<a href=showthread.php?s=&postid=7866474#post7866474 target=_blank>Originally posted</a> by gcarroll
Is it, or is it not less LIKELY to get a virus on an unprotected Mac running OSX vs. a Windows PC running virus protection software?
...
There are 485 viruses (.2% of total viruses out there) for Unix/Linux (which the Mac OSX is based on). How many of these viruses if any even affect Macs is completely irrelevant since the likelihood of being infected is so remote in comparison.
Yes, unpatched Mac is safer than unpatched Windows.
Yes, patched Mac is safer than patched Windows.
You're probably safer on Mac, but you shouldn't think that way - that's part of what leads you towards the Windows state of affairs.
As for Unix/Linux viruses, I believe there's a fundamental flaw in the counting of issues. Specifically, many are never reported as issues in the operating system, because they carry over from applications installed. Thus, they're labelled as 'holes' in the application, but when exploited, are almost never considered 'viruses'.
For example, if you run the webserver 'apache' (most common web software for linux, unix, and Mac OSX), there was recently (a day or two ago) a vulnerability in an addon called 'mod_rewrite' that allows arbitrary code execution - that is, if your Mac has the webserver enabled, you've got a hole that Apple hasn't patched yet (last I checked). It's not an apple hole, but it affects apple anyway, and that's the type of hole that most people don't consider.
How do you exploit it? You write a worm that runs on top of common interpretters (perl, bash, csh, something to make it platform independent) that exploits and spreads. You use built-in tools like wget and fetch to download a copy of yourself, and then you use the same tools to spread to new hosts. You'll never see such a worm in a virus report (very few exceptions), but it happens every day, and I see (and patch against, then ignore) these types of attacks thousands of times an hour.
