1x1


ONLINE FEATURES Book Reviews BW Video Columnists Interactive Gallery Newsletters Past Covers Philanthropy Podcasts Special Reports BLOGS Auto Beat Bangalore Tigers Blogspotting Brand New Day Byte of the Apple Economics Unbound Eye on Asia Fine On Media Green Biz Hot Property Investing Insights Management IQ NEXT: Innovation NussbaumOnDesign Tech Beat Working Parents TECHNOLOGY J.D. Power Ratings Product Reviews Tech Stats Wildstrom: Tech Maven AUTOS Home Page Auto Reviews Classic Cars Car Care & Safety Hybrids INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads

FEBRUARY 5, 2004

  STORY TOOLS
Printer-Friendly Version
E-Mail This Story

Related Items
Byte of the Apple Archive

POLL INSTANT SURVEY >>
With which of the following statements on outsourcing do you most agree?

The benefits of outsourcing to corporate America far outweigh the costs
There's an even split between the drawbacks and rewards
Any benefits are overshadowed by the loss of U.S. jobs
Unsure

VIEW POLL RESULTS >>
  PEOPLE SEARCH

Search for business contacts:

First Name :
Last Name :
Company Name :

PREMIUM SEARCH
Search by job title, geography and build a list of executive contacts

Search by Zoominfo
  Tech White Papers
Most Recent
Most Popular
BYTE OF THE APPLE
By Alex Salkever

Can Apple Keep the Worms Out?
Mac owners have long boasted of their immunity to viruses. But with Unix-based OS X, it's a whole new ball game


In the wake of the MyDoom/NovaRG fiasco, every Mac columnist has an easy out. After yet another virus attack has hammered the Windows world, the automatic response has been to pen the standard Mac gloat. It goes something like this: I didn't get this virus because I have a Mac. In fact, I never get viruses. Never have, never will. That's because Mac software is simply better than Windows software. So there.


Such a column generally elicits the standard Windows community reply: The reason you don't get viruses is because so few people have Macs. In fact, hackers think Macs are so marginal they don't even bother with figuring out ways to break into them or infect them with viruses. If 95% of the world used Macs, you can bet they would catch viruses all the time.

There's some truth in both arguments, but only some. The comparative dearth of juicy targets in Mac-land without a doubt contributes to the lack of attention from the digital underworld. Yes, 20 million or so Apple (AAPL ) users are out there, but they represent a mere blip compared to the huge mass of Windows users. If malicious hackers want to surreptitiously install password-sniffing software to harvest bank-account info, they want the largest possible target. Few self-respecting hackers would waste their time plumbing the files of a bunch of advertising agencies or grade-school computer networks, two areas where Macs maintain a strong presence.

FUNKY TALK.  At the same time, OS 9 Mac software was to some degree less impervious to virus infection. Traditionally, Macs have been far more compartmentalized than their Windows counterparts. It has always been harder to use a hole in a browser to access other parts of the Mac operating system.

Also, Macs used their own funky languages, such as data-communications protocol Apple Talk. That meant miscreants seeking to write viruses for Macs would have had to learn new coding skills which, invariably, were a bit more complicated than the paint-by-numbers Visual Basic, the favorite coding tool of virus writers.

Still, it's an exaggeration to say that the old Mac software was dramatically more secure than Windows on all fronts. Some of the same types of "social-engineering" attacks that enticed users to download software from infected e-mail could easily have affected Mac users on OS 9. And back in the dark ages, when Macs still represented a larger percentage of personal computers, Trojan Horse attacks were aimed at Apple products in a handful of instances.

FAMILY TREE.  The game changed for Apple when it upgraded from OS 9's fairly unique operating system to the Unix-based OS X. That meant any attack aimed at Unix machines could affect Macs. And plenty of virus and worm attacks have been aimed at Unix.

In short, now that Apple has Unix under the hood, Steve Jobs can't rely on security through obscurity. The argument that Apple is safer because of its marginal place in computing's cosmos no longer applies. With its embrace of Unix, Apple has joined a big family -- and it keeps growing, thanks to Linux and other open-source versions of Unix.

Within this family, though, Apple has a unique position. It's the only decent-size maker of Unix operating systems designed for people who don't even know what Unix means. Sure, plenty of Mac users are tech-savvy. But lots of folks use Macs precisely because they don't want to have to learn anything more about technology than how to navigate graphical user interfaces.

Apple needs to protect these people from things that go bump on the Net, without requiring any of the tech knowhow usually required for messy Unix computer security. This isn't as easy as it may sound. Microsoft (MSFT ) attempted a similar feat by merging its Windows consumer code with its Windows server code, also known as Windows NT -- and did a fairly poor job of it, judging by the latest virus problems.

WARNING SIGN.  While it's still very early in the game -- OS X is only three years old -- I submit that Apple has actually done a good job of protecting its unsuspecting user base.

The Mydoom virus underscores one key difference between the two systems. OS X comes with a default setting that makes it harder to click, or at least highlights the dangers of doing so, on potentially hazardous e-mail attachments. Installation of any software that can make big alterations to the guts of a system requires a login name and password from the computer's administrative account. So with this default, no Mac user needs to worry about inadvertently clicking on e-mail attachments carrying virus software and totally trashing their system.

A Mac user on a nonadministrative account could click on less invasive software programs in the e-mail and open them, but Apple greets this action with a giant warning sign and a message stating in no uncertain terms that bad things happen when people run suspect applications. And Apple programs come with the suffix .app. This on-screen warning is a very simple feature that goes an incredibly long way toward securing the Mac.

In comparison, on a Windows machine it's much easier to disguise a malicious piece of software behind a different suffix -- say, .scr (for screensaver) or .zip (for a compressed file). Most Windows users who clicked on attachments to Mydoom e-mail didn't understand they were actually installing software on their machine.

NEW KID ON THE BLOCK.  Apple has done other smart things to secure its user base. Automatic software updates make it painless to download the latest system fixes. Microsoft offers something similar, but it's not quite as easy -- and it's not the default setting.

Apple also requires users to set up passwords on their administrator accounts. Every OS X computer has one, so even newbies use them, even if they don't realize that's what they're doing. These accounts have higher privileges with regard to altering software or manipulating the inner workings of the Mac. In Windows XP, no password is required for the administrator's account. You need to set that up yourself -- a simple task but one that many less tech-savvy Windows owners probably don't understand.

Not everything in OS X is secure. The relatively short length of the passwords for accessing individual accounts in OS X versions before Panther wasn't a good thing, although Panther can now handle very long passwords. And security experts have found a steady stream of bugs in OS X that require fixes.

But for lowest-common-denominator attacks coming through e-mail attachments such as Mydoom, Apple offers far better protection than Microsoft. That's particularly encouraging now that the Mac is playing in the far rougher and more populous Unix neighborhood, where security shortcomings could lead to disaster.

Note: This story was updated later on Feb. 5.


Salkever is Technology editor for BusinessWeek Online. Follow his Byte of the Apple column, only on BW Online
 Edited by B. Kite
 BW MALL   SPONSORED LINKS
Buy a link now!


Get BusinessWeek directly on your desktop with our RSS feeds.XML

Add BusinessWeek news to your Web site with our headline feed.

Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video.

To subscribe online to BusinessWeek magazine, please click here.

Learn more, go to the BusinessWeekOnline home page
Back to Top


TODAY'S MOST POPULAR STORIES

  1. News Corp.'s Talks with Microsoft: A Flawed Deal?
  2. Stocks Fall after GDP Revision
  3. America's Best Place to Raise Your Kids
  4. Apple's Schiller Defends iPhone App Approval Process
  5. Social Media Will Change Your Business

Get Free RSS Feed >>
  MARKET INFO
DJIA 10433.71 -17.24
S&P 500 1105.65 -0.59
Nasdaq 2169.18 -6.83

Portfolio Service Update

Stock Lookup

Enter name or ticker



Copyright 2004, by The McGraw-Hill Companies Inc. All rights reserved.
Terms of Use | Privacy Notice

Media Kit | Special Sections | MarketPlace | Knowledge Centers
McGraw-Hill Cos.