HOME
TOPICS
SEARCH
ABOUT ME
MAIL

 
The ratio is still 200,000 to 2, but "2" is a long way from "zero."
 technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

T e c h n o f i l e
OS X Macs now have viruses of their own


March 19, 2006


By Al Fasoldt
Copyright © 2006, Al Fasoldt
Copyright © 2006, The Post-Standard

   Life just got a little easier for all the Windows users out there. They no longer have to put up with all the bragging from their Mac-owning friends and neighbors about computer viruses.
   That's because, as embarrassing as it might be to Apple fans, the company's OS X Macintosh computers now have a couple of viruses of their own.
   Mind you, the ratio is still fearsomely one-sided -- there are 200,000 Windows viruses and only two for OS X -- but until the last few weeks the ratio was infinite, 200,000 to zero. The difference between "two" and "none" might not seem like much, but it makes all the difference in the world to the cadre of loyal Apple fans who choose OS X Macs, in part, because they were touted as being safer than Windows PCs.
   Apple users don't have to get nervous yet. Mac OS X -- pronounced "OS 10" (the "X" is a Roman numeral) -- is a Unix operating system designed with safety in mind. It's still less vulnerable to attack and infection than Windows. But events of the last few weeks show clearly that modern Macs are not, as Mac fans had hoped, invulnerable.
   First there was a report that someone had created a virus that spread over Apple's iChat instant-messaging system. Although the virus, called OSX/Leap-A, didn't harm Macintosh computers -- it turned out to have been badly written, so all it could do was spread without doing anything else -- it left a trail of worry throughout the Macintosh community.
   Security experts pointed out that Leap-A wasn't even the kind of virus that could sneak into a Mac anyway. They called it a worm. Because OS X does not allow programs to run without the user's permission, Leap-A actually needed the user to type an "admin" password to allow it to run. This kept it off most Macs that encountered it.
   But any "feel-good" relief Mac fans got from the please-may-I-infect-you nature of the Leap-A virus didn't last long. Apple's highly regarded OS X Web browser, Safari, was next in line for bad news. It had a nasty habit of extracting the contents of compressed files (such as ZIPs) and running programs within them automatically -- behavior that could easily cause problems if the programs were viruses or worms.
   As if to show how unsafe this browser problem could be, a new virus, hidden in downloaded files, showed up almost instantly. It was a "proof of concept" virus, apparently written to show that such a feat was possible, called OSX/Exploit-ScriptEx.
   Apple fixed the problem with Safari by issuing security updates. OS X Macs are designed to receive such updates automatically.
   What seemed like more bad news came in late February from a "hacker competition" in Sweden in which a new OS X Macintosh computer, left unattended on a network, was broken into within a half hour. But the "attack" was meaningless, having been staged on an insecure network. (The break-in amounted to the computer equivalent of finding a burglar in your home after you left your back door ajar.)
   Reacting to that last week, a University of Wisconsin student invited hackers to try to break into a similar OS X Mac on a more secure network. No one was able to get past the Mac's security.
   The virus outbreak and reports of security problems leave OS X users with a dilemma. Chances of getting a virus or being hacked by intruders are infinitesimal. Windows users, as we saw earlier from the 200,000:2 ratio, are far more likely to be infected, so the previous advice I gave still might seem sensible: I used to tell Mac OS X users not to bother with antivirus software.
   But that was then, and this is now. I've changed my mind. I'm now recommending antivirus software for all Macintosh OS X computers.
   I've tested two AV programs and found both easy to use and, from what I could tell so far, very effective. They are Intego VirusBarrier X4 ($70, from www.intego.com) and Sophos Anti-Virus 4.7 for Mac OS X (for businesses only, with costs on a sliding scale, from www.sophos.com). Another possible source of protection is Trend Micro, at www.trendmicro.com, which apparently is preparing a free online virus check for OS X Macs. It was not ready when I wrote this article.
   Both the Intego and Sophos programs check for viruses all the time your Mac is running, and both block Windows viruses in addition to OS X viruses. This makes your Mac a good neighbor to the unprotected Windows PCs you share e-mail with. I used to think that was asking too much of Mac users, but I've realized I was wrong.
   You can read a about my experiences with Intego VirusBarrier and Sophos Anti-Virus in a special report for OS X users on the Technofile Web site, at www.technofileonline.com/texts/mac031906.html. For protection of Windows PCs, I'm still recommending AVG antivirus. Read my report at www.technofileonline.com/texts/tec070305.html.