Mac ‘Security Threat’ Evaporates in 24 Hours

Shortly after updating a security bulletin recommending widespread use of antivirus software on Macs, Apple took it down.

The action reflects the company’s confidence in the security of Mac OS X — confidence that is, for the most part, well-founded.

"We have removed the KnowledgeBase article because it was old and inaccurate," Apple spokesman Bill Evans told Macworld. "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box."

Tech enthusiasts and journalists have been debating Mac OS X’s security for years. One of the corporation’s memorable advertisements brags about the safety of using Mac OS X while teasing Windows for its vulnerability to viruses. When the first major Trojan horse for Mac OS X emerged in 2007, many braced themselves for an influx of Mac-coded viruses. However, very few instances of Mac-targeting malware have surfaced since then, and none have made a significant impact. In fact, Apple is probably right to be confident about its platform, as
OS X is one of the safest computing platforms available.

The bulletin was receiving a lot of media attention, and many bloggers theorized that Apple was implying Mac OS X is now more vulnerable to viral attack. In response,
Apple removed the bulletin Tuesday to dispel such unsubstantiated speculation.

A security bulletin recommending anti-virus software would have somewhat undercut Apple’s virus-free campaign. That decision will disappoint security experts, who count on customers’ fear of infection to move copies of their antivirus software. Yesterday, McAfee’s David Marcus applauded Apple for recommending antivirus utilities, calling it a "conservative and wise" move for Apple given the enormous quantity of new malware hitting the internet every day.

Removing the bulletin, however, suggests that Apple is more interested in positive PR than advising its customers to be safe. And frankly, it’s good to advise people to use caution, so removing the bulletin may give customers an unwarranted sense of invulnerability.

But then, the company is on fairly solid ground in asserting the relative safety of OS X. The debate of which OS is more secure — Mac OS X or Windows — is stale and getting more trivial each year. It’s clear that Apple has won the security game, given the diminutive number of viruses, Trojans and bots for Mac compared to Windows.

While Mac-directed exploits are certainly possible, they’re not that likely. With Apple nabbing only 9 percent of the overall PC market, there isn’t enough incentive for hackers to unleash an outbreak of Mac malware. Until Apple seizes a bigger slice of the pie — and until there is a confirmed outbreak of Mac malware — Mac users can rest easy.

Even as Apple’s market share continues to get bigger, I have doubts that Mac OS X’s security is suddenly going to go haywire. The benefit of Apple’s tight control over its operating system and hardware is the ability it gives the company to implementing effective, reliable security measures.

Mike Romo, Symantec’s product manager for Mac antivirus software, notes a lot of new malware is "platform-agnostic," because hackers are mostly attacking online shoppers with phishing scams and other internet-based methods. Yet Apple already has anti-phishing measures installed in its Safari browser.

And altogether, Mac OS X out of the box is architecturally more secure than Windows, both Romo and Marcus agreed, meaning hackers are going to have a more difficult time infiltrating the barriers. Bottom line: Any exploits directed at OS X are going to take a while to develop.

So I’m going to go out on a limb here and say to my fellow journalists: Can we stop freaking out about the storm until it actually happens? Right now it’s barely even sprinkling.

Photo: the_scottish_podcaster/Flickr