Thursday, February 16, 2006

They can comfort you, some even try

Depending on semantics, there may or may not finally be a Mac virus out in the wild. Update your antivirus definitions.

Leap-A is a... let's call it a "program" for now... which you can probably find by looking for "screenshots of OS 10.5 Leopard". If you find it, and if you download it, and if you open it, and if you type in your admin password to install it, well, you got it, whatever it is. The program will then open up your iChat (an Apple program which uses the AOL Instant Messenger network) and send itself to all your AIM buddies. (So another way to get it is by clicking a link you get when somebody you know IMs you. I can't find the text of that IM, but I bet it's along the lines of "Hey check it out")

Some of the Faithful, having drunk the Cupertino Kool-Aid, are sending up a hue and cry that this is not a "virus" because it's not truly self-replicating. A virus, they claim, is something which exploits security holes in your system without your knowledge. What this is, they say, is a "trojan horse"... a piece of bad code masquerading as something good.

And perhaps, in the Halls of Power in the computer security world, this is a meaningful distinction. Maybe it requires a different macro-level response. Speaking as essentially a beat cop looking for broken windows, that is a bullshit, moronic, useless and indeed dangerous fine point, once it reaches the end user.

Let me give you my technical assessment: Leap-A is a nuisance crime. It doesn't seem to damage data, destabilize your OS, or eat a particularly high amount of bandwidth. I'm not going to lose sleep over this particular piece of malware. But like a nuisance crime, it's the right place to draw the line.

(There's a side argument here about whether compromising a communications channel constitutes "self-replication". I would argue that it does, but that's not the point.)

What makes me lose sleep is so-called "experts" who use this as an opportunity to trumpet their "Macs don't get viruses" speech. To the average computer user, all malware is lumped into one big category, which they usually call "viruses." So when a Very Informed Expert says that there are "no Mac viruses", what the world hears is that "Macs are immune to viruses, spyware, bad code, and hacking."

I know it's not what you said, Mister Expert Man, but that doesn't matter. The message actually received was "buy a Mac and stop thinking about security."

Don't get me wrong: I love my Mac. I believe it's a more elegant operating system than Windows. I wish more people used them because it would, in fact, make my job easier. I assert that OS X is actually built on a more secure set of assumptions than Windows, and that protects Mac users from the dominant malware paradigms currently in use. The average user can trust a Mac more than a PC. You should get one.

And the point is the "average user." Apple has to aim at the mass market. It can't survive as a public company if it only caters to the pointy-headed hobbyist crowd (the people who care enough to argue about "viruses" vs. "trojan horses"). That means that we have to debunk this stereotype that Mac users are somehow more virtuous, more intelligent, and better looking than PC users. (Of course, some are, like Lemming. Just not the whole group.)

PC users will go through an amazing amount of hassle to download bad apps they shouldn't. I've seen it. It is irresponsible folly to pretend that somehow you "Think Different" just because you go to the Apple Store. If we continue down this road, we will eventually have a massive outbreak of Mac (or, I predict, cross-platform) hacking. And the beat cops like me are going to have to clean up that stupid political mess.

Joe's security recommendation: whatever platform you use, never click a link or download a file through IM until your correspondent can pass a Turing Test. And update your virus definitions.


Blogger tommyspoon said...

When I heard that the almighty Mac has been "brought down" to the "lowly level" of the PC, I couldn't help but chuckle.

The only thing that is keeping me from switching to a Mac is the reeking arrogance of that user community. Just something for the folks in Cupertino to think about.

I don't hold you among their company, Joe.

10:22 AM, February 17, 2006  
Blogger Joe said...

Oh, no debate from me that the Mac community has some arrogant elements - dangerously so, as I've said.

Far more interesting, though, is that the nature of this arrogance is shifting, as a more mass market adopts Apple products because Apple understands branding and design in a way most of their competitors don't. It's becoming an arrogance of appearance, and the technological arrogance is taking a back seat.

What's particularly interesting is that you can talk about a Mac community in a way you simply cannot talk about a Dell or Microsoft community.

Which I guarantee you is something they think about in Cupertino. Not always in the way we wish they would, but more than they do in Redmond, or Round Rock, TX.

3:38 PM, February 18, 2006  
Blogger lemming said...

I've been told that, within the next 10 years, Macs will all run Windows. Any thoughts?

Oh, and thanks for the compliment!

1:37 PM, February 20, 2006  
Blogger Joe said...

Lemming: I'll go one better: most Macs will be able to run Windows within 3 years.

But they won't.

Apple is nearly unique in that they are a commercial-level computer company which sells both hardware and software. That's where their advantage lies: you have to buy the hardware to run the software; if you want the spiffy hardware, you have to run their OS.

Splitting that up doesn't make any dang sense. We're still 10 years out from anyone substantially competing with Microsoft. The high-concept PC manufacturers like Alienware serve a tiny niche market, and Apple moving into that space won't increase it. There's no benefit to Apple to go down either of these roads. Apple OS will remain the standard environment on Apple hardware.

That said, the Intel chip does raise the possibility that Macs might dual-boot to Windows, or run Virtual PC better, which would make life better for folks like me.

And I'm particularly curious to see if people figure out how to run OS X on their Windows boxes...

8:32 AM, February 22, 2006  
Blogger tommyspoon said...

And I'm particularly curious to see if people figure out how to run OS X on their Windows boxes...

... and I'll migrate to OS X as soon as that trick is figured out!

10:08 AM, February 22, 2006  
Blogger Joe said...

And why is that, Tom?

6:30 PM, February 22, 2006  
Blogger tommyspoon said...

Because I don't like Windows anymore. I just don't want to buy another piece of hardware to get OS X. I like my Dell laptop just fine, thankyaverymuch.

Think there will ever come a day when the consumer can pick and choose their hardware, OS, and software?

6:44 AM, February 23, 2006  
Blogger Joe said...

Today, if you want to run Linux. ;-)

(Roughly speaking, no. Your choice of OS will always and forever limit your choice of software.)

9:36 AM, February 23, 2006  

Post a Comment

<< Home