As I listened to the talking heads on the various cable TV news channels this week, I got to thinking that maybe they feel their audience is sick and tired about stories of a volatile stock market, a U.S. auto industry in distress and other oppressive events. So, having nothing better to do, they delivered warnings about the impending April Fool’s Day worm known as Conficker.
A Mac security software developer, Intego has this statement about the significance of this threat: “This worm, called Conficker, as well as Downadup and Kido, has infected unknown millions of Windows computers, and is expected to become active on April 1, 2009. For now, researchers are unsure of what the worm may do; it is just sitting on infected computers waiting for instructions. Researchers think it will connect to remote servers and download code and then become virulent.”
Certainly this is the sum total of what is known so far, except for ongoing speculation, and the news channels were filled with warnings to stay up to date on your virus protection software and so on an so forth. Few, however, bothered to mention this one salient fact, and I again quote Intego’s statement: “This worm, which affects Windows computers, has no effect on Mac OS X; at least not yet.”
Now that final phrase is based on absolutely nothing. There is no evidence whatever that a Windows virus has ever infected Mac OS X in any way. However, this doesn’t mean a Mac isn’t vulnerable, though not in the Mac OS X environment. You see, Mac users who run Windows either via Boot Camp or through a virtual machine, such as Parallels Desktop or VMWare Fusion, can be impacted, again within those environments.
In those cases, it makes perfect sense to keep up to date on your security software. Indeed, the latest versions of both commercial virtual machine applications ship with a security suite, so, assuming you’ve kept it up to date, all that’s necessary is to make sure that the latest virus signatures are downloaded and installed.
What troubles me most, however, is how the boys that continue to cry wolf continue to rant and rave about potential security lapses under Mac OS X and how the sky’s about to fall at any moment. Certainly Apple isn’t perfect, although it does appear that they are taking such matters seriously enough to deliver periodic updates that patch holes in the system discovered by security researchers around the world.
A tribute to the quality of their work is the fact that, except for some proofs of concept and a few Trojan Horses, Mac users by and large have so far been spared of the misery inflicted on their fellow Windows users. This doesn’t mean, of course, that the situation can’t or won’t change. I’m most concerned about the fact that premature fear mongering will just cause people to ignore the real threat when and if it arrives.
But maybe that doesn’t matter to the folks who are hot on the trail of the maximum number of hits for their fear-mongering pieces of misinformation. If the real threat arrives, they’ll just say “We told you so,” and pat themselves on their backs for being so prophetic.
At the same time, I’m not going to dispute the possibility that we’ve been living on borrowed time for the past eight years, since Mac OS X first debuted. All right, maybe the fact that Windows still commands nearly 90% of the market is one reason why Macs have been relatively free of April Fool’s worms and such, although the mainstream media doesn’t always make that distinction. If the Mac had 20% or 30% of the market, it’s possible that Internet criminals would target he platform more consistently to do their dirty work. On the other hand, Unix-based operating systems have been around an awfully long time. The first computer virus appeared in the Unix environment. However, Windows, which was not originally designed to interact with a wide open network — the Internet — got targeted early and consistently, and there’s been no letup.
Indeed, it’s a sure thing that lots of Windows users may remain unaware of the threat, despite the massive publicity the matter has received. I got a letter from someone today, an educator that I considered well-informed, who confidently wrote: “stick with Windows XP and have great virus protection … THAT’s the REAL solution!”
When I reminded him that there’s nothing inherent in the Windows XP installation that would necessarily protect him from malware of this sort, he responded and admitted that, yes, he does have an up-to-date security suite installed. So that rendered his claim pretty much irrelevant. Indeed, if he wants an operating system that’s more secure, and he isn’t inclined to switch to the Mac, he could upgrade to Windows Vista.
And despite the fear, uncertainty and doubt on the part of some members of the media, informed or otherwise, I am not going to tell Windows users “I told you so.” Instead, I’ll just urge them to make sure their PCs are protected, particularly the ones used in business. They do not need any more misery in their lives these days.