December 02, 2008, 4:47 PM — Apple recently recommended that Mac users consider running antivirus software -- a move some see as a change of heart by the computer maker, which has poked fun at Windows for being susceptible to attacks.
That's off the mark, one security researcher said Tuesday, as he argued that the attention given the terse Apple support document is much ado about next to nothing.
The chatter started after Apple posted a short notice on its support site on Nov. 21. "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult," Apple said in the note before listing three packages from McAfee Inc., Symantec Corp. and Intego , a much smaller security vendor that specializes in Mac software.
Apple's notice was reported by virtually every Mac-centric technology blog, publication and Web site, and was noted by several security companies, including Intego. In a post to the company's blog last Tuesday, Intego said: "It is worth noting this, since Apple, especially in its recent 'Get a Mac' ads, has always publicly tried to ignore the threat of malware to Macs, as well as other security issues. We can only applaud the fact that Apple has chosen to recognize that Macs face security risks and that they require protection."
The "Get a Mac" marketing campaign has included at least two advertisements that drubbed Microsoft Windows for its higher profile among virus writers and identity thieves. In one from 2006, dubbed "Viruses," John Hodgman, the writer and humorist who plays the "PC" character, says, "You'd better stay back...last year there were 114,000 known viruses for PCs" as he stifles a sneeze.
"PCs, not Macs," counters Justin Long, the actor who portrays the "Mac" character.
(The ad can be viewed on Apple's site, or on YouTube.)
Sam Masiello, the vice president of information security at MX Logic, essentially echoed Intego's take in a blog post of his own Tuesday.
"This move was inevitable," said Masiello of the Apple notice. "At some point, Macs would gain enough market share for them to become more of a target for hackers and cyber criminals. Most security researchers have been saying that for a long time, and I applaud Apple for finally coming to that realization also, even though it really should have been said some time ago."
Not so fast, said Andrew Storms , director of security operations at nCircle Network Security Inc. "If it wasn't for the fact that Apple has been so smug around malware and viruses and such, this would not have been such a big deal," he said. "This is just making a big to-do about nothing."
The fact of the matter, continued Storms, is that security professionals urge users of all platforms to defend their systems with layers of protection -- only one of which may be antivirus software -- and make the same recommendations to everyone when it comes to current threats.
"It's the human and the human information that is at risk today," said Storms. "Criminals just want your private information, your online bank account or credit card or Social Security number."
Yet Storms understands how a short Apple support note can generate interest far above what something similar issued by, say, Microsoft, would create. "If Apple would say something about security, like 'We've said this before, this is just an update,' it wouldn't have been such a big deal. But it won't."
Storms has been critical of Apple's security procedures in the past, most recently in September when he took the company to task for its ad hoc scheduling of patches for Mac OS X and its other software.
"People have this conception that Macs can't have malware," said Charlie Miller , a researcher at Baltimore-based Independent Security Evaluators. He seconded Storms' theory about why a simple notice from Apple got so much attention. "Obviously, that's false. I've written exploits [for the Mac], and there's nothing inherent in the [Mac] OS to stop someone from writing a virus. But at this point, no one's taking the effort to go after the Mac."
But Miller, who regularly roots out Mac and iPhone vulnerabilities, and perhaps is best-known for hacking a MacBook Air laptop last March in under two minutes to walk away with a $10,000 prize, pooh-poohed Apple's recommendation using the same logic as many long-time users.
"Windows has 90% of the market, but [attackers] give it 100% of their time," he said, echoing the idea that hackers target the largest pool of victims.
Criticizing security software for its cost -- both in dollars and in the processor cycles it consumes -- Miller admitted that he doesn't bother running any on his Macs. "I don't think it protects me as well as it says," he argued. "If I was worried about attacks, I would use it, but I'm not worried."
He acknowledged, however, that he isn't a typical user, and noted that the time may come when he would have to eat his words. "When Macs make up 30% [of the computer market], maybe then there would be an explosion [of malware]."
"Macs do get attacked," Storms added. "They've died two years in a row at 'PWN to OWN'," he said, referring to the contest that Miller won this year, and that New York-based researcher Dino Dai Zovi won in 2007 when he broke into a Mac laptop using a Safari browser bug.
"It's true that the Mac is not a large target," Storms said. "It's still not. But we're not in the old world of viruses, we're in the world where [malware] grabs passwords. It doesn't matter if you have a Mac or a Windows machine; criminals don't care."
