I was reading through the comments at this review of Lookout mobile security and saw this howler:
“…android is linux based. hence, it’s literally impossible for it to contract a virus through an app (i heard some story recently that somewhere in russia, a virus was attacking linux based devices, but not through apps, and such a thing was very rare). Apple also uses a linux base for the iphone and mac, which is why they are famous for not getting viruses.”
Isn’t that precious? Later on he walks it back and claims that he meant “it was difficult.”
I am painfully aware through my day job that there is malware specifically targeting OSX (a DNS changer trojan); and that the awareness of security on the platform is so low that it can get away with being painfully obvious. The equivalent trojan on the Windows platform has to employ serious camouflage tactics to avoid getting picked up and removed; using tricks like burying in the TCP stack and sophisticated counter-countermeasure mechanisms. The OSX one runs as a obvious background task and can be easily spotted by checking your DNS settings.
Here’s the deal: consumer computing machines have users who can grant permissions to apps to do things, including “full control” (whatever that means for your particular OS). This means there is no security beyond what the user imposes. An OS can give the user tools to assist them in the process, and can restrict access without specific permission; but in the end, the user can override any and all security measures.