Post
by synnack » Sun Aug 15, 2010 2:09 pm
There are more incorrect statements in this thread than I can quote in one post. So I'll just stick to a few highlights.
(I work for a very large Antivirus software company and can give you empirical data to support the following statements)
1) Yes, virus (really it's malware, a virus is a very specific type of malware not often seen anymore) creators do not target Macs as often as Windows users to maximize their return due to the shear volume of Windows machines versus macs. This is changing slightly as Apple is showing pretty strong year-over-year growth in Mac sales, but statistically you are more likely to get a virus on Windows for this basic point. But note that OS X malware is on the rise since attackers are targeting vulnerabilities that exist across those platforms now (like in PDF readers) and Macs are gaining usage in corporate environments.
2) It is largely irrelevant that macs don't run .exe's. That is a reason a mac wouldn't get the same binary of a virus as a windows machine, but not a reason to say macs don't get infected at all. Mac viruses use mac formats. Also useful to note that most malware now does not come from a user running an exe. They come from malicious use of javascript and exploitation of browser plugin vulnerabilities to automatically drop and run things on your computer. No clicking of an exe required.
3) "If I only do x, y, z, then i will not get infected. Getting a virus is the users fault". This is a very common misconception based on outdated notions of how this all works. The primary attack vector for virus authors is the web (not email, so you don't open email attachments, so what) and currently NOT with Internet Explorer, but in FLASH and PDF readers and 3rd party plugins, which... btw are cross platform and have the same issues on Macs (in multiple browsers). If there is a vulnerability in Flash players, malcode can be written to compromise your system just by VISITING a web site, REGARDLESS of platform. It is no longer true that you have to actually click something or do some stupid behavior. This is an outdated idea.
4) It is no longer good enough to just "not go to bad web sites". There have been many cases of people getting infected by doing to cnn.com, espn.com and so on. There is a concept called "malvertisement" for example, where attackers compromise ad servers that serve the content to well-known sites and insert an iframe with the add that uses javascript to exploit some client-side vulnerability and drop malware on the machine. This means that you can get infected by just visiting a TRUSTED site and not even clicking anything if you have that client-side vulnerability on your machine.
5) Perhaps the best point on this, is that it makes no sense that people say "i have never had a virus". "I run a mac and I've never had a virus". "I run windows and avoid bad sites and don't open email attachments and I've never had a virus". To explain this point, imagine walking into a room of people and saying "Everyone who is NOT In this room, please raise your hand!". It's impossible to state you don't have something you don't know about. Most AV software only detects what is known. In addition, how malware behaves on your machine is vastly different than how it did even 5 years ago.
5 years ago you'd know it if you got infected. Your machine would get slow or behave in some weird funky way that would cause you to think you were infected. The behavior was overt. Sometimes even rendering your machine unbootable. Malware today is written 95% of the time to have NO NOTICABLE IMPACT AT ALL (i.e. covert). Now they want to infect your machine to silently siphen off personal information (bank login anyone?) that can be sold on an underground economy. Virus writing is better funded by organized crime globally than healthcare is in the US. If you had a virus, it is VERY likely you would have no idea. (regardless of platform)
MBP | Live 9 Suite | Max for Live | Push | MOTU Ultralite | iPad | Analog Modular Synths | Moog Voyager
aka "Tempus3r" |
Music |
Blog |
Twitter |
Soundcloud