Mac Security Is '10 Years Behind Microsoft'

[HardOCP News]

The CEO of Kaspersky Labs isn't going to make any friends in Cupertino saying stuff like this.

"They will understand very soon that they have the same problems Microsoft had 10 or 12 years ago," Kaspersky said in an interview. "They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software."

 

[Vathral]

They had friends?

 

[Kor]

By 10 years behind I assume he means 'no longer in need of invasive third part AV clients made by companies like Kaspersky, instead opting to provide a free and nicely maintained security suite to it's user base'.

 

[kirbyrj]

Just wait for the Windows ads that say, "We don't have viruses."

 

[Nightbird]

Well, security is kinda of like the Titanic. Unsinkable until proven otherwise.

 

[timta2]

I'm all for security but it's hard to take things these AV companies say seriously anymore. Everything is always doom and gloom, better buy our products.

 

[evilsofa]

10 or 12 years ago, Microsoft had these to deal with. Comparing now to that is ridiculous hyperbole.

 

[BDS23]

Is Kaspersky hinting MSE here? Well, at least indirectly...

 

[RedStarSQD]

10 or 12 years ago, Microsoft had these to deal with. Comparing now to that is ridiculous hyperbole.

and from that link..the first serious virus outbreak was on...... the apple

 

[Semantics]

Although he didn't say exactly 10 years behind in terms of security features, he said that they were 10 years behind in security culture. I will say windows 7 8 is by far ahead in term of security features, although still number 1 problem with viruses is an ebcak

 

[rat]

By 10 years behind I assume he means 'no longer in need of invasive third part AV clients made by companies like Kaspersky, instead opting to provide a free and nicely maintained security suite to it's user base'.

http://www.forbes.com/sites/andygre...-to-cut-off-its-server-monitoring-infections/

http://www.extremetech.com/computing/125019-mac-botnet-grows-to-600000-274-of-them-in-cupertino

The reason this problem exists is because it took Apple nearly 3 months to patch the exploit used (after Oracle patched it themselves in early Feb) and only bothered to patch it AFTER the botnet became known.

Apple got beyond cocky. Now they're getting caught with their pants down. Their concept of security is still that of obscurity.

 

[jolli]

I bought my girlfriend a Macbook Air and insisted she put virus scanning software on it. It is just the free Sophos program, but I figure that is better than nothing.

With a decent processor and an SSD, I don't think there are any noticeable slowdowns.

 

[bigddybn]

I've run a hackintosh for about a year now. I found it HILARIOUS that OSX prompts for the user to type password FAR more often than UAC requires a single click but Apple used to run those stupid ads with the body guards interrupting the "PC" guy constantly to approve something. OSX is far more obtrusive about it.

 

[GaryJohnson]

Well, security is kinda of like the Titanic. Unsinkable until proven otherwise.

If only they had installed Kapersky anti-iceberg, they could have been obnoxiously alerted about all the icebergs they didn't hit before they sank.

 

[Cube]

the fucking apple are to dumb too know apple prducts are abot as secure as a strippers g string.

They go around saying crap like macs and Iphones ipad crap dont get vrirus or hacked when in fect the reason is nobody gives a fuck about mac and hacking them and writing virus programs for them is not worth the time.


its like trying top protect junk nobody wants hacker or virus dude wants to bother with.


Besides the fucking apple hippster dont have anything worth stealing and the only reason to give them a hack or a vrius is for the lulz.

 

[/usr/home]

I've run a hackintosh for about a year now. I found it HILARIOUS that OSX prompts for the user to type password FAR more often than UAC requires a single click but Apple used to run those stupid ads with the body guards interrupting the "PC" guy constantly to approve something. OSX is far more obtrusive about it.

Ubuntu likes to have you type in your password lots too. Pisses me right off.

 

[ripken204]

Ubuntu likes to have you type in your password lots too. Pisses me right off.

almost all OSes do... not just OS X, windows 7/8, and Ubuntu
for Linux it mostly happens when you run updates, which makes sense imo.

If you have multiple users on the system, you can prevent certain users from doing updates that might screw up your current configs for example.
aside from that, I rarely get "UAC" in linux unless I'm trying to edit some file owner by root

 

[Uberazza]

I think the reason there is a perception that MAC's are secure is because there just isn't enough people writing viruses for OSx because its not worth it for the market share.

 

[harbingerofdoom]

If only they had installed Kapersky anti-iceberg, they could have been obnoxiously alerted about all the icebergs they didn't hit before they sank.

i lol'd

 

[MrGuvernment]

almost all OSes do... not just OS X, windows 7/8, and Ubuntu
for Linux it mostly happens when you run updates, which makes sense imo.

If you have multiple users on the system, you can prevent certain users from doing updates that might screw up your current configs for example.
aside from that, I rarely get "UAC" in linux unless I'm trying to edit some file owner by root

ya but as soon as MS did it in Vista, they sucked, it was annoying, blah blah blah!

 

[heatlesssun]

Well he's not the only one saying this. The problem with Apple is that they are very much like Microsoft a decade ago when it comes to desktop OS security. Apple is simply too opaque about security matters these days, just like Microsoft. Fortunately Bill Gates finally got it a laid down the law. But Microsoft simply had no choice. Unlike Apple Microsoft has a large presence in servers and most Windows desktop attacks were hitting servers as well and indeed the Windows servers had some of their own colorful problems like Code Red which was a disaster for Microsoft even though they had put put a patch months before the attacks which a great example that real software security is a lot more than issuing a patch and being mum otherwise.

 

[MrGuvernment]

The last two major versions of Mac OS X has a built-in malware scanner called XProtect that is able to spot and quarantine known malware. Soon the company will also mandate that apps sold on its App Store will be compliant with new sandboxing rules designed to keep apps from doing any damage to user files, or other parts of the OS

Can't wait for the EU to start sueing.. also.....doesnt win 7 and vista and msot *nix already run apps in a sandbox mode?

 

[heatlesssun]

ya but as soon as MS did it in Vista, they sucked, it was annoying, blah blah blah!

And this is one reason why it's hard to take tech pundits seriously sometimes. For all of the bitching and complaining about UAC it seems to been a pretty effective tool overall. Not perfect but it has done what it needed to do.

Sometimes Microsoft DOES get it and their security efforts compared to a decade ago might be where they have done their best work.

 

[Matalim]

All is I see is a anti-virus vendor trying to sell business. When is the next OSX malware going to hit? I'm still waiting for an actual OSX "virus"...you know something that spreads by itself.

 

[heatlesssun]

All is I see is a anti-virus vendor trying to sell business. When is the next OSX malware going to hit? I'm still waiting for an actual OSX "virus"...you know something that spreads by itself.

While no doubt these comments are self serving again, there's plenty of people who have looked at this issue and have a similar view that are vested in selling security software.

OS X will probably never have the malware issues that Windows has but that really has nothing to do with Apple's superior software engineering or security practices.

 

[Daemas]

I bought my girlfriend a Macbook Air and insisted she put virus scanning software on it. It is just the free Sophos program, but I figure that is better than nothing.

With a decent processor and an SSD, I don't think there are any noticeable slowdowns.

ESET Cybersecurity for Mac, dude. Better/Faster scanning and less resources used.

 

[IronChef75]

If Kaspersky really cared about security, they would give anyone who buys a Mac a free condom. It may not protect their Mac, but it might prevent the idiots from procreating.

One second thought, you can't get pregnant from butt sex.

 

[Ashbringer]

ya but as soon as MS did it in Vista, they sucked, it was annoying, blah blah blah!

Linux only asks you if you're about to do something that could damage the system. Like a software update, or needing root access. When Vista did this, it asks you for everything. Nearly every application will prompt you a yes and no question. Sometimes twice.

Mac and Linux both work identical in terms of giving you annoying prompts.

 

[Thuleman]

Liberal media trying to get business down. Everyone in the real world knows that Apple's Mac OS never gets any viruses.

 

[Ryan711]

yeah...no. That would put us about at XP pre-SP2. You know, the one where the firewall was off BY DEFAULT. Being built upon UNIX, it is inherently more secure than windows. However, the users are the problem, on BOTH platforms.

 

[thewooster]

Only 10-12? XD

 

[thewooster]

yeah...no. That would put us about at XP pre-SP2. You know, the one where the firewall was off BY DEFAULT. Being built upon UNIX, it is inherently more secure than windows. However, the users are the problem, on BOTH platforms.

I have to respectfully disagree there. Mac may have initially been based off of BSD, but it has long since abandoned the core ideas that make such software secure.

 

[pankkake]

Being built upon UNIX, it is inherently more secure than windows.

No. Only fanboys and people who know nothing about security think that.

An OS with unpatched known holes will be insecure no matter how good its paradigm is.

 

[Ryokurin]

Linux only asks you if you're about to do something that could damage the system. Like a software update, or needing root access. When Vista did this, it asks you for everything. Nearly every application will prompt you a yes and no question. Sometimes twice.

Mac and Linux both work identical in terms of giving you annoying prompts.

And the major reason why it had to prompt every single time was because of how almost every program was designed at the time to just expect elevated access. I'll never forget the Slashdot article where people assumed that because a programmer got around having his program throw a UAC prompt every boot by making the UI a service that UAC was a pointless hack when in reality that was how the program needed to be written in the first place to prevent similar on a Unix based system.

Does Apple need to be more proactive on some parts of security? Yes, but on the other hand they also seem to be a lot more serious about preventing similar from happening again. One thing that people don't realize was changed in this past fix is that plugins will be disabled automatically if they haven't been used in a long time. Imagine if Microsoft did similar, even today? I'm sure there would be some linkbait posted here on some conspiracy theory about how it's limiting your rights on your computer.

 

[Stiffy]

I think the reason there is a perception that MAC's are secure is because there just isn't enough people writing viruses for OSx because its not worth it for the market share.

thank you.

 

[Zarathustra[H]]

almost all OSes do... not just OS X, windows 7/8, and Ubuntu
for Linux it mostly happens when you run updates, which makes sense imo.

If you have multiple users on the system, you can prevent certain users from doing updates that might screw up your current configs for example.
aside from that, I rarely get "UAC" in linux unless I'm trying to edit some file owner by root

I always find the people complaining about UAC prompts and the like hilarious. This is what makes things secure. its the most effective way to avoid getting shit installed on your machine that you might not want, y calling to your attention whenever something is trying to make changes to system files.

If you don't know why the box is displaying, then you shouldn't approve it.

Furthermore, if your UAC prompt is just a click, and not a full password dialogue, this means you are running your day to day computer needs in an admin account. This is a very silly thing to do. if you want your machine to be secure you NEED to run day to day stuff in a limited user account, only ever switching to an admin account or giving admin credentials when you need to do some form of service/updates etc.

This is why there are so many botnets

 

[Zarathustra[H]]

No. Only fanboys and people who know nothing about security think that.

An OS with unpatched known holes will be insecure no matter how good its paradigm is.

Agreed, but Unix based open source systems have a much better track record of fewer holes (presumably because more eyes see the code) and quicker fixes when something does go wrong (because anyone can write a patch, and there usually isn't that "corporate damage control" thing preventing quick fixes).

No system is impenetrable. As long as people write code, there will be people that find ways to abuse it, on any system. It's always going to be a game of cat and mouse. thus far - however - ever since the mainstream adoption of SELinux into most Linux distributions, Linux has really been the best at this. Even before this though, the Linux and Unix landscapes were far more effective at releasing secure code, and patching when holes were found.

Even today - while it is a lot less common than it used to be - fully patched Windows 7 machines are occasionally infected without any user input, simply by being on the network. I have never heard of this on a Linux box. I'm not saying it hasn't happened, I've just never seen it, or heard of anyone who has had this problem.

Typically - though - infections come from tricking people into giving permission to install something they shouldn't and bypassing UAC or its OSX or Linux equivalents, and this is why user education is one of the most important parts of security. Don't click the UAC prompt, and don't enter your password, unless you know WHY you are doing it.


While education is important - however - it is not a substitution for other good practices, like making sure you run everything in a limited user account, with UAC on, running an up to date real time virus scanner, and frequently scanning your machine just in case. You could be the most educated computer expert in the world, but unless you follow the practices above, you are leaving yourself exposed.

 

[Zarathustra[H]]

10 or 12 years ago, Microsoft had these to deal with. Comparing now to that is ridiculous hyperbole.

Thank you for that link. I was going down that list.

I had completely forgotten about the Michelangelo virus and the media hype surrounding it

 

[TechLarry]

Number of Mac's presented with Malware to be removed since January 1st - 0.

Number of PC's presented with Malware to be removed since January 1st - Between 200 and 300.

Microsoft, the AV companies and et. all can say whatever the hell they want, what should really matter to people is reality.

And the reality is, I never get presented Mac's to have Malware removed.

 

[GaryJohnson]

Number of Mac's presented with Malware to be removed since January 1st - 0.

Number of PC's presented with Malware to be removed since January 1st - Between 200 and 300.

Microsoft, the AV companies and et. all can say whatever the hell they want, what should really matter to people is reality.

And the reality is, I never get presented Mac's to have Malware removed.

Are you a Apple Authorized repair center?