While one could write some form of malware for OS X, it’s just really, really hard to get it to spread without user intervention. Only Windows has, built-in and enabled by default features that make spreading malware so easy.
Not to go all Penn and Teller on you but thats bullshit. Why?
Safari, the web browser that comes pre-installed and default on OS X comes with an option to automatically execute files that have downloaded. This option is switched on by default and has already been used to execute shell scripts via downloads of seemingly “safe” files like JPG images and MOV movies. (Thanks to Faruk Ateş for the article link).
Seems like a reasonable built-in and enabled by default mechanism for executing malicious code to me.
It also scares me that it seems to be a common misconception that because OS X is forked from BSD that it is automatically secure:
OS X is based off of UNIX, which has been around for 30something years without any really huge, epic, windows-style virus outbreak.
Safety of Max OS X is largely based on BSD.
Darwin has been heavily modified and added to since it was that BSD that has been out there for years. Don’t get me wrong, I am not saying that it is insecure, but I am saying it is foolish to just assume that it is because a version of it was, once upon a time because every change made since that fork has the possibility of introducing a new security issue.
That’s not even the worst of it though, Darwin is only a small part of the software that gets installed with Tiger and all of that additional functionality has a chance of containing security issues. Consider as well that I can go out to a web site, download any old .dmg, drag it to my applications folder and run it without being prompted to elevate my privileges.
The final point that came up a few times in comments on the previous post that I want to tackle is the argument of “Well, what would an OS X virus checker actually check for? There are no viruses!”
Viruses or worms for any operating system only succeed if they are allowed to propagate quickly and easily. You or I or anyone else who is likely to be reading this blog would almost certainly know within a matter of a few hours of getting to a computer if some outbreak happened. However, it is the people who wouldn’t know or care about it that would do the damage. The mothers who just use a computer to check e-mail and wonder what the little bouncing circle is that sometimes shows up. The graphic design professionals that really don’t care how their software works as long as they can express themselves.
The point of virus prevention software would be to get a mechanism out there onto every Mac that would be ready to receive information/prevention information from a central service. The software update service is a good start to this but only covers vulnerabilities in system software and does not actively check for malicious code that attempts to execute. The important point is that those people who don’t care what a virus or a worm is, don’t need to care.
Note: There are 2 important points that I would like you to consider before commenting on this post. Firstly this is in no way a comparison with Windows and I am not saying that any of this is better or worse than windows and I would like to keep the comments focused on an unbiased view of Mac OS Security rather than saying why Mac OS security is better than Windows security. I am also not saying that Darwin or OS X are full of security holes and bugs because it obviously is not true. What I am saying is that this idea that it is either secure by default or somehow not at risk from attack is wrong wrong wrong and the attitude of Mac users needs to change from “it can’t happen to me”.