On January 26, 2009 an article appeared in AppleInsider entitled "Two new Trojan horses threaten Mac software pirates". This article spoke of the vulnerability of Apple computers to malware but how is this any different than the malware that has been affecting Microsoft Windows machines for years?

...

Wikipedia defines a Trojan horse, also known as a Trojan, as "In the context of computing and software, a form of malware that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine. As such, a computer worm or virus may also be classed as a Trojan horse if they display these characteristics."

This type of malware is often disguised as some application that the user finds attractive and wants to install. In the case reported by the above mentioned AppleInsider article, the Trojan was part of an attempt to pirate a couple of commercial applications. When installing the pirated software the crack application that serializes the program for use without a purchased retail key also installed a back door application with root (administrator) privileges which then proceeded to install the Trojan in a system folder. The Trojan then proceeded to contact another computer on the Internet. The article didn't specify, but with this Trojan installed with root (administrator) privileges, the malicious coder could have total access to the machine and would be able to do pretty much anything to the infected machine.

So why is malware more of a problem on Microsoft Windows machines? The design of Windows allows any user to have administrator privileges. In other words, any user can be given permission to write to any part of the hard drive which also includes overwriting system files as in the case of doing a system update. These privileges are also given to any program that a user installs. Microsoft attempted to put a band-aid on this problem in Vista by using the User Account Control pop up menu requiring the user to press Continue before it will perform the administrative task.

The Apple OS as well as the various distributions of Linux are designed a little differently. Individual users may only perform administrative tasks after entering a Super User password. If the user of the machine doesn't know the password then the problem stops there. However if the user does know the password and wants to install software then the vulnerability still exists.

The issue boils down to the fact that since MS Windows is more vulnerable, the coders that build malware target MS Windows due to the chance of infecting a greater number of machines. This is likely to change as more and more users migrate to other than MS Windows machines. The way to minimize the likelihood of being infected with a Trojan is to only install software that comes from a reputable source.

No feedback yet