AMITIAE - Wednesday 1 April 2015


Threats of Threats of Viruses on Macs (Bangkok Post, Life)


apple and chopsticks



advertisement


By Graham K. Rogers


ULife columns


Once in a while, when you are using a Mac online, you may see a warning that your computer has a virus. This is a lie. There are no viruses for OS X. There are other forms of malware, but the self-replicating application that tries to install and embed itself into other programs is not one.

Some sites have headlines that suggest the long-time safety of Macs (itself a myth) has come to an end with the appearance of a virus. Still, there is not one virus that affects OS X, which compares rather favourably with other platforms. Again, let me add that there are forms of malware, including (perhaps most common) the Trojan Horse, Worms (few) as well as keyloggers and other spyware.

grey areas I was taken to task about this some months ago when I saw a headline on Mac360 in an item on malware by Jack D. Miller, who wrote, "Macs do get viruses, but not many". I asked if the writer could name one, and an attack dog suggested a number of sites that would help me "do my homework."

Not one of those links gave me the name of any virus, although there were other forms of malware. Jack D. Miller has not deigned to reply to my comment thus far.

Others, like Kaspersky, for example, who have a vested interest in selling fear, uses the term virus in bait articles. Despite that organisation's apparent credentials, it is able only to list Trojan Horse malware, erroneously calling these "Mac Trojan viruses".

Other sites, including the NYTimes have had headlines about Mac viruses, but when analyzed by those who know what they are working with, these are found to be examples of Trojan Horse malware. In April 2012 Nicole Perloth was writing about malware and using the word, virus. The article included links to sites which had earlier identified the malware (Flashback) in March 2012 and provided methods of cleaning. Apple belatedly also updated its protection to deal with this threat.


As an indication of how limited the problem is, Graham Cluley has 10 years of Mac OS X malware: on a single page. The list includes worms and Trojan Horses. But no virus

We should also not forget the Sony rootkit: copy protection measures on CDs from Sony. The main reason that this was installed on so few Macs compared to thousands of PCs, was the basic protection that all Macs have: software needs root access to install, and OS X has no root password by design. Macs get round that by a sort of proxy system that uses Admin paswords; but this cannot be done without a user's assistance.

That is why relatively few examples of Trojan Horse malware have been successful. By definition, this needs the user to open a file, such as an image; and that begins the installation. I have seen a few of these: some were sent by email, one via Facebook. Other such false flags have included users trying to access online video and being warned that the performance would be enhanced by downloading a new video codec. Many have, of course.


No one should be complacent. The next major attack may already be here. The weakness of signature checkers, which is the way most virus protection software works on all platforms, is that someone has to find it first. Once it is identified, we can all download the protection, but this is not until the threat is already live and some users have been affected: not always good to be first.

There are ways to protect our computers apart from protection software. If we live in a locked room with no internet access, never install any software from outside, never attach external media, and never accept files from others, that should just about do it.


ClamXav
Checking Mail - Phishing and Windows Virus Found


That type of clean environment is impractical, so there are ways we can enhance protection, with malware-checkers like ClamXav which I might run once every couple of months. Apple's own sandboxing can be turned on in Security & Privacy preferences, allowing users to select from applications only downloaded from the Mac App Store; from the Mac App Store and identified developers; or Anywhere.


System Preferences-Security & Privacy
System Preferences - Security & Privacy


I select the middle road here as some of the developers of useful Mac software have not joined Apple's protection scheme. However, I am unlikely to download software unless I know who the developer is. When such applications are first run, OS X warns the user that they were downloaded.


Authorisation


Some applications are blocked and must be authorised by highlighting the app in the Finder. Control click on the icon and select Open. For those who work in a user account, this needs Admin privileges. Once the password is entered the app will open and the user will be able to open it in the future.


MacApp Store
Malware Checking Software in the Mac App Store



See also:


Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand where he is also Assistant Dean. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.


advertisement



Google


Made on Mac

For further information, e-mail to

Back to eXtensions
Back to Home Page


All content copyright © G. K. Rogers 2015