bbc.co.uk Navigation

Rory Cellan-Jones

Mac malware - were we wrong?

  • Rory Cellan-Jones
  • 3 Dec 08, 10:41 GMT

There was a web firestorm yesterday over an apparent warning from Apple that its users could be vulnerable to attack and should consider installing anti-virus software. It was a firestorm that we helped to fan with a story - and a post on this blog.

apple websiteNow it appears that the story was old and that the message on the Apple support site, posted on 21 November, may have simply been an update of an advisory note published back in 2007. What's more, the November message has now been removed - with no explanation.

So I'm sorry if we suggested that this was a major U-turn by Apple when it was not. Graham Cluley, who we quoted in the post, now describes the incident as "a fascinating example of how the internet can get carried away with itself", and it is certainly true that bloggers and journalists (and I include myself) hate to be left out when this kind of storm brews up.

But Mr Cluley stands by his view that Mac users should not be complacent about their security: "Yes, the news that Apple is urging people to run anti-virus software isn't actually news... apart from for the people who didn't realise they had to run anti-virus software on their Apple Macs! - which seems to be quite a lot". It is worth noting that Mr Cluley's firm Sophos sells an anti-virus package for Macs and is presumably keen to boost its sales. I have to confess, as someone who has used both Macs and PCs for the last 12 years, that I have never installed any extra security on my Macs, and I'm still not convinved that I need to act.

And one thing that this incident does show is Apple's split personality when it comes to communicating with its users and with the media. On the one hand, when it has a positive story to tell, it is brilliant at sending simple, bold messages to consumers and skilful in projecting its case to the media.

On the other, when things go wrong - complaints about scratched iPods or concerns about Steve Jobs' health - this is a company which retreats into the Cupertino bunker, closes the door and says nothing.

So I contacted the Apple PR department at 1115 GMT on Tuesday to seek a comment on the story. Back they came twenty minutes later, with a promise to look into it and "keep you posted". 23 hours later, I'm still waiting. So what is Apple's advice to customers on whether there is any need to install anti-virus software? I'm still not clear - are you?

Update Wednesday 1334: Have heard from Apple this morning - Macworld has a statement from Apple spokesman Bill Evans.

Comments

  • Comment number 1.

    Actually this makes this story more interesting and intriuging. It certainly doesn't deserve an apology, except for not spotting this a year ago.

    So it appears that at the same time they were promoting Macs as be immune to Viruses,via their Mac V PC ads, they were simulataneously recommending that Macs need anti-virus software.

  • Comment number 2.

    Were you wrong?

    YES YOU WERE!

    There is no need to use anti-virus on Macs, unless you want to help stop the spread of Windows viruses.

  • Comment number 3.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • Comment number 4.

    What's sad is that the original BBC news story on this occupied position 3 on the Technology news index page, and at one point was the most emailed story of the entire site. Whereas I suspect this retraction/clarification will get far less hits (it's not as prominent on the Tech page).

    I have no problem with you posting it on your blog Rory - I expect a more spontaneous stream of thought and reaction here. But it was the fact that it was turned into a main BBC news article that annoyed me.

  • Comment number 5.

    I'm really surprised that the vast majority of people have never run anti-virus software. I always assume people have the software and just run it every once in a while. I use ClamXAV when I want to scan a file I've downloaded or received via email, but I don't have it set up to continually scan. I read a post today at Mac Guru Lounge on the Top 5 Mac Security Tips for the Holidays, which also talked about running AV software.

  • Comment number 6.

    Whoops. So it turns out that Apple has been quietly saying for a while that their users should be running anti-virus software. It seems a lot of people (including me) were caught out by this.

    And to the point in Rory's post, yes, I can't hide that my company (Sophos) is one of the umpteen that sells anti-virus software.

    But my intention isn't to scare anyone by repeating Apple's advice that Mac users should run anti-virus software.

    Note that we don't have a home user edition. We only sell to businesses. So, in our case, it wouldn't be accurate to paint us as trying to scare people into racing down to the high street to get an anti-virus for their Mac. Companies don't make impulse purchases like that.

    Mac malware exists (albeit not in the same numbers as Windows), it is using the same techniques to infect Mac users as the Windows malware, and is increasingly financially motivated.

    Apple Mac users are not protected with magic crystals which ward off malware, and are just as susceptible to making bad decisions which can lead to their computers becoming compromised.

  • Comment number 7.

    I have never paid for Anti-virus for my Mac. I got a free package when I bought my first iMac nearly 10 years ago, but I didn't buy any updates after the initial subscription ran out. I had McAfee Virex with my .Mac subscription for a while, but then Apple themselves stopped supporting it.

    Currently I have nothing installed at all. The threats that exist appear to come mainly from dodgy websites, and OpenDNS and FireFox between them do an admirable job of stopping me getting anywhere near those sorts of sites.

    I wasn't about to go out and buy software based on yesterday's 'news', and I am no more or less inclined to do so today. Now if you'll excuse me, my cappuccino maker is calling.

  • Comment number 8.

    @Jonamac writes:

    "The fact is that there are no Mac viruses in the wild"

    Umm.. I'm not sure what definition of "in the wild" you're using, but Mac OS X malware *is* found planted on compromised hacked websites that anyone in the world can visit. Typically it pretends to be a plug-in to allow you watch a raunchy video.

    It's not happening anything like as much as Windows malware, but it does happen.

    And Mac users are just as likely to fall for the social engineering as Windows users.

  • Comment number 9.

    Perhaps Apple haven't responded to you because you are now perceived as a blogger who spreads misinformation. You claim to be unclear as to whether anti-virus software is required. Yet, it would appear that Apple have given a statement to Macworld. According to Macworld, Apple spokesman Bill Evans is reported as saying:

    "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box.”

    I found this within a few minutes of checking a couple of mac related websites. Why didn't you? Isn't this what you are paid to do?

    Whether the mac is currently susceptible to viruses or not, anti-virus software is still useful - if only to help stop the spread of malicious code to our windows using colleagues.

  • Comment number 10.

    I'm still not clear - are you?

    Yes thanks. Just follow the tech notes - they've been saying the same thing for years. Nothing's different today from what it was the day before yesterday.

  • Comment number 11.

    This is exactly how FUD/misinformation is propagated and the internet is certainly guilty of making it happen faster, but is *in theory* more easy to correct.

    I say in theory, because having made this incorrect information 'front page' news on the Technology page, the 'correction' is actually rather hard to find. To wit : Apparently Apple will talk to Macworld UK, but not the BBC. From this page http://tinyurl.com/6dzl3a :

    "We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesman Bill Evans, told Macworld.

    "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box.”

    So it appears that Apple are not back-tracking at all. Quite the opposite in fact. Rather they are guilty of not managing the erroneous 'Knowledge Base' pages on their website, in a timely manner, but not of a change of heart.

    Perhaps Apple and Microsoft should club together with Linux and post an International Computer Security FAQ, which clearly states the issues involved, the measures to take and which gives general, specific and impartial advice, for free and more importantly, *with no vested interest*, which is clearly the problem with asking a company whether or not its products are worth buying. Which is exactly what Rory Cellan-Jones did in his article when interviewing the two antivirus software company representatives.

    Come on Beeb. Keep the standards up.


  • Comment number 12.

    It's very frustrating when simple, obvious facts are not checked before jumping on the bandwagon and publishing news articles and blog posts.

    As you have now discovered, this was not a new tech support note or in any way a revelation. So it's bizarre that such a storm built up around the story but, sadly, typical. I would expect that from the general blogosphere but not from BBC News.

    This is not about whether Mac users should be using anti-virus software, it's about credible journalism. Unfortunately, on this occasion, the BBC's coverage was poor and misleading.

  • Comment number 13.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • Comment number 14.

    The most interesting thing about the story yesterday has been the reaction of the media.

    They are absolutely gagging for Apple's Mac OSX to be the subject of a malicious attack and even the merest hint that Mac users are being advised to get anti-virus software has put the tech media into overdrive.

    There are a multitude of reasons why the Mac OS has been relatively safe from viruses and the like over the years and Cupertino's attitude to security is likely to keep things on an even keel for a while longer.

    I am sure that the Windows world has had enough of Mac users banging on about how safe their systems are but it would make much more sense for people to explore the reasons for that, both technologically and in terms of corporate attitude, rather than pining for a day when it all goes wrong.

    James

    PS Full marks to Rory, though, for 'fessing up!

  • Comment number 15.

    Let's see, no virus's or malware - YET; but locked into running the apps that Mac wants you to run and not the apps you want too run?

    I'll take the potential of virus's & malware and also the ability to run hundreds of thousands of different apps that I may want to run over the communist approach of Mac anyday!

    BTW, I've been using PC's for nearly 20 years and have had NO virus infections and NO malware infections so if you Mac users were more intelligent,,,maybe you too could run a PC without getting infected!

  • Comment number 16.

    I bought a new Macbook Pro. The first email I opened was full of letters hash marks and numbers. In Two days the macbook pro would not open. The folks at Mac had to replace the entire system, mother board included. It took three visits to the repair store ... they finally had to send it to the WHITE GLOVE team who fixed the problem. The entire time Mac claimed they do not get viruses. Hey! I love my mac but it can be taken down. My lesson... don't open mail from unknown sources or download programs you can't purchase.

  • Comment number 17.

    Many Mac users use Microsoft Office which means Mac users are still open to macro viruses. Apple systems are also not immune from problems in third-party software such as Flash, QuickTime, and Adobe Reader. It’s also worth having something installed if you regularly forward files with attachments onto PC users (eg clients), this means that a Mac antivirus scanner is scanning for Windows-based malware.
    Can viruses be produced for Macs? They surely can, Elk Cloner, was written for and infected the Apple II’s OS 26 yrs ago. My guess is someone, someday will see it a challenge and set out to do so.

    Looking at Google news it looks as if most media outlets, including many tech sites, ran this same story. The Washington Post looks as if it may have been the first to start this hare running, a day earlier than on the BBC. It does raise issues about whether this blog should follow the herd or just post comment and opinions from those running it? If the latter means fewer posts, so be it. Surely the tech news section is the place for industry news?

  • Comment number 18.

    @luvwknd,

    "Let's see, no virus's or malware - YET; but locked into running the apps that Mac wants you to run and not the apps you want too run?"

    I think you are confusing OS X with the iPhone mate. You can run anything you like on a Mac, always have been able to, always will be able to. And it's 'Apple', not 'Mac'. The Mac is the type of computer, Apple Inc. are the company.

    Amazing how many people are misinformed (and also can't spell or use grammar if their life depended on it. Maybe it's because my Mac has system-wide spell check that I notice these errors more and more).

  • Comment number 19.

    keywestcoral:

    That doesn't sound like a virus to me. Never heard of one that can destroy a motherboard! I think you just got a badly made machine (which is annoying enough) but definitely does not sound like a virus.

    luvwknd:

    As already mentioned, there are loads of apps available for a Mac. Apple have no control over what apps people write for a Mac or install on one. Clearly you have never actually used one before.

    Apple do attempt to control iPhone apps, but you can jailbreak it to install other apps that aren't available through the iTunes store. I remember having to hack my Windows Smartphones in order to install the apps I wanted rather than those that had been certified.

    I occasionally run ClamXAV on my Mac but never had a virus. I have a hardware firewall and that's all you really need for a Mac. There are some trojans that can record keystrokes etc, but these are apparently from dodgy porn sites and need you to enter your admin password to install. To be honest, if you are thick enough to actually do this, you deserve any problems you get.

    Macs are leagues ahead of Windows PC's for security, and no amount of shoddy reporting from the BBC can change that.

  • Comment number 20.

    Do people still use PC's? Really? I could have sworn I read on a BLOG somewhere that Apple had taken over the world and we where being led by a senate of beardy zen zealots! All newborns where to have surgically implanted iPhone system chips and when reaching the age of 3 given Macbooks and by 21 a MacBook Pro.
    The Windows OS had been relegated to running speed camera's though problems arose when it appeared that the new software meant that all positioned camera's needed to be replaced due to being underpowered and only managing one picture before a system panic...
    These blogs eh! Not always what they seem..... then again maybe it was a beautiful dream.

  • Comment number 21.

    To the person who said a virus caused your motherboard to need to be replaced.
    Your computer didn't have a virus. You simply had a hardware failure. Hardware failures happen. Especially with a new piece of hardware. If they fail, they usually fail when they are really new or when they are really old. It is just like your TV. How many times have you bought an electronic appliance and it broke the first week? You go to the store and get a replacement. The replacement lasts for years.

    The main (simplified) difference between Windows and OS X is that OS X is Unix. (Linux is a type of Unix.) Unix is a very old operating system that was designed from the ground up to be multi-user and
    multi-tasking. It worked on large main-frame computers. Since it was multi-user, it had all the protections in place to not allow one user to destroy the main operating system or read other users files. In addition, multiple people used the same computer at the same time.
    Windows on the other had was based on DOS. This system was single user and single tasking. Meaning that it could only do one thing at one time and only one person could use the computer at a time. This one user had the power to do whatever they wanted. Good or bad. While Windows has evolved, it still has a lot of the original vulnerabilities due to the effort of Microsoft to be backward compatible. This is why when you download a virus, it can take over your computer. While is it possible for a user to download a virus on a Mac and be really stupid and run it, unless they are really really stupid and go into admin mode, the damages are limited. As long as you have good backups, you can easily recover in a very short period of time. You simple delete that one user, recreate it and then restore off your backup. Depending on the amount of personal data, you could be up and running in a few minutes. With a Windows machine, unless you have a disk image, you will need to reload Windows, do the updates, reload all your software, and then finally your personal files. Windows will have you up and running a few hours later or maybe at the end of the day. The bottom line is any computer is vulnerable to stupidity but Unix is a far superior operating system for the majority of users. I can't tell you how many people I have convinced to buy Macs. Not a single person ever regretted the advice I gave them. Save your money and don't buy anti-virus software for a Mac. Unless you are moving files from Mac to Windows and bypassing the Windows anti-virus software, you simply don't need it.

  • Comment number 22.

    Here is my 2 cents on this matter.

    If you were to create a virus or malware attack would you choose an OS which has less then 10% of the OS market or one that has over 80%.

    Malware and Virus attacks are usually used to extort data from a users computer for financial gain. Therefore if you were to target an OS you will target Windows.

    For Mac users it is in their interest that Apple market share remains low.

    Concerning security on a windows PC, as long as you behave correctly when surfing the web or opening your emails you do not need a virus scanner on a window machine.

    I have not had a virus on my PC (now running Vista) in the last 3 years.

  • Comment number 23.

    I'm sorry Rory, but this was bad journalism on your part. There is no maybe, you were wrong, you didn't check the facts and you should admit that. As someone above said, you can not blame Apple for taking their time to reply. By posting a story, which basically jumped on a bandwagon without getting Apple's side of things first you've made yourself look unprofessional.

  • Comment number 24.

    Simply, yes you were wrong. You published a badly researched article (clearly taken from the internet) and made no attempt to contact Apple and ask them about their apparent 'change of opinion'. When it was pointed out to you by myself (and no doubt many others) it still took many many hours for you to correct the error and the article and you subsequently still re-published contained a statement saying 'Applescript.THT' was a virus when in fact it is a trojan and I informed you of this on three occasions. I see the article is now further corrected and uses the word 'Malware' instead, but this is simply sloppy reporting and shows the BBC in a poor light.

  • Comment number 25.

    Well the faceless censors of the BBC dot.life chose to remove my post above as it appears to have advertised 'products or services for profit or gain'. Uh?

    So beware, you are no not allowed to say Macs are more secure than Windows, even if it might the case.

    So a different point I would like to make. Yes the BBC was wrong and is wrong. Re-reporting news coming out of blogs is not what it should be doing. Where is the checking and verification? The original article on the Apple site said clearly it was an OLD tech note that had just been modified - it would have been a two second check.

    Everyone including you Rory, is exacerbating the problem of the internet echo chamber.

  • Comment number 26.

    I feel the need to post again. I'm actually pretty annoyed about this whole thing. I've researched this now properly, something that clearly wasn't done by the BBC team.

    What annoys me is the way that you made out that Apple was actively telling customers to get anti-virus. The way you announced it, you would have thought that there was at least an advisory or link on Apple's main home page. You've seen this as a major change in their policy on virus protection and told the world that. Without even checking with Apple first.

    Don't you see how bad this looks on your part? The Unofficial Apple Weblog is even mocking the BBC for picking this up. You haven't even apologised for not doing your job properly and spreading misinformation.

  • Comment number 27.

    So, and forgive me if I'm adopting a simplistic view here, there seem to be two major points here:

    1) Was the BBC wrong to post the story and blog entry that it did? Absolutley. Even 60 seconds of fact checking would have shown that there really was no 'story' here and I find it incredible that you'd go to the trouble of contacting not one but two Anti-Virus companies for their feedback without doing the most basic research on the source article.

    2) Does a Mac NEED Anti-Virus? No, it doesn't. Provided you're careful when browsing the web and running unknown code then it's still very difficult to infect a Mac unlike, for example, a Windows machine. However, as with all operating systems, OS X isn't perfect and therefore adding extra protection with anti-virus is an option for those that wish to use it.

    Basically, the Windows world requires an anti-virus package of some sort if the machine is dealing with the outside world. On OS X it's currently an optional component which isn't required but is a worthwhile extra if you want to be sure. Why on earth is that news? That's what anti-virus software was SUPPOSED to be before Microsoft's poor security came back to bite users the world over.

  • Comment number 28.

    I run antivirus software on my Macs because I don't want to receive bits of malware and then forward them to people who use Windows. My wife and most of my friends have switched to Macs, mind you, but there we are.

  • Comment number 29.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • Comment number 30.

    neilephipps:

    Mac has not increased it's user base by more then 3% in the last 20 years, the are still around 13%. So what do you think the 87% are using for their computing needs? PC's....right! Another misinformed Mac user!

    Furthermore, their are MP3 players out there that BLOW the iPod away and there are smart phones out there that BLOW away the iPhone so I don't know why ANYBODY in their right mind (here's the problem) would purchase anything from Jobs/Apple/Mac - PERIOD!

    Mac=Over priced and less then adequate!

  • Comment number 31.

    Kadoogan:

    Yet another misinformed Mac user! What new games can you purchase for your Mac's, I mean high res 3D games not card games? None, you are correct!

    Let's see, try to find Autodesk software for the Mac, or maybe Solidworks Engineering software, it's just not there dude!

    So, another Mac user who is wrong in their assumption that a Mac can do everything a PC can do (not even close)!

    It's not just games that Mac doesn't run, it is also professional business software as described above! Sure, Mac doesn't write the applications but they certainly could lobby these developers to write more applications for their garbage computers, but they won't even do this because they are LAME!

  • Comment number 32.

    Hi luvwknd,

    "So whose misinformed?"

    I rest my case. (hint: try using a dictionary and brush up on your grammar, it really does help).

    And some further food for thought - McDonalds is the biggest food chain in the world, sells the most burgers, and has the most restaurants. It still doesn't make their food "the best" simply because they are the biggest.

    Make love to my Mac, do me a favour. It seems when the Windoze people get upset they resort to throwing petty insults around to make them feel better.

    Haven't you got some defragging to do, or an anti-virus programme to run? :-P

  • Comment number 33.

    Weak
    Lazy
    Journalism.

    FAIL.

  • Comment number 34.

    As an architecture student, I use Autodesk products at uni. On my mac, there are plenty of alternatives to be had, most of which are far cheaper and even better than their Autodesk counterparts.

    There are various methods to make games run on the mac. Wine, Bootcamp, Parallels, etc.

    I'd also like to add that Windows Vista runs fastest on Apple hardware.

    The percentage of businesses that use Macs is on the rise. What Windows fanboys seem to forget is that we not only have all Mac software available to us, but we also have all of your Windows software available too.

    Although, for the record, since I switched (after buying a Vista (in)Capable laptop) I have become a purist and have found alternatives to all the Microsoft programs I once used and no longer run Microsoft software at all.

    As for games, I'm in my late twenties and have too many better and more productive things to do, than spending my time playing computer games.

  • Comment number 35.

    luvwknd:

    There are thousands of applications available to use on a Mac.

    Windows has a much better selection of games without question, but once again you have shown you haven't a clue what you are talking about. To render your statement about no 3D games on the Mac as total garbage I only have to name one, but here's a few:

    3D games for the Mac (a small selection)

    Call Of Duty 4
    Civ 4
    X-Plane
    Flatout 2
    Race Driver 3
    Age Of Empires series
    Tiger Woods Golf series
    Medal Of Honor series
    Pirates
    The Sims 2
    etc...etc...

    As for Autodesk? Might want to look up Maya. Made by Autodesk. For the Mac.

    There isn't a thing I haven't been able to do on a Mac that I used to use Windows for. And in the vast majority of cases it does it much better. And a whole lot less viruses and malware.

    Are you 10 years old?

  • Comment number 36.

  • Comment number 37.

    luvwknd
    Why is it always games that seem to be the PC trump card in the Mac/PC debate? Consoles do the Job better than both.
    Apple has rising market share due to the fact they have a better product and offer a better user experience. The long quoted "Macs are too expensive" is simply not putting customers off anymore because Apple has managed to get the message across that there is a better alternative. People are switching in droves because they like the alternative. It works.
    Security is Windows biggest issue - and has been for to long and essentially this is what is driving buyers to take a look at the Mac. Macs are more visible now than at any other time, they are no longer considered a niche and you can even run Windows on them if you really need to.
    It would be unfair not to mention the halo effect that iPod and iPhone have had on Mac sales. Users LOVE these products - they both offer a fantastic user experience and so "my iPhone is fantastic - I'll take a look at a Mac". That is not pure Apple marketing it's simply an appreciation of product and Apples product mix.
    Microsoft make good products but seem to have lost sight of the customer and are playing catchup (Zune anybody?)
    Apple will screw something up soon - famous for it, but at least the playing field is levelling out just a little bit. In the long term that's good for everybody - including Microsoft.

  • Comment number 38.

    Thanks for posting to clear this up Rory.

    @luvwknd, that you are seemingly incapable of comprehending the name of the company that actually makes Macs and your insane belief that one can only run Apple-sanctioned applications on OS X shows clearly that you've never used a Mac and proves that no one should value your opinion on which OS is either better or more secure.

    Two other points.
    Learn how to use apostrophes correctly.
    Look up communism; look up fascism. Decide which is more appropriate.

    Just off to get a software update from 'PC' now and, by golly, I think my cappuccino's almost ready.

  • Comment number 39.

    Consoles do a better job than PCs for games?

    My word.

    *Plays Civ IV*

  • Comment number 40.

    You were wrong not to check out the story and wrong to suggest in the headline that apple was now 'pushing' anti virus software as if it were a complete U Turn.

    At the moment using anti virus on OS X is of limited use, not least because there are no active mac viruses to scan for.

    The debate about whether a responsible user should check files for Windows viruses to prevent passing them on is a valid one, and I would say on balance that yes it probably is worth it if you share files with a windows computer.

    However the original story was presented in such a sensationalist way without any prior checking and calls into question whether you should be using blogs as a new source. Of course you shouldn't.

  • Comment number 41.

    luvwnd
    Maybe the irony got missed somehow...... :-)
    Funny how sense of humour bypasses afflict the Micro$oft fanbase (anybody see those ads!!)
    Me? .......always a smile on my face especially when I hear the chime.
    You'll know what I mean WHEN you have actually used a Mac.........
    Looks like yourself and Rory should get together....... That would make some great copy!

  • Comment number 42.

    I have periodically run various anti virus software programs on the 4 Macs that I use and have always been relieved (but I suppose a little disappointed too) that I have never found any viruses or spyware -it makes sense to check, but the risk is low.

  • Comment number 43.

    I think macs are a pretty, but ultimately flawed pile of rubbish.

    I also don't like Microsoft at all. Although their operating system and platform is slightly more useful than the mac, you can't help but get the feeling that they actually hate their customers, they have absoloutley no intrest in what the end user wants, only what they want the end use to want.

    However luvwknd's comments are just embarrassing...if you don't know what you are talking about, just don't say anything.

    I personally can't understand why people get so uptight about defending these greedy money-grabbing corporations. They are both as bad as each other and both in different ways try to lock their users into their products.

    Why do people call themselves fans and spend so much effort evangelizing for these awful companies?

  • Comment number 44.

    What is it with the BBC ?
    Since they got stung with another error strewn story about Mac security a few years back, they jump on these stories like rabid tigers !!
    It seems some of the editorial staff don't like the aloofness they perceive mac owners to have, so when the get the chance to stick it to 'em, they do.
    The fact that just VISITING a dodgy website on a windows machine can infect you is, of course, not newsworthy.

  • Comment number 45.

    Having read the macworld link I'm confused as to apple's position.

    1) We're safe straight from the box they claim and immediately U turn saying but if you want to make sure.... buy some antivirus software.

    2) the techsupport page is removed for being old and obsolete as macs are safe straight from the box? surely they were not safe straight from box on 21 Nov when it was posted.

    3) the page was an update to an old page put up a year ago. Does this mean the mac was not safe straight from the box a year ago?

    This is surely a bit of toe-stubbing from apple. they advertise hinting virus free but recognise there is an element of risk, when their risk declaration is spotted they pretend it was wrong. Let us all remember linux/M$/mac that no protection scheme is 100% immunity from virus.

    The only 2 ways to avoid the nasty diseases:
    1) never insert any media/drive
    2) never go online

    antivirus is good, but as with human or animal diseases, only after the virus is out there can an inoculation be made.

  • Comment number 46.

    KeJaMo I agree completely. The fact is antivirus is optional, but is of course a wise choice particularly if you're doing anything involving financial or sensitive data.

    I do love all those commenting with there Microsoft/Apple partisan agendas. I always laugh when people put emotional attachments on inanimate objects, it shows a lack of perspective, and often knowledge especially about products in the same market. There are no networked devices immune to malicious software, its a shame but that's life.

  • Comment number 47.

    I have been working with thousands of Windows and Macs for years, and since it was true that there were quite a few nasty buggers back in System 7 & 8 eras, I have never heard of a Mac virus since the introduction of OS X.

    And I mean I don't even find them in Mac anti-virus software database. Don't get me wrong, I do recommend that all Mac users install anti-virus software, but only if they have any Windows based computer in the same environment, just to make sure the Mac share doesn't turn into a Windows virus repository. However, it make absolutely no sense installing anti-virus software, which itself doesn't contain any virus information for Mac, since they couldn't find any up to now.

    That web plugin trick was a long time ago, and it require you to enter admin password, so its really not a virus, its a social engineered trojan horse. And Sophos tune is getting rather old, every time being questioned why Mac need to buy their expensive anti-virus software, they will say something like "there are threats to Mac out there, such as " and then bring up this (and only this) example over and over and over and over... Honestly, I don't consider a single known threat to be threat(S).

  • Comment number 48.

    Earlier this week, before this story broke, MacDailyNews conducted a survey asking how many Mac users ran any sort of anti-viral software. 91% reported that they did not run any.

    There are some people who try to give the impression that there are viruses for Mac OS X, but when those people talk about Mac viruses, they're usually making misleading references to ancient viruses that appeared on now obsolete Mac operating systems, or else they are referring to malware that tricks the user into installing it, which is not remotely like a self-replicating virus.

    OS X has now been with us for nearly eight years and now has more than thirty million users. If 90% of those users are not using anti-viral software then it's quite obvious that if a viable virus actually existed, it would have been widely seen long before now.

    We've seen the BBC report many times on viral threats for OS X, but in every single case, it's been a false report. However the BBC still continues to publish similar articles every so often and doubtless will again.

  • Comment number 49.

    It's a bit naughty of Rory, who had so misrepresented Apple a day earlier, to get stroppy about their non-reply to his enquiry. It all smacks of "well, if I can't justifiably criticise Apple for the Macs needing anti-Virus software, I'll criticise their press office instead."

    The only reason for Mac users to use anti-virus software is to stop them accidentally passing on Windows viruses to Windows users. If people want to use Windows computers, they shouldn't expect others to protect them from their own ill-informed decisions.

  • Comment number 50.

    Hmm, Sophos hey? Last time they detected a "virus" on any of our Macs, it turned out to be the operating system. Sophos deleted essential operating system files, leaving the machines unbootable.

  • Comment number 51.

    As a Macaholic for over 20 years, I am outraged. I don't drink cappuccino, and as a matter of course, I always use antivirus software. I know it makes sense,

    martinthehack

  • Comment number 52.

    Macs are currently safer from a malware attack for two reasons:

    1) They don't let you run the OS in administration mode natively - something that MS didn't cotton onto until Vista.
    2) There is far less malware out there for Os X.

    There is currently no need to run AV software on a personal use Mac at the moment.

  • Comment number 53.

    I can't stand active anti-virus software. It tends to slow a computer to a near standstill. As a Mac user of over 12 years, I have never had the need to run any.
    While it can be argued that the reason that Macs do not get any native viruses because of their relative rarity, the truth is that it is harder to engineer a virus for the Mac that can really do very much. Browsing through the history of OS X security updates will show what is required to infiltrate something into the Mac, and generally, it requires very elaborate methods to do very little damage.
    I have used passive anti-virus scans - these have never yielded any result on my Mac, but would serve to point out if any Windows viruses were present on the hard disk - even though they would have no detrimental affect on the Mac itself.
    Currently, there are a couple of nasty malware applications for the Mac - but these require downloading and then accepting 2 notifications, clicking an install button and finally typing your admin password.
    Sadly, while Windows does offer an amount of warnings, they tend to get in the way of general internet usage. Active X makes it easy for viruses to be downloaded without the user really understanding what is going on.
    Essentially, while I would never use active anti-virus software, I am happy to occasionally scan my Mac with passive software, but by far the best way to avoid problems is to be sensible about the sites you visit, attachments you open and files you download.

  • Comment number 54.

    In a way, I can't wait untill mac get a bigger grip on the market. As soon as they hit the 50% Mark people are going to start realising that virus's on macs will yeild more results than virus's on a PC. Unlike with Windows Virus's were the are so many virus scanners, malware scanners so on so on, where people can safe gaurd their PC easily, most Mac users are going to be clinging to the belif that no one could ever set a virus on them and won't have these, and they won't be anywhere near as developed. Then the Mac virus's will start rolling out, probably created by people who have been learning new ways to get around windows compatible safe gaurds for ages so all they have to do is adapt. And they you will have Mac Virus's.

    At the moment, Virusus on Macs are no where near as profitable than a virus on a PC simply becuase there are less of them. So, yes, right now Macs are safe - but if every mac user that has ever told me my PC is crap and their mac is awesome get there way... convert all thoses lowly windows using people to Mac their little cushy world will start getting dirty.

    I've also had a PC since I was 7 years old, thats 14 years, it's nt hard to keep a PC clean. Even if you do occasionally go on thoses "Dodgey Virus Laden Sites" or open "Evil Emails." Be spart, Run a Virus scanner, simple programs like Spybot S&D that run in the background and use up virtually no ram. My PC is on alot, its linked up with a network of 3 others, and 2 xbox's, all streaming with each other, all connected to the net 24/7 unless we all go out and turn them off (Rarely). And they all work fine, no virus's, no crashing, I can happily play MMORPG's with 2 other people connected in the house whilst some one down stairs is streaming music or a moive from my PC on the TV downstairs via the xbox.

    Off track a little there... but still, I'm at work and bored :D

  • Comment number 55.

    I love all thiese Windows users who don't run anti-virus software and then claim to have never had a virus in X number of years. How do they know???

    Not every virus causes your machine to fall over or act up. Most these days are aimed at either quietly collecting all your important data, or acting as a node in a botnet, both of which require the virus to keep the machine running smoothly without the user realising it.

    And even if you do run anti-virus, you still don't know for sure as their coverage is incomplete and usually behind the malware leading edge.

    Prevention is the only cure, which is why I stick to Linux and OSX, both OS's with a security model designed in from the start for networked multi-user environments, and with a low target profile.

  • Comment number 56.

    @LanaLey,

    "Unlike with Windows Virus's were the are so many virus scanners, malware scanners so on so on, where people can safe gaurd their PC easily, most Mac users are going to be clinging to the belif that no one could ever set a virus on them and won't have these, and they won't be anywhere near as developed"

    Your argument makes no sense. OS X is secure by design. Anti-virus is an afterthought to security, which is why Windows is inherently insecure. DOS was never designed to be used on a network, let alone the internet.

    If you look at ANY file or folder on a UNIX system (OS X is a Certified UNIX OS), it has Permissions - the owner, the group and everybody else. Rules that have to be obeyed.

    These permissions, when set correctly (which they are by default) provide a level of security that simply is not possible in Windows.

  • Comment number 57.

    I wonder how many other people, like me, rushed to buy anti viral software?

    Upon reading the BBC article, I immediately bought VirusBarrier 5X, for 72 Euros (I live in France)

    Although I have used Macs for 20 years now, and know of their resilience to viruses, I took the article at face value and made my purchase. I use my computer (among other things) for internet banking, and so thought, after reading the article, that I would be foolish not to protect myself.

    I now have mixed emotions. On one hand I feel a little foolish for making a knee jerk reaction. On the other hand, something tells me that you cannot be too safe whilst online...........

    On the whole I guess I would rather have protection than not.

  • Comment number 58.

    to all you mac users who think they are better than us PC users you will still get the stupid users who open emails form unknown sources and access dodgy websites, but we PC users will always have the last laugh due PC's being able to run either windows or linux and you don't really need a virus scanner the most important software is the firewall which when configured properly will stop anything from trying to damage your system but you also have to have some comon sence which from past experience mac users don't really have.

    and before you ask YES i am a PC fanboy

  • Comment number 59.

    @raven2751,

    Wrong wrong wrong. A Mac can run any OS a PC can, plus it can run OS X too:

    www.virtualbox.org
    www.parallels.com
    www.vmware.com

    Try harder next time PC fanboy! Good day to you sir.

  • Comment number 60.

    All those who think the Mac is secure should think again, and not because of this particular event but because of something that was posted on one of the Security bug tracking sites in 2005. There's a security hole in SSL - all 3 versions of it. It allows a hacker to take control of your PC. The nasty thing here is that SSL is responsible for networking security so if you connect to the Internet you use it and are vulnerable. The writers of SSL have stated that they have no intention of fixing this hole because too many other things will break. For the record, Windows PC are immune from this bug because they don't use SSL from this company. Operating systems that DO use it are all versions of Linux, Unix, and BSD. That includes the Apple Mac.

    So there you are people. You have an OS that is inherentlyh insecure, that is know even by its authors to be insecure and that will remain insecure apparently for ever.

    You still want to buy a Mac? I want to buy something from a company that takes my security concerns a little more seriously than that.

  • Comment number 61.

    There is just so much old cods being floated by the Mac v PC brigades on this thread (and elsewhere).
    Anyone whose been around computers for a few years will know by now that, as in many other areas of life, this is mostly about using common sense to assess relative levels of risk.
    Following the odd reports of OSX capable viruses, and also non-OS specific security issues, it's been prudent for quite a while now to run AV on Macs - if you are concerned about security of your data and want to avoid the grief that getting a "nasty" can entail.
    As most experienced PC owners know, it has been essential for many years to have a capable and up to date AV app installed and, and without a good firewall, you'd be lucky to last the hour without some sort of problem settling in.
    I think some people just like slagging other people off a lot, and telling other people "you are wrong and I am right" (yes I'm guilty of that too). It's mostly harmless joshing, but after so many years, the Mac V PC debate feels just like a very tired and aged argument.

  • Comment number 62.

    I never really believed that Macs were safe from viruses and one of the first things I did after getting my iMac over two years ago was install anti virus software. To be honest I have always suspected that they main reason that Macs don't get viruses had more to do with the fact that there weren't enough of them out there to bother with after all who's going to bother with about 3% of the market when 95% of it's windows? I suspect that ever since Apple went with Intel making OS X more like Windows that they are more prone to viruses than ever.

  • Comment number 63.

    never mind security software, do you use a spell checker?-"and I'm still not convinved that I need to act"

  • Comment number 64.

    @ 59

    twelveightyone

    A little bit of revisionism there.

    You should have put

    A Mac with an Intel Processor can run any OS a PC can, plus it can run OS X too

  • Comment number 65.

    I have a Mac. I have a bicycle.

    My Mac runs without antivirus software. I ride my bike without wearing a helmet.

    Why? Because I think about what I do.

    The risks for a virus on OS X are minimal: the arguments about small market share are daft, as hacking into them could still make a small fortune. Simply, they are better by design. If a few viruses are found in the wild, I will reconsider and buy AV, but until then, I'm not going to let AV slow down my computer.

    The risks for head injury on a bike are small. A helmet can actually ** increase ** the risk of head injury (cyclehelmets.org) because of rotational forces and risk compensation. I prefer to have the health benefits of riding a bike, rather than being forced to wear a helmet and sweat, then drive my car and get fat instead.

    Considered arguments. Don't slag off each other, just read the evidence and come to your own conclusions.

  • Comment number 66.

    All Mac users should have some sort of anti-virus software, especially if they are working between environments with other people or on their own computer. Even if it is only to scan files and emails that will be sent on to users of other OS's.

    It doesn't need to be active and monitoring your files and actions constantly, but there should definitely be some kind of protection, its just socially responsible computing.

    Commenters like twelveightyone and StuartAB, who seem to have a rabid fanboyism towards a particular company don't help. 12-80-1's first comment that "There is no need to use anti-virus on Macs, unless you want to help stop the spread of Windows viruses." shows how some Mac users can sometimes not be computer users, but brand supporters who care not for the community who use computers at large but only for other Mac users. Heres a tip. If Mac users scan their files for viruses, then maybe you'd get less spam e-mail because those Mac users, by not intercepting viruses by scanning files they plan to send on, are themselves guilty of virus proliferation.

    The "I'm A Mac, I'm A PC" adverts show perfectly the psychology of some Mac users. They're cool, young, funky and easy to use... But yet somehow come across as a little smug, arrogant and completely cold and unlovable.

    I love Mac OS X, in particular its multimedia capabilities, however it is an OS with kid gloves on. Certainly not for someone who likes to get underneath the bonnet and get dirty like Linux, and it certainly has limited options in software choice, unlike Windows.

    Peej2K - Writing this on a iMac with Boot Camp using Windows XP, whilst charging his iPhone.

  • Comment number 67.

    raven2751 - If you want your rants to be taken seriously, try using proper sentences.

  • Comment number 68.

    @ peej2k6 ,

    No fanboyism here mate, I just consider Windoze to be inferior.

    I use many different OSs, I work in the offshore industry and we use mission critical software - systems that simply cannot fail.

    We use Windows for some things, but only as long as it is offline (ie: not connected to any network). I have been working with some major clients in porting some of the M$ software they use offshore to other systems (mainly UNIX), so we can actually link them to the net and perform remote admin, instead of having to jump on a helicopter and fly to the middle of the ocean to maintain and check the systems, like we do now.

    Don't get me wrong, I wish Windows was good. Competition is good for everyone, but with Microsoft insisting on backwards compatability all the time and all the problems it brings (ever wondered why one piece of code can infect every version of Windows? - they are all the same underneath all the pretty interfaces [think lipstick on a pig]), I can't see it happening soon. They need a fresh start, get rid of DOS and bring something new to the table. We don't need 'touch screens' and all that nonsense. We need them to produce a reliable OS that doesn't become pwned 30 minutes after going online.

  • Comment number 69.

    As usual, the age old argument about Mac vs Pc rages. Having used both systems since their entry into home computing, I decided to invest in the Macintosh. Why?

    They look great.
    They feel great.
    They now run OSX and Windows/Vista natively.
    They are very stable.
    They have superb build quality.
    They have superb design quality.
    They communicate seamlessly.
    They are lovely to use.

    But!!!!!!!!!!!!

    They are very expensive.

    You pay your money and make your choice.

    Personally, I prefer to use a machine which has all of the above qualities, and lets me boot up as a Pc or a Mac. To me it's a no brainer!

  • Comment number 70.

    Can I just point out that Windows hasn't used a DOS shell since the advent of NT over a decade ago and that Vista is very secure as it doesn't allow users to run as Admin natively?

    Whilst I understand people having preferences I think facts are considerably more useful.

  • Comment number 71.

    luvwknd wrote:

    "So, another Mac user who is wrong in their assumption that a Mac can do everything a PC can do (not even close)!"

    err.. Macs can run Windows (and Linux), either by booting into Windows (using Bootcamp) or simultaneously with OS X by using Parallels or VF Fusion.

    Using Parallels or VF Fusion you can share peripherals, drag and drop between each OS and lots of other things.

    Next ignorant argument from someone who's never used a Mac....

  • Comment number 72.

    Ever since seeing Jeremy Paxman's fawning interview with Bill Gates, I have suspected the BBC's impartiality in the windows/mac/linux debate. Your IT blogs and technology stories only confirm this suspicion. It has changed my mind about the licence fee. You should compete for taxpayers money on the same footing as other broadcasters.

  • Comment number 73.

    Oh Rory, didn't you know that it isn't a good idea to criticise Apple computers in the presence of Mac disciples? Their quasi religious devotion to all things Apple is pretty much on a par with an Ayatollah's view of Islam.

    Before I risk a "cyber stoning", I should say I am a Mac user - but a realistic one. Macs are free of malware at the moment for two reasons. Firstly a UNIX based OS is harder to attack - which is great!. Secondly - and most significantly - nasty stuff isn't there because of Apple's tiny market share. In other words, it just isn't worth the time and effort in writing malware to attack the small Apple user base.

    Things might change if Mac's grow significantly in popularity but for the moment us Mac users can carry on working as usual as long as we keep our heads down and don't draw attention to ourselves. The fact that Apple themselves drew attention to the potential threat back in 2007 and now want to cover up the evidence seems to prove the point?

  • Comment number 74.

    Isn't this yet another reminder of why stories on the net should show their date stamp?

    How many people click on a BBC link under the heading "Most read" only to find it is an article the reader read a year ago? By putting a link in the "Most read" listing thousands of users click on an old story - making it appear more recent than it is.
    It would be far better to call it a listing of biggest cons! All the list does is call attention to a story - for all we know it is a completely false popularity - a bit like the tricks the record companies use to make a record climb the charts.
    By putting a date beside the link it would soon disappear from the listing as most current users had already seen it.

  • Comment number 75.

    I have a mac and the first applications I got for it were an antivirus, firewall and spyware scanner. It doesn't matter what the platform is: you can never be complacent!

  • Comment number 76.

    Isn't it obvious... why would virus writers and malware authors spend, effort and money writing programs to infect Apple Macs (to create botnets for example), when there are far far more PCs in the world? Surely the easiest target is the largest one.
    If Macs are ever as widespread as PCs (unlikely), then Macs will be just as much of a target as PCs.

  • Comment number 77.

    Never listen to the PR men from antivirus software producers, where Mac is concerned. If one is completely paranoid about passing infections on to the great unwashed PC brigade, simply install the free and effective ClamXav, otherwise (and I guess Mac users are in most cases fairly computer-literate) just use common sense.

    In the past 15 years on the internet, using only Macs, I have never suffered a virus or malware attack (touch wood).

    Most infestations, and I refer to Windoze here, are due to computer users' ignorance, complacency and/or stupidity.

    While never complacent about the Mac situation, a watchful eye is surely enough. No need to pay good money for the proprietary 'security' products. OSX is a robust and generally secure system, when used in combination with the brain.

  • Comment number 78.

    And by the way, I'd love to see an itemised rundown of what PCs can do that Macs can't. Other than certain games and dinosaur software like Corel Draw.

    Even those run with VM Fusion/Parallels/Boot Camp etc. on an Intel processor Mac. Should one feel the need to do so.

    However, the best choice is surely to choose the most appropriate system for one's needs. Macs aren't expensive, when one compares specs. I recently costed out a Dell laptop running Vista to a comparable spec to my MacBook Pro.

    The Apple hardware worked out £300+ cheaper.

  • Comment number 79.

    I've run Windows since v3.1, I have never installed any anti-virus software and not had a virus on any of my machines in the last 15 years.

    Can someone tell me what am I doing wrong?

  • Comment number 80.

    Rory:
    I am very glad that i do not use a MAC computer....

    That is why, I trust my Personal Computer and or my laptop.

  • Comment number 81.

    I ran across this article -

    http://www.thexlab.com/faqs/malspyware.html

    Which is copyrighted 2008 so I take it it is reasonably up to date - however the salient points are:

    Unix is not virus proof & by extension neither is OSx.

    Apple is constantly - as are all OS manufacturers - issuing security update to close exploits - which means it can be exploited.

    There are worms and spyware for the Mac.

    The simple fact that as a niche market it was not worth doing - but hark - Apple's market share is growing from 3% to 7.3% to 10% so all of a sudden the Mac community is becoming worth the plundering and most of them are so smug that they can't be got means they are ripe for the picking.

    Complacency is no protection if you want to come out and play with the big boys.

    :O)

 

The BBC is not responsible for the content of external internet sites

BBC.co.uk