But everything can be exploited! That's not the point. I'm just saying that with very few users compared to the standard iPod OS, the market share myth falls apart when you see that people actually took the time to prove that Linux on iPod could be exploited.

The market share myth says that the Mac isn't targeted because there are so few relative to Windows, but if we accept 98% market share for Windows and 2% for Mac, there is one Mac for every 49 Windows boxes. And for Linux on iPod vs iPod? What's the ratio? I'm guessing it's 1 Linux iPod to nearly a half million iPods.

It's impossible for the market share myth to hold for Macs and not for iPods. If Linux on iPod has been targeted, then the Mac OS (not to mention the standard iPod OS) must have been much more heavily targeted, or the market share myth has no basis in reality. But if the Mac OS has been targeted, where are the legions of viruses? There would have to be many, but there aren't. I'm saying that is a result of a high degree of difficulty. Not in writing malware. Anyone can do that. The problem is getting your code to 1) run with the right permissions and 2) propagate. That's two things that give more protection to the Mac than market share ever could.

OK, here is where I disagree with you and why. I will leave the conversation as is after I say my last piece. With Linux, you have nerdy, geeky people who are always recompiling source code, or viewing source or whatever. So, there is a higher rate of someone to say, "Hey, look what I found!" They get a kick out of it.

Now, with adware, spyware and malware, there is money involved. People actually have incentive to write that crap because it can make them money. The largest market share is windows, so they target windows to make the most money. Now, luckily for them Windows has a not so good security model built into the OS. Logically, if there is incentive to make money they will target the largest market. I still think Microsoft has over 80% market share, and a lot of those users never update their OS. There are tons of 'zombie' systems out there.

Even if that accounted for 90% of malware, there should still be hundreds of different exploits in the wild for Macs. There are just far too few attempts, let alone successes, for market share to be the reason.

/!\ Wet Blanket Alert /!\

I don't want to be "That Guy" here, I really don't, but the thread is kinda veering into the academic and buys into the standard arguments that don't frame platform security properly. Example:

The veracity of this statement, for example, unfortunately can't be used to make future projections about the security of a platform, because one platform's history of insecurity has nothing to do with another's. In the end, it isn't of paramount importance how often a platform has been attacked or successfully exploited, only that people are actively searching out vulnerabilities. More are found every day, and this trend will only accelerate as several factors increase:

1. Expanse of user base

2. Complexity of software implementation (As Schneier says, complexity is the enemy of security.)

3. Interconnectivity and integration of software

4. Ignorance of user base (social engineering attacks, ignorance of security and personal data protection practices, etc -- this typically comes with mass adoption of easy-to-use software, but is not relegated to that)

5. Arrogance of user base (leads to lax security policies and practices)

6. Sophistication of attacks

Big Scary Things to Think About:

1. Every platform has had exploitable vulnerabilities, currently has them (whether the public knows about them or not), and will have more in the future. (The QT vulnerability is a perfect example of this.)

2. Not all vulnerabilities require the user to download and open files and applications explicitly. (The QT vulnerability is a perfect example of this, too.)

3. Not all vulnerabilities require elevated privileges to do damage that matters to the user. (See also: QT again.)

There's simply no reason to think we're safe, even if our track record suggests we not worry. I recommend everyone be very careful about giving such an impression.

I'm not trying to give that impression, but I think that simply saying we're not 100% secure leads to problems almost as bad as saying that we are 100% secure; overuse of AV software with its questionable benefits, users panic when something doesn't work the way it should, and IT departments set burdensome restrictions on what users in an organization can do with their Macs, for example. There's a huge range between 0 and 100%, and having some idea of the real number is important.

If I thought there was a 99% chance I'd get in a fatal car accident then next time I drove, I wouldn't ever drive again. I do know that the chance is greater than 0% though, and I'm willing to accept the risk. Computers are no different. We can reasonably infer from past performance that the odds of a Mac getting infected are greater than 0% and significantly less than say, Windows.

still confused
 

THREEDEE YES those are the contextual ads that appear when you mouse over the text on the bloggers page!, they did appear briefly when I used safari but have disappeared!!are they placed by the blogger and other than being annoying are they considered to be anything to worry about?. I do feel that after using xp for years and NEVER getting any viruses or spyware during this time, only TWO weeks into using a mac for the first time I find it hard to believe that the one and only trojan horse able to attack the mac has been un willingly installed by ME! I have run macscan and it informs me that it has NOT detected any trojan horse on my system???? I am confused even more than before....I am being told one thing then another! please help a confused newbe! :confused:

I think you'd know if you had installed the trojan. It tells you it needs to download a codec when it asks for your password. You most likely are just seeing ads.

cwtnospam thanks for your comment, I think Im just paranoid from moving over from xp, everything seems so different!.

Yes, it seems to take switchers time to get used to not looking over their shoulder for the next problem. As has already been pointed out though, you don't want to get too complacent. The Mac is much more secure than XP, but it isn't perfect. Nothing ever is.

so you would suggest that I run macscan on my mac then...like I did with norton on my xp!?

No. :eek:
I suggest that you be careful what you open, especially if it asks for an admin password. I think that AV software can be useful in certain situations, but long term it is not very helpful, and it's a drain on resources.

It's better to require your OS vendor to close any holes that malware uses. That way you don't have malware attacking the same vulnerabilities years after they've been discovered. Apple's been good about closing holes before they're exploited in the wild, and I feel it's our job as Mac users to hold them to that standard.

Whether Mac users are ignorant (They're not! Mac users tend to be much higher educated than Windows users), or arrogant (I personally don't consider defending a platform that's been attacked for stupid reasons since '84, arrogance), is not the reason viruses might start appearing on a regular basis. It's the ignorance and arrogance of the producers of the OS.

Apple has always taken great care in plugging up security holes as soon as they can; Usually long before the security risk is commonly known. Of course Mac OS is targeted! If a virus writer were to succeed in writing a real virus for Mac OS, they would be instantly infamous! Don't even suggest that they're not trying. If Apple makes a single mistake and actually publishes something with a single and minor security flaw, news of it is published everywhere. I guess Windows flaws just aren't newsworthy…

The reason there are so many viruses for Windows and so few for Mac is entirely Microsoft's doing by releasing their OS with so many publicly known security holes. Instead of plugging those holes, what does Microsoft do? Blame their own popularity and convince the public that Microsoft, not the user, is the victim.

Windows is most often targeted for the same reason that an unlocked car with the key's in the ignition is more apt to be stolen.

This is why Windows users make fun of Mac users. How do you expect anyone to take your statements on security with any weight when you say things like this? How is this not absolutely arrogant and elitist?

This aside, you've misread, it seems, most of my post, especially the use of the word "ignorance", which has not been used as a pejorative descriptor.

To paraphrase Dizzy Dean, it's not bragging if it's true. The fact is that somewhere around 90% of computer users use PCs, and most of them, probably more than 90%, use PCs because they aren't even aware (or may be vaguely aware) that there are alternatives. Mac users typically have experience with PCs. Often, far more than they would like! To make the switch to the Mac requires that you first recognize that Windows is not your only choice and that there is likely to be a better way. That means you have to mentally break through decades of intense marketing by Microsoft and other people and organizations that make money off of Windows. The poorly educated aren't likely* to make the cut, especially with the FUD spread by the PC side: won't be compatible, no software, just as vulnerable, etc. PC buyers on the other hand, have no such barrier.

If you take a significant chunk of the best educated from any large group, the new group will be better educated on average than the what's left in the original group. That's not arrogance. That's just fact.


*I'm sure you can find exceptions to the rule, but remember we're talking about large numbers here.

I am sorry I have to come out and say this. Being an IT worker and system administrator, I can honestly say as a whole most users are not as smart as they think. I do not want to start a fight or make any generalizations, but after you've reset your 5 millionth password because your user base can't remember them, you tend to think this way. Or how many times I have to clearly explain the simplest thing to the same user.

Granted, there are some users who do know what they are talking about, but those are few and far between. I do have some users that I can just say, go ahead and do this and they do it right the first time. Those users I typically let them do their thing and they never need my support. They are small in number and are definitely not the average user.

In my experience Mac users definitely think they know more but that is not always the case. I can't tell you how many problems I had when OS X was first out. Dual booting OS X and OS 9 systems. Users would boot into OS 9 and see the /etc and /var directories, and delete them. In their minds you could always delete whatever you wanted in Mac OS as long as it wasn't the system folder and you would be fine. I have users request root access to machines because they read about it online. I have mac users that just do messed up things to their systems because they think it will never crash because it is a Mac. Then when I get to their machine, they are like, "Man it never crashed on me before, and I didn't even think Macs crashed!" I come to find out they have screwed up their system one way or another.

I am not user bashing, they are essential to my job. With out them, I wouldn't have a job. I like helping users, and I like it when users don't know something and they come ask me. I gladly show them what to do. Its the users that think they know and just run with it. In my experience, that is mostly Mac users.

Yes, a little knowledge can be a dangerous thing. Saying Mac users on average are better educated than PC users is a bit like saying that a P41 Mustang is a faster plane than an F1 Hellcat. That may be true, but the P41 is no F15.
;)

Please everyone, try to keep on the topic, "Do I have spyware on my macbook?". This conversation is wandering far off-topic, and if it goes any farther portions of it will be moved to another forum, perhaps the Coat Room.

Trevor

So tell me, guys, what does the current direction of this thread have to do with security? It's veered past "academic" and into "lol windowz users are stupid, macs rule", which does absolutely nothing to discuss the idea of security itself.

I see the same thing all the time. In the end, a Mac user (or developer) is just a normal person. People are flawed. Security fails when flaws are found. QED

This isn't arrogance… I've seen multiple reports (one example) that have shown on a per capita basis, that Mac Users tend to have higher educations than PC users.

I find it fascinating that the first line of my message is reason to ignore the rest of it. My point was that it's not the user's fault that any viruses exist, but the writers of the OS. The reason there are not viruses for Mac OS X can be credited entirely to Apple, Inc. themselves and the reason there are so many viruses for Windows can be directly blamed on Microsoft. The user's of Windows are the victims, not Microsoft.

Oh no!....The Mustang....was....P51.