Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 03 May 2006 15:55

Mac OSX safe as houses not Windows

The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification.

Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What's more, Mac users don't need to install firewalls and anti-virus software.

"All platforms are capable of getting viruses, including both Mac OSX and Linux. If you did your work, you could create a virus which would infect some Mac systems but not many systems, not by any stretch all Mac systems and you're not likely to do much damage," says Zymaris.

According to Zymaris, at the most basic level, Windows machines get infected by malware through poor design, which is not the case with Macs.

"Where do these things called viruses come from? In Windows there are a number of different vector approaches. One of them is that somebody sends you a word file and you open it up and get infected. In more recent generations they're blocking these things off by making Word not run macros automatically. So now it comes back and asks you: "Do you want to run this macro?" That's a big mistake. It should not ask you and it should not allow any macros to run at all ever without you specifying yes run this macro. This is neglect in design which is how many Microsoft viruses work.

"Other things that look at first glance to be a really cool idea can be a problem. For instance, we pop this CD-ROM in and Windows automatically recognises it and it runs the software that launches the program installer. That's really cool for Joe and Jane Average. Except when you get a disk with a virus on it and it goes ahead and runs it.

"If you allow the operating system to essentially launch code unbeknownst to the user then you're in deep dog doo-doo. This is essentially what Microsoft has done with Outlook. With Outlook you can send it an email with an attached script and it will go off and execute the script. What insanity is that? This is years after they had a spate of all the Word and Excel macro viruses."

So what happens in the Mac OSX world?

Register "Now with the Macintosh, let's say Apple did the same thing. Then essentially Macs would be infected via the same approach that Windows is with Outlook, Word and whatever else. However, Apple are clever and they don't provide that kind of facility, so that greatly reduces the chances of their devices getting a virus.

"Second port of call is a system where if you put in a disk and run a program that the system will automatically be infected, including its core system components rather than just user data. On Windows, you can put in a disk and get a virus just by running an .exe file off it. That can do substantial damage to your system because the system internal components aren't substantially protected. Whereas on the Unix based Mac, not the old Macs, and on Linux the system components are protected.

"If you're Joe User, you could never do anything that damages your core operating system. Yes, you could run a program that brings up a virus which runs something that deletes your files - and that is a problem. However, you couldn't do something that damages the system. That's because both Mac and Linux are underpinned by a Unix-based system that has a particular view on who has rights and privileges to access and modify different things in different areas. Windows never really had that which is the other big reason why they get the kinds of viruses that Mac OSX and Linux class just don't get."

So do Mac computers need firewalls and anti-virus protection?

"Essentially no is the answer. Why do we need firewalls? We need them if and only if you have services which offer connectivity from the outside world into your box. So if you're running a standard workstation and it does not have a mail server or an FTP server or a file sharing server or a web server or none of these other things that offer the outside world the ability to come and connect to your box, you don't need a firewall. On the Windows machines by default it goes off and creates all these services that sit there and create these gaping holes. Having said that, firewalls are by default available on OSX and Linux and there is no reason not to run them if you're running a small office environment.

"As far as anti-virus software is concerned if you're running Mac OSX or Linux, you don't need it. How is a virus going to infect you? If you're a Mac or Linux someone has to send you a program and tell you to login as root and run this program as administrator - that's how you would get a virus. What are the odds of that happening? In the Windows environment, you don't have that kind of rights segmentation, so when you click on that fake greeting card that someone sent you by email, the program will happily infect your system because the system didn't have to ask you to login as administrator and give it permission to make changes to itself. Having said that, there are ways around the system but they take an immense amount of work and, to do real damage, other than deleting files, a virus writer would have to be lucky enough to deliver the payload to someone logged in as administrator."


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Stan Beer


Stan Beer co-founded iTWire in 2005. With 30 plus years of experience working in IT and Australian technology media, Beer has published articles in most of the IT publications that have mattered, including the AFR, The Australian, SMH, The Age, as well as a multitude of trade publications.



Recent Comments