Researcher: Apple antivirus advice 'big to-do about nothing'
Apple recently recommended that Mac users consider running antivirus software -- a move some see as a change of heart by the computer maker, which has poked fun at Windows for being susceptible to attacks.
That's off the mark, one security researcher said Tuesday, as he argued that the attention given the terse Apple support document is much ado about next to nothing.
The chatter started after Apple posted a short notice on its support site on Nov. 21. "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult," Apple said in the note before listing three packages from McAfee Inc., Symantec Corp. and Intego , a much smaller security vendor that specializes in Mac software.
Apple's notice was reported by virtually every Mac-centric technology blog, publication and Web site, and was noted by several security companies, including Intego. In a post to the company's blog last Tuesday, Intego said: "It is worth noting this, since Apple, especially in its recent 'Get a Mac' ads, has always publicly tried to ignore the threat of malware to Macs, as well as other security issues. We can only applaud the fact that Apple has chosen to recognize that Macs face security risks and that they require protection."
The "Get a Mac" marketing campaign has included at least two advertisements that drubbed Microsoft Windows for its higher profile among virus writers and identity thieves. In one from 2006, dubbed "Viruses," John Hodgman, the writer and humorist who plays the "PC" character, says, "You'd better stay back...last year there were 114,000 known viruses for PCs" as he stifles a sneeze.
"PCs, not Macs," counters Justin Long, the actor who portrays the "Mac" character.
(The ad can be viewed on Apple's site, or on YouTube.)
Sam Masiello, the vice president of information security at MX Logic, essentially echoed Intego's take in a blog post of his own Tuesday.
"This move was inevitable," said Masiello of the Apple notice. "At some point, Macs would gain enough market share for them to become more of a target for hackers and cyber criminals. Most security researchers have been saying that for a long time, and I applaud Apple for finally coming to that realization also, even though it really should have been said some time ago."
Not so fast, said Andrew Storms , director of security operations at nCircle Network Security Inc. "If it wasn't for the fact that Apple has been so smug around malware and viruses and such, this would not have been such a big deal," he said. "This is just making a big to-do about nothing."
The fact of the matter, continued Storms, is that security professionals urge users of all platforms to defend their systems with layers
Build your tech library with our book giveaways.
Hacking Exposed, Sixth Edition
By Stuart McClure, Joel Scambray, George Kurtz; Published by McGraw-Hill/Osborne
The original Hacking Exposed authors rejoin forces on this tenth anniversary edition to offer completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using their proven methodology, the authors reveal how to locate and patch system vulnerabilities. The book includes new coverage of ISO images, wireless and RFID attacks, Web 2.0 vulnerabilities, anonymous hacking tools, Ubuntu, Windows Server 2008, mobile devices, and more. Enter now!
And now we see the downside of the move to Intel.
Part of what kept Macs near-virus-free for decades was that they used CPUs (first Motorola 680x0s, later Motorola and IBM PowerPCs) that fewer wannabe hackers knew how to program on the machine-language level. And with their smaller market share, the effort needed to learn a new CPU architecture and machine language was simply not worth it for such hackers.By switching to Intel Cores and Xeons that use the x86 instruction set and architecture, this substantial learning curve has been removed from the equation. A great many more hackers know x86 machine-language programming than know all other CPU architectures and their ML codes combined!
Yes, the move to Intel had its upsides: Motorola and IBM simply weren’t following through with their promises of faster PowerPCs. While Intel had gone through a dark spell of the Pentium 4 (especially the NetBurst architecture version) which was one of the least efficient CPUs ever made by anyone, coming out with the Pentium M (actually a throwback to the Pentium 3 architecture, with the Pentium 4 SSE2 instructions added — in general, a Pentium 4 at a given clock speed would be matched or even beaten by a Pentium M clocked a full gigahertz slower! A 1.4GHz Pentium M roughly matched a 2.4GHz Pentium 4 in actual performance, for instance!) and the Core, Core², and now Core i7 CPUs derived from the Pentium M architecture made all the difference, jumping them well ahead of AMD and even, in many respects, the PowerPC, in terms of actual performance per clock speed.
But Apple should maybe have given more thought to this downside of using a CPU family that nearly every hacker worthy of the name already knew the ins and outs of. Their relative immunity to malware was one of their biggest selling points, and now it’s greatly weakened.
It used to be true that more new malware came out every day for Windows than had ever existed for the Mac (all the way back to and including the LISA)!