My final word on the whole “Macs don’t get viruses” thing

Posted on May 26, 2011 by Ian Betteridge

It’s something you hear all the time when you read forums and comments. Someone talks about malware and instead of saying malware, they say “virus”. And someone pops up to reply “Macs can’t get viruses. [Mac Defender][] isn’t a [virus][] – it’s a [trojan][]“.

And it’s true: There isn’t a self-replicating infectious programme for the Mac. They’re not impossible to build (just because you don’t have Admin privs doesn’t mean it can’t be done) but at present, they don’t exist.

But you know what? It. Doesn’t. Matter.

It doesn’t matter for two reasons: First, to someone who’s got Mac Defender stuck on their machine, whether it’s a virus or a trojan or a god-knows-what doesn’t matter – it’s messing up their Mac, the one they bought because little-jonny-know-it-all told them “Macs can’t get viruses” – and they didn’t know that little-jonny-know-it-all had small print at the bottom of his statement saying “Of course, they can get trojans”.

Second reason it doesn’t matter: By FAR the biggest number of malware threats to Windows aren’t viruses either. In fact, most Windows malware writers don’t bother with self-replication or even exploiting known security holes, because trojans which use social engineering are far, far more effective – they, unlike viruses, can’t be patched out of existence.

But does the average Mac user know this? No. The average Mac user still appears to think that viruses are the biggest threat on Windows, and that malware writers do it for bragging rights. That’s a picture that’s so far out of date it’s not funny.

[Mac Defender]: http://blog.intego.com/2011/05/02/intego-security-memo-macdefender-fake-antivirus/
[virus]: http://en.wikipedia.org/wiki/Computer_virus
[trojan]: http://en.wikipedia.org/wiki/Trojan_horse_(computing)

This entry was posted in Macs. Bookmark the permalink.
  • http://www.fscked.co.uk/ RichardGaywood

    Dear God, ^this^.

  • Anonymous

    “For someone who has got Mac Defender or variant stuck on their machines.” 
    There are some simple walkthroughs to remove it. Step by step instructions for doing it.

    On the second point I don’t really see how you can fix social engineering. Awareness helps of course but really if someone is stupid enough to actually give out their credit card to install malware then, well, what can you say?

    Admittedly the latest self-installing version is going to be a major issue but how is this any different from the hackers attacking PSN on a weekly basis – are we supposed to just unplug our machines from the net?

    I don’t know what you want to achieve here, Ian. But I think from their response Apple are intending to take this bull by the horns and fix this.

    I, for one, don’t want to have to slow my machine down or pay someone a tithe for using it. A lot of this information is coming out of a parasitic industry that has now lost out to Microsoft who are doing their own solutions to this problem. It is not the information I am denying it is the fact that the majority of the fear, uncertainty and doubt is coming from parties that will make money on that very fear.

  • Anonymous

    “But does the average Mac user know this? No. The average Mac user still appears to think that viruses are the biggest threat on Windows, and that malware writers do it for bragging rights”

    Well I’m always up for a good Artie McStrawman appearance.

    How do you know the “average” Mac user believes this? Because some anonymous person posted it in an online forum?

  • Anonymous

    The security of any machine is limited by the factor that resides between the keyboard and the chair.

  • http://www.technovia.co.uk Ian Betteridge

    Come on James – seriously, you know there’s a metric buttload of people out there who think, and say, exactly this. 

  • http://www.technovia.co.uk Ian Betteridge

    “I don’t know what you want to achieve here, Ian. But I think from their response Apple are intending to take this bull by the horns and fix this.”

    That’s the point: It’s not fixable. Apple can make the OS more secure, but it can’t “fix” this for users. What it can do – and what the Mac press needs to do – is take security seriously enough to educate people that just using a Mac doesn’t make you secure.

    “I, for one, don’t want to have to slow my machine down”

    Then don’t. Your choice. I should point out, though, that my work machine runs Symantec and doesn’t slow down one jot. 

    “or pay someone a tithe for using it.”

    Unless it’s Apple, and the tithe is what you pay to update your OS :)

  • http://twitter.com/Westwit Wesley M.

     Artie MacStrawman — that’s another alias of Daniel Eran Dilger, right?

  • http://twitter.com/Westwit Wesley M.

    In all seriousness, there are people who listen to him, or listen to AppleInsider where they hear such things. And those anonymous forum people you dismissively sneer about are the ones who are in the Apple support forums wondering how it is possible they got hit by Mac Defender.

  • Anonymous

    “That’s the point: It’s not fixable.”
    So there is no solution to this? I think not Ian.

    “I should point out, though, that my work machine runs Symantec and doesn’t”
    And how much a year does that cost to run?

    “Unless it’s Apple, and the tithe is what you pay to update your OS :)
    Updates of OS’s (incremental point fixes have always been free). My last update to Snow Leopard cost 29 bucks – how much does Symantec cost to run a year?
     

  • http://www.technovia.co.uk Ian Betteridge

    LOL!

    Exactly. 

  • http://www.technovia.co.uk Ian Betteridge

    It’s not fixable in the sense of patching the OS is not going to fix it. This isn’t a security hole that Apple can patch. 

    Symantec – If you’re a consumer, £30 a year for two machines. If you’re site licensed, a lot less. Basically, probably what I spend in Starbucks per month.

    I pay four times as much just for Spotify. It’s not like this is a vast amount of money. And, if you don’t want to pay a bean, there’s always Sophos AV Home Edition – which is free (and what I have on my MacBook Air)

  • Anonymous

    Yes, precisely one metric buttload of Mac users believe this. But there are more than three metric buttloads of Mac users–making the ones that believe it not average. Sorry. The numbers prove it. 

  • Anonymous

    Yes, precisely one metric buttload of Mac users believe this. But there are more than three metric buttloads of Mac users–making the ones that believe it not average. Sorry. The numbers prove it. 

  • Anonymous

    Once the Mac has had the malware, there’s no going back to virginity.

    That’s it. Please no more “it’s fixable” bullshit. Not virgin.