Daniel Eran Dilger
Random header image... Refresh for more!

The Mac Malware Myth

register fear

Daniel Eran Dilger
According to proponents of the Mac Malware Myth, Mac users should be afraid of a series of reports about a “rising tide” of malicious software and in panicked response, install anti-virus software from the vendors who propagate those dire warnings. They’re wrong, here’s why.
.
For more than a half decade, the Windows-enraptured tech media has been banging on a drum about the imminent arrival of Mac viruses. As proof of this coming wave, they always cite researchers employed by anti-virus vendors who recount vulnerabilities found in Mac OS X or occasionally trojan horse malware designed to dupe Mac users into manually installing software that intentionally causes problems.

This is like warning the population of the threat of a global pandemic outbreak based on press releases issued by a homeopathic group concerned that isolated reports of individuals hitting themselves with a hammer might portend a greater public health crisis, unless more people coat themselves with 30x ferrum phos obtained from one of their practitioners.

Somewhat ironically, a good long time ago, well before any of today’s pundits were trying to suggest that Windows isn’t really that insecure and the Mac isn’t really any better, there was a time in the 80s that Macs did suffer from regular infections, at least if you were in a school setting where kids were passing around floppies infected with boot sector viruses. That was in the days before Microsoft ported the Mac desktop to the PC and called it Windows. A lot has changed since. (Correction: There Were Never Any Mac Boot Sector Viruses )

Someday, someone might develop code that attacks Mac OS X, then replicates itself, and propagates the attack to other systems. Of course, for that type of viral attack to have any real and lasting effect, it will also require Macs to be widely installed by millions of users in the 1990s, prior to the development of Software Update over the Internet. You’ll know this is about to happen shortly after the first time machine is invented.

Until then, you can rest assured that every article you read about a wide spread virus attacks is really about Microsoft Windows. Of course, there will also be those sneaky articles written in CNET and Wired and the Register that insinuate that trojan horse attacks are the same thing as viruses because they are both “malware,” just like stubbing your toe and the Black Death are both “health-related issues.”

 Wp-Content Uploads 2008 04 200804010234-1

The Unavoidable Malware Myth: Why Apple Won’t Inherit Microsoft’s Malware Crown
Office Wars 3 – How Microsoft Got Its Office Monopoly

Goodin Questions Security Using Obscurity.

One recent example of this comes from Dan Goodin, filling space in the Register. If you’re one of the millions of web readers who stopped reading the Register back in the late 90s when its effeminate sassiness grew tiresome, let me fill you in on what the site has been up to lately.

Goodin’s most recent article “Mac malware tide on the rise!” (exclamation point added to highlight the silliness) desperately bends backwards to conflate a) malicious software dressed up as pirated warez that tricks one individual Mac user into manually bypassing operating system security to install it once with b) the self-installing, self-replicating viruses that rapidly spread to millions of Windows PCs overnight, like the recent Conficker virus (aka Kido or Downadup), which has now infected more than 15 million Windows systems across the globe.

Goodin was careful not to directly refer any of the four Mac malware reports that made up his “rising tide” as actually being viral, but he expertly wove in mentions of “anti-virus providers,” purposely muddying the waters to suggest that Macs have no security advantage over PCs running Windows, the platform that must always run anti-virus software or else face immediate infection.

Warning: yikes link Mac malware tide on the rise • The Register

The Business of Fear Gets an Education.

Googin’s article was sponsored by Symantec security ad banners and made direct reference to “Mac anti-virus provider Intego” and “anti-virus provider Kaspersky.” How is it that there is any software industry built around Mac anti-virus when there are no Mac viruses?

Fear. And ignorance. It is certainly conceivable that a Mac virus could be written, even it if would not pose the same widely infectious threat that Windows users face every day they are connected to the public Internet. However, it is not accurate to say that installing anti-virus software would protect Mac users from such a theoretical situation.

In fact, anti-virus software itself is a key target for infection. That’s because anti-virus software sits in a powerful, trusted position within the operating system and has its own mechanisms for accepting updates from the network, which are often easier to corrupt than the operating system itself.

Apple itself discovered this when it began shipping Virex as part of its Dot Mac package. While the anti-virus software was never compromised by an external virus attack, it did cause other low level problems for the system, which got so bad Apple yanked the title and stopped distributing any anti-virus tool at all for Macs. It also stepped up its advertising of the fact that Macs had no viruses in the wild. When dealing with fear, sometimes the best defense is a good offense: education.

Apple’s other offensive is in working to progressively bolster the security of its platforms. That means regular updates to its system software, new technologies incorporated into Mac OS X, and new security policies that make infecting the iPhone and iPod touch virtually impossible.

 Wp-Content Uploads 2009 01 Road-To-Sl-080826-6-1

Road to Mac OS X Snow Leopard: 64-bit security
New QuickTime 7.6 addresses quality, security
iPhone 2.0 SDK: How Signing Certificates Work
10 FAS: 10 – Apple’s Mac and iPhone Security Crisis

Managing Risk.

Anti-virus software on Windows, like Windows itself, has actual exploited vulnerabilities that have been used to spread infections. That risk is usually overwhelmed by the greater risk of not running anything and being more likely to fall victim to one of the tens of thousands of active viral attacks that can infect Windows software.

On the Mac, there is no background danger of viral infection, only a theoretical one. That makes running anti-virus software a risk not worth accepting. It’s not just that there’s no valid reason to run anti-virus software, but that there is real danger in installing anti-virus software on the Mac and assuming that you are now protected from any problems.

Installing anti-virus software on a Mac puts you at greater risk because the anti-virus software itself provides new opportunities for potential infection. If that’s hard to comprehend, imagine covering yourself with band-aids with the hope of avoiding any potential for infection; the reality would be that those bandages wouldn’t do anything to protect you from being infected if you were actually injured, and up to that point they would only serve as a potential media for culturing infectious bacteria and keeping it in contact with your body.

 Wp-Content Uploads 2008 04 Nocountryforoldwindows

Five Factors Shifting the Future of Malware and Platform Security

Prophylaxis not Always a Panacea.

Similarly, because there are no known signatures for Mac viruses (because no viruses yet exist), there is no way to prevent infections that might be developed. The security software would have to be updated to provide any protection, but that update mechanism also serves as a potential vector for distributing elements of malicious attacks, either directly or by opening up potential new vulnerabilities.

Were there some real, plausible risk of Mac viruses being developed (say, you operated a large lab of Macs that served as a valuable target for attackers), it might make some sense to install anti-virus tools so that you could mitigate damage once a threat was discovered. It also might make some sense for some institutions to install tools that limit what software its users can install.

However, for home users, Mac anti-virus makes no sense whatsoever. All it can possibly do is slow down the system, add some irritating interruptions, and provide a false sense of security while actually undermining real security by adding new layers of potential vulnerabilities. Very targeted attacks, ones that might exploit a vulnerability to gain access to your system, are not preventable with anti-virus software that only scans for known patterns of malicious software.

Really, how useful is it to install anti-virus software that can realistically only stop you from installing software you should know better than to attempt to install in the first place, whether it’s the pirated version of Photoshop or the pirated version of iWork or an unknown anti-virus package from the web? Yes, those are the four fearsome malware examples Goodin cited as his “rising tide” of Mac malware, and which, coincidentally, Intego cites as the reasons to buy its Mac software.

Of course, the security experts at Kaspersky, Symantec, Intego, and others don’t want you to know that. They want you to read scary articles like those that regularly appear on CNET, Wired, and the Register, which are based on press releases issued by those vendors, all suggesting that Macs are really damn close to being dangerous to use, and that their products are really critical for your continued safety.

Because when you’re in the business of fear, an educated population is the worst thing you can imagine, and a lazy media content with republishing your press releases is your only hope in preventing that from happening.

Did you like this article? Let me know. Comment here, in the Forum, or email me with your ideas.

Like reading RoughlyDrafted? I’d write more if you’d share articles with your friends, link from your blog, and submit my articles to Digg, Reddit, or Slashdot where more people will see them. Consider making a small donation supporting this site. Thanks!

  • http://macsmarticles.blogspot.com Derek Currie

    Oh great, a vehement troll in our midst. I only say so because his ‘facts’ are FUD. Yawn. Time to swat the gnat:

    hodari sez: “Contrary to you and what some “UNIX based OS” users mistakenly think, Unix like systems are inherently less secure than Windows NT based operating systems.”

    Total nonsense. Been there, done that, good luck backing up your rubbish. And YES, Mac OS X has no need for your ‘UNIX Based OS’ crap. I told you to look it up, and like a typical troll you never bothered, just so you could make a total fool of yourself so someone like me would come along and abuse you because, face it, you’re a plain old sadomasochist.

    Rather than further enable your self-destructive behavior and your bullsh*t FUD, I am off for a happy night’s dreaming. Good luck at that on your end, little liar.

    :-P

    Trolls, trolls, trollzzzzzzzzzzzzzzzzzz

  • hodari

    Derek – The trick is getting computers to understand what I’m saying more than some people here!

  • Joel

    @daGUY:”So, I do think security through obscurity is part of it. Why create a Mac virus when *at best* you would only be able to infect a tiny fraction of the world’s computers?”

    I think you underestimate the “because its there” attitude of developers and people who play with technology. I’m also tempted to create a Mac Virus myself, to demonstrate how it would be done. However I’m stopped by two constraints:

    1) I’m no-longer a frustrated 14-year old

    2) The attack vectors I have on Windows aren’t there. There are few unpatched holes to get in (even security researches need a bit of help), and since not everything runs as root I don’t have unfettered access to the file-system. And since my virus can’t be executed by default I’m going to have to make it some kind of trojan instead of a worm/virus thing. There’s also no real way to use the MBR to create a boot sector virus.

    Damn, there goes my 15 mins of fame at being the guy who broke OS X and Unix security…

  • Joel

    For Unix/Linux computers there’s another incentive to gain access… A lot of these machines are used by more than one person, and they often have useful services running on them. Think about web servers or databases holding lots of people’s login, or even credit card details…

    (And anyone who thinks that just because “Unix is obscure” has never followed /var/log/secure :D)

  • http://home.comcast.net/~daguy daGUY

    @Joel: that’s my point exactly. It would be MORE work for you to create a Mac virus rather than a Windows virus, and at best it would only be able to infect a fraction of the world’s computers. The desire to create a Mac virus “just because” obviously isn’t strong enough to sway people, otherwise we would have seen one by now.

    There’s another factor in this too I forgot to mention – you have to have a Mac in the first place (or download OS X and hack it to run on your PC) if you want to write a Mac virus. Both options are more expensive and difficult than just getting a dirt-cheap Windows PC.

    So, that’s three factors now:

    - Higher upfront cost (spending $ on a Mac, or spending time hacking OS X)
    - More difficulty in writing a virus (OS X is more secure)
    - Very limited ability for a virus to spread

    Combined, it’s simply not worth it to make a Mac virus.

  • gus2000

    “More difficulty in writing a virus” is not security through obscurity. It’s security through security. Thank you for making my point.

    I will reiterate that malware authors do not seek world domination, they want money. If cracking into 0.0001% of the world’s computers would make them rich, they would do so (if they could). People still rob banks, even though each branch carries only a tiny fraction of the world’s installed base of currency.

  • Joel

    This also assumes I can write one virus and one virus only. A good percentage of Windows Computers + 5 % is more profit for me. (And my l33t h@xor status as a virus writer)

    Also, once a credible virus is written and seen in the wild, Mac Anti-Virus software becomes big business… :D

  • d235j.1

    hodari: What about NSA SELinux? It uses ACLs for better permission control. OS X 10.4 and up also implements ACLs…which removes the user/group/world limitation.

  • enzos

    @daGuy and PXT,
    An email I sent to our uni’s ITS last semester..

    >Dear Helpdesk,
    >I draw your attention to three unwanted guests among the files and folders in my thumb drive (see screenshot below).
    >A net-search reveals that “krag.exe” is malignant spyware for PCs spread by USB drives.
    >I picked these up in 092-003 today. I removed them after yesterday’s lecture but they’re there again after delivering today’s lecture in that theatre.
    >Fortunately, I have a Mac (praise be to the Mighty Jobs) but would rather not be an immune vector for the spreading of this virus to those less fortunate.
    >Please advise.

    They beefed up that lecture theatre’s computer AV so much it ran like treacle on a cold day (much to the amusement of the students waiting for the next slide to drunkenly stumble across the screen). But a couple of weeks later I picked another strain from the same theatre.

  • http://home.comcast.net/~daguy daGUY

    @Gus2000: “‘More difficulty in writing a virus’ is not security through obscurity. It’s security through security. Thank you for making my point.”

    Yeah, but I said the lack of viruses was due to multiple factors. OS X is inherently more secure AND it’s used by far fewer people than Windows. So even if you were to write a Mac virus, there’s a much smaller pool of computers it could spread to.

    Security through obscurity isn’t the whole story, but it’s definitely part of it. What if the marketshare numbers for OS X and Windows were reversed? Do you think people would still target Windows just because it was easier, even if that was only 5% of the world’s computers? On the contrary, I think virus authors would put the effort in to make a Mac virus since that would then open up 95% of the world’s computers to them.

  • Pingback: The truth about Macs and malware - MAC.BLORGE()

  • Pingback: Mac viruses? What Mac viruses? | mendax.org()

  • Joel

    Another argument against the “security by obscurity” are the early viruses and worms of the 1970′s. There were very limited populations of many different computer systems. There wasn’t much economic reason, so there people were doing it “because we can”.

    Oh, and those iPhones things… Even with millions being sold and the handy amounts of personal information on them, how come there isn’t a virus for them things…? Or are there not enough of those, too…?

    [There are a lot of things people did "because we can" in the 70s which they now want to get paid for doing. The Apple founders started out making computers because they could, only to realize they could get rich. Guess who else kept making systems for fun after they realized a market existed? Nobody.

    Look at mobile software. How many people are making Google Android apps "because they can"? Now look at the iPhone store. Android app writers are now hoping to get paid (but the store isn't in place yet, and the installed base isn't going to happen quickly). Same story. You can suggest there is this huge group of well meaning people who crank out their efforts for fun, but they are a very small crowd and rarely is their stuff up to par to those who compete to get paid.

    What are you, a communist? - Dan ]

  • http://web.me.com/sdshallow danae

    In teaching clients how to use their Macs, I run across the anti virus issue a lot, since most of them are used to dealing with the swiss cheese that is Windows. In the three years I’ve been doing it professionally, I’ve only once encountered a reason to be running anti-virus: someone had sent an infected Microsoft Word file from windows to a client’s Mac, and it corrupted all of the .docs that she sent out to Windows machines, even though it didn’t effect her at all. When people ask me why anti-virus exists for the Mac at all, this is usually the example that I sight, and then I emphasize the context…If I work with at least 25 unique people each week, and I’ve only run across the situation once so far — well, the chances are slim. I’m going to start directing my more security obsessive clients to this article, and see how they react to the idea that the anti-virus software makes things *worse*.
    BTW, I’ve been reading your articles for over a year now and I adore them. Whatever you do, keep writing!

  • d235j.1

    @danae: now that Office 2008 has no VBA, those kinds of viruses shouldn’t be a problem. Of course, the lack of VBA is an inconvenience for many.

  • Joel

    “Same story. You can suggest there is this huge group of well meaning people who crank out their efforts for fun, but they are a very small crowd and rarely is their stuff up to par to those who compete to get paid.

    What are you, a communist?”

    I’m going to take that as a sarcastic dig. Since I’ve contributed to open-source frameworks (some of them highly popular and well used) then I suppose that does make me a “communist”. Is it such a shock that people outside of the US do things without short-term financial incentive…? :D

  • http://macsmarticles.blogspot.com Derek Currie

    hylas sez:
    “There is an instance of one that is of concern, it’s not a virus, more of a rootkit – logic bomb hybrid I have (and others) run across. (X-Platform)…. In ‘97 and ‘05 this thing got a hold of me. The first time on a 68040, Quadra 610 and it’s networked Mac IIsi. the second time G4s, G5s (everything) and Xserves…. Another researcher (Nancy) has named it, and it’s appropriate: Subversion.”

    You are specifically talking about something that ran in old Mac OS, as opposed to Mac OS X. The hardware you mention only has Mac OS in common. Most of it is entirely incapable of running Mac OS X. So whatever you are saying is coming out totally incoherent. There is no such thing as malware that runs on Mac OS & on Mac OS X. Are you talking about something that runs in Classic inside Mac OS X? In any case I see no relevance to specifically Mac OS X at all.

    (on Nancy’s site you’ll get a warning on Site Identification [it seems to be expired] click through to read)

    Wait a minute. You’re talking about computer security but instructing people to ignore an out of date server security certificate? BAD ADVICE. I recommend everyone NOT click through. hylas, your bogosity reading just went off the scale. Are you tripping?

    And no, this isn’t some knee-jerk slam. When I slam a post, I’m serious and I prove my point, as above. Work on the coherence factor please.

  • http://macsmarticles.blogspot.com Derek Currie

    Joel sez:
    “Since I’ve contributed to open-source frameworks (some of them highly popular and well used) then I suppose that does make me a “communist”. Is it such a shock that people outside of the US do things without short-term financial incentive…? :D”

    It amazes me how some human personalities are incapable of comprehending others. As ever, diversity rulz.

    One of the most hilarious and tragic things I read comes from a certain branch of political right wingers who think there is no such thing as altruism among human beings. If one person helps another, so far example in the ‘Good Samaritan’ story, then such people say there is some psychological need on the part of the Good Samaritan to compensate for something they regret or feel guilty about in their past. A popular explanation is that the Good Samaritan feels guilty about the wealth he grew up with and compensates for his sense of guilt by helping others in need. The simple act of cooperation, collaboration, kindness and caring does not occur to this branch of right wingers. I find their point of view to be insane and I feel very sorry that their lives lack a sense of kindness and caring. Altruism is one of the miracles of living creatures.

    To pull some FUD term out of one’s orifice in order to slam someone who is altruistic is nuts. Contributing to Open Source projects does not constitute being a ‘Communist’ in any derogatory sense of that word. Instead it’s plain old cooperation, collaboration, kindness and caring. If certain people can’t comprehend that fact, sorry, but you live a much more miserable life than those of use who are cooperative, collaborative, kind and caring. You also make we, the cooperative, collaborative, kind and caring, absolutely miserable with your consistently predatory attitude. Having hyenas within the human population has its benefits. But for anyone to think their personal little inner world is relevant to reality as a whole is incredibly naive and self-deceptive.

  • Joel

    If click through to that tagmeme “Subversion Hack” website, and then follow it through to the dailywtf forum you”ll see where its analysed and then debunked as either a hoax, or that it probably is the paranoia of the writer.

    I’m also thinking that Dan was being sarcastic when he was talking about helping others as being “Communist”

  • http://all.net/ hylas

    “Derek Currie
    hylas sez:
    “There is an instance of one that is of concern, it’s not a virus, more of a rootkit – logic bomb hybrid I have (and others) run across. (X-Platform)…. In ‘97 and ‘05 this thing got a hold of me. The first time on a 68040, Quadra 610 and it’s networked Mac IIsi. the second time G4s, G5s (everything) and Xserves…. Another researcher (Nancy) has named it, and it’s appropriate: Subversion.”

    You are specifically talking about something that ran in old Mac OS, as opposed to Mac OS X. The hardware you mention only has Mac OS in common. Most of it is entirely incapable of running Mac OS X. So whatever you are saying is coming out totally incoherent. There is no such thing as malware that runs on Mac OS & on Mac OS X. Are you talking about something that runs in Classic inside Mac OS X? In any case I see no relevance to specifically Mac OS X at all.

    (on Nancy’s site you’ll get a warning on Site Identification [it seems to be expired] click through to read)

    Wait a minute. You’re talking about computer security but instructing people to ignore an out of date server security certificate? BAD ADVICE. I recommend everyone NOT click through. hylas, your bogosity reading just went off the scale. Are you tripping?

    And no, this isn’t some knee-jerk slam. When I slam a post, I’m serious and I prove my point, as above. Work on the coherence factor please.”

    >·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯`· >.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯`· >

    Derek,
    Don’t get your panties in a wad.

    “You are specifically talking about something that ran in old Mac OS, as opposed to Mac OS X. The hardware you mention only has Mac OS in common. Most of it is entirely incapable of running Mac OS X. So whatever you are saying is coming out totally incoherent.”

    - Really, “incoherent”?
    You are confusing yourself.
    Reread.

    In ‘97 and ‘05 this thing got a hold of me. The first time on a 68040, Quadra 610 and it’s networked Mac IIsi. the second time G4s, G5s (everything) and Xserves.

    “There is no such thing as malware that runs on Mac OS & on Mac OS X.”

    - Really? (we can all go home now).

    “Are you talking about something that runs in Classic inside Mac OS X?”

    - No, not specifically.

    “In any case I see no relevance to specifically Mac OS X at all.”

    - Except maybe the hardware and all.

    “Wait a minute. You’re talking about computer security but instructing people to ignore an out of date server security certificate? BAD ADVICE. I recommend everyone NOT click through. hylas, your bogosity reading just went off the scale. Are you tripping?”

    - Derek, you got me there: (what’s this article -above- about again?)

    See:

    http://laughingsquid.net/faq/ssl/

    “And no, this isn’t some knee-jerk slam. When I slam a post, I’m serious and I prove my point, as above. Work on the coherence factor please.”

    - Yeah, terribly sorry about that.

    >·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯`· >.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯ `·.¸¸.· ´¯`·.¸¸.·´¯`· >

    “Joel
    If click through to that tagmeme “Subversion Hack” website, and then follow it through to the dailywtf forum you”ll see where its analysed and then debunked as either a hoax, or that it probably is the paranoia of the writer.”

    - Joel,
    You mean the link that I provided?

    https://tagmeme.com/subhack/whoarethesepeople.html

    There was a reason for it, can you guess why I included it?

  • Joel

    You’re going to have spell this one out loud and clear, I don’t bother with guessing games… Btw, you may be in out of your depth here…

  • Joel

    “There is no such thing as malware that runs on Mac OS & on Mac OS X.”
    - Really? (we can all go home now).

    Yep, really. The only problems would be things like Word Macro “viruses”. Unless of course you’ve got links to cross-platform Classic / Mac OS X nasties that have been found in the wild and did actual damage. (And I’d prefer web pages written by security researchers, and other respected bodies rather than random nutters and fruitloops).

    I’m off ‘ome…!

  • Pingback: Mac Malware On The Rise - Laptop Security Blog()

  • Pingback: Roman Ladder » Blog Archive » Feeling Secure()

  • Pingback: Kaspersky Sells Mac AntiVirus Fear Using Charlie Miller… Mac AntiVirus Foe — RoughlyDrafted Magazine()

  • Pingback: Haywired 3.0 - Касперский сеет страх в пользователях Маков используя Чарли Миллера()

  • Pingback: furicle's status on Friday, 01-May-09 15:08:30 UTC - Identi.ca()

  • Pingback: Muskoka Mac User Group()

  • Pingback: iPhone x 3 » Blog Archive » Microsoft announces free anti-virus service for Windows()

  • Pingback: Microsoft announces free anti-virus service for Windows — RoughlyDrafted Magazine()

  • Pingback: Chicago Boyz » Blog Archive » Snow Leopard, Macs and Malware()

  • Pingback: MAC future question. - Mac-Forums.com()

  • Pingback: Zo, da's effe wennen, zo'n appel! - Body Resource Bodybuilding Forum()

  • Aleex4

    The mac malware problem is trivial today, but could be serious as soon as tonight. All it is going to take is that one little well written piece of malware to infect some machines, then we will go from being in denial, to having a bunch of Chicken Littles running around, wondering why there is no antivirus available for their bulletproof Macs!

    [Actually it's not like that at all. If you knew how viruses work and how they're spread, and what antivirus scanners look for, you wouldn't say any of those things. There is not "denial" among Mac users, just an awareness that Macs have fewer automatic ways to install software unwittingly, more straightforward ways to remove unwanted software, fewer opportunities to spread malicious software within a huge, susceptible monoculture, and no real business model to support the development of "well written malware." But thanks for taking the time to post ignorant fear-mongering that I can use an an example of misinformation. - Dan]

  • foke

    mmm…I use ProteMac NetMine for protection

  • http://macsmarticles.blogspot.com Derek Currie

    foke sez: “I use ProteMac NetMine for protection”

    Thanks for the kewl info! I had never heard of it within my net circle. I’m in the process of checking it out. It is essentially a competitor with Little Snitch at the same price. Apparently it is also a regular firewall (as well as what I call a ‘reverse firewall’ like Little Snitch). I have to dig a little deeper to see just how effective it is at dealing with malware itself.

    Oh, and very special messages to:

    I) hodari: Here is a short list of operating systems in order of best proven security to worst:

    1) OpenBSD
    2) FreeBSD
    3) Mac OS X (which incorporates aspects of both OpenBSD and FreeBSD)
    4) Linux – various flavors
    5) Microsoft Window, including NT, including 7ista. This is what is called ‘the bottom of the list’. AKA, you are incorrect, verifiable by anyone.

    II) hylas: I think you need to get an education. Just saying…

    ;-Derek