http://news.bbc.co.uk/1/hi/technology/4609968.stm Bill Thompson BBC World Service 16 January 2006 The first known computer virus, the Elk Cloner, is 25 years old. Since its appearance we have seen hundreds of thousands of malicious programs and their impact on our computer use has been immense. Millions of people have lost work, had their private information stolen or simply had to waste precious hours cleaning up their computers after infection. A small number of companies have grown rich on the sales of anti-virus software, while organised crime is believed to commission many of today's viruses as a money-making venture, selling services to spammers or using them to blackmail websites. That first virus was specific to the Apple II computer and spread by inserting itself into the operating system files that were installed on every boot floppy, since this was in the days before hard drives in personal computers and few of us had network connections. Slipped disk Those halcyon days when you only had to remember to scan every floppy disk for infection are long gone, of course. Now the broadband internet connection that keeps me always online leaves me always vulnerable, and regular virus scans are the order of the day. And viruses are only one of the ways that malicious software spreads. Worms and Trojans are just as dangerous, and often harder to protect against. These days Apple users are almost unbearably smug when the subject turns to malware. I was invited to appear on Radio Four's You and Yours this week to talk about viruses and other malware and our focus was on issues with Windows since it is the most commonly used operating system. After the show we got dozens of e-mails from complacent Mac users pointing out that they were safe and suggesting that people simply abandon Windows if they want to be secure. It would certainly be wonderful if the Macintosh computer and its operating system were immune to attack but this is just wishful thinking. Mac OS is certainly a lot better than Windows, but being better isn't nearly enough. Mac OS may not have the gaping holes that let viruses spread, but worms, spyware and even keyloggers are out there. They can't spread as easily, and most would only be installed by a careless user clicking "Accept" on a dodgy install dialog, but the regular stream of security fixes from Apple's software update service makes it clear that there are real dangers. After all, Mac OS is built on top of the Unix operating system and it, like its close relative Linux, has many well-known security problems that can allow it to be compromised. Owner occupier Sometimes Apple make things worse. For example, widgets, small programs that can do things like search online dictionaries or let you listen to streamed BBC programs, can be installed without your permission when you visit a website using the Safari browser, just like Windows does with ActiveX controls. It took Apple weeks to fix this. And though Microsoft's tribulations over the recently-discovered vulnerability in the way Windows Meta File images are handled made the papers, accompanied by howls of protest from those who wanted the company to rush out an untested fix, a similar flaw in Apple's own QuickTime received very little publicity. Any Mac user who believes they are totally safe is being reckless with their files and personal information. What's worse, they are also being reckless with mine. One reason why there aren't many malicious Mac programs is that there are fewer Mac users out there, but the fact that some have been written shows that they are possible in principle. If the millions of internet-connected Macs are left open to attack then this increases the chance that an effective Trojan or piece of spyware will reach critical mass and spread rapidly, and it also increases the incentive for a bright programmer to write Mac-specific malware that could affect me. It's exactly like the spread of infectious diseases, and one of the reasons why we vaccinate our children against many illnesses that are now uncommon. If we maintain what is called "herd immunity", then even if there is an outbreak, it will not spread and become an epidemic. There may not be any Mac viruses at the moment, and the way the system handles user accounts and security means that they are unlikely, but we need to take steps to safeguard ourselves against other malicious software. As things stand, the Mac community has no herd immunity because most users seem to assume that they don't need to take preventive action. Although the risk of a malicious Mac program spreading as quickly as any Windows one is very low, it should not be ruled out. After all, the very first internet worm, back in 1988, affected Unix systems with a security model very similar to Mac OS. The Mac ships with a good firewall, and it should be used. There are tools to scan your system for known malicious programs or to check whether it has been hacked into, and they should be used too. Mac users demonstrate an indefensible smugness when it comes to the dangers of having their systems compromised by malicious software and opened up to exploitation by others. It's time they started behaving a bit more responsibly. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Wed Jan 18 2006 - 01:31:07 PST