Macintosh computers


  #1  
Old 03-04-15, 04:30 AM
L
Member
Thread Starter
Join Date: Jan 2012
Location: USA
Posts: 280
Upvotes: 0
Received 3 Upvotes on 1 Post
Macintosh computers

How much truth is in the urban legend that Mac's can't get a virus? How is it possible?
 
  #2  
Old 03-04-15, 05:08 AM
P
Group Moderator
Join Date: Mar 2003
Location: NC, USA
Posts: 27,592
Received 2,144 Upvotes on 1,920 Posts
Almost anything can get a virus so a Mac, iPhone, PC and Android phone are not immune. Mac's are sorta protected in a couple ways especially if you look back into the past. Some of the Mac's protection or resistance has been eroded over time as virus attacks have become more sophisticated and as Macs and most other modern products do many more things and are ever more connected to and rely on the Internet.
 
  #3  
Old 03-04-15, 08:40 AM
S
Group Moderator
Join Date: Oct 2004
Location: WI/MN
Posts: 19,119
Received 1,262 Upvotes on 1,203 Posts
Macs were not much of a target for a while so they were relatively immune simply because there weren't many Mac viruses for a while.
 
  #4  
Old 03-04-15, 09:52 AM
ray2047's Avatar
Member
Join Date: Mar 2006
Location: USA
Posts: 29,711
Upvotes: 0
Received 15 Upvotes on 13 Posts
One thing is that as far as I know there is no registry. (AFAIK Unix based OSes don't use a registry.) A lot of Windows vulnerability could be eliminated if there was no registry for malware to bury itself in. Registry is not needed for an OS to work. The only mainline OS that has one is Windows. But that is just my opinion.
 
  #5  
Old 03-04-15, 09:58 AM
Sharp Advice's Avatar
Admin Emeritus
Join Date: Feb 1998
Location: The Shake and Bake State USA
Posts: 9,927
Upvotes: 0
Received 7 Upvotes on 6 Posts


My Two Pennies...¢¢

Exactly what it is. An urban legend that Mac's can't get a virus. Use to be reasonable true using the former operating system of years ago. Additionally, as a result of not many Mac's in use. Not so anymore. Plus many aspects of the programs are all or part windows, etc.

Best bet is to use an anti-virus and firewall etc. specifically for Macs! Apple currently uses many of the windows programs and operating system(s). Integrations.

Way back when Apply company fired Steve Jobs...... and the company began to fail, they got a so called bailout from Bill Gates and Microsoft. In doing so it was in every ones best interests to have both companies and not just one.... Wise idea IMO!!!

 
  #6  
Old 03-05-15, 07:21 AM
L
Member
Thread Starter
Join Date: Jan 2012
Location: USA
Posts: 280
Upvotes: 0
Received 3 Upvotes on 1 Post
Got it. Thanks.

(Sharp advice, you really should have a longer footer on your signature...)
 
  #7  
Old 03-05-15, 07:48 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,265
Upvotes: 0
Received 0 Upvotes on 0 Posts
Already said: Mac & Unix are targeted less. That's why there are less chances that they will get a virus. The words virus & malware are used to cover a wide variety of malicious programs that all have different "payloads". The "payload" is the action that it takes & it also determines it's malware type.

I have yet to see, unless I mentioned it myself, the word "rootkit" ever mentioned here. All OSes are vulnerable to rootkits. Yes, it's true that Mac, Unix & Linux don't have a registry but all OSes have a "kernel". The registry is Windows' kernel.

A "rootkit" gets in your computer & you'll never know it because the "payload" doesn't cause any damage. A rootkit payload steals the info that it wants & sends it to the person who wants it. That classifies rootkits as "trojans" which is a specific type of malware. A good trojan steals the info that it's programmed to steal & sends it to the attacker. Only idiots program it to do damage to the target.

https://nakedsecurity.sophos.com/201...ever%E2%80%8F/

That's ^^ info on the latest Mac rootkit

Rootkit hunter (rkhunter) is a program that searches for rootkits.
 
  #8  
Old 03-05-15, 09:50 AM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
I would just say notice that all of the vulnerabilities that link highlights have to do with “hands on” access by people up to no good. I don’t think the Mac in your home is vulnerable to those specific attacks ( or maybe they are … let’s say you want to spy on your spouse to get ready for the divorce proceedings, so you plant something in the computer, lol).

But I would have to disagree that the Windows kernel is the registry. One function of the kernel is to manage the registry – which is a database.
 
  #9  
Old 03-05-15, 10:41 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,265
Upvotes: 0
Received 0 Upvotes on 0 Posts
zoesdad, you're right about the registry not being the kernel. The kernel file itself is ntoskrnl.exe. It is located in C:\Windows\System32.

What you call "hands on" is called "physical access" in the security world. While that particular rootkit may depend on physical access, others may not. The divorce scenario that you described is definitely real & has happened. I can't count the times that people have asked, how do I track my wife, girl friend, husband, children or someone using a keylogger.

Don't forget that OS X has a Unix terminal built into it. That means that it's vulnerable to Unix exploits, as well. Chances are that a Mac user in the middle of nowhere doesn't have to be concerned but security people always warned against security through obscurity. Zoesdad, wasn't it you who was surprised when you found file sharing enabled, on your machine?
 
  #10  
Old 03-05-15, 10:50 AM
Z
Forum Topic Moderator
Join Date: Sep 2005
Location: USA
Posts: 6,086
Received 419 Upvotes on 372 Posts
I'll throw in one more opinion. Mostly, I agree, that with fewer Macs around, there's less of a target. But in many cases, MacOS (and Linux/Unix) is based on a more security-focused platform. Most system-level files are permission controlled where a standard user can't access or change them. On Windows, most typical users can access all the files on the hard drive (though MS has been working on changing that over Windows 7/8), so it's easier for a malware author to access files/registries/etc. on a given computer.

Since Windows ends up being the easier platform to gain access to these files, it's the logical choice for most malware authors to target.
 
  #11  
Old 03-05-15, 11:04 AM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,265
Upvotes: 0
Received 0 Upvotes on 0 Posts
That's true but don't forget about "privilege escalation". That's when a standard user finds a way to escalate his privileges, to that of an administrator or super user aka root. If he or she is successful, complete access is given.

https://www.trustwave.com/Resources/...te-Privileges/
 
  #12  
Old 03-05-15, 03:19 PM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
What you call "hands on" is called "physical access" in the security world.
I am in fact familiar with “physical access”. I was the lead software engineer (not that I was near the best) and security custodian for a classified project we developed for the Joint Chiefs of Staff at the National Military command Center (NMCC). (They live in the bowels of the Pentagon). The overseer of the development was the NSA. The NSA, via inspections and procedures analysis, ensured that our development facility was properly secured and that our development equipment and our development software and procedures were “trusted”.

One of my side jobs (the security custodian) was to make sure that the integrity of the lab and proper development procedures and access procedures were maintained. That also meant “physical security”. There are a lot of rules. For example, you can in fact allow someone without a clearance (e.g. a PC repairman) into the lab if his every move is watched and no classified material is out in view. There are a whole ton of rules. But they are necessary.

When we moved into a new facility in another building and had to move our equipment, police escorts and armed guards were required. So I am very familiar with “physical access”.
 
  #13  
Old 03-05-15, 04:26 PM
P
Temporarily Suspended
Join Date: Jul 2008
Location: NY
Posts: 10,265
Upvotes: 0
Received 0 Upvotes on 0 Posts
I remember you describing your job before & I'm sure that you had all that experience. That leads me to ask you, why did you call it "hands on"? Was that term used synonymously with physical access?
 
  #14  
Old 03-05-15, 04:46 PM
Z
Member
Join Date: Jan 2008
Location: Southeastern Pennsylvania
Posts: 3,375
Received 121 Upvotes on 112 Posts
I just try to use terms that would be familiar to people without computer backgrounds – as long as it gets the point across. For example the secure lab I referred to above is actually called a SCIF (Sensitive Compartmented Information Facility). But I guess one could debate whether or not it is being remiss to omit the actual proper term. Maybe it is.
 
 

Thread Tools
Search this Thread
 
Ask a Question
Question Title:
Description:
Your question will be posted in: