Schadenfreude

The answer to why Mac users don’t worry about the Internet

MacDailyNews posted yesterday about an article by Paul Thurrott on how spyware has taken its toll.

Thurrott’s blurb reads:

And speaking of spyware, Internet users are finally starting to succumb to the devastating effects of this malicious new brand of malware and are altering their online habits accordingly. According to a report by the Pew Internet and American Life Project, 91 percent of Internet users have been affected by spyware (curious that that figure would match the Windows installed base), 80 percent have stopped opening email attachments, and 48 percent have stopped visiting unknown Web sites. OK, so maybe people are overreacting, right? Well, consider this statistic: According to the UK security firm Sophos, a typical Windows PC has a 50-50 chance of being infested with malicious software within 12 minutes of being connected to the Internet. Maybe we should have paid more attention to those Apple Switcher ads after all.

MacDailyNews’ reply was a simple two words: “What’s spyware?”

I think this underscores a very important point. Desipite what some people might say, spyware, adware, malware, or any crap of the kind is simply non-existent on the Mac. It’s not something we ever think about. We don’t have to. The only thing that viruses and worms and DoS attacks give us is a slight irritation when suddenly the internet becomes slower because of “all those damned Windows machines”. Beyond that, we aren’t affected. Not because Macs don’t have as large a market share as Windows, but because Apple has made security a major focus of Mac OS X from the beginning, starting with the choice of basing the core of the OS on FreeBSD—a flavour of UNIX which is incredibly secure, having been developed for over 30 years with security as a major focus.

This is not to say that it would be impossible to write spyware or adware or viruses or anything like that for Mac OS X—as John Gruber put it, “anyone with an Intro to Cocoa book could put together an application that displays ads in a pop-up window”—but it would certainly be more difficult for such software to propogate widely, and the vulnerability it exploits would likely not remain for long.

Nor, indeed, would spyware be all that hard to remove. If the spyware needs to launch itself automatically, it’s either going to be installed in one of the various /Library sub-folders, or it has to be listed in your user account’s Startup Items in the Accounts panel of System Preferences. And if it’s listed in your user account’s Startup Items, it’s very easy to keep it from launching automatically. When I installed my HP ScanJet 4670, there was a utility that was installed that would launch every time I logged in. After a couple startups, it became an annoyance, so I just checked it if was in my account’s Startup Items (it was), highlighted it, and clicked the ”-” button to remove it. Easy. Even if it did require more than a novice’s level of knowledge of the OS to remove the offending piece of software, you can bet that a quick Google Mac search would likely reveal multitudes of posts by Mac users on how to remove it and protect your system from that kind of attack in the future, given what we’ve seen so far of the Mac community’s reponse to non-exploited Mac OS X vulnerabilities. And with very few exceptions, Apple has been very timely with releasing security updates soon after vulnerabilities are found.

The end result is that Mac users use the Internet with impunity because, quite simply, we don’t fear the Internet the way Windows users do.