The whole Symantec “fear-factor” article/stunt has brought the Mac world up-in-arms. I find it sad that most of the negative feedback come from people who are merely over-confident, or complacent… and do not know the real danger that may happen. It’s one thing to be confident in your system – hell even I am confident in my systems (both Windows and Mac), but quite another to expect them to be bullet-proof.
While again, the security architecture of the Unix framework is a formidable barrier for the most part, it still doesn’t mean that it cannot be cracked.
A post I read on a messageboard should put things into perspective:
Complacency will get you 0wn3d.. we should remember there are some fairly serious unpatched vulns still out there in the default install (e.g. iSync), and rootkits in development.
(For an explanation of the vuln, see: http://secunia.com/advisories/13965/. For a fix, see: http://www.drunkenblog.com/drunkenblog-archives/000411.html)
Are you sure that update/game/photoshop filter you just got from p2p is not a trojan that will rootkit your box and turn it into a spambot/kiddiepornserver etc ?
Do you know how to check ? Could you find out if it had happened ?
Since it is a local vulnerability, this is the type of thing someone exploits to completely own your box once they’ve gotten onto your system another way. Meaning if they have direct access to your system (i.e. using the machine themselves, or you running something that allows them access)
In the scenarios mentioned above, this is nothing different from running an infected program from a download, email, etc. The number of incidents involving these types of exploits may be rare, but they are out there. And Symantec’s argument would actually be valid if taken in such context.