It was the commercial in which the PC guy had caught a virus, and the Mac guy boasted about never catching them. The timing of the commercial was ironic, since it was shortly after the Mac was targeted for the first time by malicious code.
Surely, security experts said, the day will come when Macs will get attacked and Apple will live to regret that commercial. Natalie Lambert, an analyst with Cambridge, Mass.-based Forrester Research, said as much in SearchSecurity.com's Security Wire Weekly podcast last week.
Irritation over Apple's boastfulness was apparent in the blogosphere this week, with the Security Curve blog comparing the situation to a South Park episode where everyone is so pleased with themselves for driving hybrid cars that a gigantic "cloud of smug" forms over the town, threatening to cause the end of the world.
People in the South Park episode went around saying things like, "I prefer to be part of the solution rather than part of the problem and holding themselves up on a pedestal because they're so great," the blog said, adding that Apple's current attitude about security is no different.
"Apparently, Mac's don't get malware, and they don't get spyware. Behold the power of marketing," Security Curve grumbled. In the end, the blog said, there's no technical reason why Macs can't be pelted with malware, suggesting that it will happen sooner or later.
Security Curve noted that computing platforms are built to allow the user to manipulate the environment, and that if a user can do it, a user's agent can do it. Since there is no way to know user intent programmatically, if a user's software agent can do it, malware can do it, the blog said.
For example, if a user can install software that gets launched at boot and uses system resources, then spyware can install software that gets launched at boot and uses system resources, Security Curve said. If a user can reformat the disc, malware can reformat the disc, the blog noted.
The blog entry attracted a healthy trail of responses, some of which defend Apple.
"For six years now commentators have again and again promised that anytime now the sky would fall and all those smug Mac users would rue the day," one blogger wrote. "However, this has still not happened. With 116,000 viruses and worms, 68,000 bits of spyware and adware, countless Trojans, keyloggers etc, Windows remains infinitely more malware-ridden."
Apple is simply stating a fact in its commercials that today's malware doesn't affect the Mac, the blogger said, asking, "What is so unethical about that?"
The end of the superworm?
For more than two years, Jose Nazario has been the keeper of a very comprehensive site called Worm Blog. But devoid of a fast-spreading and highly destructive worm in the aftermath of MS06-040, he wonders if it's time to close the blog down or change the focus.
A couple of years ago, he said, when a vulnerability like this was released, a worm usually wasn't far behind, and "not just a basic worm, (but) the kind that can infect hundreds of thousands of machines quickly. After all, we've been expecting that to happen given what we saw in the past with MS05-039 (Zotob, which really was a bot), MS04-011 (Sasser) and MS03-039 (Blaster)."
But this is 2006, he said, and for whatever reason, "we're beyond simple worms."
At this point, Nazario plans to stick with the blog, though he said he'll probably adjust the subject matter to fit the times.
"Don't be surprised if you see more botnet stuff on here because of such changes," he said. "I think that there's still interesting research going on in worms and not just in bots, and I'll keep digging for it."