back to article Kaspersky: Apple security is like Microsoft's in 2002

Apple customers are more at risk from malware now because of their misconception that their iDevices and Macs are secure and because of Apple's poor attitude to security, according to experts. David Emm, senior security researcher at Kaspersky Lab told The Reg that Apple had cultivated the image of the Mac as intrinsically …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    The end is coming! Quick, buy our products before it arrives, or be lost forever!

    1. Anonymous Coward
      Anonymous Coward

      It's OK little guy... You just keep saying your nightly prayer to St. Steve and the big bad viruses won't get you.

    2. Anonymous Coward
      FAIL

      Once a year.

      Once a year we get a 'security' company (do people seriously trust a Russian security company?) telling us our Macs are doomed and we need to buy their products.

      This is followed by the haters -they're the ones with piss-stained trousers staggering down the street- jeering (whilst spending half their lives cleaning malware off their Windows XP machines).

      And precisely nothing happens. No Windows-style botnet, not malware, nothing.

      12 months later, rinse and repeat.

      1. richard 7
        Flame

        Re: Once a year.

        Kapersky are one of the better firms actually.

        The Apple crowd really need to learn that the whole 'nah nah nah' fingers in the ears approach wont work. Historically its NEVER worked for ANYONE.

        Not a Hater

        Not A MS or Linux Fanboi

        Just a realist. More people use Macs, the more of a target it becomes. The more people deny there is an issue the more likeley it is someone is going to stuff up and stuff up big. By being responsible now a lot of money and heartache can be saved down the road but it *might* damage Apple's image and at the end of the day thats whats this is all about.

        Step down from your podium Apple and edducate your users. Take one on the chin and those same users will be crowing years from now, about how you prevented IOS/MacOS becomming the same mess Windows is now.

        Or just continue denying it till something akin to Code Red or Mimda takes you down by force because it really is when, not if.

        Icon, well reason never worked before.

      2. Anonymous Coward
        Anonymous Coward

        Re: Once a year.

        what drivel...

        people have been saying if for years, never mind Russian security experts, (and why not trust a Russian security company? are you a racist?), that as soon as apple have a large enough market share then the virus & malware authors will turn the attention to them.

        and guess what? .... its started....

        and FYI, In the last year, and a lot longer, I have spent exactly 0 hours and 0 minutes cleaning malware & virus off my windows computer. Keeping it fully patched and with a good AV app, along with good computer practice I have not had a single infection since..... errr.... well since back in 1999, I mistakenly installed itunes and tried to remove it....

        1. Anonymous Coward
          Anonymous Coward

          Re: Once a year.

          I too have spent zero time ripping infections out of my Windows machines. The problem is, I only realised that that was the result of a SERIOUS amount of patching and updating and rebooting and, well, waiting when I bought a Mac.

          And *that* is why I stick to OSX. No MS hate (well, I am willing to admit to a solid dislike, though), no Linux hate (I have both in Virtualbox on the Mac) - just simple productivity which happens to agree with me. YMMV, it simply depends on your needs.

          Here's an exercise: create a simple Windows VM and do NOT use it for 2 weeks. Then start it up and see just how much data has to be grabbed to get the thing up to date, and it's not even complete because you skip several anti-virus downloads.. Best do this when you don't need it for a while..

          1. kain preacher

            Re: Once a year.

            Really? Cause MS does updates once a month. I get 3 maybe 4 updates from MS a month.

          2. Fibbles
            Thumb Down

            Re: Once a year.

            Downloading lots of patches is hardly something unique to Windows. My xubuntu install downloaded a 70mb set of security fixes the other day for some image rendering libraries. The update manager is installing half a dozen patches for various things at least once a week (although admittedly they're usually not that big).

            This is what a good patching policy looks like, developed promptly and released often. Apple releasing patches once in a blue moon months after they're notified of a vulnerability is not something to be proud of.

            1. FrankAlphaXII
              Thumb Up

              Re: Once a year.

              Yeah, I can second that, open package manager on a brand new Fedora/KDE install and see just how many packages it tells yoy that you need to update. It takes a nice long while, but when you're done, you're just as protected as a Windows user running a 70-90 dollar a year license for a decent security/av program, then again it does take a small measure of due diligence, as long as you dont do anything too stupid, like set your root password to something dumb, set a user account that doesn't need to be a Sudoer to being a Sudoer, or any of the multitude of other dumbass things you can do, you're pretty much straight. And upstream developers tend to do a pretty good job at fixing vulnerabilities.

              Maybe when you guys and your masters pull your collective heads out of your asses and wake up to the way the world really works you wont be as pathetically vulnerable.

              The worst part of it is that I know fanboys wont listen to Kaspersky, Symantec, IBM or any other vendor because of the institutional culture of irresponsibility in regard to that Apple only reinforces, as malware and cybercrime are only Windows problems, amirite?

            2. hitmouse

              Re: Once a year.

              Apple's idea of patching iTunes involves redownloading the whole program and Quicktime for every .0.0.0.0.1 update. Adobe is no better for Flash or Acrobat. Bit for bit they are orders of magnitude more update-intensive than the entire Windows operating system. Not to mention the amount of user interaction involved e.g. iTunes shortcuts no longer work after an update, even though it should be pointing to an identically-named executable.

          3. windywoo

            Re: Once a year.

            Mac fanboy missing the point. Apple's being criticised here for poor security. It's because Apple don't fix security issues as fast as MS do that they are getting infected and being laughed at.

      3. eulampios

        Re: Once a year.

        >>do people seriously trust a Russian security company?

        Are you a racist?

        "For there is no difference between the Jew and the Greek..."

        Esp., when, be it the Jew, Russian, British, or American is with the MS-Windows mentality and is selling some ... air.

      4. Ilgaz

        Wow

        Never thought the level of ignorance and insanity like fanboyism hit this level.

        Russian security company? So, in your imaginary world, do they attack macs after having their baby in dinner?

        1. P. Lee

          Re: Wow

          >Russian security company? So, in your imaginary world, do they attack macs after having their baby in dinner?

          Statistically, most money is lost to eastern Europe and Russia by security / social engineering breaches. Nigeria is up there too of course. So says one of the UK IT security police bods, I forget which.

          Though casting aspersions on Kasperksi may be rather unfair.

          They all pale into insignificance next to our own banking sector though. No really, shareholders need returns to counterbalance the risks they take.

          1. Ilgaz

            Who else does these?

            I downloaded 250 mb iso from them for free including gentoo/ full anti virus to clean a dumb teen's laptop. No strings attached.

            I also know that they help people clean their computers for free.

            The company which happens to be idol of these sheep didn't ship a cleaner/ security update for people (mostly professionals) who got stuck in pre latest operating system. Later, they figured the stupidity and posted for 10.6 . 10.5? No chance. It is a freaking sh script for God's sake! Even a pdp10 in museum can run it.

            Don't you think your black hats aren't aware of these actions? Next wave will hit hard.

          2. Brezhnev's Shadow

            Re: Wow

            So, Kaspersky and ESET (NOD32) are both bad companies because there might be scammers elsewhere in their country, or in nearby poorer ones :)

            ESET are in Bratislava, Slovakia where they also make Cayenne/Touareg/Q7 so they'ŗe tarred with that brush too, poor guys, we know it isn't your fault really ;)

            But on the plus side they don't farm out their coding to useless 3rd-world body shops for cost or more likely brown-paper-envelope reasons, they have some self-respect ;)

      5. windywoo

        Re: Once a year.

        wtf where have you been? Flashback just had an infection rate on Macs higher than any Windows malware. There are plenty of Mac botnets out there btw.

  2. ItsNotMe
    Coat

    I am very sorry...

    ...but Steve simply won't let this happen. Apple computers are not susceptible to attack, because Steve said so...and that is that. Next story please.

    Mine's the one with the copy of Symantec for OS X in the pocket.

    1. Ilgaz

      Re: I am very sorry...

      I would prefer Intego on Mac. I mean for pocket :)

  3. Sven

    Lucky

    Excellent from Kaspersky to also provide us with a Anti-Virus after a little-big scare!

    Reminds me of the eye-phone episode from Futurama:

    Man: Then, you, Mr. or Mrs. ... [we hear a soundbite of Fry belching], need the soothing relief of Mom's Caustic Anti-Fungal Bleach!

    [The product appears on the screen.]

    Fry: Ooh, can I somehow charge it to my eyePhone for an additional fee?

    Man (v.o.): Hell, yes!

  4. dogged
    Thumb Up

    Awesome

    Keep on spinning this as "Macs are perfect, Kaspersky just want to sell product" please, commentards.

    That will make all the sick Macs even funnier.

    1. Anonymous Coward
      Anonymous Coward

      Re: Awesome

      Yes, I mean, who would have thought that a serious and skilled security professional - the sort of person that you want to listen to about security - would work for a security company.

      Or, to put it another way, who would have thought that a software company would employ experts in the area which they specialise?

      1. MD Rackham

        Re: Awesome

        Near as I can tell, David Emm's qualifications as a "serious and skilled security professional" consist of being employed by Kapersky.

        There will be security flaws in OS X that will get exploited. But the anti-virus salespeople have been screaming that the (Mac) sky is falling for a lot of years now with not much evidence that they *aren't* just hawking their software.

        The most recent Mac event was (another) hole in Java. That doesn't make me all that upset, except at the people (still) touting Java as safe and secure.

  5. Danny 5
    Mushroom

    made me laugh

    Apple is about ten years behind Microsoft when it comes to security.

    now read that again.

    and again.

    Microsoft and security...... i almost cannot believe what i'm reading here.

    1. Anonymous Coward
      Anonymous Coward

      Re: made me laugh

      Why, are you some sort of retard?

      1. Danny 5
        Thumb Up

        Re: made me laugh

        No, i think you misunderstood, i *don't* like apple.

        sorry for the confusion!

    2. Anonymous Coward
      Anonymous Coward

      Re: made me laugh

      I haven't noticed Apple at any recent security conferences, putting out monthly security newsletters, sponsoring research, or putting money and resources behind global take-downs.

      1. Steve Evans

        Re: made me laugh

        Or even updates to protect against Fakeflash for anyone who dares to not be running OSX Lion.

        1. Arctic fox

          @Steve Evans Re:"Or even updates to protect against Fakeflash for anyone...........

          .......................who dares to not be running OSX Lion."

          Yes, I have to admit that when I saw that Cupertino was treating Mac owners that do not upgrade to Lion in that way I was fairly astonished. Can you imagine the uproar if MS said "we won't security patch anything older than Win7"?

          1. Anonymous Coward
            Anonymous Coward

            Re: @Steve Evans Or even updates to protect against Fakeflash for anyone...........

            MS support ends with 7. XP has been cut loose and is adrift.

        2. Frank Bough

          Re: made me laugh

          It's cheaper to upgrade to Lion than to piss money up Kaspersky's fucking wall. Mac security products are total shit. I'll never install one again.

          1. Steve Evans

            @Frank Bough - Re: made me laugh

            It depends what version you were on.

            My other half was running Leopard. We wanted an install CD to install a completely fresh OSX Lion onto a new drive (Leopard was grinding and acting very slugging - especially for a twin xeon machine with 14gig of ram!). We visited the crApple store and were told we could get a USB stick for £55... We had to pay for the update to Snow Leopard and then the next step to Lion or something like that.

            It sounded like a load of bollox to be honest and I wished we'd said we were on Snow Leopard but didn't have an internet connection instead. As did the explanation from one of the geniuses about which graphics card was supported was down to the motherboard she had, not the drivers built into the OS when I was asking if an ATI HD 5750 was supported.

            1. CD001

              Re: @Frank Bough - made me laugh

              ----

              As did the explanation from one of the geniuses about which graphics card was supported was down to the motherboard she had, not the drivers built into the OS when I was asking if an ATI HD 5750 was supported.

              ----

              That's not entirely wrong... but they'd have to be using a really old motherboard that only supports AGP for instance :)

      2. Fred Flintstone Gold badge

        Re: made me laugh

        Maybe because there is a slight difference in scale here? Just how much malware is there for Windows, and how much for OSX? Sure, that will change but you are talking about a difference of several FACTORS here, something the Microsoft fans are casually ignoring.

        Even in terms of botnets do the numbers rather differ.

        Yup, the Mac is vulnerable too and I personally disliked the Apple ads for alleging otherwise, but from a risk perspective there is still a vast gap between OSX and Windows.

        Having said that, Apple MUST improve their handling of security issues. For a company that is good at marketing and reputation management, their handling of security issues borders on the inept.

        1. El Andy
          Boffin

          Re: made me laugh

          Yes there's a difference in scale, but then the Mac market is still orders of magnitude smaller than that of PCs. Not to mention when you rule out viruses that aren't actually propagating any more and combine the multitude of variations on a theme for the latest few (as always happens), there are really only ever a handful of immeadiate threats on the PC landscape at any one time (particularly for a fully patched machine).

          The underlying issue is really Apple's attitude to security in general, all too often taking the bury-your-head-in-the-sand approach and pretending all is gloriously well in the Mac world. It's pretty much exactly the attitude Microsoft took ten years ago, before wave after wave of decimating viruses finally kicked them into gear and changed their entire development process to put security front and centre.

          They may have had a bad rap in the past (and deservedly so) but since the introduction and enforcement of the Security Development Lifecycle and a strict mantra of "Secure by default", even when that makes something harder to set up, they've also come an exceptionally long way. The Microsoft of today is nothing like the Microsoft of the early 2000's. It would be nice to see Apple embrace that, without all it's users going through the pain period that Windows users already know only too well.

        2. JDX Gold badge

          Just how much malware is there for Windows, and how much for OSX?

          Scale aside, the Windows malware creators have multiple decades of a headstart.

          MS probably put more money and work into security alone than Apple's entire software development budget.

    3. Sean Kennedy

      Re: made me laugh

      Giggle all you want, but MS has made some serious strides towards a secure product ( I'll grant there have been some missteps ).

      Anymore it's not MS product that compromises a machine, but a flaw in the application running on top of MS OSes. Not unlike many vulnerabilities that have hit linux in recent years.

      The only complaint I might have with MS's security is the turn around time for releasing patches. I get the mechanics behind it, and understand them, but I still feel they could kick the patches out the door a bit quicker.

      1. Marty

        @Sean Kennedy Re: made me laugh

        MS can push out patches quicker, but as a lot of companies have a bunch of developers working on propriety software for the companies that don't give a damn about the coding practices that Microsoft publish, they cut corners and cobble things together in a haphazard way...

        The result is that patches block vulnerabilities that the devs are sometimes exploiting to make their life easier and in return the patch will break their software.....

        a more enlightened view is to say the patch shows up the crap that the devs are putting out....

        the monthly update cycle of "patch Tuesday" is so that the devs can test and fix their own code before it goes out on the update service.

  6. Anonymous Coward
    Anonymous Coward

    Install Sophos. It's free

    http://www.sophos.com/mac (I know that isn't the url but if you click the green "Hey Mac user we have free anti-virus" banner on the 404 page it takes you there)

    That way you protect your Mac and you don't have to spend any money on Kaspersky. Just because "Macs are secure" doesn't mean they are immune to viruses, and they share files with Windows boxes.

    /abouttoforceallmyMacuserstoinstallAV

    1. Anonymous Coward
      Anonymous Coward

      Re: Install Sophos. It's free

      Run a CRC first, given what they were serving up from their Partner Portal last month - still I'm sure their free AV is worth every penny.

  7. Peladon

    Truthiness

    Quoting Pontius Pilate, even the Rice/ Webber version, may not be regarded as Good Practice. But - well, bugger Good Practice. I'm going to do it anyway.

    "We both have Truths. Are mine the same as yours?"

    There are, to my poor-witted mind, too many areas where banter or blether becomes perception. Where perception passes into presumption. Where presumption becomes creed, and defined Truth.

    Er - what did he say?

    Hmmm. Consider, if you will:

    All Public Servants sit around all day doing nothing and getting paid a fortune.

    All immigrants are bad/ steal our jobs/ can't speak proper English like wot I can.

    The Weather Man always gets the Weather wrong.

    It always rains on Bank Holidays.

    In securty terms, Apple devices are intrinsik... intransit... intestat.... er, are much betterer than PCs.

    Just because 'everybody knows', even when 'everybody says' - it don't make it True. Or not True.

    While it may be hard to believe, there may well be Public Servants who work hard. And some who may not.

    There have been immigrants in the past who not only contributed to those places to which they immigrated, they even made history. There are likely some who will contribute, and maybe even one who will make history, walking through your immigration control right now. And he (or she) probably speaks your language. Maybe betterer than wot you do.

    There have been times the Weather Man (or woman) got it right. You got wet, because you ignored them.

    There have been dry Bank Holidays.

    Apple computers have been infected by viruses in the past. They will likely be infected by viruses in the future. Perhaps surprising to some - so will PCs.

    We all have Truths. Maybe we should check them over some time - and wonder why.

  8. Anonymous Coward
    Headmaster

    Translation

    "We at Kaspersky would like to sell our bloatware to Mac users, because we need to sell more product." Same as they wanted to flog us anti-virus for our phones a few years back.

    Of course Macs are susceptible to malware. But most of the problem is the big lump of flesh and blood sitting in front of the machine.

    I remember the days of the Amiga and ST. Mates of mine used to run pirated games and got infected. That was user stupidity for a number of reasons (piracy aside, such infections could be prevented from write protecting a floppy).

    Here in 2012 the user problem hasn't gone away (and many Mac users are stupider than most). But as a Mac and PC user, I run AVG on the PC's but the Macs have nothing at the moment.

    If I suddenly get asked for my admin account details while browsing a webpage, that usually rings a few alarm bells for me. But when I've had Windows infections the bloody thing had got infected without warning.

    1. Andrew 63
      Devil

      Re: Translation

      "Here in 2012 the user problem hasn't gone away (and many Mac users are stupider than most). But as a Mac and PC user, I run AVG on the PC's but the Macs have nothing at the moment."

      Says the guy running AVG. AVG has got to be the worst, insecure, bloated and resource hogging AV product (next to McAfee, Norton and Kaspersky) I've ever come across. I've had so many computers cross my palms with this attempt at an antivirus product. A mac is probably safer without AV.

      I'll keep my mac safe with ESET Antivirus (aka NOD32) as and when the threat of increased virus attack arises.

      I'll be honest however, I'm surprised at the lack of viruses and other security flaws (yes there are quite a few, but Windows...say no more) that there actually are for a Mac, by now I was expecting a similar level to Windows but clearly there isn't a market for it yet.

  9. ukgnome
    Coffee/keyboard

    WHAT!

    only 2 "fruity firm" in the entire article.

    It doesn't read like an El Reg article.

    1. Steve Davies 3 Silver badge
      Coat

      Re: WHAT!

      And no 'Foxconn Rebrander' either. el-Reg must be slipping up...

      Mines the one with my MBP in the backback. 4yrs, no AV and no malware etc. Please try that with windows...

      1. ElReg!comments!Pierre

        Re: WHAT!

        > 4 years [...] try that with Windows

        Dear sir,

        My 11 years old Win2K AV-less machine would like a word with you.

        I also have a 6 yo laptop which occasionally boots Vista (there's no penguin-friendly approved tax software here, for example) without any kind of anti-malware, still completely healthy.

        What were you saying again?

        1. Grey Bird
          Stop

          Re: WHAT!

          ...and exactly how do you _know_ the machines are un-infected? I had a friend a number of years ago who wasn't running updated av software or anti-spyware on his Windows machine (w2k to be exact) who thought he was doing fine. When he complained to me how his machine didn't seem to be as fast as it used to be, I recommended he run some particular av & anti-spyware programs on it and he found that he was infested with spyware & virii out the wazoo! He thought his machine was clean, until he actually checked it. So how 'bout you run some anti-spyware/av software checks on your "clean" machines and get back to us with the results. The only way they could be truly clean, without protection, is if they were never connected to the internet.

          1. Ben Tasker

            Re: WHAT!

            That patterns made me a fair bit of cash in the past - "My machine's running slowly, but I'm running AV so it can't be a virus". Check the AV and it was last updated {insert long time} ago.

            The thing is, security is more than action. It's a fucking mindset, you need to understand that there are risks, and make decisions in light of that. Even if there were 0 strains of malware for your OS, you have to accept that one day there might be, so you take steps to protect yourself in advance.

            Half the mac-boys in this comments thread fail outright because they can't even get into the mindset of checking, even occasionally to ensure they aren't infected.

            @AC 04:57 - If your machine is part of a botnet, who gives a fuck if the resources required to run the AV are 10x that to run the malware? There's this thing called responsibility, use some and clean your machine! Given that we've seen (admittedly, Windows) malware that set itself up as a CP server, do you really want to risk having uninformed plod kicking your door in because you couldn't be arsed to run AV? It's extreme, granted, but there's nothing to say it couldn't happen.

          2. Anonymous Coward
            Thumb Up

            Re: WHAT!

            Indeed, the arrogance of some users, especially partially IT literate ones is astounding.

      2. Ben Tasker

        Re: WHAT!

        Mines the one with my MBP in the backback. 4yrs, no AV and no malware etc.

        The thing that always bothers me, is, how do you know for sure? I've no interest in selling AV, so don't misunderstand where I'm coming from, but how exactly do you know that there's no malware on there.

        Can you say for sure that your machine isn't actually a spambot as the result of a rootkit?

        A cursory sweep every now and then should be a minimum for any OS. Wouldn't bother paying for an AV suite for such infrequent use, but there's plenty of OSS software out there that you can use that won't eat half your RAM every time you move the mouse.

        1. Fred Flintstone Gold badge

          Re: WHAT!

          "The thing that always bothers me, is, how do you know for sure?"

          Exactly my point, also for Mac users. I don't buy myths, I need facts so my Mac has anti-virus installed. Simply to provide proof.

          1. Anonymous Coward
            Anonymous Coward

            Re: WHAT!

            >Exactly my point, also for Mac users. I don't buy myths, I need facts so my Mac has anti-virus installed. Simply to provide proof.

            You are assuming that the AV is telling you the truth. How do you know? Are the resources chewed up by the AV more or less than the resources chewed up by being a botnet node? Is the prevention worse than the disease? You might be better just running your banking from a livecd inside a (free) virtualbox. It will probably cost you less than AV and is probably more secure.

            1. Anonymous Coward
              Anonymous Coward

              Re: WHAT!

              "You might be better just running your banking from a livecd inside a (free) virtualbox"

              Since when have malicious screen or key stroke grabbers not been able to grab the info that they need? I don't buy the notion that using linux or whatever in a VB is better security for banking. The better security would be to have a dual boot PC or live CD and do it that way directly well away from the host Win or OSX.

      3. Tom 38

        Re: WHAT!

        AV is a con for the stupid. If you aren't stupid, you don't need AV.

        Unfortunately, there are a lot of stupid people out there who think they aren't.

        1. Ben Tasker
          FAIL

          Re: WHAT!

          AV is a con for the stupid. If you aren't stupid, you don't need AV.

          If you truly believe that, lump yourself firmly in the stupid group!

          Let's assume that you are completely infallible. So you don't make stupid mistakes, at all. Unfortunately someone (let's say Adobe) isn't infallible. Nice big bug in their reader plugin, oh and look a privilege escalation vulnerability in the kernel. Oh fuck, you've been compromised.

          That's not to say you can't fend a lot off by using your noggin, but if you honestly believe that you're too smart to be caught out, then quite frankly you're too fucking stupid to be allowed on the net in the first place.

          As I said before, I wouldn't pay for AV, but what's the harm in scheduling something like ClamAV and rkhunter to run occasionally? Better safe than sorry and all that.

          1. Tom 38

            Re: WHAT!

            I don't allow Adobe Anything anywhere near my computers, I don't download random executables off the internet and run them, I don't allow plugins in my browser, I only open known media types with trusted programs and the box is firewalled to buggery both ingress and egress.

            I've been doing this for 15 years with no virus, trojan or malware. Kaspersky runs at £60/year, so that's a £900 saving. It's a bet, with myself. I bet that I won't fuck up my machine, and so far, I'm winning.

      4. Seanie Ryan
        Black Helicopters

        Re: WHAT!

        fruity frim, foxconn rebrander etc.... Reg, that become old now... get a new line. Same as when everyone started taking the piss on AppleInsider comments because every article they wrote included the line "as first reported last XX by us"

        Mabybe we will start calling Reg as the Nominet or RackSpace Rebrander, seeing as they are suppliers, or the overdrawn firm ?

        as for the article :

        "now that Macs were under attack from bot armies like the Flashback Trojan"

        What other bot armies "like" flashback? are there? answers greater than 1 only and preferably showing a significant threat.

        So effectively he things that BSD is comparable MS XP? Good to know.

        I happen to agree that Apple need to up the game slightly, but his comments are waayyyyy out there.

        Funny though.

  10. ElReg!comments!Pierre

    Very telling...

    What is worrying is not someone saying that even MacOS users need to be careful with what they do with their machines.

    It's not even that someone feels it is even necessary to say it (it should be pretty obvious to anyone with half a functionning brain cell).

    No, what is worrying and very telling is that event though it's extremely obvious, and even though people "in the know" actually take time to explain it slowly and with simple words, a lot of fanbuoys are still in denial, "lalala I can't hear you "-style (as seen in this very comment section for example).

    Which kind of proves the point the guys at Kaspersky were making: some Apple customers need to change their attitude towards security, and yes, the impulsion should probably come from Apple (as some Apple customers won't believe anything that anyone else says).

    Oh well.

    1. Chris 3

      Re: Very telling...

      Actually - if you read through this comments section you'll find no (currently) fanbois suggesting that "that even MacOS users need to be careful with what they do with their machines". None. Find me one.

      You may find people questioning the "10 years behind" statement. You may find people suggesting that actually this article is very light on facts and reads like a puff for Kasperky. But the the rabidly blythe fanboy is difficult to find. They may be out there, but they are fairly rare.

      1. ElReg!comments!Pierre

        Re: Very telling...

        > find me one

        One dismissing the obvious truth because the article mentions the name of a commercial entity, for example?

        > rabidly blythe fanboy

        That's the sad part. Even the non-rabidly blythe fanbois are contaminated. Look at the comment section: Kaspersky have no interest in bashing Macs whatsoever. They might have an interest in scaring people a little bit, but any sysadmin could tell you that it's rather a good thing. A scared luser is a careful luser. Why would they lie about the state of MacOS security compared to Windows security? Yet you have a thread full of Apple users snickering about how their OS of choice must necessarily be safer than Windows, and the security experts are just peddling bullcrap. Spoiler alert: there is no anti-Apple conspiracy. You guys need to stop thinking that everyone unapologetic of Apple is an evil MS drone out to get you.

  11. Si 1
    Devil

    I don't think Apple will do anything...

    Personally, I think Apple's answer to this will be the Gatekeeper feature in Mountain Lion. It basically lets the user select between running anything or only apps signed for the App Store.

    I strongly suspect that "App Store-only" will be Apple's "default" mode and if a user chooses to leave the walled garden then Apple will take no responsibility for anything that forces its way onto users' system.

    Assuming it actually does block all malware when switched on it's a clever way to side-step the problem without actually dealing with it...

    1. Refugee from Windows
      Linux

      Re: I don't think Apple will do anything...

      Hmmm. Official releases from a software repository, where have I heard this before? We don't think that's a bad idea now do we?

      1. Anonymous Coward
        Anonymous Coward

        Re: I don't think Apple will do anything...

        You have NOT heard that before. Apple invented it. It did NOT exist before Apple invented it. If anyone claims otherwise, they will be sued into oblivion.

  12. Lockwood

    1: Macs are flawless, I am constantly told.

    2: "XProtect"? Isn't that a bit close at the front to "XP"? I'm surprised that "Ice Cream" isn't at risk for a similar sounding name to iScream, which looks like an apple product.

    3: I'm pretty sure this'll get thumbbed down by many fanbois

    1. Lockwood
      Thumb Up

      Thumbs up to the fanbois for proving 3.

  13. DrXym

    There is a big difference between Windows and OS X

    Windows is a much bigger target because it has been traditionally insecure by design and by user habits (e.g. running as admin or power user) and it therefore it receives the brunt of attacks.

    But I think as Windows has hardened up, especially with Windows 7 that attackers might perceive the benefit in attacking OS X more. While OS X has had a pretty sound sudo-like security model since it launched it certainly isn't secure by any stretch. And once they're in they get to enjoy a fairly conventional Unix like environment to work in.

    The weakness of the Mac can be seen every time a pwn2own competition comes around and it's the first to fall. Clearly it has vulnerabilities that can be exploited, especially in the usual suspects such as the browser, flash player, PDF viewer and so on. It's just a matter of there being a financial / malicious incentive to do it.

    1. eulampios

      Re: There is a big difference between Windows and OS X

      I agree.

      Mac OSX is more secure by the design inherited from Unix, it is insecure because of the design of Apple inc. Important decisions, including those on security, seem to be made by sickos like the late Jobs. Apple's careless Java patching was not the first priority, a megalomaniac-type idea that everyone is a thief of "their" product - it was instead.

      GNU/Linux and *BSD have secure repositories, central packagers, AppArmor, SELinux or TrustedBSD and no AV bloat. Android has a more sophisticated permission system.

    2. Anonymous Coward
      Anonymous Coward

      Re: There is a big difference between Windows and OS X

      Quote: The weakness of the Mac can be seen every time a pwn2own competition comes around and it's the first to fall. Clearly it has vulnerabilities that can be exploited, especially in the usual suspects such as the browser, flash player, PDF viewer and so on. It's just a matter of there being a financial / malicious incentive to do it.

      ====================================================

      From: http://pwn2own.zerodayinitiative.com/index.html

      March 3rd, 2012: Pwn2Own has concluded!

      Congratulations to VUPEN for placing first and netting $60,000 for demonstrating 2 0day vulnerabilities; one for Internet Explorer and one for Chrome.

      Congratulations to Vincenzo Iozzo and Willem Pinckaers for demonstrating a Firefox 0day and winning $30,000 for placing 2nd.

  14. Anonymous Coward
    Anonymous Coward

    I believe it

    Ever since the Flashback thingy and the 'lock down' of Java in the latest security update, my one and only use of Java (VPN to my work) is a flaky piece of shit - has extreme difficulty recognizing Java is 'enabled'. Now takes me at least 30min of jiggery pokery to get a connection, where as before it was near instant. Bastards.

    I'm now going to force a survey of Mac users at work to get their experiences on record, all with a eye towards forcing work to provide a non-Java solution.

    And yes, I'm getting increasingly pissed off with Apple. Stuff just keeps crashing - don't get me started on iPhoto 11! Fuckers. Almost makes me want to go Win7.

  15. Joerg

    Antivirus companies are the ones that create viruses in the first place...

    It's just as simple as that.

    And it's just plain crazy that the majority of the population worldwide hasn't figured it out anyway.

    It's so obvious. But nowadays very few people think with their own brain to understand even simple things.

    1. ElReg!comments!Pierre
      Thumb Up

      Re: Antivirus companies are the ones that create viruses in the first place...

      You should of use'd the "sarcasm" tag. Now youre headed for 259 downvotes. Never assume its too obvious, theirs always someone who will take its eriously.

  16. Anonymous Coward
    Anonymous Coward

    arrogance and ignorance

    don't ignore this apple, it will bite hard otherwise.

  17. DF118
    Windows

    To paraphrase Christine Keeler

    Well, they would say that, wouldn't they?

    1. Tom 38
      Headmaster

      Re: To paraphrase Christine Keeler

      Pedant alert: That was Mandy Rice-Davies.

      1. DF118
        Pint

        Re: To paraphrase Christine Keeler

        B'derp! Ah well not a bad try; I wasn't even born. Must go off and check my facts!

        1. DF118
          Coat

          Re: To paraphrase Christine Keeler

          Oh, and I even managed to misquote it. Taxi!

  18. Anonymous Coward
    Anonymous Coward

    What a pile of BS

    >> "Even when Apple added signature detection to Mac OS, in the form of it's 'XProtect' module, it was done quietly, without any sort of fanfare," says Emm.

    Oh, you mean EXACTLY like the Windows Malicious Software Removal Tool that runs during a software update and there's no evidence that it has run unless you catch the tiny status message it displays as it's running...?

    >> "I think Mac customers are more at risk because of the historical mis-perception about Mac security. ...

    Well, whenever I download a program and try to run it, OS X warns me that it could be dangerous and I'm running it at my own risk, again, EXACTLY like Windows.

    This article is basically just a bunch of worthless handwaving about a 2006 Mac TV commercial.

    By the way, not sure why iDevices were thrown into the mix since they really are virtually immune to malware thanks to the sandboxing security model for apps. Which Microsoft copied for Windows Phone, a product released 4 years later. Apple is also now doing some sandboxing for apps that you download from its App Store for the Mac. Microsoft still isn't doing anything of the sort (yet).

    1. Bronek Kozicki
      Mushroom

      Re: What a pile of BS

      "This article is basically just a bunch of worthless handwaving"

      no, it is not.

      1. Apple rides on advertising that its invulnerable to PC viruses (http://www.apple.com/why-mac/) . While technically true, it hides the fact that its vulnerable to Mac or cross-platform viruses (e.g. Java ones, like Flashback) , thus not helping the users to understand there are certain risks that still have to be managed .

      2. Apple claims to deliver security updates fast (same link as above), which is demonstrably untrue. The fact is that Apple is very slow to deliver security updates to vulnerabilities which are actively exploited in the wild. Flashback update again - Apple released update 7 weeks after Oracle fixed Java runtime for everybody else. Since Apple does not want 3rd party runtime on its platform, users had to wait for Apple. And once update was published, Apple did not make it obvious that update fixes critical security issue and - it would have been too embarrassing.

      3. There is no automatic update on Macs. If you don't install update, you will not have it. This leads to many users (who happen to believe in false claims 1. and 2.) simply skipping updates and the result of that is that 23.6% of users running Snow Leopard are out-of-date.

      4. Apple is only publishing security updates for current and last version of OS X, meaning older versions do not get updates. This means no security updates for OS X 10.5 or older versions , which is more than 15% user base. This also means that, for 27 millions Macs sold in years 2009-2010, all of those will stop receiving security updates in September 2012 as sold, and will only receive updates for new version of OS X (if user decided to spend money and time on upgrade). For comparison, Microsoft abandons its users after 10 years.

      You want figures? Here http://www.zdnet.com/blog/bott/flashback-malware-exposes-big-gaps-in-apple-security-response/4904

      1. chr0m4t1c

        @Bronek Kozicki

        Re: Point 3

        Default behavior for OSX is to download updates automatically & then ask the user if they're ready to install, it *is* possible to make the update happen automatically, but not straightforward. However, the dramatic reduction in Flashback infections from 600,000 to 30,000 within 10 days of the patch (finally) being released, suggests that your assertions are incorrect.

        Re: Point 4

        Snow Leopard sold ~4 million copies in its first week on sale, so it seems unlikely that anything other than a small proportion of those 27 million Macs are still running Leopard. For anyone with a MobileMe account who is still running Leopard, Apple are now offering a free copy of SL; that should bring even more of those machines back into the patch fold.

        Microsoft tried to kill off XP support when it launched Vista, but were faced with a massive backlash from business customers who not only did not want to downgrade to it, but actively began looking for alternatives, by comparison their previous *desktop* OS (Windows ME) went on sale in September 2000 and went out of support in June 2006, which is not entirely dissimilar to the ~5 years Apple supported Leopard (early 2007->end of 2011).

        Microsoft supports its *server* operating systems for 10 years, but that's no different from any other server OS vendor.

        I wouldn't trust any of Ed Bott's articles about the Mac, he's proved himself to be anti-Apple on more than one occasion and regularly falsifies or mis-represents information in them. Apple themselves only claim 58 million Macs worldwide (and this is more than likely an inflated figure), so it would be difficult for them to let down 70 million of them.

        (Not that this excuses their tardyness in getting the update out in any way.)

    2. Anonymous Coward
      Anonymous Coward

      Re: What a pile of BS

      "not sure why iDevices were thrown into the mix since they really are virtually immune to malware thanks to the sandboxing security model for apps".

      Your ignorance is startling and completely typical of Apple users. You will get what you deserve.

      1. Anonymous Coward
        Anonymous Coward

        Re: What a pile of BS

        >>"not sure why iDevices were thrown into the mix since they really are virtually immune to malware thanks to the sandboxing security model for apps".

        Your ignorance is startling and completely typical of Apple users. You will get what you deserve.<<

        Really? As an app developer I don't see how you could write malware for iDevices. All of the file system, process, and IPC APIs are completely locked down. Please help cure my startling ignorance and let me know how someone can write malware for iOS.

        1. kns2c
          Black Helicopters

          Re: What a pile of BS

          Really? As an app developer I don't see how you could write malware for iDevices. All of the file system, process, and IPC APIs are completely locked down. Please help cure my startling ignorance and let me know how someone can write malware for iOS.

          How about this for comparison: "As a web developer I don't see how you could create malware for Windows distributed via web. Javascript is sandboxed etc etc"...

          You are making a dangerous assumption that malware developers are dumb enough to download Apple's SDK, look at all the restrictions and give up because "it's so secure must be impossible".

          Besides there are plenty of nasty things you can do within the sandbox given sufficiently stupid wetware.

  19. Frederic Bloggs
    Thumb Down

    Have they fixed the XP printer bug yet?

    This would be the same Kaspersky that can't be bothered to explain or fix the problem of printing on XP with their last release? The one that means that in order to print, one has to disable the anti-virus first, print and then enable it again?

    1. ElReg!comments!Pierre
      Joke

      XP?

      Pah! As any full nose, the only version of Windows worth having was Windows2000. Anyone running any other version (especially that bloated pile of crap that XP is) desserves everything they get.

  20. Fred Flintstone Gold badge

    Well, duh.

    I bought a Mac because it works better for me than Windows. Despite the fact that the number of virus infections of OSX is several factors less than those for Windows, I never bought that as fact - I like proof, so I have always had a virus checker on the machine. And I'm familiar enough with operating systems not to do something stupid and to avoid running the machine on an admin account (although that is sometimes a pain).

    Anti-virus companies have a bit of a problem. They should stick to facts, otherwise they will be accused of scaremongering to sell product, on the other hand, dry numbers don't wake people up. Not an easy balance to achieve..

  21. Anonymous Coward
    Anonymous Coward

    Wait...

    So, this walled garden that Macs and iProducts in general inhabit? Is it aiming to corner the market in trojans and malware now?

    Oh waily waily, how will us non fanbois manage?

    bwahahahahahahaha

  22. chris lively

    And?

    As others have pointed out: this has been a known quantity for years.

    Apple, like all corporations, will wait until its actually a problem then address it.

    Not a fanboi, wouldn't even want to own a Mac. However the truth is that the Mac platform is currently relatively safe for consumers. I won't bother comparing it to MS other than to say MS has made extraordinary strides in security.

    When this changes, and it will at some point, then apple will address it. I'm sure they'll call it iSecure or something similarly idiotic.

    Regarding the walled garden. I suspect that they will run afoul of the Government when major competitors start complaining. Which, is not currently in anyone's interest to bother with as they are still very small potatoes in the pc/laptop market and have other problems.

    1. Ben Tasker

      When this changes, and it will at some point, then apple will address it.

      You may be right, but if a company as big as Apple think it's OK to just relax about security and try to fix things retrospectively, it does make you wonder what other important areas get skimped on. Their strength, historically, has always been in design and marketing so it's not impossible they are ignoring some other elements

  23. Looking for answers
    Meh

    Would Kaspersky software have protected me from the Java exploit?

    I realise all computers can get malware, it's just down to the available attack vectors a malware writer can exploit. WIth Java now being managed directly by Oracle. Let's hope Apple responds better to any remaining Mac OS specific exploits in the future.

    But do we really need third party anti-virus solutions to protect us from Mac malware or are they little or no better than own Apple attempts?

    Some questions I'd like Kaspersky to answer:

    1. How did third party anti virus application/vendors protect a Mac from the Java runtime flaw

    a. Before it came common knowledge of the breach.

    b. Before Apple released a patch?

    c. After Apple released a patch and their own code removing any malware.

    2. Did any of the Anti virus vendors release 'temporary' cleanup applications which made matters worse? Hmmm?

    3. I understand Apple 'quietly release' malware clean up fixes as and when they are identified. Including ones which are installed via user assistance i.e. trojans. How do third party anti virus software do a better job cleaning up other Mac specific malware when compared to Apples own efforts?

    1. Bronek Kozicki
      Childcatcher

      Re: Would Kaspersky software have protected me from the Java exploit?

      Answering your question: no idea. It would be possible assuming that Apple allowed for 3rd party firewalls with deep packet inspection (as Microsoft does on Windows) but whether this is actually the case, I do not know. 3rd party firewalls on Windows do protect against these kinds of attacks.

      However, somehow quite a few readers assumed that security engineer employed by Kaspersky is only trying to advertise their product, instead of looking into the claims he made. The thing is, all of these claims are very sensible to me, but somehow this was lost.

      Perhaps security is not that important, as long as customers believe that they are secure?

    2. Mephistro

      Re: Would Kaspersky software have protected me from the Java exploit?(@ Looking for answers )

      "1. How did third party anti virus application/vendors protect a Mac from the Java runtime flaw

      a. Before it came common knowledge of the breach.

      b. Before Apple released a patch?

      c. After Apple released a patch and their own code removing any malware."

      Point 1a: behavioral antiviruses -though they're a pain in the ass in terms of computational resources used- could help here. Also, many AVs send suspicious 'samples' to their creators to be analyzed. Having lots of Mac owners using an antivirus would probably speed up the process a lot. In the PC world most viruses remain hidden only for a few days.

      Point 1b: The antivirus blocks the viruses before they infect the machines, so even if Apple takes its time in publishing a patch -as they usually do- the computer remains safe. Also, for some kinds of viruses, preventing infections also protects machines that don't have AV software installed. There is a similar effect with epidemics/vaccination.

      Point 1c: If the only thing the patch does is to remove the vulnerability, the files you receive may still be infected, even when they can't affect your machine. Having some AV informing you of this would prevent you from i.e. mailing infected files to your friends.

      Point 2: If you expect software makers to make big complex apps without any errors, you're in for a long long wait. :-)

  24. Christian Berger

    The problem will be Apples reaction

    Instead of, for example adding community based repositories to encourage secure software distribution, Apple will simply have an "AppStore", locking out all other forms of software distribution. This of course doesn't bring any actual security.

  25. figure 11

    mac antivirus

    I'm sure I have a copy of Disinfectant around here with my old Quadra if anyone wants it?

    Protect you from CDEF A it will!

  26. Nick De Plume
    Mushroom

    i - diots. And I don't mean it in a derogatory sense.

    People buy in to macs because:

    The hardware looks better. (oh yes, it does)

    The thing works almost as well as advertised (and yes, it does)

    The advertisement promises a "no cares" attitude (oh oh - this can be a spot of bother)

    The thing is in OSX land there be a few snakes. These are dangerous you see, because the snakes are transparent.

    Because the system is not transparent.

    The mindset is: "it just works"

    Yes it does, it is quite nicely engineered (and it doesn't have to cope with an almost infinite number of uncontrollable configuration permutations, 20 years of backlog/legacy software).

    And it did not have to deal with being popular, in the numbers kind of way.

    Until now.

    So, the malware (scare or the real thing) was something the "lowly PC people" had to deal with, and not the apple crowd - they thought they were too exclusive, too untouchable, an idea they readily bought into.

    in the end an OS is just an OS. Anything can be hacked, if it's worth the effort.

    Through the many advances and the subsequent layers in UI/UX majickery the computer may _feel_ like an appliance, but it is not an appliance. It can still bite you.

    Learn about the dipstick in your car. Learn about malware in the wild outback that is the interwebs.

    The moral of my story is: Don't be a blithering idiot.

    1. ElReg!comments!Pierre
      Joke

      Re: i - diots. And I don't mean it in a derogatory sense.

      Careful there. You will end up making powerful ennemies. That PowerMouse can click fast!

      And I don't mean it in any derogatory way.

    2. Anonymous Coward
      Anonymous Coward

      Re: i - diots. And I don't mean it in a derogatory sense.

      Which comes back to a comment I've made a few times and been downvoted for, if you treat your users like idiots then pretty soon all your users are idiots.

      Painfully steep learning curve ahead I think.

  27. xyz Silver badge

    Fanbois sex

    If you presented a fanboy with a willing mate, I can assure you that the FB would ensure that both they and the willing mate would be scrubbed, shaved,, showered, condomed etc etc up to their jacksies, because your average fanboy must be clean and fresh and fragant and presentable to the world of fashion.

    Yet, they'll let their Macs connect to any dirty old port without a second thought and get uppity if anyone even suggests that their machines might be suseptable to a dose of iClap.

    Very odd.

  28. Anonymous Coward
    Anonymous Coward

    Never claim your invulnerable

    Apple created the image of the invulnerable mac years ago to shift boxes, what they didn't realise was that they simply were not targeted as heavily because of smaller market share.

    To use an analogy its like claiming your invulnerable to bullets just because nobody has bothered to aim a gun and shoot at you yet.

    With the rapid proliferation of idevices in the last few years Apple's market share has grown, and now they are starting to be targeted by malware because of the wide usage. The myth of the invulnerable mac is out of date and if perceptions are not changed Apple could be hit hard with a new generation of malware just like microsoft were back in the bad old days.

  29. turnip handler

    Educating the masses

    One issue that would be concerning in terms of security is that someone who has a Apple machine doesn't see any difference between a virus and basic internet security. For example they hear that Macs don't get viruses and so click on any dodgy link they get emailed, open any attachment without thinking and click through on phishing links without worry as they believe they are protected.

    The message that people should be wary of all the basic internet traps even with a Mac should be made, it is a shame that the only people who get this message pushed out are the security vendors as it lessens the message.

  30. Anonymous Coward
    Anonymous Coward

    From what I can see Apple caused this by delaying the distribution of Java 6 update 31 and the fact that I imagine a majority of Mac owners do not use AV.

    There were numerous stories about the Java exploit in March and no doubt it was known before http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/ Somebody at Apple obviously thought it wasn't important as Windows is always the target.

    The "beauty" of Java exploits is that are reliable, cross platform, allow the installation of OS specific malware without user intervention. All it takes is a visit a compromised site or even compromised OpenX http://krebsonsecurity.com/2012/05/openx-promises-fix-for-rogue-ads-bug/ I believe the O2 arena site's OpenX ads were tainted around 4th April.

    The other thing is that all major operating systems have areas that users can write to and although I've never used OS X I expect the user can add applications to run at start-up too in a user specific file. No admin privileges required so no Admin password.

    The Apple response is shockingly bad, from what I can gather Lion users get a Java update and "common variants" removal tool, Snow Leopard users get only a Java update and if you're on Leopard or before - disable Java is the only viable solution, for many this is OK as Java use seems to be vastly over estimated but as mentioned previously, but many Mac users are not IT literate? so something like removing Java could be rather taxing and I don't mean that in a bad way.

    As the old Apple slogan went "It just works" and now it's changed to "It just installs Malware" unless you keep updating your OS X up to date.

  31. Anonymous Coward
    Anonymous Coward

    I'm bored

    I never get malware on my windows machine either. I stopped it from occuring by installing Linux. It's good humor for awhile hearing all the windows monkeys trying to convince everyone that linux and mac are just as vulnerable as windows. Riddle me this. Why is it that when a windows threat is discovered, 9 out of 10 times after updating the operating system and anti malware software and anti virus software (neither of which are consuming resources on my Linux or Mac computers) the operating system remains vulnerable to those threats?

    When a weakness is discovered in Linux or Mac, an os update PERMAINENTLY ELIMINATES the threat ENTIRELY. I do not have to rely on additional software. The weakness is removed, and it is GONE.

    Every time it's the same old thing. Your comparisons are invalid, your proclomations of doom are nothing but ranting about what you see in a mirror. I'm bored. I think I'll go use my computer for something more useful than scanning every file I want to open.

  32. kain preacher

    "Riddle me this. Why is it that when a windows threat is discovered, 9 out of 10 times after updating the operating system and anti malware software and anti virus software (neither of which are consuming resources on my Linux or Mac computers) the operating system remains vulnerable to those threats" Show me proof of this.

This topic is closed for new posts.

Other stories you might like