The uber geeks

Macintoshes and their apparent viruses

Written by Colin Devroe on Monday, May 1st, 2006 at 11:45 am. Colin is the Technology Evangelist for Viddler.com and lives with his wife and two cats in Childs, Pennsylvania.

I can agree that the Macintosh platform, as it becomes more popular, will be targeted more for viruses than it has been since its 2001 release (speaking specifically of Mac OS X). This is a no-brainer.

However, the way that many in the media title their articles, may lead many to believe that the Macintosh is not only susceptible (which I am sure it is), but that it is plagued by viruses.

The most recent example is an article that I saw first on Newsvine, which later popped its head up on CNN, entitled: “Macs are virus targets, some experts warn“. First off all, saying “experts” really pisses me off, especially when they do not point to any specific experts saying it (except for the guy that the story is about). Here is a quote that really caught my eye:

He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years.

So, by my count (not using a calculator here) there were two people that clicked on a link and were infected by “what security experts call the first-ever virus for the Mac OS X”. Do these people read their articles before they publish them? Let’s examine this sentence a bit. How many times can the “first-ever” virus be released? Ten, twelve? Ludicrous how often people use this. Secondly, they clicked a link to become infected with a virus. This would not make it a virus, per se.

Here is what wikipedia has to say about what a virus is:

In computer security technology, a virus is a self-replicating/self-reproducing-automation program that spreads by inserting copies of itself into other executable code or documents. A computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. Extending the analogy, the insertion of a virus into the program is termed as an “infection”, and the infected file (or executable code that is not part of a file) is called a “host”. Viruses are one of the several types of malicious software or malware. In a common parlance, the term virus is often extended to refer to worms, trojan horses and other sorts of malware; however, this can confuse computer users, since viruses in the narrow sense of the word are less common than they used to be, compared to other forms of malware. This confusion can have serious consequences, because it may lead to a focus on preventing one genre of malware over another, potentially leaving computers vulnerable to future damage. However, a basic rule is that computer viruses cannot directly damage hardware, but only software.

Sorry for such a large quote, but I think the entire description is very warranted in this instance. A virus is self-replicated, it spreads itself, often involuntarily. Clicking on a link, will not give you a virus on a Macintosh. (at least not in our current state of affairs) Perhaps you can download a virus, and then later execute it. But I hardly call that involuntary. And, it probably won’t spread itself to everyone in your address book. A piece of malicious executable code is not a virus unless it automatically spreads itself, and can run itself on the client machine without the user knowing. There are a lot of grey areas in that sentence, but you get my point. If you download, and execute, a piece of malicious code that is not a virus. It might be a trojan, or just a “malicious executable”, but not a virus.

Maybe what this “expert” was talking about was that he and buddy clicked on a link that crashed Safari. We’ve seen this reported on many occasions and each build of Safari released fixes some of those issues. I don’t know. But I seriously doubt that this was a virus, and that the actual program or malicious code that they got could be classified as a virus at all.

I was speaking with John Gruber about this very subject, and I hope he writes about this in the very near future, but he made an interesting point. If there was a Macintosh virus, what would be bigger news. That there was 1 virus on the Macintosh, or that there are 10,000 new viruses released for Windows each week, most of which are never dealt with except by third-parties. Unfortunately the former is more important to some people than the latter. However, I believe we’ve yet to see “the first-ever Macintosh virus” that does any amount of real damage. I’m sure it will happen, in fact I full expect it to, but people are starting to try to find the virus before it even happens. Not sure of the motivation but it really gets my goat.

I am not alone in my thinking.

BOOOM: Gruber’s thoughts

Previous and next posts

« X-men 3 clip of some danger room action

Leopard to have built-in Bittorrent like P2P sharing system? »

Reader feedback

  1. Gravatar

    The funny thing is there are dozens of viruses for the Mac – like you alluded to, you just have to go back 15 or 20 years. Most of them were quite tame (”ha ha ha this is a virus, ha ha ha erasing hard disks….” and in actuality it does nothing), but there were a few and they could do some damage.

    But I completely agree with your assessment. The media will jump on anything new, regardless of how important or relevant it really is.

    Proud on May 1st, 2006 12:46 pm

  2. Gravatar

    Did someone summon me?

    Paul Stamatiou on May 1st, 2006 12:47 pm

  3. Gravatar

    :) I knew your addiction to Mint would bring you here very quickly.

    Colin D. Devroe on May 1st, 2006 12:53 pm

  4. Gravatar

    normally i would say don’t rely solely on wikipedia’s definition as wikipedia, though informative, is not authoritative… however in this case you’re actually misreading what wikipedia said - self-replication is not the same as self-spreading… self-spreading requires it to execute itself and that is not part of any reasonable definition of virus…

    also, the source article you read had misinformation - the first virus for osx is osx/leap.a which has nothing to do with the web or links - it’s an overwriting virus and instant messaging worm that sends itself (not just a link to itself) over iChat… i’m not sure what that article was referring to but the author is definitely confused…

    kurt wismer on May 1st, 2006 4:08 pm

  5. Gravatar

    So… Stammy is your goat?

    the media, haters, and blind sheep will always dog whatever they have no clue about.

    the only problem I have with my computer is a specific software application that plays music and burns cds and you can buy music from, well it keeps eatin my music. but that’s completely unrelated.

    =)

    Daniel Nicolas on May 1st, 2006 4:11 pm

  6. Gravatar

    Kurt: That is exactly the point I was trying to get across. I’m not sure if you are agreeing with me, or not, but if you aren’t please reread what I wrote - which is exactly what you said. ;)

    Colin D. Devroe on May 1st, 2006 5:11 pm

  7. Gravatar

    you wrote a number of things, some of which i agree with and some of which i don’t… you have definitely misunderstood what viruses are…

    you’re right about the source article itself being pretty much garbage, though…

    kurt wismer on May 1st, 2006 6:00 pm

Leave feedback

(required)

(required)

Note: Comments are heavily moderated. If the comment does not add to the above discussion, it will not be approved.

RSS feed for comments on this post. TrackBack URI

Related sites

Recent features

Song of the week

Sara Bareilles - Between the Lines
Sara Bareilles' "Between the Lines" is the Song of the Week for April 20 to 26.

The Deal Log