Semantic difficulty: Do Macs / Linux Get Windows Viruses?

Perhaps if we used the word “malware” instead of “virus,” there would be less confusion. The word “virus” suggests a living entity capable of regeneration; self-sufficient, spreading without assistance.

There are viruses specific to Mac and Unix/Linux platforms. There is very little attention paid to these viruses, for many reasons. One of the worst reasons is that Windows viruses get a great deal of media attention, and Mac / Linux environments do not get the viruses that get the attention. Or do they?

“Semantics” is a fifty dollar word for being clear about what you mean. The phrase “get a virus” is ambiguous. You can download the Eicar test file to a Mac or Linux machine, or to an SD card or a USB drive. In one interpretation, the Mac or Linux machine or SD card or USB drive has a virus; it has a file that is generally accepted as a virus.

In another interpretation, since the file cannot affect the operating system, the system does not have a virus. Under this interpretation, a USB drive could not have a virus since it has not operating system.

When we think of having a virus, we think of being sick. If we substitute the word “malware” for “virus,” we’re less likely to insist that Mac and Unix/Linux systems can’t get Windows malware.

The ambiguity should be recognized and not dismissed. If you manage a Unix/Linux server that permits file uploads. you should recognize that while the uploaded file may not affect you, you could be passing along a file that affects others. If you download software using your Mac and save it to a memory stick, then take that memory stick to work or pass it along to a friend, you could be passing along a file that affects others.

While this distinction may seem obvious, many Unix/Linux server operators who accept file uploads do not bother with a virus detection product. After all, the uploaded files will not affect their server. A Windows user who downloads and executes the malicious file would accurately claim that they got the virus from the Unix/Linux system.

A Unix/Linux server operator who accepts uploaded files should consider installing a security appliance to intercept malicious file uploads. Alternately, they could install an antivirus package and scan incoming files. Reject any uploaded files that appear to be malicious and refer to them as “corrupt files.” There is very little point in telling the uploader that the file appears to have a virus. Tell the uploader that their file was unacceptable.

SecureMac is a site devoted to Apple Macintosh security and Mac OS X Security. Check this page frequently for updates and new security products for the Mac OS.

24-Apr-2012: Sophos reports 1 in 5 Macs has malware. 1 in 36 has Mac OS X malware; 1 in 5 has Windows malware.

Do Windows get Mac viruses? The Java vulnerability CVE-2012-0507 has been used to distribute the Flashback virus; there’s no reason to suppose it was not distributed to Windows devices as well.

One Response to Semantic difficulty: Do Macs / Linux Get Windows Viruses?

  1. […] phones are also data storage devices. As argued in Semantic Difficulty: Do Macs / Linux Get Windows Viruses?, a Windows virus can be copied to the cell phone. It does not run on this device, but it does […]