Journal SJS's Journal: UNIX and Security

I was poking around on the apple discussion boards, and ran across some assertions by one Scott Radloff.

He explains that OS X is safe from viruses because it's UNIX, and then he goes on to assert a number of things about UNIX that just aren't so, to the best of my knowledge. The thing is, I've heard these assertions before, from Linux advocates mostly, which means this isn't just another standard case of excessive Mac advocacy.

Scott first asserts that UNIX was built with the Internet in mind. To the best of my knowledge, UNIX was first conceived and built prior to the Internet, and its basic structure and principles were established before even the Internet's precursor, ARPANET.

Scott further asserts that "UNIX was conceived as a rock-solid fortress of security". This is laughable, as even a cursory reading of UNIX history reveals that UNIX is very much a "good enough" system. The name itself is a pun on MULTICS, about which one might be able to defend Scott's assertion. UNIX was a simplification over MULTICS (thus the pun).

This isn't to say that UNIX lacked any sort of security. UNIX was built in the days of timesharing computers -- many users, one machine -- so naturally there are *some* controls in place. Just enough to do the job, however, which is a far cry from being a fortress. Many of the modern UNIX security advantages are due to efforts to retrofit a better security system on to UNIX, rather than to design it in from the very beginning.

(MSWindows, on the other hand, comes from a tradition of microcomputers, which were not typically networked, and had one user per machine. NT attempted to bring a more sensible infrastructure, but by all accounts, that's mostly been subverted in the name of market share. And hey, it's the right business decision for Microsoft: most of their users don't actually want security.)

Scott's assertion that MSWindows "began life as no more than a port of the early MacOS to the PC" is a huge stretch. But then, when I think of "port", I think of starting with a copy of the source code of what I'm porting, not an attempt to reimplement functionality from scratch. If MSwindows is a port, then so is MacOS -- Xerox invented the GUI, after all.

Scott then oversimplifies the concept of a virus (or, less charitably, demonstrates an ignorance between virus, trojan, and worm). He, like many "UNIX-is-secure-out-of-the-box" advocates, miss the point.

A virus doesn't have to compromise the whole machine. It just has to replicate somehow.

So long as you, as a user, can create and run executable programs in your home directory, you can, in theory, support a virus.

Why there aren't viruses galore for the UNIX platforms I don't know -- it may be that the kind of person who would write a virus can't justify spending the money for a Mac or UNIX box (or can't figure 'em out); or that there aren't enough UNIX users among the general population to keep a virus viable; or that there are UNIX viruses but they're very slow, very subtle, and don't break anything; or that UNIX users tend not to run everything as root or the administrative account, making the payoff less juicy; or that the virus-writers believe the hype, and just don't try.

One of the things that most UNIXes get right, but OS X gets wrong, is that they have you create a "normal user account" in addition to the root/administrative account. The first user you create in OS X is, by default, the Administrative User. There's a reasonable justification behind it -- most users won't or can't track two distinct accounts -- but it's still uncomfortably close to the MSWindows "solution" of making everyone a Administrator so they can get their work done.

Remember, one of the first viruses ever created was created on a UNIX machine. Some of the most widespread worms spread on UNIX machines. UNIX isn't immune to malware, at least not if you have a gullible user.

Update: Seems like I'm not the only one annoyed by this attitude. I just ran across this article on unix viruses.