What, me worry?

Few hackers attack Mac, but just because it's a niche product, that doesn't make it invulnerable

As the latest Microsoft Windows infection spread across the Internet last week, knocking out thousands of PCs in homes and businesses, Macintosh users did what they usually do during a computer virus outbreak -- they continued working.

That's because the "Blaster" worm, also known as LovSan and MSBlast, cannot harm a Mac. The worm exploits a vulnerability present only in certain versions of Windows. So a computer running a non-Windows operating system, such as Linux or the Mac OS, is immune.

Nevertheless, this is not an occasion for gloating, as the attack caused widespread inconvenience -- ask anyone who visited any of Maryland's Motor Vehicle Administration offices last Tuesday -- and surely cost the nation's businesses millions of dollars in lost productivity.

Mac users rarely have concerned themselves with worms and viruses because very few "malware" -- malicious software -- programs have been written for the Mac.

In a report released last month, Sophos PLC, a British company that sells anti-virus software, noted that through the first six months of 2003, the most commonly reported virus that could affect Mac computers was one designed for the "classic" Mac OS -- not OS X. It placed 78th on the company's list.

Sophos compared that to the top 10 most-reported viruses, all targeted at Microsoft Corp.'s Windows, which accounted for more than half of all the attacks over the period.

Not that it was a fair competition. According to Security Focus, a computer security information Web site owned by Symantec Corp., the Cupertino, Calif.-based maker of the Norton brand of anti-virus products, the number of viruses written for the classic Mac OS is about 50.

By comparison, security experts estimate the number of Windows-specific viruses at about 70,000, though the exact count depends upon how you classify all the variations of a single virus or worm.

Graham Cluley, Sophos's senior technology consultant, attributed the lack of Mac viruses to a failure "to capture interest amongst the counter-culture that writes viruses."

"It's perfectly possible to write viruses for Apple Macs," Cluley said. "Indeed, a Mac has no more inherent security than a PC, but virus writers appear motivated by a desire to cause widespread havoc and so have concentrated on the market leader."

By "market leader," he means, of course, Microsoft Windows.

Sophos, nevertheless, advises Mac users to have anti-virus software and to keep it updated, if for no other reason that to prevent a Mac from spreading Windows viruses. Last month, the company released a version of its antivirus software for Mac OS X, which joins Norton AntiVirus and McAfee's Virex as OS X weapons to fight malware.

However, because a Mac can pass a virus to a Windows PC by forwarding an infected e-mail or document, Mac users always have been cautioned to run anti-virus software and to employ safe-computing practices, such as deleting e-mail messages from unknown sources without opening them.

And Windows malware can irritate Mac users despite its inability to infect their Macs; this week's outbreak of the SoBig worm, for instance, has choked my .mac e-mail box with dozens of useless messages.

Ensuring that Macs don't perpetuate the misery of Windows users by hosting Windows viruses is indeed desirable, but one question still begs an answer: Is Mac OS X just as vulnerable as Windows, spared by hackers only because of its relatively small footprint in the computer world?

It's a tough question to answer precisely because Mac OS X isn't being probed for weaknesses by thousands of mischief-minded hackers every day as is Windows. In other words, even if OS X has more security holes than Windows, with far fewer people looking for them, far fewer will be found and exploited.

Some clues to the relative vulnerability of Mac OS X can be gleaned from its heritage. OS X is based on FreeBSD, an established, well-known version of Unix.

"Unix architecture is a fairly known quantity," said Jeff Thompson, who worked with many commonly used operating systems -- Linux, Solaris, Windows NT -- as vice president and master technologist at the security software firm Argus Systems Group Inc.

Thompson now is chief technology officer of CodeTek Studios Inc. in Champaign, Ill., which is an OS X software developer.

Featured Stories

CTnow is using Facebook comments on stories. To comment on ctnow.com articles, sign into Facebook and enter your comment in the field below. Comments will appear in your Facebook News Feed unless you choose otherwise. To report spam or abuse, click the X next to the comment. For guidelines on commenting, click here.