That doesn’t surprise me

  • 0 Posts
  • 1 Comment
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle
  • This is something I’d like to know as well, but I doubt we’ll ever get a very satisfactory answer as nearly everyone has some kind of agenda they want to promote rather than actual facts about this. You will see in the tech press every few months a headline warning Mac users that NOW is the time to install antivirus software as the tsunami of malware is coming, but every time it’s because of a new press release based on some very dodgy “research” done by Sophos or some other antivirus retailer that desperately wants to sell licences of their software (which in most cases nobody wants as it slows your machine down, forces you to disable built in security and just causes random crashes and unwanted behaviour).

    I think it’s some kind of amalgamation of reasons to do with market share, history, OS design, development culture, ease of finding weaknesses, user education, potential for profit and probably some other things.

    The market share argument sounds like a good reason. It used to be the case that Windows just dominated the desktop market, so obviously that’s what you’d target. That sort of falls down when you look at the mobile market and see how much share iOS/iPadOS has (and that most of the people owning those devices are surely a higher target than Android users). But there just isn’t any iOS malware in the wild (apart from occasional reports of state level actors targeting specific foreign targets with zero day exploits).

    History plays a part. Malware authors mostly wrote Windows viruses, and have Windows computers, so they carry on doing what they know and improving things that they know already work.

    OS design is definitely part of it. In the old days System 6/7, MacOS 8/9 had plenty of viruses, because it was so easy to write them. The OS supported multitasking with no memory protection and the filesystem had no concept of protected files or user accounts. Once OS X came out that all stopped as it was based on BSD UNIX (via NeXT). Is MacOS/iOS more secure than Windows? I don’t think there’s any particular reason why it should be, but historically Windows security has been pretty bad. iOS has always been pretty firmly locked down, with apps sandboxed from each other and only apps from the App Store allowed - the attack surface is really small. Recent versions of macOS have inherited some of that hardening, with App Store apps being sandboxed and the OS itself being locked through System Integrity Protection etc.

    And that’s partly down to the development culture behind the OS. Microsoft’s historical culture with stack ranking and competing groups that never communicate seems guaranteed to produce an end product littered with security holes big enough to drive a bus through. You just need to use Windows for a few minutes to realise that nobody cares about it at all. It’s a massive blob of separately engineered little bits held together with tape. Maybe that’s changing, but every time I’m forced to use it I’m struck again by how disjointed and illogical everything feels. Unfortunately macOS seems to be going the same way now with random bits of IOS being forcibly layered onto it - the horrorshow of Ventura’s System Settings being a prime example.

    Based on the security patches being released for the different OSs, it doesn’t look like it’s any harder really to find weaknesses, but for Apple users you’re not also looking for security patches from hundreds of hardware vendors for their drivers. The hardware is much more restricted. But that also means you’ll get updates for fairly old supported hardware.

    User education. Are Apple users smarter and better informed, so just less likely to fall for the sorts of social engineering tricks malware relies on to get itself installed? I’m sure you have an option on that.

    The potential for profit one is the most baffling. Apple users surely have more money, so they should make by far the most enticing target for malware. But there just isn’t really much. More frequently you’ll find various kinds of iTunes/AppStore scams or fraud schemes.

    Someone should survey the malware authors and find out from them directly what their thoughts are.