Monday, August 20, 2012

Mac vs Windows: security edition

I promised a post regarding security on Mac. Let's get it out of the way now!

Mac users have traditionally championed the fact that there were basically no viruses or other malware for Macs. I remember debating in school about why this was. One argument was (not my stance then or now) that since Mac OS was built on a Unix platform, which has always been considered more secure, that it too is inherently more secure. That may be true to some extent, but my argument was always that since Macs had such a small market share, it wasn't profitable for malware authors to target it.  This argument required thinking of malware as being written to make money and not just to be malicious, which, at the time, wasn't a highly accepted argument in itself. The romanticized and publicized goal of malware was just to be malicious in a "my muscles are bigger than yours" contest among malware authors.

My arguments have been born out over time. The first part was the world's realization that malware was being written to make the author money. This was proven by the payloads of malware over time. Payloads increasingly focused on making the infected computer a host in a botnet. Botnets are a collection of infected computers that obey the commands of the botnet owner. Botnets are used for two main purposes. First is to send spam. Second is to launch DDoS (Distributed Denial of Service) attacks. A DDoS attack uses all the computers in the botnet to initiate connections to the target in an attempt to overwhelm it. A black market emerged for spam and DDoS services.  Other malware payloads contained more nefarious code that steal passwords to bank account logins or anything else people type on computers that can be used to steal money.

Then the market share for Macs exploded.  Mac OSX market share passed 15% last year.  This makes it a profitable market segment to target and we have seen a flurry of malware written for Macs including fake anti-virus programs that are so popular on Windows. Major anti-virus vendors are now offering Mac OSX versions.

Now for my grandiose declaration.  I was right. I also think this puts us in a precarious position.  If Mac users continue to think themselves safe and don't bother with protecting their Macs, we could see a nasty infection spreading like wildfire.  Even the minor infections for Mac OSX thus far have spread quickly, so a well written one could do some serious damage.  It's sort of like someone with measles entering a room with a bunch of people that have not been immunized.  Not everyone will get sick but you can bet a lot will. (Honestly, I don't know how infectious measles is, but you get the point).  I am not saying this will happen, just that it is very possible.

Lastly, as a side note, it is important to point out that a lot of malware does not attack the operating system directly.  A large percentage of malware exploits vulnerabilities in the browser and third-party applications or browser add-ons.  Everyone, Windows and Mac users alike, need to keep their computers and software up to date.  See my post here for more information about that.  In addition, Mac users need to start looking at a an anti-virus solution for basic protection. 

No comments: