02
Jun 11

The hyping of a Mac virus

Call it the price of success: Apple is plugged into a buzz amplifier.

Whatever the news, good or bad, it gets played back at max volume. And this amp comes complete with a distortion effect, so the facts we get don’t necessarily reflect reality.

Antennagate? It was a horrific lapse — except it had zero effect on sales and customer satisfaction.

Locationgate? It laid bare Apple’s true evil intent — except it quickly fizzled into nothingness.

With the attack of the MACDefender virus, the trilogy is complete. The virus bubble is burst! Mac users will now know the pain PC users have suffered for decades.

Except for one little fact: MACDefender isn’t a virus.

A virus is a nasty subset of malware that infects your computer without your knowledge, and often spreads to others. MACDefender is malware, of course — but it’s the kind that can’t do anything unless you invite it in.

It preys on those who somehow didn’t get the message that you should never, ever install an app from an untrusted source. Especially an app you never asked for.

But when the rumors get amplified, facts somehow become less relevant.

In researching this post, I was stunned to find that MACDefender is being reported as a virus in the majority of articles, often right up there in a headline like Virus Alert: MacDefender. In fact, most articles did the malware a favor by billing it as “MacDefender” instead of “MACDefender,” which is what it actually calls itself. This adds credibility, since no real Mac app-maker would make the clunky error of putting MAC in all-caps, as if it were a variant of “PC.”

Many are hyping this story because they believe it proves them correct that Macs are just as susceptible to viruses as PCs, but have been spared only because they’re so damn insignificant. Others are playing it up because it allows them their obviously long-sought revenge.

An Arizona IT company “will enjoy watching that smile getting slapped off the smug faces of those self-important Apple religious-fanatics (you know who you are),” but felt “a great swell of pity for the many innocent people who will be victimized in the near future because some fool told them Mac’s were virus-proof.” Never trust a guy who can’t even pluralize “Mac” correctly.

In a recent piece entitled The last Mac myth, I ragged on the theory that Macs aren’t targeted with viruses simply because there are so few of them in the world. The truth is, Apple products are a supremely juicy target, and offer any self-respecting evildoer a shot at instant glory. If MACDefender is the best they can do, I’m pretty sure the sky isn’t falling.

The best advice yesterday remains the best advice today: never download or accept any files that come from anyplace other than a source you know and trust.

Let’s all enjoy using our technology, but be responsible as well. No computer company, and no OS, can protect us against ourselves.

Tags: , , , , , ,

4 comments

  1. Ken,

    Whilst most of what is said above is true I think you’re a little too keen to jump on the idea that this is easily avoided by simply not installing software you don’t trust.

    As is demoed by a number of videos of MacDefender (correct spelling of one variant) on the web, the software installer auto-runs after simply visiting a webpage. No downloading or clicking of files, no admin password, it just runs

    At this point its down to the user to either cancel the installer or be confused by this message saying that this software will help protect their computer. It’s a very complex problem and many will be confused by it.

    The smart move for Apple here is to actually remove the option for Safari to open safe files automatically, or at least turn it off as the default.

  2. @Alex:
    Yes, the installer does auto-run. (I’ve actually had this happen to me three times now, just through my ordinary browsing.) It’s also true that the installer does not require a password. But as you note, it is then up to the user to click the Install button. It’s all in the user’s hands at that moment.

    So I do think it is really easy to avoid if people just follow the golden rule about not installing apps they don’t know and trust.

    But I totally agree that the fail-safe solution would be to uncheck the “open safe files automatically” option.

  3. Ken,

    To date there has been a profusion of misleading and outright erroneous articles on this topic written by hacks who profess to be experts in this area.

    Most of those ludicrous articles are written by Windows users who have absolutely no knowledge of, or experience with, the Mac operating system.

    Windows users in general seem to be in denial of the facts concerning Mac OS X, calling Mac Defender (and its variants) a “virus” and claiming that Mac OS X has many “viruses” (although none of them can name even one of these unicorns).

    Many of those writers do not understand that “Virus” and “Trojan” are terms that were given to describe two very different types of “malware”.

    A PC ‘virus” is just like a human virus. You can catch it and spread it to others without knowing it. All that it takes is simple exposure.

    A “Trojan” or “Trojan horse” is just like the fabled Trojan horse. The Greeks left the Trojan horse outside the gates of Troy. Troy was heavily fortified and securely protected against the Greeks, but it was the Trojans’ foolishness that opened the gates and purposely pulled the Trojan horse into the city of Troy.

    Even the security software companies who make a humongous amount of money selling anti-virus software to Windows users (and who would love to do the same thing with Mac users) have stated clearly that MacDefender and its variants are NOT a Mac OS X vulnerability!

    Peter James, spokesperson for Intego (the security company that discovered Mac Defender) has said: “This is not a Mac OS X vulnerability, but social engineering, taking advantage of users who are unaware of what is happening.”

    In other words, no amount of “anti-virus” software would stop a gullible user from purposely installing this type of application on their own computer if they are determined to do this. But since this software is a simple application, once the naive user learns of his/her mistake, it’s easy to get rid of Mac Defender by merely trashing the application.

    Yet some Windows users think that they know better than the experts, calling Mac Defender a “Mac virus” and remaining in denial about the fact that Mac OS X has NEVER had a single virus.

    It seems misery loves company, but if Windows users can’t find it in Mac OS X they ignore the facts and create their own little fantasy. ;-)

    No operating system, including Mac OS X, can claim to be totally impervious. But even if Mac OS X does get its very first virus sometime in the future, it will be like comparing a drop of water to the ocean of literally hundreds of thousands of Windows viruses that Windows users have to contend with.

  4. Great post. Absolutely right, (and the comments) it’s not even a virus. At Wikipedia (http://en.wikipedia.org/wiki/Computer_virus) the first words in the article for a computer virus prove that. “A computer virus is a computer program that can copy itself and infect a computer.” I guess it is infecting the computer, (just being installed might be considered an infection) but really, it’s installed just like any other application. It doesn’t trick the computer, and does it no harm, it tricks the user into giving them their credit card.

Leave a comment