I've been trying to find the reference to a Firewall product on Windows that despite only having something like 60,000 users, had a worm or virus written specifically for it - a prime example of how the Theory of Obscurity (that there aren't enough Macs out there to be worth a Hacker's time) is flawed.
Does anyone know the name of the afflicted firewall product or have a link to an article? I'm wanting to add the reference to an article I'm updating (see below) Any more statistics on malware for Linux or other comments would also be appreciated. Thanks! -Mart -------------------------- Malware and Security - Platform Comparison Many commentators recommend diversity of platforms (to avoid mono-culture vulnerability) and greater usage of the "safest and most secure 24/7 operating systems" available - BSD unix and Mac OS X: http://www.mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//www.mi2g.com/cgi/m i2g/press/190204_2.php Mac OS X for example is affected by zero instances of spyware, adware, viruses, worms etc (see stats below) Quite a number of high profile security firms are moving to Mac OS X to avoid the security problems of Windows: Interpact Inc: http://securityawareness.blogspot.com/2005/05/mad-as-hell-i-switching-to-mac _25.html Symantec Security Focus: http://www.theregister.co.uk/2005/04/21/apples_big_virus/ Malware Statistics: Microsoft Windows: Viruses and Worms = 140,000 (Symantec Security Focus) Spyware and Adware programs = 78,000 (www.pestpatrol.com) Burrowers = 40 (www.pestpatrol.com) 80% of PCs infected with spyware (webroot.com) Last year (2004) alone: - 500 new Trojans (www.pestpatrol.com) - 500 new keyloggers (www.pestpatrol.com) - 1,287 new adware apps (www.pestpatrol.com) - 17,500 new viruses and worms (symantec.com) Mac OS X: Viruses and Worms = 0 Spyware programs = 0 Adware = 0 Keyloggers = 0 Burrowers = 0 Trojans = 3 (symantec.com) Last year (2004): - 1 Rootkit (symantec.com) Kelly Martin, the content editor for Symantec's publication SecurityFocus says: "There are no viruses on OS X -- not a single one... Just as Windows users have become accustomed to 140,000 viruses, Apple users have become accustomed to none." http://www.theregister.co.uk/2005/04/21/apples_big_virus/ The theory of "Security through Obscurity" (that there are not enough Macs to be a target for hackers) fails to explain the fact that the number 1 web server, Apache, with almost 70% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which has captured only 21% of the market (Netcraft.com). This theory also does not explain why the many flavours of Linux collectively suffer from many instances of malware themselves despite having as small a marketshare as OS X. Note that Trojans can't spread by themselves - they are bits of code that pretend to be something innocuous and need to be downloaded and opened by an authorised user. In the case of the three targeting Mac OS X, two are harmless while the third deletes a user's home directory if run by that user. Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker then also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself. 37 vulnerabilities discovered last year in Mac OS X (mostly in open source components) were promptly patched by Apple and no attacks using any of these now closed vulnerabilities have been recorded. Security firm Mi2g states: "Mac OS X and BSD Unix are the "world's safest and most secure 24/7 online computing environments." http://www.mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//www.mi2g.com/cgi/m i2g/press/190204_2.php The old classic Mac OS suffered a number of viruses (mostly MS Word macros), but Mac OS X is still untouched. However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 15 million+ OS X users out there - however, due to the BSD unix security infrastructure built into Mac OS X, it is virtually impossible to see how the security situation on Mac OS X could ever approach the Windows nightmare: http://www.cio-today.com/story.xhtml?story_id=12100002EAEW -Mart
