You know, over the past few days I’ve been reminded of an episode of South Park. It’s an episode where Kyle needs help solving a problem and he ends up coming to Cartman. Cartman sees Kyle and says “Oh, well, well, weeeeeeeeell…” Kyle rolls his eyes in disgust. “Well, well, well, well, weeeeeell,” Cartman continues to gloat.
“Cartman!” shouts Kyle. “Are you going to help me or not?” Cartman is obviously enjoying this reversal in fortunes.
I bring up this episode of South Park because it reminds me of what we have seen over the past week when news broke that the Mac was vulnerable to a major malware outbreak of the trojan Mac Defender. From Reuters:
The days when Mac users need not worry about their computers getting infected with malicious software may be coming to an end. Internet security experts say that cyber-criminals have begun targeting users of the increasingly popular computers from Apple Inc with one of the most pernicious types of malware: fake anti-virus programs.
Security firm McAfee has seen "a steady stream" of these anti-malware viruses appear over the Internet in the past week as it scours the Web for malicious software, said Dave Marcus, one of the company’s top researchers.
At first, Apple didn’t want to admit that they had a problem, nor did they want to assist their users in removing it. From TheNextWeb:
Ed Bott of ZDNet spoke to an anonymous AppleCare representative and was able to find out that they are instructed not to help users remove malware to manage expectations for future problems.
“AC: We have a team of people who go though all case notes and find new issues that are popping up a lot and send notices to all of AppleCare. Our notice for Mac Defender is that we’re not supposed to help customers remove malware from their computer.
The reason for the rule, they say, is that even though MacDefender is easy to remove, we can’t set the expectation to customers that we will be able to remove all malware in the future. That’s what antivirus is for.”
But they eventually came around and begrudgingly admitted that they did have a malware issue. From ZDnet:
Apple has released an advisory that describes how to both avoid and remove Mac Defender malware from affected systems.
The advisory outlines how to prevent infection, how to force quit the Safari browser and also offers up step-by-step guidance on how to remove the malware.
By wait, there’s more!
“In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by “
Now, don’t get me wrong, I am not acting all smug that Apple users are suffering from a virus infection. I’m happy that Apple is issuing updates to clean up this piece of rogue software. I’m not even wallowing in my own crapulence at Apple itself and the subset of folks in the security industry that claimed that Macs were all but invulnerable to malware.
No, wait, that’s not right… that last point is exactly why I am enjoying a moment of schaudenfreude.
For years we saw advertisements from Apple indicating that PCs were susceptible to viruses with the implication was that Macs were not:
- PCs get virus – there are 114,000 of them – but not Macs
- There’s a lot of spyware out there – but Macs don’t need to worry about it
- PCs have annoying security Cancel/Allow’s – but Macs don’t need to worry about them
These are straight from Apple itself. They aired them. At the time, experts criticized the ads as being deceptive because were susceptible to malware but Apple defenders countered by saying that the sheer volume of viruses for the PC greatly outweighed the risks to the Mac.
Good thing they stopped airing all of those commercials because now it’s not true.
It’s one thing for Apple to start downplaying the non-threat to Mac users. However, the number of folks in the security industry are the ones who have to backpedal. How many times have I seen someone say that in order to be safe online, do the following:
- If you’re running Windows, unplug it from the Internet.
- Don’t use Windows.
- Get a Mac.
Those first two bullet points imply that the user still needs a computer, so get a Mac. Macs are safe. They don’t get malware. Get a Mac! You’ll be safe!
Apple can be forgiven for believing that its product was invincible. After all, it takes a lot of people to make a computer and very few of them will be security experts. Many designers and testers and managers and marketers don’t have the background in malware to be able to say that they might be vulnerable. Besides which, they have backed off their claims in recent years. The security experts who previously said “Macs are secure” have no excuse.
It was irresponsible to claim that Macs were not a target because it implied they would never be a target. Defenders of the PC used to claim the reason PCs were targeted was because there was more of them and malware authors went to where the market was. If Macs ever became more popular, they, too, would become a target. Defenders of the Mac claimed this wasn’t true and that the Mac was inherently more secure so it wouldn’t matter if they became more popular.
I guess we now know who was right.
Okay, now that I have that out of my system, it’s obvious that the Mac has been hit with this because malware writers go to where the money is – since Macs are more popular they are going to go after Macs. Fake antivirus software works, and therefore they are writing malware that spoofs antivirus software. That’s the way it works – once you become popular you become a target for freeloaders.
Apple will eventually do the same thing Microsoft does – issue updates on a regular basis or out-of-band for the serious ones.
Maybe the two companies aren’t so different after all.