Apple still not acknowledging MacDefender

Today I entered Apple Care live chat and pretended I was infected with MacDefender (I called it Malware Defender), Not surprisingly this is what they said:

Orange is what I added in now. Blue is me and Red is apple.

I most say Apple is making it very easy for users to get infected. Telling them it is impossible to get infected on a mac. Please apparently it isn't. Their forums are littered with people complaining about MacDefender.

Opinions?

 

Well, to be fair, they're basically right.

 

Not really. Mac OS X is not immune. As much as I love the OS it has issues.

Mainly the fact that Admin is not separated from Root as it should be. This basically defeats the entire purpose and security of having root. Apple has also weakened Unix security in order to make the OS "easy to use".

That said Mac OS X will be seeing a lot more malware here, Mac Defender is one example, but just wait there will be rootkits and advanced malware that will use priv escalation sooner or later against Mac's. Most (but not all) of the security is through obscurity (Not as many users until now).

At least some Unix/BSD security is still intact but not enough.

 

MacDefender is a joke piece of malware that basically relies entirely on social engineering and safari automatically opening downloaded files.

This is likely the worst we'll see for OSX because even after it's automatically opened it still has to prompt the user for rights and the removal takes seconds, you delete a single file and kill a single process.

 

I will completely agree that the removal of the MacDefender malware is painless compared to other infections on Windows machines. I will further concede that the appropriate implementation of the principle of least privilege on OS X machines gives them a good security boost over admin-running Windows machines.

But that's not the big issue here, in my opinion.

The MacDefender fracas wasn't a big deal because it proved a huge, new software vulnerability. It was a big deal because it proved a huge, old social engineering vulnerability. Mac advocates frequently describe how difficult/impossible it is to infect an OS X machine, and then turn around and say "Well, if you do get infected you're just an idiot". That doesn't seem fair when the Apple brand fosters an image of invulnerability to the end user. In other words, telling your users 'You'll never get infected!' is tantamount to making them vulnerable to social engineering. I don't care if you have to put in your Admin password to infect an OS X machine - Most OS X users put that password in willy-nilly for anything: It's what they've been conditioned to do.

So, bottom line: Regardless of how secure/insecure the OS X platform is, the prevailing Apple attitude is one that encourages the end user to be a social engineering victim. And who cares how secure your platform is, if the user is easily deceived?

Just my opinion on the matter, to be sure.

 

@Hungary Man
Agreed there. Social engineering is a main component. None-the-less apple shouldn't say don't use a anti-virus we are immune.

My reply can be ignored now as This is what I was trying to say! Thanks for the better wording.

 

Yes, I completely agree. Apple's attitude towards the situation is not the right one. However, they did roll out an update to remove mac defender and in terms of security that's all it really takes for them. I believe there ended up being 3 variations on macdefeder/guard... that makes the fairly simple process to remove it even simpler. I wouldn't suggest an antivirus for an OSX user, if they know to ask for an antivirus they probably have the miniscule amount of common sense not to need it.