Tech “journalism” strikes again: of course Apple will recommend antivirus eventually

A self-proclaimed analyst at CNET has predicted that Apple will recommend antivirus.

Apart from the fact that Apple already did recommend antivirus a few months ago (but has since removed that page), isn’t that quite obvious? Some prediction. Unfortunately, the reasoning for that recommendation makes me wonder what Jon Oltsik is analyzing. Here are the reasons he gives for Apple recommending antivirus, and they’re all pretty much baseless:

Macs users are a lucrative target. Mac owners tend to affluent and Net savvy [sic]. To the bad guys, this means identities to steal and broadband connections to exploit.

If Mac users tend to be net-savvy, then why are their machines being compromised? Why don’t they have mechanisms in place to protect themselves from identity theft? If Macs are currently such a great target for malware, why is there so little malware out there for Macs now?

Organized cybercrime is diversifying. Cybercriminals tend to work as a loose confederation with each group specializing in a certain task. There are malware writers, botnet owners, mules, etc. Some entrepreneurial bad guy is bound to see a green field market in Mac cybercrime, recruit Mac hackers, develop expertise, and market these capabilities. If there is an equivalent of a cybercrime venture capital firm, they are probably looking at business plans like this already.

Diversifying ways to compromise machines doesn’t mean you attack multiple platforms. That’s just more work for very little return.

Macs are growing in the enterprise. In many large firms, Macs make up about 5 percent of endpoints. If the bad guys infect these systems, they can troll the network looking for other vulnerabilities and juicy data at will.

How about if the bad guys infected the machines that make up 95% of endpoints? Wouldn’t that give them more “juicy data”?

Macs are fairly easy to hack. In March as part of a contest, security expert Charlie Miller won $5,000 for exploiting a hole in Safari in about 10 seconds. If he can do this in 10 seconds, how many techies can do it in an hour? This is a frightening thought to me.

Okay, now this is totally ridiculous. Charlie Miller didn’t just walk into that competition and find a hole in 10 seconds. He knew about that hole for over a year and then exploited it in 10 seconds (in his own words: “It was an exploit against Safari 4 and it also works on Safari 3. I actually found this bug before last year’s Pwn2Own but, at the time, it was harder to exploit”). There’s a big difference there.

And all operating systems have security holes. That’s why Microsoft, Apple, and even Linux distribution maintainers all issue regular updates and patches.

I don’t understand why people imagine that you either have an unprotected computer or you have antivirus. (Or they think that an operating system that ever has a security hole is necessarily as insecure as another operating system with security holes.) Antivirus and protection are not the same thing. They’re not even similar. Antivirus does not offer you any real security at all. Don’t believe me? Go ask all the Windows users infected with malware what antivirus they’re running. Odds are that almost all of them will have some kind of fancy schmancy “security” software installed… software that did nothing to protect them.

Mac OS X isn’t a model in the best security, but its defaults are certainly better than Windows’ defaults. No operating system is invincible, and that includes Mac OS X. But Mac users will be no more protected with antivirus software than they will be without it. Know what the latest security breaches were for Macs? Trojans. Do you know how useful antivirus is against gullible users installing pirated software? Not at all.

Trojans rely on social engineering, and no operating system “security” can stop that, because the security hole is the user, not the computer. If the user can be tricked into giving away her password or giving a bad program access to system files, then you can have all the proper permission level separation or “security” suites in the world, and they will all be for naught. Have NoScript installed? She’ll whitelist every site. Have an algorithm for guessing malware? It’ll give so many false positives that she’ll learn to ignore its warnings.

Why will Apple eventually recommend antivirus? Plain and simple—because antivirus software is the most successful placebo ever introduced to the mass populace. As Mac marketshare continues to grow, more and more trojans will pop up, and more and more gullible users will keep installing them, and Apple will finally have to admit that Macs are just computers and not magic. But instead of saying “Users are stupid and need education,” they’ll toe the party line and recommend people install useless antivirus software, just as Microsoft does now. At least then they can enter into lucrative business partnerships with antivirus software companies.

Break out the sheepskin condoms, people.

Join the Conversation

4 Comments

  1. “Macs are fairly easy to hack. In March as part of a contest, security expert Charlie Miller won $5,000 for exploiting a hole in Safari in about 10 seconds. If he can do this in 10 seconds, how many techies can do it in an hour? This is a frightening thought to me.”

    Oh man, how embarrassing. If that were just a friend making that comment, I would patiently sit and explain to them why that statement is way, way off-base. But the fact that it was published in an article by a tech “journalist” is just horrifying.

  2. But Macs ARE MAGICAL CHARLIE
    MAGICAL!

    Ahem, but, yeah, UAC in Vista cannot stop stupid users, neither can sudo.

  3. Here’s a bio blurb on the analyst:

    Jon Oltsik is a senior analyst at Enterprise Strategy Group as well as the founder of its Information Security service in 2003. Oltsik is now widely recognized as an expert in security management and technology and also focuses on identity and access management.

    Prior to joining ESG, Jon was the founder and principal of Hype-Free Consulting. Mr. Oltsik previously served as VP of Marketing & Strategy at GiantLoop Network where he managed all external marketing activities and defined the company’s strategic vision. Jon was also a Senior Analyst at Forrester Research where he covered a wide range of infrastructure and IT topics. In this role, he was frequently quoted in business journals, including the Wall Street Journal, Business Week, and the New York Times, and was also the recipient of a prestigious “best research” award for his breakthrough report, “The Internet Computing Voyage.” Jon has held additional marketing management positions at Epoch Systems, Clearpoint Research, and EMC Corporation.

    [My emphasis added]

Leave a comment

Your email address will not be published. Required fields are marked *