hidden in illegally downloaded software. But since your Mac first needs to be infected some form of malware before it can be made part of a botnet, the chances that it'll end up in a herd are still extremely low.

Infected hardware

In the old days, when viruses were common on Macs, and computers were rarely connected to networks, malicious software moved from computer to computer via floppy disk. Once malware moved to e-mail and networks, we mostly forgot about physical media.

But in recent years, there's been a resurgence of hardware-based attacks. Some attackers have managed to infiltrate supply chains, shipping digital picture frames, storage devices, and -- yes -- even iPods that are pre-infected with viruses. We aren't talking obscure items ordered from a dark corner of eBay, but devices available at big box retailers like Best Buy. One of the more nefarious propagation mechanisms of the (over-hyped) Conficker virus was infected USB drives.

Conficker aside, this is still mostly a Windows-only problem. That's because of Windows' autorun feature, which automatically launches any software on an appropriately-configured storage device. When you connect one of these devices to a Windows PC, the viruses automatically run. (Microsoft has since issued a series of updates to disable this feature).

Fortunately, Macs have never had an autorun feature, and thus are not affected by this category of malware. That said, Macs will open disk image files (DMGs), and there have been security vulnerabilities in the file system that could lead to an infection with a malicious DMG file. But so far we haven't seen this method used in real attacks.

Bluetooth attacks

The Bluetooth wireless technology has known security vulnerabilities. Macs and iPhones have Bluetooth. But your odds of being victimised by those vulnerabilities are still very low. Even if you accidentally leave Bluetooth file-sharing enabled, it's unlikely you will ever be within wireless range of an attacker, never mind one with the tools and knowledge to take advantage of the opportunity.

There are exceptions, of course. I spend quite a bit of time at hacker and security conferences; I'd be a fool to enable Bluetooth there. But for the average user, Bluetooth vulnerabilities just aren't exploited on a wide-enough scale to be concerned.


Share:

More from Techworld

More relevant IT news

Comments




Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *