more on mac viruses and quote and apple pie

[David Farber <dave () farber net>]

Begin forwarded message:

From: David Magda <dmagda () ee ryerson ca>
Date: May 20, 2005 10:47:17 PM EDT
To: dave () farber net
Subject: Re: [IP] more on mac viruses and quote and apple pie
Reply-To: David Magda <dmagda () ee ryerson ca>


[This reply ended up being longer then I intended. Feel free to edit  
it if you feel it's too long. It's also a bit like two separate posts  
in one: my 'rant' and some pointers to articles by John Gruber.]

On May 20, 2005, at 20:34, David Farber wrote:


> And MACs are not exempt. Your readers who are
> proud of the fact they run no antivirus applications, and don't  
> maintain
> their firewalls on their MACs are victims in wait.

While technically you are correct that OS X is possibly vulnerable to  
attack, the fact of the matter is that it has not been seriously  
attacked to date. So why not use a computing platform that is less of  
target? Isn't that the sane thing to do? I find it silly to go out  
and choose a course of action that will bring you pain in the future.

If you have particular needs which are only met by using Microsoft  
Windows then by all means use it.  But if you can get by using a Mac  
then there's not much of a reason not to do so (especially with the  
relatively inexpensive Mac mini now available).

I have a PowerBook and recently bought my sister an iMac; I  
administer Unix boxes at work. Neither Mac runs any kind of anti- 
virus software (nor do any of my Unix machines). This is not because  
I think they are invulnerable (I keep up with security updates), but  
because at this point in time I feel that the cost-benefit  of me  
purchasing anti-virus software isn't worth it. When (or if?)  threats  
for OS X emerge it will hit the news web sites very quickly, and the  
vendors will release an update to detect it. At that point a  
measurable risk will be present and it may be worth it to buy some  
software (or use ClamAV which is open-source and can run on Unix-like  
systems (including OS X)).

Until then it isn't worth the money IMHO. Anti-virus programs are  
like insurance: they are a cost that will hopefully pay for itself if  
something bad happens. If the odds are low that the event will occur  
why pay the premium? If you live in Florida you protect yourself  
against hurricanes, not earthquakes. Vice versa in California.

As an aside, last year John Gruber wrote about the discrepancy  
between Windows users getting various malware and the rest of the  
computing population not getting any. Worth reading (as is just about  
all of Mr. Gruber's posts):


> What’s remarkable is this: Crapware is a problem of epidemic  
> proportions on Windows, but it is almost completely non-existent on  
> the Mac.
[...]

> We all benefit from the fact that the Mac community has zero  
> tolerance for vulnerabilities. Not just zero tolerance for security  
> exploits, but zero tolerance for vulnerabilities. In fact, there is  
> zero tolerance in the Mac community for crapware of any kind.

http://daringfireball.net/2004/06/broken_windows

With a follow up article a couple of months later:


> The reasons why are subject to argument. But you can’t argue about  
> the net effect: Windows users, especially with their home  
> computers, are plagued by insidious malware; everyone else is not.

http://daringfireball.net/2004/09/for_whatever_reasons

And a related article on the scourge of malware through Outlook:


> Microsoft’s Outlook has been exploited by virus authors so  
> frequently and so effectively that I dare anyone to dispute that  
> it’s the worst email client ever, anywhere. The worst. But yet it  
> is also the most popular.

http://daringfireball.net/2003/08/good_times



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/