ANTIVIRUS SOFTWARE FOR MAC?

Maybe Djordje was referring to the fact that in Intel chips there could have been viruses that could use a flaw in the design of the processor. I don't know exactly what it was but somehow they made the processor overflow with data then when it tried to handle this overflow, the virus came into play. Someone else might know how this works. But the point is: a virus might use a security hole in the processor, not the operating system.

laszlonagy wrote:
Maybe Djordje was referring to the fact that in Intel chips there could have been viruses that could use a flaw in the design of the processor. I don't know exactly what it was but somehow they made the processor overflow with data then when it tried to handle this overflow, the virus came into play. Someone else might know how this works. But the point is: a virus might use a security hole in the processor, not the operating system.

A virus or worm is simply a program which must be run or executed like any other software. It isn't necessarily processor or OS dependent (such as a Word macro virus). The trick is to get it to run (and transmit itself to other computers) without the user's assistance, knowledge, or permission.

The most likely routes are:
1) By using automation features of the target OS or application. There are many 'features' in Microsoft software which automatically execute code, enabling many worms to spread when a user simply views a document or email. By contrast, Apple has avoided these issues by design, e.g. CD's can no longer 'auto-run' in OS X because it could be triggered by a worm.
2) By exploiting programming errors (bugs). These are much harder to write because you have to find a bug in the target software, and then work out how to exploit the bug to both inject hostile code and to cause it to be executed. Buffer overruns are one form of exploit, which I think is what Lazlo is referring to, but they have nothing to do with processor flaws. You can only exploit a processor flaw if it is running code of your choice, in which case you have already achieved your primary goal.

The greatest risk to OS X users is trojans. They spread by pretending to be something desirable to the user, but covertly carry out other operations when executed. Trojans rely on the user's naivety, and therefore cannot be blocked by the design of the OS.

All malware is targeted at a specific OS or application. Therefore a given system will only be vulnerable if it runs that software. OS X will only be vulnerable if virus authors find a way to covertly inject their code into the system - the processor has no bearing on this whatsoever. Of course a Mac on Intel would become vulnerable if the user also installed and ran Windows on the same computer.

Olivier wrote:
Thanks, Ralph, for this very clear explanation.

Ditto, thanks! that is so clear even a simple architect like me can get it!

I have one more question:
Lately I have not received any new security updates from apple - as per advice some posts back in this forum - however there have been software updates, to other software such as itunes, ichat, etc.
I'm running OSX 10.3. Do you know if apple continues support for 10.3 even though 10.4 is now the current version?

Fritz wrote:
Do you know if apple continues support for 10.3 even though 10.4 is now the current version?

You probably won't see another patchlevel update to 10.3 beyond 10.3.9, but I believe Apple continues to provide security updates as needed. I have a panther machine which got Update 2005-006 on July 3rd.

You can check what updates are installed by going to the 'Installed Updates' tab in Software Update.

Thanks, yes this does correspond to my record as well.