Sophos has published new research into the past six months of cyber crime. The Sophos Security Threat Management Report Update reveals that while there has been a vast drop in new viruses and worms, this has been over-compensated by increases in other types of malware, as cyber criminals turn their attention to stealing information and money. Most interestingly, new Trojans now outweigh viruses and worms by 4:1, compared to 2:1 in the first half of 2005. In addition, the continued dominance of Windows-based threats has prompted Sophos to suggest that many home users should consider switching to Apple Macs, to shield themselves from the malware onslaught.
It is interesting that Sophos recommends switching to Macs to avoid virus/malware. Of course it’s a good solution, but it requires buying a new computer.
Why not suggest switching to Linux/BSD instead? These OSs work on any Windows computer and can be downloaded and installed for free. Why would anyone recommend users to buy a new computer from a certain company instead?
Unless…
>“Why would anyone recommend users to buy a new computer from a certain company instead?”
Unless…”
UNLESS MAYBE THEY”RE ON APPLE’S PAYROLE!
or maybe its just they considered that Macs are more user friendly and have more productivity software available to consumers.
Edited 2006-07-05 17:53
I don’t wish to make argument, but do you expect a basic computer user to download an ISO (or 5), burn it to disc, then _install_ an OS, especially one with less hardware support than the OS they had before?
Also people think that when their virus ridden machine breaks down, they have to get a new one
But if a user could walk into a Linux-store and buy a machine with it pre-installed, then by all means. This is what linux needs more of.
If you can expect a normal user to download massive amounts of music and videos, using bittorrent, kazaa, bearshare and the like, and then burn them to CD/DVD, then sure, they can download and burn an OS install to DVD
Before people chime in with the suggestion… “why buy a whole new computer…”. The transition doesn’t have to be immediate. It can be gradual.
As older computers are phased out and new ones inevitably become needed, simply buy a Mac instead of the brand you typically bought.
Use OS X for the bulk of your computer needs and for software that isn’t available or there isn’t an equal (or better) equivilent… boot into Windows.
Eventually, those applications will be developed for Mac as the market grows and the demand increases.
Edited 2006-07-05 17:48
And in the meantime, keep getting the PCs that run Windows infected? What a piss-poor idea. Or buy products to remove the malware? Still a poor solution.
A few of my users have recently opted to buy Macs instead of Wintel boxes because of the security issue. I can understand why Sophos would recommend OSX machines, but it would have been nice if they had just put a line in there somewhere that linux distributions are also not vulnerable. Oh well. Goes to show that (true or not) most people, even in the industry, don’t think of *nix and *BSD as desktop OSes; the majority only thinks of Apple or Microsoft.
… in choosing a computer. It’s one of many potential factors. And, as long as people are utilizing reasonable security mechanisms (ie. firewall, enabling automatic security updates, etc) and following safe practices (ie. not opening email attachments or running unknown apps from the Web), security is actually pretty low on the list among those factors. Even OS X allows users to shoot themselves in the head if they’re not sufficiently educated about safe online practices. I would argue that people should stop seeing security as a “product” and treat it as a “practice” or “process”.
People are not utilizing these security measures and they shouldn’t have to think about it. Fortunately, on XP and OS X this stuff is on by default.
You can only do so much for security outside of a managed environment run by competent people. Maybe this is what we need more of: companies that sell remote management services. You join their service and they back up your files and install a new company image on your machine, giving you a User-level account. You connect to the network whenever you need administrative tasks performed or to perform regular (automated) backups of your data. You get your software from the company’s repository, which they vouch to be safe.
But the privacy concerns are immense. And too many people want to admin their own machine, even if they don’t know how.
The only long term solution that is going to work is to educate users, although it’s certainly the most difficult to achieve, as it usually happens.
Not that I don’t think Windows shouldn’t be better (and supposedly Vista is moving in that direction) or OS X is not more secure overall, but if enough users change, malware will also switch its focus to other platforms, and with uneducated users it will find a way to make damage anyway.
Yes. By definition, malware either works around existing security mechanisms in systems — or it dupes users into running unsafe processes. No system is infallible and/or can address both of these attack vectors. Education is vital, regardless of how good the underlying security system is.
OS X isn’t more secure overall than Windows?
Did I understand you correctly?
Did I understand you correctly?
No you did not understand him correctly. Try it the other way, he is saying that OS X is more secure overall than XP.
Ask a clarifying question, get modded to the basement… Here’s a +1 to help your aches and pains.
@jbauer
The only long term solution that is going to work is to educate users, although it’s certainly the most difficult to achieve, as it usually happens.
When did users get good at doing regular backups? I still have to twist arms to get people to install updates.
Microsoft has never had any focus on educating users but has spent far more time trying to showoff Windows as something you don’t have to learn, something that’ll just sort of work for you.
You’re not going to get Microsoft to educate users, it’d not be in their best interest as the only option most users see available.
The only long term solution that is going to work is to educate users, although it’s certainly the most difficult to achieve, as it usually happens.
Sorry, but that won’t occur; if people were willing to learn, listen and take on board advice, people wouldn’t be running Windows – End users would know how to install Linux or *BSD without any problems, they would be reading books on how to automate things via using script.
The simple fact is, end users are lazy, and think that the computer is some magical device that sits there and works miracles, without them needing to learn a thing – thank Microsoft and to a less degree, Apple, for promoting the ‘keep the users stupid’ mentality.
If end users were forced, from day one, to learn the fundamentals of computers, we wouldn’t be in the malware, virus ridden, trojan prone situation which the IT industry is in now.
The simple fact is, end users are lazy, and think that the computer is some magical device that sits there and works miracles, without them needing to learn a thing
I’ve seen this excuse used time and again to explain away badly designed software, but I’ve never met an end user who fit the definition.
Hell, I design operating systems, and I prefer using XP on my laptop to any Linux distro.
My reasons are simple, pragmatic, and coherent: The software I need on a laptop runs well on XP and much of it isn’t available on any Linux distro.
I’ve seen this excuse used time and again to explain away badly designed software, but I’ve never met an end user who fit the definition.
Well obviously Mr Operating System Designer, you’ve never trained end users, and seen that end users simply parrot steps rather than actually learning the fundamentals behind them.
As soon as something has been switched around, they’re lost; if they knew the fundamentals, they could easily adapt to those changes, and start working again.
As a so-called ‘operating system designer’ you should know that end users simply learn the step by step process of getting something done, but the fact is, the never actually learn the process itself.
If end users were willing (which most are not) to learn even the most *basic* and *fundamental* things of security, we wouldn’t have a whole industry dedicated to creating the various bits of crap which are included with computers, but end users have demonstrated by their lack of any proactive moves, that they don’t want to learn.
Hell, I design operating systems, and I prefer using XP on my laptop to any Linux distro.
My reasons are simple, pragmatic, and coherent: The software I need on a laptop runs well on XP and much of it isn’t available on any Linux distro.
For a so-called ‘operating system designer’ you do seem to confuse security, computer fundamentals with software availability; we aren’t talking about software availability, we’re talking about the end users unwillingness to learn about the fundamentals of information technology and how they can use that information to make their computing experience more secure.
May I suggest that you also learn what an example is, as I used Linux/FreeBSD as an EXAMPLE not as a definitive step that end users should take; end users can have secure environment with Windows XP, simply by LEARNING the fundamentals and sticking to best practices in regards to computer security.
Well obviously Mr Operating System Designer, you’ve never trained end users, and seen that end users simply parrot steps rather than actually learning the fundamentals behind them.
Bad guess.
Anyone who has taught has done that, and it’s not limited to computer users. The users who behave that way are rarely, if ever, “lazy”.
As a so-called ‘operating system designer’ you should know that end users simply learn the step by step process of getting something done, but the fact is, the never actually learn the process itself.
And only computer geeks thing this should or can be ‘fixed’ rather than fixing the system so they don’t have to learn “the process”.
I don’t understand the process by which my car operates. I haven’t understood it since the first car I bought with a complex electronic ignition system. I’ve never had to understand it. I understand “turn key until engine catches.”
That doesn’t make me “lazy”. It makes me a tool-user. Until geeks get it through their heads that tool-users are not interested in the underlying process but only in the result of using the tools, they will continue to blame users for their failure to design usable tools.
end users can have secure environment with Windows XP, simply by LEARNING the fundamentals and sticking to best practices in regards to computer security.
This is true. And the problem is that far too much has to be learned. Here’s how I keep my car sufficiently secure: i lock the doors when I’m not in it. That’s pretty much the fundamentals of automobile security.
It would take a large essay to describe the fundamentals of computer security, even for relatively secure systems like FreeBSD.
One of a designer’s jobs is to isolate the end user from the complexity of the tool. This is the one that people who blame the user are trying to avoid doing.
That doesn’t make me “lazy”. It makes me a tool-user. Until geeks get it through their heads that tool-users are not interested in the underlying process but only in the result of using the tools, they will continue to blame users for their failure to design usable tools.
The car analogy is probably not a good one here. Pretty much everyone I know who has a car wishes they understood a bit better how it worked, if only to know that they’re not getting shafted when they go see the car mechanic!
One of a designer’s jobs is to isolate the end user from the complexity of the tool. This is the one that people who blame the user are trying to avoid doing.
That is true in certain cases, but not always. Some applications, such as 3D modeling/animation, need to give access to all parts of the tool to the user.
The best tools are those that adapt to the user, i.e. give the user access to as much complexity as they want/need.
Sophos a company that makes AV products suggesting that users change to an almost virus free OS โ Isn’t that a bit like turkeys voting for Christmas?
You’d rather listen to Norton (Symantic)’s advice?
Sophos a company that makes AV products suggesting that users change to an almost virus free OS โ Isn’t that a bit like turkeys voting for Christmas?
Well, between the possible improvements to Vista, and the launch of OneCare, Sophos is looking at a serious slimming down of its customer base.
The handheld community weren’t fooled by the AV software houses’ attempts to push them into buying their gear. Linux users aren’t really really big on buying software and subscriptions.
So that leaves MacOSX. And of course, the lack of viruses/malware on that platform are going to be a bit of a problem; unless you can get the user base to a size where the virus writers reckon its worth buying the equipment and putting the effort in. That would give Sophos a new market to aim for, and their new customers will look kindly on the outfit that recommended Macs (Sophos) rather than one that tried to tell them that their OS has vulnerabilities (Symantec).
Yes Iโm sure you are right, and Mac users arenโt frightened to put their hands into their pockets (not like all those fake Windows running Avast or AVG). Though with Mac OS Iโm sure there will be less viruses (viruses that trick users into running them as root), and Sophos will develop more products for the Mac that protect users from themselves, social engineering tricks, rough websites etc.
Iโm sure that virus writers will also increasing move into these areas as well.
As long as users have any ability to get online and choose their websites (web page or otherwise) they visit, or can send/receive email, no platform exists which can save them from themselves and still allow them to do that. Thus, recommending any platform as being “safe” is a fool’s errand at best, and ultimately destructive at worst, providing people with a false sense of security.
The only possible truly “safe” systems, thus, are those that are not online, but then they lose a lot of their value and appeal.
The only truly secure computer configuration is cutting the network cable in two. Use it to keep your trailer from rolling downhill or screen door from blowing shut instead, those are safe applications.
I must say that when i go to people repair their PCs i may find there Norton AV, Panda, Antivirenkit or AVP. Sometimes even F-Secure. But i think everyone forgot about Sophos. Such news from them means only 2 things:
1) they want scream that they are still on the market, great advertisement for them, people will ask why they say something like that, when they sell so many software for windoze os, they will talk, ask, talk… (it make impression that they sell millions copy of their software if so many people talk about it, so it must be best)
2) they wanna make image of their company better (if company is so worried about users, that they say to swith from OS that make money for them, they must be veeery trusted company that anyone may trust)
There is no empirical evidence that OS/X, <insert distro here> Linux, or *BSD are inherently more or less secure than Windows/XP.
What there is empirical evidence to support is that systems that are popular tend to be the target of exploits.
Please recall that the first internet worm attacked BSD on vaxen and SunOS on Sun hardware; that all of these systems have had one exploit or another exposed over time, and that you can just as easily explain the number of exploits found agains Microsoft OSes as because there are people looking for exploits with more preceived value in finding them there than in other OSes.
Besides, the major threat to security is social engineering, and no OS is immune to that.
Well there are evidences that WinAPI is very unsecured. Writing virus or trojan horse is much more simple for Windows that for MacOS X & that’s one of many reasons why there is so many of them i think
It has nothing to do with the winapi, it has to do with the fact that IE is totally integrated into windows explorer, and that normal users run as administrators. Couple that with the amount of spyware installed by P2P apps like Kazaa (a huge #, I believe) and it leads up to a very insecure setup
Ofcourse You are right that IE integration, runing as administrator by default etc. are veeery good reasons. But WinAPI itself too. Everyone who deal with security will tell You that. There are some errors, that can’t be repaird because then many apps will stop working because of compatibility problems. & those errors are known for years now, but MS, goverments, corps etc. etc. just don’t talk about it, because it is very danngerous thing for them, for whole network where Windoze computers are.
The WinAPI is no more or less secure than any other API. They all have loads of bugs that lead to buffer overruns, which is what the security firms spend most of their time tracking.
<<Everyone who deal with security will tell You that. There are some errors, that can’t be repaird because then many apps will stop working because of compatibility problems. & those errors are known for years now, but MS, goverments, corps etc. etc. just don’t talk about it, because it is very danngerous thing for them,>>
Yeah, a lot of people say this, but there’s no real evidence for it.
True, however there’s a lot to be said about making a file executable simply through its file extension.
I do agree that social engineering is still the weakest link.
Having a .exe extension makes it very easy to spot. If you had to make some kind of permission change, then folk would do that and run the program anyway.
And even XP warns you about running executables that you download.
All they will ever be able to do, is minimise the damage caused by rank stupidity … ๐
Most .exe or indeed .doc parts are hidden by default, and it’s not that hard to call a file nakedAnnWidacomme.jpg.exe anyway.
Having a .exe extension makes it very easy to spot. If you had to make some kind of permission change, then folk would do that and run the program anyway.
Every additional steps help make the system a little more secure. And, as others have mentioned, WinXP hides those file extensions by default, another bad security decision. I hope they change this in Vista.
All they will ever be able to do, is minimise the damage caused by rank stupidity
Yes, that was my point.
yes there is
running code without prompting
so many executable types
wmf
virii which uses parts of the operating system itself to infect other operating systems and make it hard for a user to remove due to the nature of it
setting up administrator accounts with no passwords
services running like messenger, remote registry service, ssdp, remote desktop, by default whether needed or not
social engineering comes into play for a lot of it no doubt, but windows makes it easier to perform the attack once you trick users with the social engineering.
Every one of those things, or their equivalent, has happened to Unix-based OSes.
“running code without prompting” was first notoriously shown as a bug on an IBM OS back in the bitnet days, when the christmas card virus hit, for example.
My personal all-time favorite was the release of BSD that went out with the debugging password in sendmail set so that anyone who knew it could obtain root on any BSD system with that release on it that hadn’t been patched.
Followed rapidly by all the consumer wifi routers that no one changes the default administrative password on.
and the BSD releases that don’t set a root password at install time and don’t require you to set one.
and the Linux distros that have installed and enabled apache/php without patches for well known php bugs.
and the text editors such as vi and emacs that will automatically execute scripts embedded in files you edit.
and….
Of course no Mac OS X exploits would make the top 10 list of malware. Their usage share is far too small.
Same goes for Ubuntu, Debian, Mandrivia, PC-BSD, etc, which can be switched to without buying hardware.
I tried this and it works ๐
well i guess if you say so… doesnt sound quite the same to me and I know that my XP install that I have now does all that yet my debian etch does not… about all I got to say.
…did Sophos just release an AV product for the Mac? And do they not have much competition there?
(or if not yet, anyone want to bet they’re _about_ to?)
You can read all about here:
http://www.sophos.com/pressoffice/news/articles/2004/06/pr_uk_20040…
The timing of this press release seems to indicate some sort of connection ….
“maybe its just they considered that Macs are more user friendly and have more productivity software available to consumers.”
Riiiight, and the fact that Sophos happen to be one of the few companies to sell a Mac antivirus solution is just an odd coincidence.
I always trust commercial entities with vested interests to care about what’s best for *me*.
I am sick of this “Buy a Mac” BS. Don’t they ever shut up? Sure give me a Mac for free and I will throw all the other stuff here in the fire. For God sake
Bundle a basic Linux distro, web browser, e-mail, and multimedia stuff on a LiveCD. Call it “PC on a CD” or something. Don’t mention Linux — it’s too confusing to the nontechnical user. Give it away at Best Buy like AOL CDs. ๐
I’m goin to throw my $230PC(amd64,2800+, 512Ram, MObo)
to buy a Mac$$$ ?
Hello!! Linux or BSD..