My premise was that someone might decide to make malware for Macs because:
- users are not expecting it, and have had little coaching regarding malware on Macs
- there is very little usage of antivirus programs
- Safari is not particularly hardened
- OSX lacks various protections present in Windows
- making a mac 'port' of a malware program is probably not difficult
It seems really easy and wide open, in other words.
We have seen a fairly widespread attempt recently to infect Macs with a trojan, 'anti-malware.zip'. I presume most people have seen this, if not: http://www.tuaw.com/2011/05/19/macdefender-malware-protectio...
I've actually encountered this several times recently - chromium downloads the .zip file automatically when you are redirected to the attack site. What if they find a browser exploit for Firefox or Safari as the next step?
> People write malware to make money. Your premise is that the return on investment for Mac malware is comparable to that of Windows, which still absolutely dominates the market for personal computers. It's not.
Almost all software is written to make money, and still plenty decide to write software for the Mac even though the market is smaller. What's the difference? The revenue potential per 'customer' is a lot smaller for this vs. the programs sold by Panic, perhaps?
I'm not challenging your perspective or expertise of course, these are merely the reasons I wonder about it.
Sorry, I don't think you're dumb for thinking this could happen, but I simply disagree that the Mac malware "market" is going to resemble the WinAPI market any time in the near future.
Thank goodness for that, I shudder each time I hear of someone using a Mac or Linux antivirus program! Not because viruses are so terrible, more that the antiviruses are.
My main concern is how long Linux and Mac users (e.g. myself) can continue to be considered comfortably immune to such threats. I'm glad to hear you think things will be safe for the Mac for years to come, esp. since that would mean desktop Linux should be safe for a long time.
- users are not expecting it, and have had little coaching regarding malware on Macs
- there is very little usage of antivirus programs
- Safari is not particularly hardened
- OSX lacks various protections present in Windows
- making a mac 'port' of a malware program is probably not difficult
It seems really easy and wide open, in other words.
We have seen a fairly widespread attempt recently to infect Macs with a trojan, 'anti-malware.zip'. I presume most people have seen this, if not: http://www.tuaw.com/2011/05/19/macdefender-malware-protectio... I've actually encountered this several times recently - chromium downloads the .zip file automatically when you are redirected to the attack site. What if they find a browser exploit for Firefox or Safari as the next step?
> People write malware to make money. Your premise is that the return on investment for Mac malware is comparable to that of Windows, which still absolutely dominates the market for personal computers. It's not.
Almost all software is written to make money, and still plenty decide to write software for the Mac even though the market is smaller. What's the difference? The revenue potential per 'customer' is a lot smaller for this vs. the programs sold by Panic, perhaps?
I'm not challenging your perspective or expertise of course, these are merely the reasons I wonder about it.