Active X ????
Don't worry if Macs was the Top OS advertisers would find a way in.

Hey X-Caliber! With a marketshare of about 10% nobody cares to spend the macs some nice spyware. That's just the same with linux.

However a firewall should help (do you know a good one? I know just firewalls that check incoming traffic. Outgoing traffic is controlled only by some expensive apps).

Have fun with the great OS X!

Cheers, Hannes

PS: user tracking is of course still possible (via cookies), use the browsers build-in functinon to get rid of them (of all).

No, not really. OS X is a BSD derivative. BSD and Linux have a number of security features that Windows lacks, and Windows has a number of virus-helping design decisions that *nix lacks.

It's called security through obscurity.

Mac has about 3% or lower marketshare and about 5% installed base.

Most of spyware and virii are exploits with some goal, such as hijacks for DDOS attacks, spam mailing, stealing of software keys and credit card numbers. So it's obviously better to target the OS with highest installed base.

Despite people saying Windows is less secure:
- Windows may be insecure by default, but once you start tightening security, you loose convenience. Average users expect everything to work, expect zero configuration and management and expect OS's to be secure.

If you lock down a Windows box (strong passwords, users without administrator privileges, enable firewall, keep patches up to date, disable guest account...), you're pretty secure.

- Most of spyware and virii rely on social engineering and are deliberately installed by gullible users. For instance people receive email with attachment XXX.nudepics.britney.spears.jpg.exe, click to extract and click. Or they install gator enabled software or install suspicious IE plugins - they just click yes. Or some virii try to access computers on networks by using administrator and 123 and similar simple generic passwords.

Such things could occur on Mac or 'nix as well. A stupid user might receive mail with attachment, asking him to provide root password to execute (even without root password, it might compromise user files).

There is little defence against stupidity of people, except from preventing them full rights/access to their computers.



For instance I'm behind router, have firewall, have antivirus, have security locked down:
- No network access from nonathenticated users, password complexity enforced, CTRL+ALT+DEL logon enforced, I have firewall blocking MS file and print sharing over internet, I have only passworded user accounts and guest account disabled.

- Untill I had antivirus, I didn't click on executable attachments in Outlook, but instead deleted suspicious mail uppon arrival.

- When I still used IE, I strenghtened Internet security, when accessing potentially dangerous sites.

- Now I use Mozilla Firefox and Mozilla Thunderbird.

- I don't install random "useful" shit that get's advertised in banners, I only install applications/freeware/shareware that are prooven and recommended by tech savy users.

I haven't had virus since about 1993 (DOS trojan) and most of the spyware is only tracking cookies which get deleted when I close my browser.

Another example:

A guy asked me to upgrade his computer (CD-Burner and RAM) and reinstall everything.

I installed Windows 2000, fully patched them, installed and enabled firewall. I passworded his account and disabled other accounts.

When I saw in IE history that he surfs pr0n sites, I installed Mozilla and told him to either enable high security in IE or use Mozilla when surfing such sites.

After 6 months, he deliberately disabled firewall, he deliberately surfed pr0n and similar sites with IE on default security level, he deliberately clicked yes for installing shit that popped up, he proabably deliberately opened executable attachments and the result was about 50 spyware (registry keys and resident, not counting tracking cookies) and about 10 virii. He also proabably deliberately downloaded and executed malware.

Was it his fault or Windows fault?

Now I set Mozilla as default web browser and email client.

At least *nix is smart enough to have rwx flags. And having a non-root user is feasible, and he can't f*ck up other users' data.

To further reinforce your point, Mozilla-based browsers have achieved a large enough market presence that spyware is using XPI extensions to install itself via those browsers. (They've tried to address it by adding creating a white list in 1.7)

Firefox 0.9RC is already out, and has this XPI certification included.

Success with your OS-X, make sure to update it to 10.3.4 .

Wombat is right there are fundamental differences between OS-X and Windows which result in contributing to the problem of spyware on Windows and to the lack of the problem of spyware on the Mac.

I download and install a hell of a lot of freeware/shareware on OS-X. And I have never come across spyware/adware on OS-X, but I can't say that this means that spyware/adware is non-existant on OS-X. And if you come across one it would be really simple to remove it.

If your a bit technical try out Fink it lets you run a lot off *nix software on OS-X.

some of the wisest words about security in general were told to me by one of my programming teachers.

"A lock only keeps honest people honest".

as long as you have any piece of software as complex as any modern operating system (even embedded OS's) there will always be security holes to exploit. as long as you enable services for other people, there will be holes to exploit.

the question is not if it can be done, the question is how much effort does it take to do it. and if that effort is worth it.

for adware companies, it is. look at the fact they have started figuring out new methods of delivering popups that popup blockers cannot currently stop.

Claria corporation, formerly GATOR, released this information not too long ago...

that is a lot of money for a piece of software no one wants on their system. if the market developed to the point that it would be worth the time and effort to establish similar tools on OS X, it would happen.

as far as it being easy to remove... it depends on who uses the computer, and who is infected... it used to be (until the last few months) really easy to remove spyware, even the vicious stuff... but the average person still had problems with it. the average Mac user would have the same issues too.

*NIX has had its fair share of worms/trojans/etc.

Not many. And when's the last time *NIX bugs brought the internet to a screeching halt with bogus traffic.

One of the best ways to get *nix stuff for OS X is going through Fink at http://fink.sourceforge.net
It's built around apt-get from Debian.

Ehm, that's the reason I use Mac OS X. It's a unix with a functional GUI.

But this doesn't change anything regarding the <10% market share.

Furthermore the real Unix guys aren't to be hit that easiliy as the Win-guys (again besides that there are more than 10 times more of them).

Cheers, Hannes

PS: I meant the usual *nix guy is an update freak or has an admin who is an update freak.

"that's the reason I use Mac OS X. It's a unix with a functional GUI"

That's the whole point! This is why I think Apple truly is an innovative company (that and the new wireless Itunes idea!). It's just too bad somebody can't port over the whole OS X onto an Intel platform! Being able to run my Unix stuff with the some style, and on the same screen as Photoshop (with all its glory), is why Apple is so cool!