Who Says Macs Don’t Get Viruses?
Lots of people say “ Don’t worry about viruses, just get a Mac.” Is this advice on the level? Let’s take a look at the history of Macintosh security, and learn what we can from the Mac.
Today we’ll be talking about a lot of the myths and realities of security and viruses on the Mac platform. We’ll also be discussing why people so commonly think “Macs don’t get viruses” as well as why Macs may (or may not be) safer computers than Windows machines. And as usual, if you have any computing horror stories relating to Macs, viruses, and malware, feel free to share them with us in the comments.
Marketing the “Virus-Free” Computer
Macs have long been touted as the “virus-free” platform. There are a number of truths to this, as well as a number of myths. Many times, it can be hard to draw the line between what is the truth and what is simply advertising doublespeak. Take a look at the video above. These lines are particularly loaded:
PC: I think I got that virus that’s going around. You’d better stay back, this one’s a real hum-dinger.
Mac: Okay, I’ll be fine.
PC: Don’t be a hero! Last year there were a known 140,000 known viruses for PCs.
Mac: PCs, not Macs.
This is interesting wording, because it is technically true. Viruses are like any program—they have to be written with platform specific languages, with instructions written for that machine, operating system, type of processor, etc.
What does that mean in non-nerd speak? That Macs can’t run Windows programs without running Windows. And then, it just is a Windows machine. Since viruses are programs too, Windows viruses can’t be run on OS X. So, those “140,000 known viruses” really are inert on Mac OS. What this doesn’t mean (and this is where the clever wording comes into play) is that Macs are somehow immune to viruses. Let’s take a look at the realities of viruses on the Mac platform.
Target Market of Viruses
Apple has been criticized by many for opting for “security through minority.” This basically means that Macs are more secure than Windows machines because they have less exposure—that there are simply less Macs around to develop viruses for. When you look at the market share (bar graph above) that Windows computers have and see how they stack up against the number of OS X computers, this begins to become clear.
Like any business investment, malware and viruses take time and manpower to develop. Remember in the last edition of “Online Safety” when we compared Hackers to organized criminals, or the Mafia? Because they are organized, you can think of them as a business as well. They want the best possible return on the investment of this time and manpower, so it makes the most sense to cast the widest net and go for Windows machines, simply because many many more computers in the world are going to be running Windows. Statistically speaking, the more machines running a platform, the more users are likely to exist that don’t upgrade their security patches, or will allow malware to be installed on their machines.
While Apple computers have become more and more common in the past ten or so years, the landscape of computer users hasn’t been upset dramatically from where it used to be. It still makes the most sense to develop viruses for the largest platform for the biggest return on investment. Therefore, Macs are “safe” because it’s not a viable investment of time and labor to attack Mac users. Yet.
Pwn2Own, and the Two Minute Mac Hack
Meet Charlie Miller. Charlie became a famous name in security cracking by winning prizes and cracking a MacBook Air in a hack that took him a paltry two minutes to perform. While this might seem terrifying at first glance, let’s take a look at what a “two minute hack” actually means.
Pwn2Own is a conference where security crackers compete by finding flaws in operating systems, browsers, etc. If one of these security experts aren’t prepared to crack a browser or the security of an OS, they simply don’t waste their time trying to do it publicly. It takes many long hours of preparation, study and research to get the hack “in their pocket” so to speak. While Charlie did manage to compromise the security in an incredibly short amount of time (no easy feat) he was only able to do it with lots of hard work and preparation.
It’s worth noting that Charlie is a Mac user himself (check out the Macbook he’s using above) and (for now) supports Mac as a secure platform for end users. In his own words, Charlie says:
“For now, I’d still recommend Macs for typical users as the odds of something targeting them are so low that they might go years without seeing any malware, even though if an attacker cared to target them it would be easier for them.” (source)
Security through minority seems to be working for Mac, even for security experts like Charlie. This may not always be the case, but for now, it can’t hurt. Also, it’s worth mentioning that Apple did create patches to protect from Charlie’s exploits shortly after Pwn2Own—any respectable software company would pretty much have to!
A Surprisingly Short List of Viruses For Mac
Here’s the good news, Mac users: statistically you are still safer than Windows machines. According to Tom’s Hardware:
“In 2008, there were 1.5 million different pieces of malware targeting Windows machines. There are less than 200 pieces of malware targeting the Mac.”
Viruses on Macintosh computers are a reality. They just aren’t as common in a profit-driven world of malware. In fact, you’ll likely have a hard time finding a fairly complete lists of viruses for OS X, and anti-virus software for the platform is also fairly uncommon. This doesn’t mean that threats aren’t real and that Macs are mysteriously “immune” to threats. The biggest threat to compromising the security of a machine is often the user, so arm yourself with information!
So, Are Macs Really Safe from Viruses?
Macs are a fairly safe platform, but that doesn’t mean that they are always going to be. Nor does it mean that they aren’t without their faults. As time progresses on, it seems inevitable that any platform that is as popular as Mac will enjoy years and years of users carelessly using the internet with no repercussions. In fact, while viruses may be fairly uncommon, there are other kinds of malware that have been known to attack Macs, and it’s probable that instances of this sort of malware will increase over time.
Two things could happen to make attacks on Macintosh computers more common. The first: an increase of Market share of MacOS X computers. This article on Tom’s Hardware cites that a 16% market share of Mac OS could potentially make “profit driven” virus creation a reality on the platform. Looking at the numbers above (fairly recent compared to the writing of this article) we see that Apple still has a long way to go to reach that goal.
Here’s what seems inevitable: more and more people will begin to use personal computers of any variety, be they Windows, Mac OS X, or Linux. While the Windows market is likely to grow faster in a world where more and more people are starting to use the internet, in a world where even more people are using computers, even more people should be using Macs. Will be begin to see niche profit-driven viruses? It seems very plausible—security through minority will probably not work forever.
Image Credits: Sad iMac by Alan Edwardes, available under Creative Commons. Sad Mac by Liam Cooke, available under Creative Commons. Apple Macbook Single User Boot by Clive Darr, available under Creative Commons. Jack and Mac by Yersina Pestis, available under Creative Commons.