Malware, the Mac, and the wolf

John Gruber’s delivered a list of previous claims that the Mac is about to succumb to malware real soon now under the title of “Wolf!

The analogy John’s making is that the pundits should all remember the tale of the boy who cried wolf. But, as my friend Graham pointed out, John’s missing something: at the end of the tale, on the last occasion, there actually was a wolf.

There is no such thing as a perfectly secure operating system. Sooner or later, there will be a wolf.

Enhanced by Zemanta
  • Anonymous

    But the problem is that I can’t tell when there is a wolf because of the overzealous nature of these reports. The quotes cited by Gruber were all over the top claiming imminent calamity. Obviously it is possible to have a malware outbreak on any platform but that doesn’t excuse the analysts from bad analysis.

    Until there is a proven risk, no one should take these reports seriously. Proven means that a significant group of Mac users are successfully attacked through no fault of their own. Getting owned by downloading what you think is cracked copy MS Word doesn’t count.

    If I had believed previous reports since 2004, I could have wasted hundreds of dollars on worse than useless software. There have been far more reports of damage done by broken anti-virus software on OS X than have ever been reported from actual malware.

  • http://twitter.com/larryv Lawrence Velázquez

    I think the extreme terseness of Gruber’s piece lends itself to misinterpretation, in whichever direction the reader is inclined to misinterpret. People who are unreasonably secure in OS X’s relatively clean real-world track record take it as proof that they’re right, and there’s nothing to worry about. People who are convinced that OS X is under siege will see Gruber being dense and ignorant about the situation and will continue to proclaim that the party is over.

    I largely agree with Guy English’s take ( http://kickingbear.com/blog/archives/166 ). For now, normal folk can mostly ignore the panic-mongering (within reason; shouldn’t download random crap, etc.), the tech-saavy should be wary, and Apple and the security industry should keep their eyes wide open.

  • http://www.technovia.co.uk Ian Betteridge

    But here’s the problem: By the time it’s a “proven threat” it’s too late, doubly-so for the people who buy into the idea that “using a Mac” = “don’t have to think about security”.

  • http://loud.anotherquietday.com Baldur

    There needs to be a lot of education among mac users about basic security issues (Rule no. 1: Don’t Use Safari, it’s consistently the most vulnerable browser in all hackfests and research). The way most of the pundits talk (both the pro-mac crowd, like Gruber, or the anti-mac crowd) undermines any such effort. The anti-mac people do little more than shill for bloated antivirus packages and the pro-mac crowd poopoos the entire issue.

    So, we’re stuck.

  • Anonymous

    Do you really believe that? Do you really think that the first credible attack is going to get all (or nearly all) Mac users in the first go? That seems unlikely in the exteme.

    Sure some might be unlucky enough to be hit first but most people will get plenty of warning. This is especially true if it the attack is a clever social attack with a trojan.