Re: Malware alert

Jim Stutsman

You were told correctly for the devices you have. Those devices use the iOS operating system. Every app on iOS runs in its own "sandbox" that does not have access to anything in any other app. To use photos or calendar data each app must ask you for permission. This sandboxing is why there are no antivirus programs for iOS. An AV program needs to be able to examine everything coming into the device, but that's not allowed for any app on iOS. Every app from the App Store is digitally "signed", which guarantees that it has not been altered. Also every app in the App Store has been reviewed by Apple to ensure that it follows all of their myriad rules regarding security. As one who has had apps rejected capriciously for tiny reasons, I can assure you that they are examined very closely. Ironically the closest thing to a hack on iOS was some nefarious individual who created an app that was sold as antivirus, with a huge $1,000 fee. The reviewer that allowed this app in the store is probably still looking for work. A few gullible, and apparently well-off, people paid for the app so the guy made a quick score before they killed the app, which did absolutely nothing.

There is also a hacking process called "jailbreaking", which modifies iOS to bypass all of the protection. This has been an ongoing war between Apple and the hacking community. On the surface, jailbreaking means being able to add functions to the device without going to the App Store. There is even a separate "store" for buying apps that run on jailbroken devices. Each time Apple release a new version of iOS there is a scramble while the hackers try to figure out how to break it and insert their code. Anyone who uses a jailbroken device is wide open to virus. If you do this you are essentially saying "I trust everyone not to hurt me." Not recommended!

For macOS the situation is different. There are antivirus programs for Mac, though not a lot of people use them. Apple recognized the risk of letting apps run that could access anything on the computer, so several releases back they locked down that capability. Developers who need access, such as utilities and antivirus, can still access most of the system but they need to be certified to do so. If they are not certified, the system will not allow them to be opened. There is a bypass that the user can use to run the app anyway, after acknowledging a warning that they are assuming the risk.

There have been Mac viruses in the past, though not as many as Windows. That's because the Mac user base is tiny compared to the billions of Windows computers in the world, and it's possible to buy pre-packaged hacking code on the Dark Web. This enables anyone, even "script kiddies", to unleash their own Windows virus. Most of the viruses that hit Macs have been packaged in hacked, illegal copies of very expensive software. People download these things from shady websites, not realizing that the virus is embedded in the software.

Both Windows and macOS ask the user for an administrator password any time something is about to be done that could compromise the computer. Unfortunately this happens a lot, and we get complacent. Every time the password prompt comes up we just enter it in order to get back to what we were doing. If you get a password request and you are not installing new software or hardware, don't automatically enter it without at least asking yourself "Who is asking for it and why?" You don't open your door to every single person who knocks, so treat your computer the same way.

Join { to automatically receive all group messages.