Home > Mac News > Just Bad Reporting… Yet Again

Just Bad Reporting… Yet Again

November 25th, 2008

Here we go again: another spate of news stories about new Mac “viruses” with prognostications of an oncoming wave of Mac malware, where the real threat is far from what is suggested.

The Telegraph got snookered on the story, where its headline “Apple Mac computers targeted by virus” was subtitled with, “Security experts claim that two new viruses targeting Apple’s OS X operating system have been identified in the last week.” For the Nth time: the report concerns trojans, not viruses. To this day, there have been zero–count them: zero–viruses or worms for the Mac. This is significant because, as I have pointed out before, no OS can protect against trojans. Trojans prey on users being foolish enough to execute them, using promises of free goodies to trick them. The Mac OS is no more immune from trojans than is Windows or Linux. In fact, I am somewhat surprised that there have not been a much larger number of trojans for the Mac than the 4 or 5 that I have ever heard of (including the current ones); there is no reason why there should not be thousands, and the fewer number of Macs out there would not seem to explain the very limited number of trojans out there for the platform.

An article for Computer World was only slightly more accurate: “Mac OS X: Vulnerable to new Trojans.” It is more accurate only in that it used the term “trojans” instead of viruses, but even in that, the article is highly misleading at the very least. For one thing, only one item was a trojan, the other was software that enabled trojans. Next, the article headline using the plural “trojans,” while technically semi-accurate, gives the impression that there are more than two pieces of malware. Third, to say that the Mac is “vulnerable” to these is questionable. In one case, we have a standard trojan, which, as I explained earlier, is equally a threat to all computers. Calling the Mac “vulnerable” to this is like pointing out that Spanish people specifically are “vulnerable” to being killed if they fall off a ten-story building onto concrete. In the other case, the Mac is only “vulnerable” if a hacker gets physical access to a Mac and knows the password; this is not “vulnerable” in the common sense.

And that leads me to the bottom line: neither of these trojans is likely to infect many Macs at all. One of them, as I said, requires direct access to the computer, making it all but useless as malware. The other one is a trojan which lures users to install it by offering it as a “free codec” to watch online porn. This makes it the second trojan to do this–and those two trojans stand, at this point in time, as the only malware that stand to have any real-world impact. All the rest are either harmless proof-of-concept works or require direct access.

Edit: Actually, the facts are even more revealing when you realize that the “second” porn-codec trojan is nothing more than the first one recoded a bit. In short, there is actually only one trojan for the Mac in the wild–this “new” one, being used as evidence for “growing numbers of Mac malware,” is just a new version of the sole existing trojan.

Which means that, to this day, in order to be “vulnerable” to any malware on a Mac, you have to be a porn viewer who believes that downloading a special Mac codec from a porn site is a spiffy idea. Or you have to hand your Mac over to a hacker and tell them your password. And if anyone is infected, these are trojans, not viruses or worms, which means that the damage is limited to that one computer only. So far, despite the first porn-related trojan being ‘in the wild’ for some time, I have not heard of any Macs being found infected with it–though admittedly, that may be because the users would be too embarrassed to admit it, as it would mean they would have to admit to being (a) porn viewers, and (b) stupid enough to fall for it. Still, if a large number of Mac users had fallen prey to it, I would think that word would have gotten out about it by now.

The real tell in these articles is that the warnings come from “security experts” who work for “security vendors.” In other words, companies which want to sell you antivirus software you don’t need, so they issue alarmist press releases which news outlets and naive tech bloggers regularly fall for, trying to scare you into thinking you need security software for your Mac.

So I reiterate what is now a familiar litany: although Macs are not “invulnerable” to malware (that myth is not propagated by Mac users, but by Mac naysayers who exaggerate what Mac users say), there is at this time no self-propagating malware for the Mac, only a pair of porn trojans a single porn trojan that requires your permission to attack your computer. Unless you ever download software from porn sites, you have no need for security software at this time. Which is not to say you never will; eventually, there will be viruses and/or worms for the Mac, there just haven’t been any yet. There have not been any real threats so far because (a) the Mac OS does have better security in general than does Windows, and (b) the Mac user base is small enough to attract less attention from the hackers. When malware which poses an actual threat does come out, it will likely be spotty enough that freeware protection will quickly be available–if not a direct fix by Apple itself via software update.

We are probably a long ways away from Mac malware being serious and common enough to warrant the purchase of commercial security software.

Update: Just to punctuate the above, Microsoft itself–not just the antivirus vendors–has highlighted yet another “critical” worm which can attack Windows computers running XP, Vista, and even Windows 7, the OS that MS won’t even release for a few years yet. Not just a “vulnerability,” not just a trojan, but full-blown worm with a strong presence in the real world.

Categories: Mac News Tags: by
Comments are closed.