Mac OSX safe as houses not Windows

Stan Beer
Wednesday, 03 May 2006 15:55

Opinion and Analysis

The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification.

Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What's more, Mac users don't need to install firewalls and anti-virus software.

"All platforms are capable of getting viruses, including both Mac OSX and Linux. If you did your work, you could create a virus which would infect some Mac systems but not many systems, not by any stretch all Mac systems and you're not likely to do much damage," says Zymaris.

According to Zymaris, at the most basic level, Windows machines get infected by malware through poor design, which is not the case with Macs.

"Where do these things called viruses come from? In Windows there are a number of different vector approaches. One of them is that somebody sends you a word file and you open it up and get infected. In more recent generations they're blocking these things off by making Word not run macros automatically. So now it comes back and asks you: "Do you want to run this macro?" That's a big mistake. It should not ask you and it should not allow any macros to run at all ever without you specifying yes run this macro. This is neglect in design which is how many Microsoft viruses work.

"Other things that look at first glance to be a really cool idea can be a problem. For instance, we pop this CD-ROM in and Windows automatically recognises it and it runs the software that launches the program installer. That's really cool for Joe and Jane Average. Except when you get a disk with a virus on it and it goes ahead and runs it.

"If you allow the operating system to essentially launch code unbeknownst to the user then you're in deep dog doo-doo. This is essentially what Microsoft has done with Outlook. With Outlook you can send it an email with an attached script and it will go off and execute the script. What insanity is that? This is years after they had a spate of all the Word and Excel macro viruses."

So what happens in the Mac OSX world?

"Now with the Macintosh, let's say Apple did the same thing. Then essentially Macs would be infected via the same approach that Windows is with Outlook, Word and whatever else. However, Apple are clever and they don't provide that kind of facility, so that greatly reduces the chances of their devices getting a virus.

"Second port of call is a system where if you put in a disk and run a program that the system will automatically be infected, including its core system components rather than just user data. On Windows, you can put in a disk and get a virus just by running an .exe file off it. That can do substantial damage to your system because the system internal components aren't substantially protected. Whereas on the Unix based Mac, not the old Macs, and on Linux the system components are protected.

"If you're Joe User, you could never do anything that damages your core operating system. Yes, you could run a program that brings up a virus which runs something that deletes your files - and that is a problem. However, you couldn't do something that damages the system. That's because both Mac and Linux are underpinned by a Unix-based system that has a particular view on who has rights and privileges to access and modify different things in different areas. Windows never really had that which is the other big reason why they get the kinds of viruses that Mac OSX and Linux class just don't get."

So do Mac computers need firewalls and anti-virus protection?

"Essentially no is the answer. Why do we need firewalls? We need them if and only if you have services which offer connectivity from the outside world into your box. So if you're running a standard workstation and it does not have a mail server or an FTP server or a file sharing server or a web server or none of these other things that offer the outside world the ability to come and connect to your box, you don't need a firewall. On the Windows machines by default it goes off and creates all these services that sit there and create these gaping holes. Having said that, firewalls are by default available on OSX and Linux and there is no reason not to run them if you're running a small office environment.

"As far as anti-virus software is concerned if you're running Mac OSX or Linux, you don't need it. How is a virus going to infect you? If you're a Mac or Linux someone has to send you a program and tell you to login as root and run this program as administrator - that's how you would get a virus. What are the odds of that happening? In the Windows environment, you don't have that kind of rights segmentation, so when you click on that fake greeting card that someone sent you by email, the program will happily infect your system because the system didn't have to ask you to login as administrator and give it permission to make changes to itself. Having said that, there are ways around the system but they take an immense amount of work and, to do real damage, other than deleting files, a virus writer would have to be lucky enough to deliver the payload to someone logged in as administrator."