Posted by: David Harley | February 11, 2010

Hit and Myth

Following my recent blog asking somewhat disingenuously whether Mac malware really exists, I notice that Laurent Marteau, CEO of Intego, which publishes a range of Mac security products including an AV scanner, has asked more or less the same question in an article called “Mac Malware: Myth or Reality“.

Unsurprisingly, the essence of the message is not unlike that of Intego’s “The Year in Mac Security” report, which I blogged about a while ago here. Or, come to that, to the messages I’ve been pushing since OS X was still a gleam in someone’s eye and I was being told “there are no viruses for System 7!”. Nevertheless, it’s a good, clear article, and all credit to the BCS for giving it an airing.

Unfortunately, it’s attracted a number of rather muddled posts arguing that it’s just vendor scaremongering, that phishing doesn’t count because it’s not platform specific, and even that Mac Trojans distributed through BitTorrent should be considered BitTorrent attacks as much as Mac attacks. Well, yes, in a sense, but if they’re Mac binaries, then BitTorrent is just the vector, and the Mac community is the target.

While these comments are considerably more polite than some of the Macsavagery I’ve received in the past, it would be a pity if the BCS took too much notice of the complaints and stopped publishing material that offends platform groupies.

Security vendors are IT professionals too. Even those of us who work in the AV industry. Not everything we say is marketing. And Mac users are certainly capable of gullibility.

Here’s something I said in a comment on the BCS site, and I think I’ll probably say again. “A few years ago, OS X was way ahead of most flavours of Windows in terms of security. That time has gone, and Apple (and some Mac users) are clinging to a romantic image. You can argue about whose approach is better in some details, but there is no yawning gap. And Microsoft is much more aware of its surroundings in malware terms than Apple, which is still in denial.”

David Harley FBCS CITP CISSP
Mac Virus
Small Blue-Green World
AVIEN Chief Operations Officer
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/threat-center/blog
http://avien.net/blog/
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Advertisements

Responses

  1. […] by Laurent Marteau of Intego in a previous issue. This is actually the same article I discussed here in February, but Graham does a good job, as always, of presenting a more balanced view of the threat […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: