McAfee Seeds Mac Virus Threat FUD

Use Netsparker


What a surprise, McAfee spreading FUD to sell more copies of their bloated AV software?

Apart from the fact I think the whole AV model is flawed i.e. it can only protect against things the AV companies 1) know about 2) have written a definition for and 3) have delivered the definition to you – That’s a LOT of ifs.

Now McAfee is spreading some FUD about Apple viruses so they can sell their new Mac antivirus software.

Among its key findings, which McAfee clearly hopes will scare you enough to consider buying its anti-virus software for the Mac:

  • From 2003 to 2005, the annual rate of vulnerability discovery on on Apple;s Mac OS platform has increased by 228% compared to Microsoft’s products which only saw a 73% increase.
  • As demonstrated by its March 2006 patch, which corrected 20 vulnerabilities, Apple’s Mac OS platform is just as vulnerable to targeted malware attacks as other operating systems
  • Security researchers and hackers will increasingly target the Mac OS and other Apple products, such as iTunes and iPods.

The direct link to the McAfee whitepaper is here (PDF WARNING).

Here’s the part that is supposed to the Mac users worried.

Apple appears to be in the earlier stages of malware evolution where exploits are written and spreads as proof-of-concept to demonstrate technical prowess and garner notoriety. While these elements remain in the Windows malware community, they are being overshadowed today by the more professional, profit-seeking malefactors. Apples customer base does not yet provide an attractive enough target to warrant interest from this for-profit contingent. However, as Apple’s continued market success places its products in the hands of more and more consumers that status will inevitably change

Nice eh? Are you scared yet? I’m not..

I have to say from experience though, Mac users tend to be more tech savvy, they know a bit about their machines and the Operating System running on it.

Plus OSX does actually have some concepts of real priveledge seperation built in, unlike Windows. It’s basically *nix with a great Window Manager.

I mean niche doesn’t mean safe, but still, any virus that infects a properly designed operating system can’t do anything, other than delete that users files, assuming the virus can work out where they are..files which should be backed up anyway.

Proper OS security architecture renders antivirus software pointless.

Source: Business Week

Posted in: Apple, Malware

, , , , , , , , , ,


Latest Posts:


Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.


One Response to McAfee Seeds Mac Virus Threat FUD

  1. kurt wismer May 8, 2006 at 2:21 pm #

    a) the points that the original article’s author thinks are there to scare people are factually true – vulnerabilities are being discovered at an increased rate over 2003, there is now targetted malware for osx, and popularity will lead to greater scrutiny both by the good guys and the bad guys (and itunes and ipods are potential vectors that people will try to exploit because of their ubiquity on the mac platform)…

    b) the point that you think is meant to scare people is just them saying ‘its not a big deal now, but it could become one if the mac becomes more popular’, which is also factually true…

    c) stop believing in the resistence of *nix platforms to viruses… the first academic study of viruses (back in the early 80’s) had them operating and successfully spreading under a professionally administered unix environment outside of the researcher’s direct control (ie. he wasn’t root)…