Skip to main content

Mac security counterpoints

A couple of articles have come out that provide some counterpoint on the “Is the Mac no longer secure because of this new Trojan, bla bla?” question.

Mac apologist Carl Howe writes a slightly misinformed (opens in new tab) article on Mac security, where he (sort of) confuses vulnerabilities with this new Trojan and generally bashes Windows.

Ok, just to make it clear: This Trojan is not a vulnerability in OS X, does not use a vulnerability in OS X, is not an exploit and I wish it would stop being referred to in these wildly incorrect terms.

David Harley writes a more reasoned essay, (opens in new tab) where he points out the Big Critical Piece of Information that Some People Aren’t Getting: The majority of malware attacks are done through social engineering, and this Trojan is installed through social engineering, and that this piece of malware comes from the same group that’s making a lot of money off of Windows users.

This Trojan is quite widespread on Windows (fake codecs are always at the top on our threat center (opens in new tab), which tracks in real-time what is actually being removed by CounterSpy users). It requires user confirmation to run, so what makes Mac users think that they are immune to this type of social engineering?

There was even one respected security researcher who implied that Mac users were generally smarter than Windows users (opens in new tab)and thus weren’t as likely to install the Trojan. Well, this comment on my blog should answer that question:

I am new to the mac life! I just bought a video camera and hooked it up to my new macbook and the video didn't work so I downloaded whatever popped up!!! I had no idea why my video didn't work and i figured that mac's are suppose to be soooooo user friendly that I needed to download it. NOW WHAT DO I DO? HOW DO I KNOW IF I GOT THIS DARN TROJAN OR NOT???? EEK please help?

QED. (opens in new tab)

Mac users are human beings, like all the rest of us, and can be fooled like all the rest of us. This Trojan is very deceiving, and its existence is simply a wake-up call that the professional, for-profit malware authors have moved into the Mac world, and now Mac users simply need to be more vigilant.

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.