I too battle similar issues on a regular basis. And as you have stated, AV definitions are used against themselves to develop malware that won't be detected, but I have to say two things:
- Although at the present, Macs are not likely to be targeted for such shenanigans due to market share (compared to Windows,) one day, when they are, I think we will see a similar discomfort.
- This Rouge AV software (as I like to refer to it) needs a level of authority to wreak havoc on a system -- i.e. Administrator or Root permission. Since deploying Windows 7 64-bit with UAC, I have not had to rebuild a system yet (whereas before, with XP running as Administrator, I average about one system every two to three months.) One of my biggest pushes to Windows 7 64-bit was the increased layer of protection offered by UAC and Low Priority IE8 functionality.
I've seen just as many attempted malware installs on the new machines, but the success rate has been very low (if the malware is configured to NOT modify the system, but to just make additions to the local users files -- assuming it can get approval by the user to get downloaded in the first place).
Obviously, all of this can be circumvented by a gapping security hole in a program, but that is why I also focus on limiting the programs installed on a system to only what is needed (vs. installing a program to see what it does then never using it again) and then actively maintaining those programs. Or, run a program (like PSI) regularly to uncover known security holes.
Either way, sometimes I find it difficult to imagine a system that can do everything we ask of it (without the slightest bit of protest) while at the same time expecting it to follow our intent versus our actual behavior.
Running any computer as a 'local admin' rather than as a 'standard user' today is like building a beautiful new home with the latest security system, gates, window and door locks available, then leaving all the gates, windows and doors open, and the security system turned off. Don't complain when unwanted intruders come in and wreck the place.
Is that the builder's or architect's fault?
I had thus far been a Microsoft 'lifer.' I, like many others, owe my career and livelihood to Microsoft and the PC revolution it helped pioneer. But the viruses, spyware, and the horde of careless vendors that bolt their sloppy products onto the Windows platform have challenged my loyalty for the last time. I'm sending you this note from my new MacBook Pro. I can attest to the very real allure of Apple's 'halo effect'. It started with my iPhone, which I reluctantly bought because Microsoft left me stranded with its on again, off again smartphone vision. It was Microsoft's fault, really. But the iPhone lead to the iPad, lead to this MacBook.
I've had every manner of Windows device -- from building my own 286 clones back in the day, to the last PC I'll ever own, a laptop tablet; to handhelds -- yes, I even owned the original iPaq the day it came out; to servers meant to manage the many Windows devices around my home. I've had every version of DOS and Windows available. I've been in the game professionally for over 20 years now, having written my first programs as an adolescent on a TI80 hand-me-down from my grandma, a college professor at the time. I was once a Microsoft Certified Trainer, teaching Windows NT and consumer operating systems, back when there were less than 300 people in the world certified to do so. I was a professional developer, systems administrator, and then moved on to manage teams of other developers and administrators. But in the end, I've given up on Microsoft's 'relentless mediocrity.'
If there's to be any future for Microsoft, I believe a serious management shakeup is in order -- maybe even something more dramatic, like breaking the company up by market segment. Steve's got to go, for starters, but others too. There doesn't seem to be anyone running the major product divisions with any real vision anymore. The last time I felt inspired by a new product launch was at the Windows 95 pre-launch some 16 years or so ago, where we were each given beta copies -- nearly 30 floppy disks, as I recall. It seemed like an impossibly huge OS to require all those disks, and I couldn't wait to see what wonders Microsoft had come up with next. But then came Windows 98, ME and a long downhill slide that finally came to rest with Vista. Sure, Windows 7 is good (not great), but it's way too little, way too late.
Only time will tell if the viruses and spyware will infiltrate Apple's products as pervasively as Microsoft's. One can somewhat forgive Microsoft, as its lead in the industry has made them an ever larger target -- the problem has grown as it has grown, forcing it into a reactionary position. Apple, on the other hand, has had plenty of time to study Microsoft's mistakes. It will be inexcusable if Apple fails to understand that it must aggressively engineer security into its products, or suffer the same consequences. I think Apple gets it. Its freakish desire to control the hardware, in an effort to control the user experience, is the same sort of tenacity it'll need to fight the virus and spyware threat to that same user experience.