• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page



  • Discover the power of GraphicConverter 9



  • The Safety Through Obscurity Myth

    March 23rd, 2010

    In the early days of the Classic Mac OS, we had a few virus infections. I recall working at a design studio in the late 1980s, when we'd get loads of floppies that were infected by a so-called desktop virus. Without going into boring detail, the malware embedded itself into the desktop files used by the system to determine which application icons to display and which applications opened a specific document.

    That outbreak wasn't terribly severe, the potential harm relatively minor, and one of several anti-virus apps available at the time would eliminate it, but we felt the obligation to let our clients know that they sent contaminated media.

    Over the years, the Mac virus repository reached several dozen, a tiny fraction of the outbreaks regularly recorded on the Windows platform before Microsoft ultimately decided they needed a "trustworthy computing" initiative to begin to set things right.

    The arrival of Mac OS X, a Unix-based operating system, was reputed to provide far greater native resilience to malware. Although there are Unix viruses, you don't hear of them turning thousands or millions of computers into "spam bots," where they spread junk mail misery or outright malware throughout the planet. The action is still largely confined to the Windows platform, and Microsoft's famous "Patch Tuesday" is designed to fix problems before potential outbreaks can infect your PC; that is, of course, if they are applied. The big problem is that, because a patch may also break a few things in the OS, system admins are apt to hold off applying the fixes until they can do a proper round of testing.

    According to noted security expert Rich Mogull and others who have explored the state of Windows 7, it's actually a pretty safe operating system, although you still want to install security software.

    When it comes to the Mac, you know that Apple sells several times as many as they did just a few years ago. With market shares moving into the upper single digits and low double digits, you have to wonder when the malware scourge us going to arrive. The usual excuse is that Internet criminals let the Mac slide because there weren't enough users to make much of an impact. That may have been true when Mac OS X arrived in the spring of 2001, but not in the spring of 2010, where Apple sells roughly three million Macs every single quarter.

    This isn't to say there are no Mac OS X viruses. Some are confined to the laboratory and there have been limited outbreaks. The most serious problem is the Trojan Horse, where a file masquerades as something you really want, such as an illegal version of a Mac app downloaded from a torrent site. You retrieve the file, install it, and you open yourself up to mischief. But that's social engineering, and it's possible to place something bogus and harmful in most any file that you execute or launch.

    There are also a smattering of Mac security apps designed to protect you from known malware and potentially serious files. I'm sure they work precisely as advertised, but the larger question is whether you really need them. Now some of these apps also guard against Windows-borne malware, and that's where they might have some value, since it's always possible you might accidentally send an infected file to a Windows user. Surely you want to practice safe computing, and you want to make sure they are protected even if you don't approve of their use of a PC. On the other hand, the malware software they should be running ought to do that anyway.

    Of course, if you're using a virtual machine app to be able to run Windows on your Mac, or even Apple's Boot Camp, you'll want to protect yourself. No, the Windows malware may not be able to wreck your hardware as it can with a regular PC, but they can still cause lots of grief if you run the system unprotected. Fortunately, both Parallels Desktop and VMWare Fusion come with a year's subscription to an effective security suite, and installation is but a few clicks away. But don't forget to renew after the expiration date. Having out-of-date security software is no better than having not at all.

    But if you never touch Windows, the need for malware protection on the Mac is not yet proven. Apple regularly updates the OS and key apps, such as Safari, with security updates. Sure it's true that they have been heavily criticized for not acting fast enough to deliver immunity to newly-discovered security holes, so there's always the potential for trouble. I would hope they'll react faster, because, when it comes to a major malware outbreak on the Mac platform, it's never been a question of if but of when.

    You may not need security software today, but you should be careful anyway, particularly when it comes to downloading software from unknown sources. And be ready to acquire a malware protection app should the need arise.



    Share
    | Print This Article Print This Article

    5 Responses to “The Safety Through Obscurity Myth”

    1. Don says:

      If 'safety through obscurity' is true, then it's reasonable to assume that Californians are just as safe from criminals and crime as Mac users are free from malware due to said obscurity, since we all know that California, like the Mac, only has about 10% of the American population, right?

    2. Duane says:

      "This isn’t to say there are no Mac OS X viruses. Some are confined to the laboratory and there have been limited outbreaks."

      Really? Limited outbreaks of Mac OS X viruses? Or are you using the term as loosely as the "Security" Software companies? It's Mac OS Xs 9th birthday and the reality, to the best of my knowledge, is there have been 0 (zero) viruses for OS X. Trojans, sure, but doesn't that kind of defeat the "Security through Obscurity" argument? I mean, if it is worth writing a Trojan Horse, why would it not be equally worth writing a virus attached to that same Trojan Horse? Or is it that Trojan Horses are easy, and writing a functional Mac OS X virus much, much less so.

      Needless to say I am simplifying the argument, but then so are you, and so are most who write on this subject. Other than increasing the hit-count to this blog, what has been achieved by this article?

      Gene Steinberg Reply:

      The article was a reality check of course.

      Peace,
      Gene

    3. Bill Burkholder says:

      Reality for most of us is that lots of folks (especially vendors and PeeCee sites) do spread FUD. I don't think Gene's doing that, here, and I think there's plenty of room for a reality *check*. But it may be a good while before I'll buy "security software" for my Macs.

      I've never seen a single Mac virus. I have seen malware come-ons, but have never fallen for them. What I have seen are hundreds of PCs on a corporate network brought down by a virus that corporate IT types didn't think they needed to protect against until they tested the anti-virus software to be sure it didn't break something (!). I have also seen the occasional Word Macro Virus, but not since about 2003.

      Doesn't mean there's nothing out there. But it doesn't mean I'm particularly concerned, either. Just cautious.

    4. Laird Popkin says:

      This is a pretty good article, which is unusual when discussing Mac security.

      I would, however, go a little further and say that currently there's no value in installing Mac antivirus software, because they do not protect you from anything, but they have significant downsides. First, they cost money, which is wasted. More importantly, antivirus software slows down and destabilizes computers, which wastes your time and effort. Many people do not recognize this, but ant-virus software is similar to viruses, in that they lurk in the background consuming resources, intercepting your actions to watch what you are doing, then activating whenever you download a file or insert removable media and scanning it, causing you to wait. So just as viruses are bad for your computer, anti-virus software is bad for your computer. On the PC, it is a good tradeoff, because the impact of viruses is much worse than the impact of the anti-virus software. On the Mac, there are no viruses, so there's no reason to slow down and destabilize your Mac.

    Leave Your Comment

    *