[tptacek]

Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.

Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people).

[demetris]

“Malware is so rare on the Mac that Apple set up an entire web page to deal with the one trojan currently known to be impacting Mac users.”

I read that and I thought Apple had set up a top-level page. I then saw it is an article in Apple’s knowledge base.

As far as I know, this is the same thing Microsoft does for distinguished malware: articles in the knowlegde base. E.g., here is an old one for Blaster:

http://support.microsoft.com/kb/826955

[tptacek]

Blaster wasn't a trojan; it was a worm that actively compromised Windows machines, took out entire huge enterprises (including major military networks), hit the front page of CNN, and (IIRC) prompted a Congressional inquiry about regulating software security.

Not exactly apples/apples.

[beedogs]

"Macs aren't more secure than Windows machines, but they're still undeniably safer (at least for normal people)."

That's a pretty absurd statement which, if it even made sense, would be far more applicable in the Bad Old Days of Windows XP.

[epistasis]

It makes plenty of sense, and I don't think it's absurd in the least. It's the difference between locking your bike up in the middle of NYC vs. locking it up in a small rural town with identical locks to identical fixtures. One of these situations is much safer, even though there's no security difference.

[code_duck]

I agree, a few months ago I tried to argue that more people would be making malware for Macs since it's a wide open market, so to speak... tptacek laughed at the idea.

Still, I feel almost as safe on my Mac as with Linux, but not quite. Malware producers are starting to notice the Mac.

[tptacek]

I'm still laughing at the idea. People write malware to make money. Your premise is that the return on investment for Mac malware is comparable to that of Windows, which still absolutely dominates the market for personal computers. It's not.

The most successful malware packages do not, as a general rule, lock all other malware out of their victims, so it's not as if there's a meaningful competitive hurdle for malware authors. Why would they choose the tiny market?

The way the market is going, in a couple years, I can see an outside chance that OS X will be so popular that it'll be a useful target.

[code_duck]

My premise was that someone might decide to make malware for Macs because:

- users are not expecting it, and have had little coaching regarding malware on Macs

- there is very little usage of antivirus programs

- Safari is not particularly hardened

- OSX lacks various protections present in Windows

- making a mac 'port' of a malware program is probably not difficult

It seems really easy and wide open, in other words.

We have seen a fairly widespread attempt recently to infect Macs with a trojan, 'anti-malware.zip'. I presume most people have seen this, if not: http://www.tuaw.com/2011/05/19/macdefender-malware-protectio... I've actually encountered this several times recently - chromium downloads the .zip file automatically when you are redirected to the attack site. What if they find a browser exploit for Firefox or Safari as the next step?

> People write malware to make money. Your premise is that the return on investment for Mac malware is comparable to that of Windows, which still absolutely dominates the market for personal computers. It's not.

Almost all software is written to make money, and still plenty decide to write software for the Mac even though the market is smaller. What's the difference? The revenue potential per 'customer' is a lot smaller for this vs. the programs sold by Panic, perhaps?

I'm not challenging your perspective or expertise of course, these are merely the reasons I wonder about it.

[tptacek]

Sorry, I don't think you're dumb for thinking this could happen, but I simply disagree that the Mac malware "market" is going to resemble the WinAPI market any time in the near future.

[drivebyacct2]

What browser or operating system can you, by simply clicking an image in Google Images, have an installer pop up basically just waiting for a password to have malware everywhere?

I don't really buy the claim that OS X is intrinsically more secure than Windows these days.

[tptacek]

That's good, because nobody made that claim.

[drivebyacct2]

Safer, more secure, what's the practical difference here? I'm tired of the implication that OS X is inherently more secure. I have yet to see anything to indicate that is true, especially when considering the, albeit still slow, growth of malware in OS X as market share has increased.

Honestly, for a user that is not using Internet Explorer, I can't imagine a workflow nearly as dangerous as is possible with Safari. It's not hard to be safe in Windows these days.

[tptacek]

This is the second time now you've "refuted" the argument that OS X is "more secure", which is interesting because nobody made that argument

A Food & Liquor on Chicago's West Side is more secure than a 7-11 in suburban Kennilworth. You have to pass your money through a little slot in a bulletproof glass window!

The 7-11 is safer. Nobody ever sticks it up.

This is not a complicated point.

I'm glad you're happy with Windows security. I'm pretty impressed with it too. But I'm biased, having worked with them professionally on it in the past.

[drivebyacct2]

Until 7-11s pop up all over town and become known for being notoriously easy to walk in and back out of with their money.