Wondering about Viruses


Recommended Posts

This is kinda of a stupid post but just making sure, when I first got my PC I right away put on Norton before I plugged it into the net trying to avoid viruses and those bad worms, I was wondering how is apple with viruses is it the same or worse?

Do I need to purchase Norton like I did for my PC?

Link to comment
Share on other sites

Most likely not,

Because OS X is based on unix, in incorporates state of the art security with it....

As far a linux goes, before you can do anything majorly altering to the system(IE install a secuirty update, delete a something important) you need to enter a password.....

The virus doesnt know the password so it cant do anything to damaging....

Where as in windows...sheesh virus up the kazoo

Link to comment
Share on other sites

There are no OS X viruses today. There are no worms that effect OS X either. Maybe in the future someone will write one - or maybe not, but right now there are no viruses that will run on your Macintosh (if it's running X).

Now, there is a possibility you can act as a passive vector for worms. For example:

- Your mom gets infected by a virus and sends it to you.

- You receive the virused message, read it, nothing happens, but you leave it sitting in the inbox.

- You're clearing out your mail box and intend to forward the message above the 'virused' message to your friend but miss-click - don't read the message, and hit send without thinking.

- Your friend (running a PC) receives the message, runs the attachment, and gets infected.

Another example is if you had windows file sharing enabled. Some worms (the name escapes me) would copy themselves to any available shared folders and hope that you ran them. So someone on your network gets infected, the virus copies it to a shared folder which you set up manually (by default the drop box is write only and the shared folders are read only IIRC). You could run the infected file and nothing would happen, however someone else might connect to your shared folder, download the file, and run it - infecting themselves.

So you don't need norton to protect yourself, you may want it to protect others from nuking each other through you by mistake.

Sometimes I think about writing a virus scanner that only detects os x viruses: and selling it for like $20 a copy. The first version could be:

display dialog "No viruses found."

Link to comment
Share on other sites

Sometimes I think about writing a virus scanner that only detects os x viruses: and selling it for like $20 a copy. The first version could be:

display dialog "No viruses found."

lmao

Link to comment
Share on other sites

The biggest real virus/worm threat to *nix (Linux, BSD/MacOSX) platforms are ones where it might use an "elevation of privelege" exploit. It is important, regardless of platform, to keep up-to-date on patches. :yes:

You will probably find that *nix releases a lot more updates than you are used to, if you are from the Windows World. I think of this as a good thing, because you get all the latest fixes. Microsoft tends to hide the flaws until they are forced to release updates.

Link to comment
Share on other sites

You will probably find that *nix releases a lot more updates than you are used to, if you are from the Windows World.  I think of this as a good thing, because you get all the latest fixes.  Microsoft tends to hide the flaws until they are forced to release updates.

Actually, Apple just waits for moments to release batch Security Updates. Probably 1 every 2 or 3 weeks (and in many cases, even longer), and then the occasional 10.x.x update. So, not as many restarts as the Windows world. I know Microsoft is changing their policy a bit, but I still see plenty of Critical Updates. They just can't avoid it. :/

Link to comment
Share on other sites

Is there any spyware for os x? I'm not aware of any (save for 'tracking cookies' but safari handily kills those).

EDIT:

e biggest real virus/worm threat to *nix (Linux, BSD/MacOSX) platforms are ones where it might use an "elevation of privelege" exploit. It is important, regardless of platform, to keep up-to-date on patches.

The problem with those is that most (every one I've seen) is designed to run on x86 linux systems. Occasionally you'll find a hole or bug that is exploitable on PPC BSD systems (mac os x) but all of them thus far have been in services that are disabled by default (so far). I'd say 99%+ of the problems with UNIX-like systems won't effect an OS X box because it ships locked down by default. No open ports, no useless services.

Take a look at the SSH bug that nailed everyone ~6 months ago. Yes it could lead to remote exploit on some systems, but on OS X:

1) The service isn't enabled by default

2) The bug crashed the service: it didn't allow execution of code.

Your advice is still valid (keep up to date), but I think it's important to underscore how low the risk of viruses/worms/exploits is on mac os x today.

I'd like to discuss this in a little more detail, but I'm making a cake for my mom (:keener:) and with a little luck watching a movie about Jesus. (:church-geek:).

Edited by the evn show
Link to comment
Share on other sites

is that like zonealarm/outpost etc?

IPFW is a linux/*BSD firewall that many hardware firewall/internet routers use in an imbedded version.

My experience with Zonealarm and XP was that it was more annoying than it was helpful. :D I never really used it though and preferred having a hardware firewall/router. They are worth the money if you have or plan to have more than one computer on your network sharing broadband access.

Link to comment
Share on other sites

You only need to worry about outbound traffic if either:

a. you have a virus/trojan.

b. you have spyware.

Neither currently exist on OS X with exception of the retail version of MS Office. :D It has spyware that scans the network for other copies installed on other computers with the same key and each copy of the "retail" versio also sends out broadcasts concerning it's existence while you have office running.

Link to comment
Share on other sites

Even the current version of OS X is not compatible with the Windows Version worms, changes in scripting languages caused the worms to be in-effective so if you're running Office X you should be safe (again this could change later).

The office network 'tom-foolery' isn't spyware. It never leaves your local subnet, and certainly never makes it back to microsoft.

If you buy one copy of office you are licensed to have it installed on one machine + a backup of the discs. If you read the license carefully you'll see that by the way they define "in use" can install it on two machines, though not legally; it will work fine because the OS X version has no software-activation hurdles. You can use it on either machine without a problem however if you try to use it simultaneously on both computers Office detects the second copy and allows only one to run - using it twice requires two licenses (which you wouldn't have).

It's not intrusive unless you're a pirate - and it doesn't leave your local network so you don't have much to worry about, save for half a dozen packets an hour that travel across your local network while office is running. The packets basically say "Hey, I'm office and I'm running: this is my serial number". Other copies of office listen for this traffic and compare their own serial number with the one being broadcast to figure out if there is any piracy going on.

ipfw

IPFW can filter outbound connections if you want it to but like aristotle-dude said: it's typically not a problem unless you have a trojan horse, code-red style worm, spyware, or virus installed (which don't exist for OS X).

Here's some info on filtering outbound connections - it's about freebsd but it applies to os x as well.

http://archives.neohapsis.com/archives/fre...02-01/0119.html

and here's some info on setting up IPFW by the command line.

http://frontier-osx.userland.com/discuss/m...36;752?mode=day

The pretty front-end works well for incoming connections, but outbound isn't normally a concern so apple doesn't provide anything.

Link to comment
Share on other sites

SO basically I dont have too much to fear

im ordering my first iBook tommorow with all the network stuff and gonna save some money later on for an ipod and maybe an isight, any suggestions for customizing my ibook? Im gonna choose the upgrade in megs I heard Macs like the megs

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.