Does anyone actually know someone whose Mac has been infected by Leap.A? There haven’t been very many sightings of it in the wild.
The media coverage for this event has been out of all proportion to the hazard posed by the malware itself; reports in the daily newspapers, on the TV news. But look closely, and there are two different stories being reported.
The Mac community has spent such a long time talking up the better security in OS X that when something like this comes along - no matter how harmless it turns out to be - the mainstream media is going to bite back hard.
Most news editors (the people in news organisations whose job it is to decide which stories are the most important ones) have very little interest in computer security at the best of times. They certainly know that their readers, viewers or listeners aren’t going to be interested in the finer details of file permissions.
What does grab the attention of a typical news editor is when one of the reporters rushes in saying: “Hey, you know all those smug Mac users? Turns out there is a virus that can hit their machines after all. It’s all over the net, look!”
That’s when something that, technically speaking, doesn’t warrant coverage in anything other than Mac news sites and discussion forums gets coverage from major media outlets. They know their audiences don’t care about the geeky details, so they leave them out or gloss over them.
Which is how we get two kinds of article being published. The first kind is technically accurate, technically detailed, and covers exactly what happens when you get Leap.A on your machine, the circumstances in which that might happen, and how you can deal with it.
The second kind is something along the lines of “Smug Mac users get what’s coming to them.” It’s not an attempt to explain the technicalities, it’s just what news editors see as the more important angle. I’m not condoning nor defending that kind of reporting, merely explaining how it happens.
Hence the importance of revealing the truth early on. I've seen forum threads on Macintosh centric fora which would have made very nice articles of the _second_ kind, i.e. the "now we're doomed, too" variant. (Although, here, from the angle of the doomed Mac user, not the gloating PC-using journalist.)
Funny how you can pull a Windows machine, set to out of the box defaults, hook it up and jack it into the web and in less than 10 mins it gets infected. That's without downloading anything. I've been running Mac OS X default out of the box since version 10.0 (1999-2000) and I'm still OK.
What you are describing happens every day in the media and not just about computer security. A large part of what is called the news media is not about factual reporting, but about reactions to prevailing notions of what is fact. And these notions are often based in previous mis-reporting of the facts and so-on and so-on. Mac users are all too familiar with this. But to "editors" stories with spin and talking points seem to sell better. I don't know if it is because many people can't tell the difference or because they just don't care. Most people don't have the time or desire to try and understand every issue. So they "go with the flow".
One things is for certain. People don't want to think they've been stupid. So they naturally stick with a bad decision even if it becomes painful to do so. And if you are "smug" you'll just get kicked for it the first time you "appear" wrong.
The prevailing "notion" in security blather is that Macs have probably been safer to date because they are a smaller target. And once the evildoers turn their attention to the Mac, it will share all the same problems as Windows. Naturally this "notion" disregards facts: like Macs are configured safer; that Macs are essentially unix machines when it comes to security and hence benefit from all that implies; etc, etc.
But since this is the prevailing notion, and since lots of news feature writers would hate to be wrong, any malware that shows up on a Mac is going to be held up as "proof" and blown out of proportion. Sad to say this, but the best thing the Mac community can do at the moment is to stop rubbing the Windows community's collective noses in the sad state of Windows security.
If we'd like them to switch to Macs we have to provide them some way to do it and still save face. What that is I can't say for sure, but "smugness" is definitely not part of it.
Truth often doesn't sell well, unless it's salacious or inflammatory .. or both.
So the journalistic pre-disposition for headline writing that builds on false dilemmas and the like are preferable to headlines like: "Largely Harmless Proof-of-concept Mac Virus Found", which while technically accurate doesn't get the punters fall over themselves to read the article.
Truth sells. Half truths sell better...
Thanks Giles, that's a very important distinction. Good point!