Apple TV and Virus Protection

[Dick Campbell]

It appears that Apple TV uses a cut down version of the Mac OS. Considering that it will usually be connected to the Internet, does this mean that virus protection is required? How would you go about installing and configuring a virus protection application?
Actually, there could be a market for third party applications for ATV that can be operated through the Apple Remote (rather than requiring a keyboard) and have a UI that can be read from the other side of the room. The full Mac OS (and the same goes for Windows) is quite diificult to operate from a metre or two away.

 

[The General]

Has virus protection ever been needed with Mac OS X?

 

[Dick Campbell]

Has virus protection ever been needed with Mac OS X?

We all know that Windows attracts the bulk of the virus writers' attention simply because it is so ubiquitous but I am sure that there are some Mac viruses out there.

 

[FreeState]

We all know that Windows attracts the bulk of the virus writers' attention simply because it is so ubiquitous but I am sure that there are some Mac viruses out there.

Well I have used OSX since day one and have never had a virus. OSX makes you okay any new application the first time it is run so I would not worry about it.

 

[massiv]

hehe

We all know that Windows attracts the bulk of the virus writers' attention simply because it is so ubiquitous but I am sure that there are some Mac viruses out there.

hmmmm.. actually no there isn't. Maybe in a lab but not in the wild where numbers of machines have been effected.

 

[dukebound85]

hmmmm.. actually no there isn't. Maybe in a lab but not in the wild where numbers of machines have been effected.

there has been some issues, namely one that originated on these very forums. although it depends on how you define a virus

 

[solvs]

We all know that Windows attracts the bulk of the virus writers' attention simply because it is so ubiquitous but I am sure that there are some Mac viruses out there.

Not for OS X there aren't. There were for previous Apple OSs though. Many with much lower market share, let alone users. Plus, the AppleTV is using a scaled down version of the system, built for a very specific purpose. It doesn't connect to the internet as much as to your network.

But no, it's not vulnerable, even if you hack it.

 

[someguy]

We all know that Windows attracts the bulk of the virus writers' attention simply because it is so ubiquitous but I am sure that there are some Mac viruses out there.

Correction:

We all know that Windows attracts the bulk of the virus writers' attention for many reasons other than because it is so ubiquitous, and I am sure that there are no Mac viruses out there*.

* Out there, as in, presently found in the wild.


There we go.

 

[Dick Campbell]

Correction:

We all know that Windows attracts the bulk of the virus writers' attention for many reasons other than because it is so ubiquitous, and I am sure that there are no Mac viruses out there*.

* Out there, as in, presently found in the wild.


There we go.

Well I guess there's noting to worry about!

The point seems to be that OS X is new enough not be vulnerable at the moment. Also, I guess if don't have any private data or use ATV for internet banking etc there would not be much to gain in compromising an ATV device. Not that that would stop the hackers.

Another point is that ATV is not used for email, the most common way to get a virus.

 

[solvs]

The point seems to be that OS X is new enough not be vulnerable at the moment.

It's been out for like 5 years. Tiger has been out for almost 2 now. Vista had a virus before it was even released. I don't think that's it.

 

[someguy]

The point seems to be that OS X is new enough not be vulnerable at the moment.

No.

It's called security. Not security by obscurity, not security like "Windows Vista is the most Secure OS Evar!™", but a real, well implemented security model built into OSX.

There are no excuses.

 

[johnee]

Please, do not kid yourself into thinking mac os x is completely secure. That's a very foolish way of thinking. You need to understand the true threat to make an educated decision.

Check this out: ( it was from a little over a year ago and was rated "extremely critical")

http://secunia.com/advisories/18963/

Here is the gist of it:

Description:
Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment.

This can also be exploited automatically via the Safari browser when visiting a malicious web site.

Secunia has constructed a test, which can be used to check if your system is affected by this issue:
http://secunia.com/mac_os_x_command_execution_vulnerability_test/

The vulnerability has been confirmed on a fully patched system with Safari 2.0.3 (417.8), Mail 2.0.5 (746/746.2), and Mac OS X 10.4.5.

Mac os x HAS vulnerabilities! People might be correct in assuming hackers do not target them, but it only takes one of them to change their mind.

 

[localoid]

...Mac os x HAS vulnerabilities! People might be correct in assuming hackers do not target them, but it only takes one of them to change their mind.

Any and everything (in this reality) is vulnerable (to some kind of good or evil). But, OS X and other *nix based systems are less so than Windows.

But back to the original question: There's no AV software that can (easily) be applied to an Apple TV (without opening the box), and no real need for something akin to NAV in OS X on a "stock" ATV.

A firewall, with a good rules, would be the most effective security measure for the average consumer. But they really should have had that (firewall) in place... before buying an ATV, right?

According to Apple:

Four network ports are used by Apple TV for communications on your network.

* TCP port 3689 is used to communicate with iTunes while using the iTunes Library Sharing feature.
* UDP port 5353 is used by Apple TV for automatically finding computers with iTunes on your network using Bonjour.
* TCP port 80 and 443 are used for basic and secure communications with the iTunes Store via the Internet.

Meanwhile, for those who'd opened the box up, installing mods and running SSHD... well, their (security) mileage could vary greatly. But those that use common (security) sense will survive.

 

[someguy]

Please, do not kid yourself into thinking mac os x is completely secure.

Ran the vulnerability test. I don't think I need to tell you the results.

So many people want to believe that there are existing threats to Mac OSX (including Bill Gates) and I've yet to come across one.

Show me a site, email, etc that I can open and have my computer taken over without "tricking me" into installing something, etc. That's the lamest thing ever. As easy as it is to create a script to delete a users Home folder, it is just as easy to make it look like an image file and have someone tricked into opening it (Hm. How come I have to enter my password? Oh well... *types away*).

Lame.

 

[G5Unit]

Has anyone tried to get Windows Media Centre running on it? It would be nice to duel boot into Mac OS X and Windows.

 

[snowmoon]

A firewall, with a good rules, would be the most effective security measure for the average consumer. But they really should have had that (firewall) in place... before buying an ATV, right?

1) AFAIK ATV has the firewall enabled from the factory. That was one of the problems they had hacking it.

2) Unix is unfriendly to Viruses on a good day

3) The operation of the ATV reduces the number of possible vectors substantially compared to a normal system.

4) With one one port most people will be placing this behind their home firewall.

So I would highly doubt you could exploit this box. If it is exploited it's dirt simple to fix since you can just reload the OS and resync to iTunes.

 

[Cave Man]

The point seems to be that OS X is new enough not be vulnerable at the moment. Also, I guess if don't have any private data or use ATV for internet banking etc there would not be much to gain in compromising an ATV device. Not that that would stop the hackers.

Dick,

Welcome to the Mac community.

The basis of OS X has actually been around for more than 30 years - it's foundation is BSD UNIX. It's more secure than Windows because it has always been a network-based OS, thus during the great majority of these 30+ years security has always been an issue of the OS developers.

 

[johnee]

Ran the vulnerability test. I don't think I need to tell you the results.

So many people want to believe that there are existing threats to Mac OSX (including Bill Gates) and I've yet to come across one.

Show me a site, email, etc that I can open and have my computer taken over without "tricking me" into installing something, etc. That's the lamest thing ever. As easy as it is to create a script to delete a users Home folder, it is just as easy to make it look like an image file and have someone tricked into opening it (Hm. How come I have to enter my password? Oh well... *types away*).

Lame.

So if you think this problem is not really a problem, why did apple provide a security patch for it? (which I'm SURE you have already installed via normal updates)

Solution: Apply Security Update 2006-002.
​

Please research the things you want to talk about before you talk about them.

 

[localoid]

AFAIK ATV has the firewall enabled from the factory. That was one of the problems they had hacking it.

No, you don't have your details correct.

Yes, ATV firewall is running by default, but (more importantly) it sets NO rules denying traffic from anywhere (its open to any/all traffic, in other words)...

2) Unix is unfriendly to Viruses on a good day

Nebulous statement. Care to be more specific?

3) The operation of the ATV reduces the number of possible vectors substantially compared to a normal system.

"Vectors" as heard on Star Trek? What are talking about? Speak in "real" terms that have "real" meaning in the technical world, please.

4) With one one port most people will be placing this behind their home firewall.

One port? Do you understand anything about tcp/ip networking?

So I would highly doubt you could exploit this box. If it is exploited it's dirt simple to fix since you can just reload the OS and resync to iTunes.

Are you arguing with yourself? I didn't say it (stock) would be easy to exploit, blah, blah, blah...

But mod'ed... you can be sure they'll be some script puppies getting themselves "hackered" because they did something without completely thinking the mods through...

 

[aristobrat]

Anyone ever heard of a TiVo virus before?

Neither TiVo or AppleTV lets the user execute arbitrary code, so I don't think the point that OS X is vulnerable when "a user is tricked into running something" applies with the AppleTV.

Also, the AppleTV ships with the root partition set as read-only.

 

[someguy]

So if you think this problem is not really a problem, why did apple provide a security patch for it? (which I'm SURE you have already installed via normal updates)

Solution: Apply Security Update 2006-002.
​

Please research the things you want to talk about before you talk about them.

I understand that the issue was patched. That's exactly my point. That is how OSX came to be as secure as it is, through patches, over time.

 

[RacerX]

I've said this before and I think it is worth saying again for the people who are new...

A user of Mac OS X since it's release 6 years ago has (statistically*)
had a higher risk of being struck by lightning than have their OS infected.​

What does this mean for any of us?

While I don't actively seek protection from lightning (in the form of a lightning guard or lightning protection), I do take proper precautions to not get struck (I avoid running around in lightning storms with metal objects thrust high over head and that type of thing). But at the same time, I don't post to the National Weather Service forum to see if there isn't some new and innovative form of lightning protection available.

I basically treat lightning with a healthy amount of respect, but I don't let the possibility that some day, someone I know (either myself or a loved one) well get struck run my life. I consider remembering to look both ways before crossing a street a higher priority than lightning protection (this is, of course, personal preference... some might rank lightning higher than pedestrian safety).

Hmmm... While it may seem like I strayed wildly off topic, I assure you, I actually haven't.

If we look at the Windows world, your chance of catching a virus is about the same as... oh say, getting a flat tire or hit by another car on the road. That is to say, you have to stay vigilant and be aware that the probability isn't weather or not you have an incident... it's actively working to prevent such incidents from occurring.

I, personally, keep a safe margin between myself and any other drivers on the road. I give myself an extra 5 or 10 minutes for any trip and will not pay any attention to clocks or watches while driving... there is no need to throw in additional time pressure. I've driven over 700,000 miles in the last 20 years and had two accidents in that time (the last was 12 years ago).


So, my point here isn't that there is no risk for Mac OS X users and Windows users should just give up as they are doomed from the moment they turned on that infernal box of theirs. It is that, like with all things in life, you devote your attention to subjects like this based on your relative risk. If you are the type of person who actively seeks lightning protection and runs lightning drills with your family... then you'll most likely want to seek out the best antivirus program available for Mac OS X.

Otherwise, relax and enjoy life... your a Mac user now.

* Sadly, once while pointing this out in a thread, some unfortunate Mac user posted that they had, in fact, been hit by lightning... please note that I'm not making light of the dangers of lightning, just doing a relative risk comparison.​

 

[aristobrat]

I, personally, keep a safe margin between myself and any other drivers on the road. I give myself an extra 5 or 10 minutes for any trip and will not pay any attention to clocks or watches while driving...

You need a different screen name.

 

[solvs]

Please, do not kid yourself into thinking mac os x is completely secure.

It isn't. But it is more secure and none of it's security holes have been exploited in it's years of regular use. The AppleTV is even more secure, so pardon me if I'm not too afraid it'll catch anything any time soon.

You need a different screen name.

Actually RacerX was a really good driver.

 

[Dick Campbell]

Dick,

Welcome to the Mac community.

The basis of OS X has actually been around for more than 30 years - it's foundation is BSD UNIX. It's more secure than Windows because it has always been a network-based OS, thus during the great majority of these 30+ years security has always been an issue of the OS developers.

Thanks. Actually it's welcome BACK to the Mac community.

I started using Macs in 1984 and was forced over to Windows (3.1) in 1992 when I changed jobs and have been with Windows ever since.

I think that Apple is on the right track here. The concept of a Windows Media Center PC is very flawed. Who wants to boot up a full PC OS to view a few photos or play music, my wife certainly doesn't. Also, the normal OS UI (PC or Mac) just isn't suitable for operation from the other side of the room.

I have been waiting for a device with reasonable storage, WiFi, HDMI and a simplified UI that can be operated without a keyboard and is "chunky" enough to see at a distance. The only reservation that I have is the choice of 40 GB storage.