JavaWoman considers…

The days of innocence

Back in the days before there was a World Wide Web or even Windows, I ran a little informal subscription service for my colleagues: I knew a few trusted nodes on FidoNet, and scanned them regularly for new versions of anti-virus software, mostly F-prot, which was free as well as very good. When a new version was out, I downloaded it, and sent an internal email to my little subscription list; my subscribers then sent me an empty 1.44Mb floppy disk by internal mail, and I sent it back to them with the new version on it, and a short instruction on how to use it.

Looking back on that now, those were the days of innocence: there was a new version roughly once a month, and the whole program (including the signatures) fitted easily on one floppy disk. You might get infected by visiting a malicious BBS server, but most viruses spread via floppy disks.

When email became more common (often via such services as CompuServe or AOL), infection via an email attachment became a possibility, but the floppy disk remained the main vector of infection. It took a long time for the WWW and email to become the main vectors for malware infections.

Risk of infection does not equal vulnerability

But then, as now, the writers of malware concentrated on having maximum effect, or doing maximum damage, which in practice means writing for the most-used operating system, or (to ensure speedy spreading of a worm) the most-interconnected systems. These days, of course, that means PCs running Windows, connected via the Internet.

Mac loyalists claim that the dearth of documented malware infections in the wild is proof that Mac OS X is secure. Of course, this is like saying that the dearth of burglary in one’s home is proof that its unlocked front door is secure.

And — not surprisingly — most infections happen on Windows computers. You might think that implies Windows is the most vulnerable; it may be true, but you can't tell from the number of infections: you would at least have to take the number of machines running Windows into account as well. But it is impossible to write a non-trivial piece of software without any bugs, vulnerabilities are bugs, and operating systems are far from trivial. Which implies that any operating system will have vulnerabilities.

So is a Mac secure?

Last December I bought a MacBook - my first Mac machine. Now many Mac users have long been smug about the dearth of infections on their systems, but I certainly had no illusions about the existence of vulnerabilities in Max OS X - it's as non-trivial as Windows, after all. But I'm also aware that Mac sales are climbing, and the machines are gaining market share.

In spite of that I was somewhat taken aback when in January I went online with it and found an impressive, not to say somewhat alarming, number of security updates. If nothing else, it convincingly proved that there are indeed vulnerabilities in Mac OS X, and it's highly unlikely the last of them have been found now. So the recent article on IT Security by David Hakala is certainly timely. “Your time might still come,” he warns, and I agree.

So, there's no need to feel smug just because you use a Mac and not a Windows machine. What's more, the newer MacIntels can run Windows, too - either separately via Boot Camp, or right on your OS X desktop via virtualization software such as Parallels.

The vast majority of attacks target Windows machines. Once a virtual Windows machine is compromised, it's possible to take over the OS X machine as well.

If you do that (and I do) you should be aware that any OS X security software (such as its still underpowered firewall) will not protect you from infection of your Windows installation(s). And as David Hakala points out, cross-platform infection is a potential problem on Macs that are running OS X and Windows under virtualization software. Your Windows on your Mac should have its own full complement of security software: at the very least a good firewall that detects and can stop suspicious outgoing traffic, too, not just incoming traffic. In addition, the spread of cross-platform software also brings the risk of cross-platform malware.

Keep up-to-date

It certainly is a good idea to keep your Mac up-to-date with security updates. And if you run Windows on your Mac, make sure that also has its full complement of security software. Be safe out there!

Quotes from Is Your Mac Vulnerable to OS Security Breaches?

Tagged: Windows, worm, Mac, OS X, virus, malware, security