Thursday, May 19, 2011

FUD! FUD! FUD! FUD!
Anti-Apple Security FUD
for the last SEVEN and a half years!
Hee hee hee!

So what does computer security FUD actually signify? Insecurity on the part of those who perpetrate it.


If you haven't read it already, here is a wonderfully insulting article about the ongoing anti-Apple security FUD Fest. It is from John Gruber of DaringFireball.net:




Hey, I learned something new! It was NOT Symantec who kicked off the FUD Fest in March 2005! It was Eric Hellweg, October 2004, in an article entitled "Hackers Target Apple? Congratulations!"


Let's stroll down nostalgia lane and read some of what Mr. Hellweg perpetrated:
The Apple community has, since its inception, been largely immune to nefarious hackers bent on spreading harm. If you are a Windows user, as I am, you know the routine. You complain about the latest spyware or virus attack, and Apple devotees respond with good-natured teasing — they don’t have worry about such nonsense. Well, now they do.
Predictably, posts on various Apple-related message boards have been offering varying levels of concern, ranging from mild disappointment to utter gloom. I think this reaction is fundamentally misguided. MAC users should not be upset about this malware news; they should rejoice.
What is really going on here? It's called Defective Rationalization, Deceptive 'Truth', or more popularly, the act of being an Apologist. From WordNet:
apologist
     n : a person who argues to defend or justify some policy or institution; "an apologist for capital punishment" [syn: vindicator, justifier]
What is being 'justified' or 'vindicated' by all the anti-Apple security FUD, hate, cynicism and doom mongering? 


Windows


Here is what I consider to be the definitive publication on the subject:


The World's safest Operating System
London, UK - 19 February 2004, 17:30 GMT - A study by the mi2g Intelligence Unit reveals that the world's safest and most secure online server Operating System (OS) is proving to be the Open Source family of BSD (Berkley Software Distribution) and the Mac OS X based on Darwin. The study also reveals that Linux has become the most breached online server OS in the government and non-government spheres for the first time, while the number of successful hacker attacks against Microsoft Windows based servers have fallen consistently for the last ten months.
That was in 2004. Since that time, to be fair, Microsoft got more serious about security with Windows Vista. They refined their security features in Windows 7ista. These two operating systems have been significantly more secure thanks to features like ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention). These are security features that Apple has yet to perfect in Mac OS X. And yet, even Windows 7 has enough security holes to keep the the Windows operating system on the bottom of the OS security list.




(One example: The Canonical Display Driver security bug in 64-bit Windows 7, May 2010).


Let's perform a brief Compare and Contrast exercise:


New Mac OS X malware this past week, as reported by Sophos:


• OSX/FakeAV-DPU: 4 variations of a scamware anti-malware Trojan horse (MAC Defender, MacSecurity, MacProtector...).


New Windows malware on May 10th, as reported by Sophos:


• Troj/Hiloti-BZ
• Troj/FakeAV-DPV
• Troj/Avent-RNY
• Troj/DwnLdr-JAZ
• Troj/SpyEye-AJ
• Troj/Agent-RNZ
• Troj/FakeAV-DPT
• Troj/JavaDI-CF
• TrojDwnLDR-JAY


New Windows malware May 11th, as reported by Sophos:


• Troj/Mdrop-DKE
• Troj/Sasfis-O
• Troj/Zbot-AOY
• Troj/Zbot-AOW
• W32/Womble-E
• Troj/VB-FGD
• Troj/FakeAV-DFF
• Troj/SWFLdr-W
• W32/RorpiaMem-A
• Troj/Agent-RNT
• Troj/DwnLdr-JAE
• Troj/FakeAV-DPS


Get the idea? That's about 70 new malware per week for Windows compared to 1 new malware per week for Mac OS X, and that's a heavy week for Mac malware. That's a rough ratio of 70 : 1. Keep in mind that the current ratio of Windows market share to Mac market share is about 87% : 10% or about 8.7 : 1. Note how the malware ratio is not tracking the market share ratio.
What if we compare the total number of currently active Windows malware to the current number of active Mac OS X malware? 


Finding any published number appears to be impossible. I have what I consider a definitive number of currently active Mac OS X malware because I collect data on all of them as they appear in the wild. That number is 30, as of today anyway. That generously includes four variations of the scamware anti-malware app originally called MAC Defender.


To come up with a number for Windows malware, I had to do a bit of work. First I went to Symantec's Threat Explorer and collected the numbers they provided from A-Z. I then subtracted the number of Mac OS X malware in their list. That total of Windows malware detected by Symantec, as of today, is 39,335. Why this number is so small compared to other estimates is up to Symantec. I don't mind!


39,335 : 30 = 1311.17 : 1


That's about 1311 x more malware for Windows than for Mac OS X.


Using our market share ratio of 8.7 : 1, let's create a proportion equasion of malware on a per user basis. This means, if the number of users of both operating systems was equal, how many more malware are there for Windows than for Mac OS X?


1311 / 1 = (8.7 / 1) * X


X = 150.69 per user


That means, on a per user basis, there are about 150 times more malware for Windows.


150x ! ! !

And this does not equate to poorer Windows security because why?


Oh and so much for the 'Security Through Obscurity' baloney. What's obscure is the number of Mac malware as well as the intelligence of STO proponents.


FACT: There is no such thing as a perfect operating system. Mac OS X has security holes discovered and patched on a regular basis.

FACT: Since I noticed the start of the anti-Apple security FUD Fest in 2005, Apple have exponentially increased their attention to security. I like that. Thank you FUDsters and hackers!!!

FACT: I've never encountered a Mac OS X malware infection. I run an up-to-date copy of Intego Virus Barrier X6 to verify this fact. I have also run VirusBarrier X6 against a collection of malware provided to me by friends. It works.

FACT: Nearly all Mac OS X malware requires social engineering / LUSER behavior in order to be installed on a Mac. There are no viruses or worms for Mac OS X. There are no malware that exploits any Mac OS X security hole.


FACT: The vast majority of hacks and cracks into Mac OS X have been either through 3rd party software, such as Flash, PDFs and JavaScript, or through Apple's Achilles Heel of insecurity: QuickTime.


If you're a Windows apologist and would like to dispute my numbers or information, please post a comment. (Troll posts will be tossed).




Meanwhile, here is a reiteration of my often stated complaint against Apple's worst security flaw:
HEY APPLE! 

Why didn't you finish the 64-bit rewrite of QuickTime X LAST YEAR?!?!?!

Where the  H E L L  is it?!

Seriously! What is your problem Apple?! You're going to stick us with 32-bit QuickTime 7 again in Mac OS X 10.7 Lion? In a fully 64-bit operating system? Disgraceful.



3 comments:

  1. Derek,

    I'm not aware of 30 trojans or a 4th MacDefender variant. I'd love to find out privately what you have discovered, to improve the accuracy of my Mac Virus Guide (see link below). Can you contact me privately via the contact link at the bottom of each page on my web site? Thanks!

    http://www.reedcorner.net/guides/macvirus/

    ReplyDelete
  2. Oh look it's that troll guy from MacDailyNews..xen0blade...OK fine. I'm still not publishing my real name (sorry), but I liked this article. And I officially retract any FUD I may have spread.

    ReplyDelete
  3. And I officially remove my 'troll' tag from your soul. ;-)

    As I frequently rant:
    We never know everything about anything.

    Learning means curing ignorance, means saying we're sorry when we discover and verify new information. I have several recipes for crow, none of which have I enjoyed eating.

    ReplyDelete