Earlier today I retweeted The Guardian’s technology editor, Charles Arthur’s tweet about a Sophos blog post highlighting an undocumented change to Mac OS X, that appears to guard against a particular malware exploit.
The response I got was accusation of having a half-empty iGlass and being an iHater. To be fair, the “accuser” was a friend of mine, and the comments were probably tongue in cheek (maybe not, based on the number of follow-up tweets…) but I was sure I’d read something on the Apple website about Macs not getting viruses, so I had a quick look…
Here is a quote from the Apple website, on why you’ll love a Mac:
“It doesnâ€™t get PC viruses.
A Mac isnâ€™t susceptible to the thousands of viruses plaguing Windows-based computers. Thatâ€™s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part.”
Of course not – Macs (which these days have almost nothing, other than design aesthetics and operating system to distinguish them from any other PCÂ – i.e. a personal computer running Windows, Linux or something else) don’t get the same viruses as Windows machines.Â No, they have their own “special” sort of (admittedly rare) malware, that Apple is fortunate enough to be able to patch within the operating system.Â That will be the “built-in defenses” (sic) they talk about then.Â So why not be transparent and mention them in the release notes for the updates?
That’s the big text… then we get:
“Safeguard your data. By doing nothing.
With virtually no effort on your part, Mac OS X defends against viruses and other malicious applications, or malware. For example, it thwarts hackers through a technique called â€œsandboxingâ€ â€” restricting what actions programs can perform on your Mac, what files they can access, and what other programs they can launch. Other automatic security features include Library Randomization, which prevents malicious commands from finding their targets, and Execute Disable, which protects the memory in your Mac from attacks.
Download with peace of mind.
Innocent-looking files downloaded over the Internet may contain dangerous malware in disguise. Thatâ€™s why files you download using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, Mac OS X alerts you, then warns you the first time you open one.
Stay up to date, automatically.
When a potential security threat arises, Apple responds quickly by providing software updates and security enhancements you can download automatically and install with a click. So youâ€™re not tasked with tracking down updates yourself and installing all of them one by one.
Protect whatâ€™s important.
Mac OS X makes it easy to stay safe online, whether youâ€™re checking your bank account, sending confidential email, or sharing files with friends and coworkers. Features such as Password Assistant help you lock out identity thieves who are after personal data, while built-in encryption technologies protect your private information and communications. Safari also uses antiphishing technology to protect you from fraudulent websites. If you visit a suspicious site, Safari disables the page and displays an alert warning you about its suspect nature.
As a parent, you want your kids to have a safe and happy experience on the computer. Mac OS X keeps an eye out even when you canâ€™t. With a simple setup in Parental Controls preferences, you can manage, monitor, and control the time your kids spend on the Mac, the sites they visit, and the people they chat with.”
Now, to be fair to Apple, with the exception of the bit about viruses (and let’s put aside the point that viruses are only one potential form of malware), they don’t suggest that they are unique in any of this… but the page does infer this, and talks about how Macs are built on the world’s most advanced operating system (really?). So let’s take a look at Apple’s bold claims:
- Safeguard your data by doing nothing.Â “Sandboxing” – Windows has that too.Â It prevents malicious applications from accessing sensitive areas of the file system and the registry using something called User Access Control (UAC).Â You may have heard about it – generally from people getting upset because their badly-written legacy applications didn’t work with Windows Vista.Â Thankfully, these days things are much better.Â And I’m sure my developer colleagues could comment on the various sandboxes that .NET and Java applications use – I can’t, so I won’t, but let’s just say OS X is not alone in this regard.
- Download with peace of mind.Â Internet Explorer warns me when I attempt to download an application from a website too.Â And recent versions of Windows and Office recognise when a file has originated from the Internet.Â I have to admit that the Safari/OS X solution is more elegant – but, if Macs don’t get viruses, why would I care?
- Stay up to date, automatically.Â Windows has Automatic Updates – and the update cycle is predictable: Once a month, generally, on the second Tuesday; with lots of options for whether to apply updates automatically, to download and notify, or just to notify.Â Of course, if you want to patch the OS manually, then you can – but why would you start “tracking down updates yourself and installing all of them one by one”?
- Protect what’s important.Â I’ll admit that Windows doesn’t have a password manager but it does have all the rest of the features Apple mentions: encryption (check); anti-phishing (check); warnings of malicious websites (check); parental controls (check).
I’m sure that a Linux user could list similar functionality – Apple is not unique – this is run-of-the-mill stuff that any modern operating system should include.Â The trouble is that many people are still comparing against Windows XP – an operating system that’s approaching its tenth anniversary, rather than any of the improvements in Vista (yes, there were many – even if they were not universally adored) and 7.
So, back to the point:
Patching security holes inÂ softwareÂ (e.g. a potential buffer overflow attack) is not the same as writing signature code to address specific malware.Â I’m not an iHater: I think it’s good that Apple is writing AV signatures in their OS – I’d just like them to be more open about it; and, as for the criticism that I don’t write much that’s positive about Apple, I see it as having an ability to see past the Steve Jobs Reality Distortion Field and to apply my technical knowledge toÂ look at what’s really there underneath the glossy exterior.
I should add that I own two Macs,Â three iPods and a iPhone (I also owned another iPhone previously) and hope to soon have the use of an iPad. In general, IÂ like my Apple products – but they’re far from perfect, despite what the fanboys and Apple’s own marketing machine might suggest.