Beating the Mac Horse (and Linux, too)

It’s time for Linux and Mac users to get their heads out of their collective sandboxes, says Nicholas Albright. Featured last week in the Washington Post, Albright and his teem of vigilante volunteers are keeping tabs on hundreds of botnets consisting of tens of thousands of infected computers apiece, reporting them to law enforcement, and contacting ISPs to get them removed. “We have evidence that Linux botnets are on the rise. And I’ve found at least two bots that can run on MacOS,” Albright told me in an email last Thursday. “My personal opinion is that Mac, Linux and BSD users need to quit acting like they will never get attacked and actually plan for how to handle it if they do.” Yeah, but on a Mac, at least, the user has to type in a password before it can install any code. Social engineering someone to accept the download isn’t that hard, says Albright. And the argument for not running as root on Linux doesn’t hold water, either, he adds. “Most of the bots we see run with Apache permissions.” After a rash of malware prototypes aimed at Mac OS a few weeks back (read my previous blog entry), I decided it was time to end my experiment of running my Mac without anti-virus software. So I immediately e-mailed my contact at Symantec and within a week installed my complimentary Norton Antivirus 10.0. But I was disappointed to find that Norton still doesn’t have any way to stop spyware and keystroke loggers that could be coming at my machine. “Historically, spyware has not been a problem for Mac,” said Mike Romo, product manager Norton’s Mac division when I asked him about this. “Our future product will be more aggressive in addressing malware and other kinds of attacks on Mac’s.” Inquiring minds want to know: When might that be?