Scare tactics don't rattle Mac users

By Fran Foo, News.com
Posted on ZDNet News: Sep 29, 2005 12:22:00 PM

Symantec's latest Internet Security Threat Report continues to voice concern for the security and stability of the Mac operating system, OS X in particular. The publication covered findings for the first half of 2005.

"An ever-increasing number of users are adopting OS X. Many of these users believe that this operating system and the applications that run on it are immune to traditional security concerns. However, as evidence suggests, increasingly they may be operating under a false sense of security," the report stated. What exactly was the supporting and undisputed evidence? A SecurityFocus page that aggregates 78 entries of OS X flaws starting from version 10 (circa 2001) onwards. Compare this to Windows ... well, where would you start? OK, I hear your ... it's not an apples-to-apples comparison.

SecurityFocus describes itself as a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community. Oh, and by the way, SecurityFocus was acquired by Symantec in 2002.

The report briefly touched on a Trojan called OSX/Weapox--its discovery indicates that OS X may no longer be spared from widespread attack. "Though vulnerabilities and malicious code targeting other operating systems continue to outnumber those on OS X, Symantec recommends users continue to apply security patches and educate themselves on OS X security issues," the report stated.

Symantec's stance against OS X users--that this group is delusional--is familiar.

The false-sense-of-security claim was mentioned in a previous report which covered the second half of 2004. Then, Symantec said increased adoption of the Mac mini will escalate malicious activity since it could be purchased by less security-savvy users. These statements were widely covered in the press and opined on by your writer.

The company also claimed OS X's BSD-Unix origins made it susceptible to vulnerabilities.

In the latest report, however, the Mac mini didn't score a mention. This is due to the fact that OS X has increased in popularity on all of Apple's platforms, Symantec security manager Dean Turner said.

"When we referred to the Mac mini we were referring to it as a popular device for OS X (which we continue to talk about). "Cheaper hardware can mean increased adoption ... which has been the case for Apple," Turner said.

Indeed, the mini version is more affordable compared with the sleek iMac; a 1.25GHz 40GB Mac mini costs $429 but throw in a keyboard, mouse and monitor, and the cost is almost comparable to a Dell or any other IBM compatible, while a 1.8GHz, 17 inch iMac starts at $1,299.

Symantec reckons as Mac OS X increases in usage, bad things will happen. Last week was a prime example--Apple released 10 security patches but made no mention to how dangerous the flaws were. As company policy, Apple tends to keep mum in such instances. As clearly stated on its Web site: "For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available". It was Symantec and the French Security Incident Response Team that labeled the flaws "critical".

The media is used to the silent treatment from Apple. When the recent Symantec report was released, I asked Apple to counter the allegations made by the antivirus company.

The response was plain disappointing. "Apple does not comment on another company's claims. We expect users to be vigilant about security and take whatever steps are necessary to secure their operating environment. According to Sophos, the top 10 viruses listed do not impact Mac OS X," Apple Australia spokesperson Debbie Kruger said.

Apple didn't respond when asked if OSX/Weapox was such a menace — as Symantec claimed--to its users.

Of course, there's more to security threats than viruses and worms.

Antivirus firm Sophos believes the malicious software Renepo (alias Opener) is plain nasty. "It turns off system accounting, turns off the OS 10 firewall, turns off auto updates, turns file-sharing on, opens an SSH back door, downloads and installs an open source video conferencing program and opens it in 'do not advise the user mode'," Paul Ducklin, Sophos Asia-Pacific head of technology, told ZDNet Australia in a previous interview. While Macs are safer compared with Windows, Ducklin thinks the existence of Renepo should be a "sanitary reminder" that bad things can happen.

There's not doubt that Mac users believe they operate on a superior platform--when you pay for a BMW, you expect a luxury car, not a scooter--but to allude that OS X customers are living in a world of fantasy is fancy on any vendors' part. If Symantec or anyone else hopes to "educate" Mac users on security, here's a word of advice: don't go it alone; speak to Apple and let the voices at Apple carry the message.

Antivirus makers like Sophos and Symantec have thrived under the auspices of Microsoft--the vulnerability of Windows and related products has helped create and sustain these companies. Isn't it blindingly obvious why Mac users are immune to the "advice" from these players?

biography
Fran Foo is managing editor of ZDNet Australia.