Paraplegic Kitten

Storm of news over the past couple of weeks about the recent appearance of a pair of meek little proof-of-concept viruses for the Mac. It’s a news item not because the viruses are widespread, or because any noticeable damage is being done — it’s a news item because, until now, viruses for the Mac simply didn’t exist. Mac users have, perhaps foolishly, come to see their platform as a citadel of inherent security, leading to a common mindset that they can sit back and do nothing safely.

For Wired News, Leander Kahney writes Mac Attack a Load of Crap:

The smuggest of smug Mac users is right: the platform is more secure, and these new security threats are no more threatening than a paraplegic kitten. … Last month, there were four “massive” virus attacks on Windows, according to Commtouch, an antispam and antivirus vendor. Indeed, viruses are now so aggressive, they routinely outpace attempts by antivirus companies to distribute protective signatures. … These Mac “threats” are only news because of their novelty, not the threat level they pose.

Maybe, but once there’s a crack in the dyke, a village can flood pretty quick. For now, I’m with Kahney — I’m not installing any A/V software, nor am I suddenly regarding every email attachment or download as suspicious. But that could change.

In a way, this turn of events could become an acid test for the old argument about whether the Mac has been virus-free due to low marketshare or due to inherent security. If virus writers turn their attention to the Mac and go at it aggressively, the “low marketshare” part of the argument is mitigated, and we’ll be able to see whether the Mac really is inherently more secure.

Music: Burning Spear :: Jordan River

5 Replies to “Paraplegic Kitten”

  1. I have ClamAV (free open-source anti-virus) installed on my powerbook and have the realtime monitor running, but I never run actual virus scans…

  2. grahams – Birdhouse uses ClamAV for scanning email for viruses, but it sounds like you’re using it to scan your entire filesystem, not just your email, correct? Has it ever found anything?

  3. Again, I don’t actually use it to SCAN my filesystem, I just have it monitor changed/new files, etc. I ran a scan when I first installed it and figured that the live-scanner thingy would then protect me from then-on as I added/changed files.

    I actually have had it find some viruses, but they were ironically windows viruses contained within a very neglected VirtualPC image..

    A few times it has flagged an email for phishing, etc, but usually those are killed before I even get them via CSH’s mailserver, which I believe also runs ClamAV.

Leave a Reply

Your email address will not be published. Required fields are marked *