Weapons of Mass Destruction Part Two – You didn’t convince me!

So I guess I expected some negative comments and reaction to my malicious code/virus post and I got it but I am amazed at how dangerous some of the opinions are in the comments:

While one could write some form of malware for OS X, it’s just really, really hard to get it to spread without user intervention. Only Windows has, built-in and enabled by default features that make spreading malware so easy.

Not to go all Penn and Teller on you but thats bullshit. Why?

Safari, the web browser that comes pre-installed and default on OS X comes with an option to automatically execute files that have downloaded. This option is switched on by default and has already been used to execute shell scripts via downloads of seemingly “safe” files like JPG images and MOV movies. (Thanks to Faruk Ateş for the article link).

Seems like a reasonable built-in and enabled by default mechanism for executing malicious code to me.

It also scares me that it seems to be a common misconception that because OS X is forked from BSD that it is automatically secure:

OS X is based off of UNIX, which has been around for 30something years without any really huge, epic, windows-style virus outbreak.

Safety of Max OS X is largely based on BSD.

Darwin has been heavily modified and added to since it was that BSD that has been out there for years. Don’t get me wrong, I am not saying that it is insecure, but I am saying it is foolish to just assume that it is because a version of it was, once upon a time because every change made since that fork has the possibility of introducing a new security issue.

That’s not even the worst of it though, Darwin is only a small part of the software that gets installed with Tiger and all of that additional functionality has a chance of containing security issues. Consider as well that I can go out to a web site, download any old .dmg, drag it to my applications folder and run it without being prompted to elevate my privileges.

The final point that came up a few times in comments on the previous post that I want to tackle is the argument of “Well, what would an OS X virus checker actually check for? There are no viruses!”

Viruses or worms for any operating system only succeed if they are allowed to propagate quickly and easily. You or I or anyone else who is likely to be reading this blog would almost certainly know within a matter of a few hours of getting to a computer if some outbreak happened. However, it is the people who wouldn’t know or care about it that would do the damage. The mothers who just use a computer to check e-mail and wonder what the little bouncing circle is that sometimes shows up. The graphic design professionals that really don’t care how their software works as long as they can express themselves.

The point of virus prevention software would be to get a mechanism out there onto every Mac that would be ready to receive information/prevention information from a central service. The software update service is a good start to this but only covers vulnerabilities in system software and does not actively check for malicious code that attempts to execute. The important point is that those people who don’t care what a virus or a worm is, don’t need to care.

Note: There are 2 important points that I would like you to consider before commenting on this post. Firstly this is in no way a comparison with Windows and I am not saying that any of this is better or worse than windows and I would like to keep the comments focused on an unbiased view of Mac OS Security rather than saying why Mac OS security is better than Windows security. I am also not saying that Darwin or OS X are full of security holes and bugs because it obviously is not true. What I am saying is that this idea that it is either secure by default or somehow not at risk from attack is wrong wrong wrong and the attitude of Mac users needs to change from “it can’t happen to me”.

Technorati Tags: , , , , ,

Advertisements

33 responses to “Weapons of Mass Destruction Part Two – You didn’t convince me!

  1. I agree entirely. An assumption that anything, anywhere (not just computers) is 100.00% safe is bull****. It’s arrogant to assume that just because Mac OS X hasn’t had any virus outbreaks yet, it never will.

    I’m not saying that Mac OS X is less secure or that we’re going to have viruses. I’m saying that to prevent them we can’t just assume they won’t happen; we have to be careful and vigilant. The “it can’t happen to me” attitude just doesn’t work.

  2. I agree with you that no such system is 100% safe and secure. However, much of the blame now is with users rather than the system per se. Case in point, Safari browser vulnerability – it is vulnerable by default (as per your example), however, if you educate users that they should turn it off, it is their responsibility.

    Another case, Safari’s current vulnerabilities with WebKit and I think with CoreImage (affects Finder and Preview as well) – dump Safari and use Camino and/or Firefox. :P

    Again, same as with Windows, applying the most current System Updates is half the battle. The user needs to practice Safe Hex.

  3. “Not to go all Penn and Teller on you but thats bullshit. Why?”

    Safari’s “open safe files” is your best counterexample? That doesn’t come *close* to making my claim bullshit. At best, it makes it, technically, logically false. But the basic concept is still apt. One example in 6 years does not change that (two, there was the widget exploit as well). The point is that Windows has many potential vectors that are enabled by default. OS X had one. One minor one. One minor one that was quickly patched.

    OS X is similar to other Unixes in that, due to decisions made in the system’s design, most flaws will require local access to exploit, and once found are easily and quickly fixed.

    Windows users need dedicated security software *not* because there exists malware, but because it’s far too easy to become infected by such malware. The current state of OS X is that there is little-to-no malware, and it’s extremely hard to become infected by it. That’s an important difference.

    “Viruses or worms for any operating system only succeed if they are allowed to propagate quickly and easily.”

    Exactly my point. How do you expect an exploit to spread? Even the Safari exploits wouldn’t have been able to spread a worm. Also, it’s notable that antivirus and antispyware software would not have protected against the flaw.

    As I’ve stated, it’s much harder to successfully launch any sort of widespread OS X attack.

    “What I am saying is that this idea that it is either secure by default or somehow not at risk from attack is wrong wrong wrong and the attitude of Mac users needs to change from “it can’t happen to me”.”

    I don’t think anyone is saying that it’s “impossible”. Just that there’s nothing to worry about. Everyone agrees that some day OS X could have some notable attacks.

    Bringing up Windows is relevant, because you are taking a Windows mentality. On Windows, you really *don’t* know when, how, or from where the next attack will come. Windows suffers from a sort of “perfect storm”, where it has legacy technologies that MS will not disable (even if most users don’t even use them, like uPnP), technologies designed to execute remote code natively (ActiveX), various apps which have a long history of being easily exploited with no user intervention whatsoever (such as outlook), an installer that makes it easy to hide bundled spyware, a security system which makes it difficult to run as a non-admin, a system architecture that makes it easy to make software very hard to uninstall, and a patching policy that has historically left extremely critical flaws with known malicious exploits unpatched for weeks and even months.

    This “perfect storm” does not exist on OS X. Yes, there are certainly examples and possibilities for OS X to be found non-perfect in any or all of those categories, but the level of risk is very low on OS X, at present, and the type of risk is different. Therefore the approach to security on OS X is different. Presently, running antivirus and antispyware software is pointless (and wasteful of any time, money, and system resources spent on it).

    I really don’t know what you are suggesting OS X users do. I would suggest three things:

    1. Back-up your important data.
    2. Keep an eye open for news of security issues.
    3. Keep your software up-to-date.

    A fourth, but harder to quantify, is to try to gain a sense of how to judge whether to trust software from the web or email. Presently, there are no known malware/trojan downloads or emails, but of all the potential risks, that’s the easiest to engage in (but the hardest to spread).

    Are you suggesting users do something different with regards to security? Do you have any reason, based on actual evidence, to do anything more?

    While I disagree with you on this one topic, I do enjoy your blog. Don’t take my disagreement as an attack. I just honestly think your approach to OS X security is too Windows-like (which is why I keep comparing OS X to Windows–it’s not meant to slam Windows, but to point out that they are different). I’ve successfully run personally, and administered corporately, Windows, Linux and Mac OS X (among others). Each OS is different, and each has its own separate security needs. Some fundamentals apply to all of them (don’t run any unnecessary services, keep remote connections sandboxed as best as possible, use a good password, don’t use plaintext connections, etc). Apple ships OS X in a relatively secure state. MS ships Windows in a relatively insecure state (XP can be remotely infected during the install process! I think SP2 has fixed this). It only stands to reason that there are prudent security precautions to take under Windows that are not necessary under OS X.

  4. Whilst there are certainly aspects of Mac OS X’s security I rather dislike (administrator privilege verification is just commonplace now, and some of the file permissions make it a little to easy to trample over certain things without bothering with escalating privileges with sudo), the fundamental UNIX-style aspect remains: no normal user is root. Yes, members of the ‘admin’ group can accomplish a fair amount, but they’re not a super-user.

    On Windows (until Vista arrives), a massive proportion of users out there are the equivalent in Microsoft parlance ‘local administrators’ (though granted, you’re not quite God as in the UNIX world, you’re close enough).

    Fundamentally, Windows malware spread because Windows wasn’t built around a tried and tested security architecture (and as a result, software was written which relied on the lack of security, which meant users had to forego the facilities Windows DID provide), whilst malware on UNIX platforms hasn’t spread to date largely because normal users are generally ring-fenced as you’d expect. Sure, you can blow away your home directory. Certainly, you can make use of actual flaws to attempt to escalate privileges, but that’s an awful lot of work to get into the position that you’re at with Windows without trying.

    Yes, OS X has its exploits: it ships with a whole bunch of software which has had its fair share of security fixes released to prevent exploits, but you’re not giving everything you download and run free reign over the system from the outset: just your home directory.

    Given that OS X lets you authenticate as a different user for administrative tasks, it would actually make sense to work as an entirely non-privileged user by default (avoiding the somewhat dubious choices by Apple to make certain things admin-writeable by default) and authenticate as a different, administrator, user when you need to elevate. I’ve not tried this in practice, though I know from working as a non-administrator on OS X that it’s a lot less hassle than working on Windows as a non-administrator. At least software actually runs.

    So, yes, thinking that OS X is immune from malware is foolish. Comparing it to Windows is like comparing apples (no pun intended) and oranges, however. Until there’s a flaw in OS X which allows remote code execution via a service switched on by default (I’m not actually sure there are any out of the box, which is how it should always be), there’s no real attack vector beyond social engineering.

  5. (Obivously, browser and e-mail client flaws are counted as ‘remote code execution’ if they allow that, and the Safari issues are the closest we’ve had to a proper threat in that regard. And they were dealt with. Hopefully, they’ll be the last, but that’s an unrealistic dream!)

  6. The Safari issue isn’t truly dealt with until us Mac users apply the proper caution before clicking the button to let Safari continue the download. I am as bad or worse than most because I use Saft to disable that annoying thing. Another possible attack vector is Quicktime .mov’s which can open web urls without asking the users permission. And it would be a simple matter to hide malicious code inside a Dashboard or Konfabulator widget as well. Sure they ask you if you want to install them but until you browse through their code you really have no way of knowing that they are safe. And don’t forget that there have been a number of exploits that have affect Apache, PHP, SSH, and other services that are built into Mac OS X that are not enabled by default but that many of us do enable.

    Are there as many attack vectors as Windows once had? No. Is it as easy to hide malicious code while it is running? No. Will it be as hard to completely remove malicious apps once they are detected? No. Do we need to spend much time worrying about it right now? No. Will we have to worry about it in the future? Yes.

  7. Twist:

    Your Dashboard example is a trojan. There’s no OS that protects against trojans. The key is that these things don’t, generally, run unless the user runs them.

    For QuickTime movies in Safari, you’re already loading web-pages, so a movie with an embedded url won’t do anything you couldn’t just do in the page itself. I can understand a privacy fear over it, though, but not a significant security threat.

    Apache, PHP and ssh services are disabled by default.

    For users that do nothing, OS X is already quite secure, whereas on Windows, a default system really needs to be hardened. For users that start enabling the built-in options, Apple takes reasonable care (for example, they don’t include the telnet daemon or PHP in System Preferences). Any user can make a system less secure. Even a non-admin can nuke his/her own files.

    Windows ships with services and features which can be automatically exploited remotely, and that’s what has allowed all the famous outbreaks to occur. The fact that the user is required, in most cases, to accept or enable any remote requests, is a huge impediment to the spread of any worm or remote exploit.

    Apple would have to significantly degrade OS X’s security for us to have to take a Windows-style mentality. I agree, fully, that one day antivirus and antispyware software will probably become useful, if not necessary, but I don’t expect that day to come any time soon.

  8. Last time I checked, Safari asks you before executing downloaded code.

  9. @macnewbie:

    re: about anti-virus software recommendations. Sorry about not replying sooner. It’s not Apple policy to recommend anti-virus software to new Mac purchasers. I personally recommend it when I sell a new Mac, and I know a lot of my colleagues do too. It’s a preventative measure because most of us are only too aware of what “might happen” in the future on the Mac virus landscape.

    Having been a Windows user for some 12-years anti-virus was a must, moving to the Mac made me question the need for it as a lot of people said “don’t bother”, which actually bothered me. No system is secure, and the sooner new Mac users get into the habit of prevention the better their Mac experience will be.

    It saddens me when new Mac users have a poor Mac experience so I’d find it equally depressing if a customer I sold a Mac to had a virus because I didn’t tell them to buy/install anti-virus.

  10. This topic has been done to death, so I’ll keep my reply to being succinct. Yes, it’s possible for a virus to hit OSX. No, this has never happened in a public propogating fashion. Yes, users can execute code to infect their computer. No, it’s not nearly as easy as Windows to do this.

    One can only speculate on security, but I agree that Mac users shouldn’t feel 100% safe. It’s that kind of attitude that will make an actual outbreak that much worse.

  11. …when there’s an actual outbreak and not just a proof-of-concept, then we’ll do what needs to be done.

    At the moment, other than shilling for what amounts to snake oil – to the best of my knowledge commercial antivirus software for the Mac is still checking for ancient virii that infected versions of MacOS from before we called it “Classic” – seems irrational.

    I’m all for educating the general public that OS X isn’t “100% secure” but I *still* disagree that we need to overreact and instill a sense of general paranoia.

    Mac virii *just aren’t an issue yet*. They could be in the future. They probably will be, if Apple continues to do well.

    There’s nothing wrong or bad with making that point, *because it’s true.*

  12. Very good post, macnewbie. I appreciate it.

  13. @S. Elliot (and others)

    No one is saying the Mac is 100% safe. While, technically speaking, every single piece of software readily available for download is probably safe (discounting any bugs or user error), and one might say the Mac is 100% safe at the moment (which I think you agree), that’s not the same as saying the Mac cannot be attacked or that it will always be 100% safe.

    The “100% safe, now and forever” person does not exist, so I’m confused when people feel the need to debunk that notion.

  14. @macnewbie et al

    Every single post here tends to either state, “OS X is safe now, and always has been, but it probably won’t always be so,” or, “anyone who thinks OS X will never get a virus is wrong.” The second type isn’t a logical response to the first, because it attacks a notion the first type is not presenting.

    The only reasonable point of contention I see here is whether people should get into the habit of running antivirus software (which won’t protect against worms, trojans or spyware) and antispyware software (which won’t protect against viruses, worms or non-spyware trojans) now, or whether they should wait until such software actually has something to protect against.

    I don’t mind the difference of opinion on that aspect. But when you start calling it “dangerous”, “foolish”, or “bullshit”, you leave the realm of constructive debate and valid, but differing, opinions.

    It’s still unclear, exactly, what you are suggesting people do. Do you have any specific software you believe they should run? Any specific actions they should take now? I’ve given my suggestions: make backups, and keep an eye out for news of viruses/worms/spyware. What’s your advice?

  15. @rom

    “Another case, Safari’s current vulnerabilities with WebKit and I think with CoreImage (affects Finder and Preview as well) – dump Safari and use Camino and/or Firefox. :P”

    I have, Camino is my default browser :) But Safari is still the default browser on Mac and so it has to be considered as a significant chunk of what non-technical users will be browsing with.

  16. @node3:

      “On Windows, you really *don’t* know when, how, or from where the next attack will come.”

    Thats exactly the point of this post. On Mac OS X you don’t know when, how or from where the next attack will come.

      “Presently, there are no known malware/trojan downloads or emails”

    I would say that is not true, Sophos are reporting several (including Trojans) on their virus definitions site (http://tinyurl.com/qk58f)

      “While I disagree with you on this one topic, I do enjoy your blog.”

    Thanks, I am enjoying writing it too :)

  17. @Mo

    You touch on another important point then which Mac OS is falling vulnerable to. I don’t think anyone would disagree that having to escalate privileges is a bad thing (by retyping your password) but at what stage does it become so much part of the process of using the computer that it ceases to be something that is thought about before the password is typed.

    @Twist

      “The Safari issue isn’t truly dealt with until us Mac users apply the proper caution before clicking the button to let Safari continue the download.”

    Amen, Twist. Same with the administrator password thing above.

  18. @Nick Free

      “moving to the Mac made me question the need for it as a lot of people said “don’t bother”, which actually bothered me. No system is secure, and the sooner new Mac users get into the habit of prevention the better their Mac experience will be.”

    It bothers me too :)

  19. @S. Elliott

    “One can only speculate on security, but I agree that Mac users shouldn’t feel 100% safe. It’s that kind of attitude that will make an actual outbreak that much worse.”

    Amen, and this is the crux of everything I am trying to say here. The attitude needs to change so that when an incident occurs, it doesn’t spread or make a massive impact.

  20. “…I am saying it is foolish to just assume that it is because a version of it was, once upon a time because every change made since that fork has the possibility of introducing a new security issue.”

    I must disagree, it is a fact that ‘Safety of Max OS X is largely based on BSD’ and not a misconception.

    The modifications of BSD for Darwin are not in this (safety) area. Even so, Darwin is also open source and has the same benefits as BSD in that respect.
    (It is funny you don’t consider that Darwin could even be saver than BSD. I think this could be the case because of the Mach kernel…)

    But I’am glad we agree on something, namely that BSD is secure.
    This is important because Apple will drop Darwin and switch to BSD in the near future.

    “What I am saying is that this idea that it is either secure by default or somehow not at risk from attack is wrong wrong wrong…”

    I disagree, Mac OS X is secure by default. If I would prepare a Linux system I would install the firewall and set it to close ‘all’ incomming ports. Mac OS X is set by default in this way. (It is also very easy to set the firewall to stealth mode, and this is the most secure mode.)

    With this fact, combined with warnings when you download and install files with exceutable content, the file system properties, automatic security updates and the proven security of BSD, it is a logical conclusion that Mac OS X is ‘not’ at risk from attack.

    As a side note: I didn’t see ‘negative comments and reactions’ to your posting. Most of the reactions are constructive and informative in my opinion.

  21. @macnewbie

    Did you look at those definitions? I did, and every one I checked are for Mac OS 9 and lower, not OS X.

    “Thats exactly the point of this post. On Mac OS X you don’t know when, how or from where the next attack will come.”

    You are completely missing the point. On Windows, it would be imprudent to run without antivirus, antispyware, and a firewall. There are countless existing attacks that can hit you without warning if you don’t.

    On OS X, there are *absolutely zero* exploits at the moment. There are no attacks to hit you. The danger of a hoard of existing attacks is different from the danger of some attack that may eventually come some day.

    Different contexts demand different responses. Under Windows, it’s foolhardy to run without taking precautions. In OS X, there’s really nothing to worry about at present. Quit treating OS X like it’s Windows. It’s not.

  22. Yes, some are very old… but some are from as recently as June 2005:

    http://www.sophos.com/virusinfo/analyses/maccowhanda.html

    Mac/Cowhand-A is a proxy Trojan for the Mac OS X platform.

    The Trojan may copy itself to the user’s Preferences folder. In order to run itself on startup, the Trojan may add itself to the user’s Startup Items.

    The Mac/Cowhand-A Trojan horse allows remote hackers to use an infected computer as a proxy to connect to the internet. By using the Trojan hackers can disguise their real location because the connection can only be traced back to the infected computer.

    It can and apparently does happen… but I dont think we are ever going to agree on this.

  23. Even better, from the 4th of April which is less than 30 days ago…

    http://www.sophos.com/virusinfo/analyses/osxleapa.html

    OSX/Leap-A is an instant-messaging worm for the Mac OS X platform.

    The worm attempts to spread via the iChat instant messaging system, sending itself to available contacts on the infected users’ buddy list in a file called latestpics.tgz. This file is an archive consisting of:

    latestpics: the worm executable
    ._latestpics: a hidden resource file designed to disguise the executable as a JPEG image

    OSX/Leap-A installs itself as an application hook by deleting the “apphook” subdirectory of either the /Library/InputManagers/ directory (if run with root permissions) or the ~/Library/InputManagers/ directory (if run as a non-root user) and replacing it with the following three files:

    apphook/Info
    apphook/apphook.bundle/Contents/Info.plist
    apphook/apphook.bundle/Contents/MacOS/apphook

    OSX/Leap-A attempts to infect recently used applications by overwriting the original application with a copy of the worm, storing the original application in the file’s resource fork. Infected application files have the following extended attribute:

    name: oompa
    value: loompa

    OSX/Leap-A also creates the following temporary files:

    /tmp/pic.gz
    /tmp/pic
    /tmp/latestpics
    /tmp/lastespics.tar
    /tmp/lastespics.tar.gz
    /tmp/lastespics.tgz

    and several files under

    /tmp/apphook

    They have a pretty decent search system there, there are several like this.

  24. @macnewbie

    “Amen, and this [the 100% safe now and forever notion that no one is promoting] is the crux of everything I am trying to say here. The attitude needs to change so that when an incident occurs, it doesn’t spread or make a massive impact.”

    This raises a few questions/points.

    1. No one has the attitude your are complaining about. I don’t hear a single person saying that OS X can never have a virus, worm, trojan or spyware written for it.

    2. What specific action do you have in mind for users to take? And why is your suggestion any better than my suggestion, which is to make regular backups, and be prepared to, some day, respond to an exploit/attack as it becomes known?

    If there’s a virus, how is it going to spread so fast that by the time you hear of it, it’s too late to download an antivirus, but slow enough that the one day auto-update schedule of the antivirus software will be fast enough? If there’s a worm, what software exists now that is going to stop it? If there’s a remote exploit, what software currently exists that is going to stop that?

    The odds of *any* attack coming tomorrow are very low. The odds of an attack that would benefit from your suggestion (actually, I can’t see that you’ve suggested *anything*), but not from “backup and keep an eye out” are astronomically low.

  25. @macnewbie

    These all require user action. They are, however, more than just the ‘proof-of-concepts’ that have been out before, so that’s something. But the fact that the user actually has to execute them manually, keeps them as very low risk.

    I do cede, however, the notion that there is absolutely zero malware for the Mac. Of course, I’ve maintained there’s no reason it couldn’t be written. The key here, as I’ve already stated, is these don’t run automatically. All that’s really happened is that the risk level has gone from “theoretically not-zero” to “actually not-zero”. It’s fine that antivirus software now actually has something to scan for (even though they aren’t viruses), but the risk is still very low.

    “but I dont think we are ever going to agree on this.”

    I suspect that’s right, but I still don’t know exactly *what* your position is, beyond “stop saying OS X is impervious to attack” (which I don’t think anyone is saying). I do want to know what exactly it is you are suggesting users do.

    Even if we disagree, I’m satisfied I’ve presented my case and am content to leave it at that.

  26. Well, I’m amazed at some of the comments here and in the previous post, the only way some of you will learn is by having your entire computer destroyed through some sort of virus outbreak.

    I’ve blogged about this on a mainly Microsoft Development web site – I’ll be very interested to see what kind of responses I get to the comments I’ve lifted from this and the previous post.

    http://weblogs.asp.net/plip/archive/2006/05/01/444698.aspx

  27. @Phil

    “Well, I’m amazed at some of the comments here and in the previous post, the only way some of you will learn is by having your entire computer destroyed through some sort of virus outbreak.”

    I know how that feels. On a XP machine.I couldn’t even install XP with the computer attached to the Internet. Before I could install service pack 2 my computer was infested… So I had to burn a service disk with service pack 2, a firewall and a virus scanner, install it all, and then connect to the Internet.

    I don’t wish that to happen to anyone, whatever the system they use.
    And I think it tells something about your character, that you do wish that to others.

    Anyway, I know a system that fixes this all. (And I wish everyone could use it.)

  28. @Phil

    You know that viruses don’t spread themselves across a network, right? Worms do. How is there going to be some big virus outbreak? I should turn the question on your blog back to you, are *YOU* really so stupid? (the title of his troll blog post is, “Is the MAC[sic] community really so stupid?”)

    Antivirus software exists *solely* to reduce a risk. On Windows, the risk is *very, very high*. On OS X that risk is currently *very, very low*. Why expend effort to mitigate such a low risk? It’s highly illogical to treat OS X like Windows.

    Is it *stupid* for someone to understand a risk, and act accordingly? Or is it stupid for someone to think a high risk in their environment applies to completely different systems? You run Windows, and react in accordance to the risk level you face. Who are *you* to call me stupid for doing the same in my environment–an environment you clearly do not understand. Hell, you don’t even know how to spell it. That doesn’t bode well for the quality of any opinion you may have on the topic. Do you know most Linux users do not run antivirus or antispyware software (in fact, there are more viruses and worms for Linux than there are for OS X)? Are *they* “so stupid* as well? Or is it just not a problem for them?

  29. Which bit is ridiculous?

    Or are you just a spam comment? I wont delete you just yet just in case you are a real person.

  30. Sorry macnewbie… I started writing out a huge post with all my valuable opinions but reallised it had all been said, and that we were all arguing about something that doesn’t exist (which is the argument!;)

    I too like your blog but I’m going to have to side with node3 on this one. The Mac is more secure (i don’t think anyone is denying this), and that is no accident, so somebody must be concerned about security. Concerned enough, proactive enough, and doing a good enough job that I don’t beleive Mac users need to employ anything more than common sense, which they do.

    cheers
    Tim

  31. Safari tells you when you are downloading an application and asks you for a conformation, this way malicious code can not be executed automatically.

  32. i want to dwonload node3 free