Sophos founder claims Mac viruses are spreading

The co-founder of antivirus firm Sophos said that the Apple Mac is not a virus-free platform; he also believes that Windows can be as secure as Linux -- if it is configured correctly.

In a video interview with ZDNet Australia on Thursday, Dr Jan Hruska, who co-founded Sophos and was one of the first ever PC antivirus experts, said that viruses on the Mac are here and now.

"They are available and they are moving around -- it is not as though the Mac is in some miraculous way a virus-free environment.

"The fact that most people do use PCs means you certainly do hear more about those attacks. It gives a false impression that somehow Apple Macs are all virus free."

Hruska's comments were made just weeks after an OpenOffice macro-virus, which is capable of infecting Mac OS, Linux and Windows, was discovered. On its Web site, rival antivirus firm Symantec said the virus is being distributed and OpenOffice users should "be cautious when handling OpenOffice files from unknown sources".

Windows can be as secure as Linux
According to Hruska, there is no reason why Windows XP cannot be made as secure as Linux, if the security systems within the OS are used correctly: "It is important to realise that there is no magic in Linux from a virus point of view. It is really the question of how that security is deployed".

In this video clip, Hruska explained that Windows and Linux have been used for different purposes -- which has affected their security record.

"On Microsoft operating systems, which were traditionally used on the endpoint, everybody ran as an administrator, which meant that if the operating system has security built in, it is simply not used.

"Linux came from the server world and in those deployments there was a great deal of effort put in separating users and making sure users do not run as administrator. It is really from the point of view of usage that security on Linux is probably used more than security on single user operating systems like XP and Vista," he said.

Backing up those sentiments is James Turner, an industry analyst at IBRS. "I think it's a spurious argument to say that any of the leading operating systems is more secure than any of the others. It almost doesn't matter what OS you're using -- it all depends on the processes and people supporting the OS. And this is without even talking about the supporting network architecture around the OS," said Turner this morning.

"If you want to get nitty gritty, then using the Common Criteria listings, Windows XP is certified to EAL4+ and Apple's OSX is only at EAL3," Turner added.

• Related stories

• Alerts

Add your opinion

1. Grasping. Anonymous -- 09/06/07

   And of course you can buy our solution for the Mac OS.
   I have never seen anything in the wild. Ever. So far pure rhetoric.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. how can he say that with a straight face? Anonymous -- 09/06/07

      i am so pleased zd posted the video because i wouldn't believe he said it otherwise.
      
      Sophos just dropped down the list when i look for my next AV prod

      • Reply to comment
      • Report offensive content

2. Ignorance is bliss?? Anonymous -- 09/06/07

   I can't help but laugh at his ignorance.
   
   OS X is based on UNIX and the problem of viruses on Windows is a basic design flaw - Windows wasn't designed with security in mind.
   
   UNIX on the other hand was, and has proved itself to be a stable and secure for a long long time.
   
   Consider the possibility of your Mac being infected by a virus. It is highly unlikely that it will hose your entire system, although it might hose your account.
   
   At the end of the day, any OS can be infected. Some easier than others. Yes, I'm pointing my finger at your Bill

   • Reply to comment
   • Reply to story
   • Report offensive content

3. Unbelievable Anonymous -- 10/06/07

   Of course he would say that, so you buy his products.
   My favorite part "Windows can be as secure as Linux" Now that made me laugh.
   
   I work in the I.T security field and I can safely say that he has no clue what he is talking about.

   • Reply to comment
   • Reply to story
   • Report offensive content

4. Upset the "true believers". Anonymous -- 10/06/07

   Oh, how dare somebody suggest that Microsoft can be as safe as Linux!! I have been running Windowns for years, and have NEVER had a virus, all you have to do is use commonsense.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. Nothing to do with fanboyism. Anonymous -- 11/06/07

      Dude, it is about throwing up more disinformation.
      People are already confused as it is.
      Having the head of a company blatantly lie and twist facts to sell a few more units and confuse the public is just bad. And I think you forget most consumers do not have common sense.

      • Reply to comment
      • Report offensive content

   2. Would Like to SAy joe young -- 13/06/07

      I would like to say just because you never had a virus means that your system is secure.
      
      Anyways windows to be secure as linux AHAHAHHAHAHA
      People who buy windows don't know what *nix is let alone security.

      • Reply to comment
      • Report offensive content

5. Unbelievable! Anonymous -- 11/06/07

   I can not believe that he said such inaaccurate things.
   
   Windows CAN NOT be made as secure as Unix/Linux without a major kernel redesign. Just look at Vistas attempt - laughable and pathetic; just remember that giving permission is not the same as authenticating!
   
   Its disgraceful that ZDNet even posted his lies.

   • Reply to comment
   • Reply to story
   • Report offensive content

6. Is this an ad for Sophos Anonymous -- 13/06/07

   Please stop rewording press releases for vendors with ulterior motives - Add value by critically questioning the vendors on their statements/products - Please don't become another "A Current Affair" / "Today Tonight"!
   
   Everybody runs Windows as Admin because it was designed poorly from a security perspective. It has nothing to do with the Sophos "endpoint" statement rubbish . There is no reason that something can't be secure and user friendly - ever locked your front door with a key or your car with a remote control?
   
   Vista is a security joke - Most articles with tips to help the user have turning off the security prompts as the main tip! Just great - Analogy: "Tired of locking your front door by disguising it with a pot-plant then leave it open!" ;-)
   
   EAL testing of one machine in a lab is irrelevant - What counts is real world configurations of these O/Ses and in practice most Windows configs aren't as securely setup as their counterparts.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. Common Criteria and EAL security levels Anonymous -- 13/06/07

      Have a look at this link for a laymans look at what common criteria and EAL rally amounts to:
      
      http://www.matasano.com/log/331/what-common-criteria-certification-means/

      • Reply to comment
      • Report offensive content

7. The truth of the matter is... Anonymous -- 19/02/08

   If you want a good antiviral for Windows without the crap try nod32.
   
   It works a treat for me! :)

   • Reply to comment
   • Reply to story
   • Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials