TELECOM Digest OnLine - Sorted: Symantec's Self Serving Warnings - 2 Comments

Symantec's Self Serving Warnings - 2 Comments

Marcus Didius Falco (
Thu, 24 Mar 2005 21:30:35 -0500,39020682,39192261,00.htm

This story was printed from ZDNet UK, located at
Story URL:,39020682,39192261,00.htm

Symantec's self serving warnings
Fran Foo
ZDNet Australia
March 22, 2005, 13:10 GMT

Apple has apparently become a victim of its own success since Mac OS X
is gaining in popularity, Symantec expects it to become a target for
more attacks and intense vulnerability scrutiny.

This trend was published in Symantec's Internet Security Threat Report
for July to December 2004.

To back its claim, Symantec cited several reasons ranging from Mac OS
X's heredity to attacking the intelligence of loyal Mac fans.

"With a newly designed operating system based on a BSD-Unix lineage,
Mac OS X has begun to not only capture the attention of users but of
vulnerability researchers as well."

"Contrary to popular belief, the Macintosh operating system has not
always been a safe haven from malicious code," the report said. Sure,
Microsoft's attempts at security are often scoffed at but to infer
that Mac users (or those of Unix, Linux etc.) are living in a bubble
is ignorance on Symantec's part.

Another point of contention was Apple's new products. Increased
adoption of the Mac mini the company's low-priced computer will
escalate malicious activity since it could be purchased by less
security-savvy users, the report stated.

I can understand how non-IT literate users at large struggle to
understand the difference between a virus and a worm but is Symantec
saying only technologically-competent people purchase Windows
machines? Rebooting a machine multiple times a day can't be that hard
(I should know).

It's difficult to grasp the reasoning behind these statements.
Symantec's only piece of solid evidence is reference to 37 previous
high-impact vulnerabilities in Mac OS X all of which have been
patched. Juxtaposed against the 17,500 Windows-based viruses and
threats, it's clearly an uneven contest.

One telling finding in the report was the decline in bot-scanning
activity during the second half of 2004 Symantec recorded a dip from
30,000 per day to 5,000 on a daily basis. The company concluded that
the decrease corresponded with the availability of Windows XP Service
Pack 2.

"Ports 445 and 135 are common paths for bot networks to spread onto
computer systems, either through unpatched vulnerabilities or bad user
name and password choices.

"Many common bot network applications, including Gaobot, target
vulnerabilities that are accessible through these Windows ports as a
method of infecting new systems. The sudden drop in bot network
scanning indicates that Service Pack 2, in addition to cumulative
patches, may have been successful at reducing the number
vulnerabilities in Windows XP systems that are subject to remote
compromise," Symantec said.

If Microsoft does a stellar job at improving the security of its
products coupled with the availability of proprietary anti-spyware and
antivirus solutions which platform will be Symantec's new engine for

Copyright 2005 CNET Networks, Inc.

Mac Threats: Is Symantec Crying Wolf?
March 23, 2005
By David Coursey

In a perfect would, people might pay for security software based on
the number of attacks prevented and the severity of those threats. The
bigger the threat, the harder the software works and the more it
protects, the more you pay. Seems fair enough.

In the case of Mac OS X, if you paid for what you got, the price for
security software would be zero. The price would thus equal the number
of virus and malware threats that target Apple's Unix-based operating


* Mac OS X Patch Includes IDN Browser Fix,1759,1778335,00.asp
* Mac OS X Will Become a Target, Symantec Warns,1759,1777982,00.asp
* Mac OS X: Virus-free=97For Now,1759,1777202,00.asp

So why do Mac users pay so much often as much at $70 for anti-virus alone
and as much as $150 for a security "suite." Using the same math, Windows
anti-virus software would probably cost $1,000 a desktop, yet it's easy to
find software for as little as $20 in the stores.

Mac OS X users pay significantly more for protection than Windows
users, protection so far they have needed only in theory or "just in
case" a big new threat appears. People are getting wise to this. So is
it any wonder that Symantec, in the eternal search for the next
dollar, is out with a report that seems to predict dire consequences
for future Mac users? It's like a teacher once told me, "Sell the
sizzle, not the steak. Especially when you don't have any steak."

I suppose it's to the anti-virus industry's credit that some bored
anti-virus developer hasn't launched an OS X threat merely to justify his
or her continued employment. Still, with no threats, it's not like the
software really requires much dev time.

It was not my plan to return to Macintosh security so soon, having
just written about it last week.

Click here to read David Coursey's column "Mac OS X: Virus-Free For Now."

But my friend and co-worker Ryan Naraine wrote a story this week in
which Symantec talks about the growing threat viruses and malware pose
to Mac OS X users, mentioned earlier. This claim is based on an
internal assessment conducted for the company's "Security Threat
Report," issued twice yearly.

Ryan's story quotes the company as predicting that with the
"introduction and popularity of OS X Apple has become a target for new
attacks and vulnerabilities."

Click here to read "Mac OS X Will Become a Target, Symantec Warns."

Indeed, a Morgan Stanley report out this week predicts Apple could
nearly double its share of the worldwide PC sales this year, thanks to
iPod users buying a Mac as well. Going from 3 percent to 5 percent
will be dramatic for Apple, but hardly noticeable in the broad
marketplace. Given OS X's small global installed base, even this
projected doubling of sales may not be enough to attract too much
unwanted attention.

"Contrary to popular belief," the Symantec Threat Report continues,
"the Macintosh operating system has not always been a safe haven from
malicious code. Out of the public eye for some time, it is now clear
that the Mac OS is increasingly becoming a target for the malicious
activity that is more commonly associated with Microsoft and various
Unix-based operating systems."

Next Page: Threats will grow.

Having recently spoken to Symantec's Mac product manager, I got a
sense that the threat to Mac OS X is likely to grow over time, but not
into something we should stay up nights worrying about. But this
Symantec Threat Report sounds like the Mac has never been secure and
is only going to get worse over time. The comparison to Microsoft
sounds downright ominous. Ryan's story includes more quotes from the
report that are equally frightening or more so.

Is it any surprise that Symantec would beat the drums of fear as
loudly as possible? This is, after all, a company that has for years
persuaded Mac users to pay $70 for software "necessary" to protect
their computers against nonexistent threats.

This makes me wonder whether the real threat that concerns Symantec
isn't from Mac OS X viruses and malware. Rather, it's customers
noticing that they've paid a lot of money for Norton anti-virus
software that they didn't really need.

For more insights from David Coursey, check out his Weblog.

How can Symantec keep those customers in line and writing checks? By
scaring the living daylights out of them, that's how. They even invoke
the "M" word as a warning of what could be in store!

It's prudent to protect yourself. But what you pay for the protection
ought to have some relationship to the threat.

While my "value pricing" concept will never fly, there really should
be some relationship between what we pay and the protection we
get. Compared with what Windows users pay, $70 is more protection than
any Mac requires. Yet that's what Symantec and some competitors

Mac users deserve a break.

Contributing Editor David Coursey has spent two decades writing about
hardware, software and communications for business customers. A full
bio and contact information may be found on his Web site,

Check out's Macintosh Center for the latest news, reviews and
analysis on Apple in the enterprise.
Copyright (c) 2005 Ziff Davis Media Inc.

NOTE: For more telecom/internet/networking/computer news from the daily
media, check out our feature 'Telecom Digest Extra' each day at . Hundreds of new articles daily.

*** FAIR USE NOTICE. This message contains copyrighted material the
use of which has not been specifically authorized by the copyright
owner. This Internet discussion group is making it available without
profit to group members who have expressed a prior interest in
receiving the included information in their efforts to advance the
understanding of literary, educational, political, and economic
issues, for non-profit research and educational purposes only. I
believe that this constitutes a 'fair use' of the copyrighted material
as provided for in section 107 of the U.S. Copyright Law. If you wish
to use this copyrighted material for purposes of your own that go
beyond 'fair use,' you must obtain permission from the copyright
owner, in this instance,

For more information go to:

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: "What's Historic?"
Go to Previous message: Neal McLain: "My First Post"
TELECOM Digest: Home Page