For years we’ve heard warnings of a deluge of Mac based viruses coming as the Apple systems gained popularity. Does the Mac Defender program that’s infecting OS X systems represent a new risk for Apple computer users or is just another trick targeting unsuspecting computer users.
Recently Daring Fireball’s John Gruber called those predicting an immanent deluge of Apple Malware out in his “Wolf” post, pointing out seven years of warnings of an impending wave of Mac based security attacks which never eventuated.
Mac Defender, a Trojan Horse which pretends to keep Apple systems secure, is catching unwary Mac users. To many who’ve cried “WOLF!”, this is the first horseman of an Apple apocalypse.
Are we really about to see a wave of Mac based malware similar to that which plagued Windows users over the last 15 years? The truth is more complex than just Apple and Microsoft fanboys trading insults.
Can an Apple Mac catch viruses?
The short answer is “yes”. Every computer system has some weakness that can can be used by rogue software. Apple Macs, Linux computers and even corporate mainframes have software flaws that can catch out the unprepared user.
Given there are always flaws in software code, it’s important that a computer operating system has some protection against installing unwanted programs. Apple, and other systems, avoided the problems of the Windows world by putting more barriers in the way of rogue applications finding their way on to machines.
The “big target theory”
Windows’ susceptibility to viruses is often put down to it being the biggest target. Because over 90% of the world’s computers were running on Microsoft Windows, the theory goes, it was the obvious target while Apple, Linux and smartphone applications are too small to be worthwhile for the dedicated hacker.
This “big target” theory is bunk – predators, vandals and criminals go for the weakest victims and Windows was by far the easiest target.
If we think of the different software systems as being homes on a street, most of the houses were small with well maintained fences and secure locks on their doors. They weren’t immune from being broken into, though to do so involved a degree of skill and cunning.
The biggest home on the block, the House of Microsoft, chose to have a pretty poor fence and few locks. It didn’t help that the occupants, more often than not, would gladly let anyone in and were mildly suprised when the odd uninvited visitor made off with the silverware or graffitied the garage door.
Windows computers were the easiest target on the block and this was why they were targeted. The fact they were by far the most popular systems was an added bonus for malware writers.
“Security by obscurity” is not the reason Macs attract fewer malware attacks.
Why did viruses attack Windows?
To understand why Windows is more prone to viruses we have to go back to 1998 when Microsoft were preparing for the next generation of systems to replace the aging Windows 95, 98 and ME platforms.
Microsoft based their new operating system – Windows XP – on their existing Windows NT system which had a strong security focus that allowed users to run in restricted profiles, preventing them altering key system files, this was perfect in a world where users were connecting to the World Wide Web and exposing themselves to multiple new security risks.
A problem for Microsoft was many of their consumer and office products didn’t like being denied full access to the systems they were installed on. It was possible to run Microsoft Office and other applications without full Administrator permissions – and many big organisations did – but doing so involved the resources of a skilled, full time IT department which was beyond most Windows users.
So Microsoft made the decision to sell Windows XP to the general public with Administrator access enabled for ordinary users. It meant various programs would work properly but it also gave full access to all the internal parts of Windows. Microsoft decided there were would be no secure parts on a standard, out-of-the-box Windows XP computer.
Internet Explorer blues
To compound the security problem Microsoft had decided to continue the integration of the Windows web browser, Internet Explorer, into the core functions of Windows XP – something they’d started when they’d discovered the Internet shortly after releasing Windows 95 – a policy that had already created a malware nightmare with Windows 98 and ME.
Internet Explorer itself was prone to security problems because of a programming language built into it called Active X that allowed applications to run without the user knowing. This was convenient for users and websites but basically invited virus writers and hacker into a system through the web browser.
Put a deeply flawed Internet Explorer together with most users running their computers with full Administrator rights and conditions were perfect for the tidal wave of malware that swamped the Windows world in the period of 2001 to 2004.
Faced with massive problems Microsoft steadily improved security on their consumer products, the later versions of Windows XP were substantially better than the first version with the releases of Microsoft Vista and Windows 7 seeing great improvements that reduced the virus and malware threats.
Microsoft’s bad choices reverberate today though with Windows users lumbered with layers of security to protect them from rogue applications and frequent nasties that manage to sidestep the safeguards.
Social Engineering
As Windows computers became more secure, and criminal gangs more aware of the opportunities residing on people’s desktops, the threat moved on to “social engineering” tricks that involved either posing as a financial opportunity – phishing and the notorious 419 scams – or offering “free” software, pictures and music to unsuspecting users.
Often the free download hid a program called a Trojan horse that would sneak something ontoward onto a victim’s computer, this is what the Mac Defender program is.
Trojan horses and phishing attacks don’t rely on weaknesses in a computer’s software, they rely on fooling the user. So it doesn’t matter what computer system the victim happens to be running as long as they can be fooled into doing something.
Is there a wave of Mac malware looming?
While those who’ve called WOLF! on Mac viruses in the past might be celebrating what appears to be a breakout of malware targeting the Apple Mac, the conditions that caused the boom in Windows based malware don’t exist on the OS X operating system – or on mobile platforms like Android, Blackberry or the iPhone’s iOS for that matter – so a virus boom isn’t going to happen.
On the other hand, new social engineering tricks are evolving as savvy conmen come up with new and original ideas to fool us into giving away our bank details or installing rogue application on our Macs, smartphones and social media applications.
Fighting old battles
In many ways arguments about malware attacking operating systems is the old battle. The virus fight is largely over as vendors, particularly Microsoft, and users learn secure ways to use their computers.
Today’s security battles are being fought in the cloud and on social media platforms as scammers and users come to grips with the changed security and computing environment.
Most of what we do on computers today relies upon the Internet, that we use a Mac or a Windows machine doesn’t really matter that much as the serious threats are now lurking on our Facebook and cloud computer applications. We need to stay alert regardless of the computer, or smartphone we choose.
does your comment on Apple’s apparent freedom from savvy conmen eager to intrude on my “IBM” computer mean that there is no reason for me to change to an Apple machine?
I think you’ve misread the article, Ivan. I’m not saying Apple users are free from conman, on the contrary.
My main point is the threats to computer users have moved on and now largely come from online scams which don’t care what computer you use.