Apple ® section

Security through obscurity threatened as Macs become more popular?

At Apple's in the eye of flaw finders, Mac users are warned that the growing popularity of the platform will attract viruses and security hacks.

An unsettling report states that:

At the recent ShmooCon hacking conference, one security researcher
found out the hard way that such venues can be hostile, when an
unknown hacker took control of the researcher's computer, disabling
the firewall and starting up a file server.

While such compromises have become common in the Windows world,
this time the computer was a Apple PowerBook running the latest
version of Mac OS X. The victim, a security researcher who asked
to remain anonymous, had locked down the system prior to the
conference and believes that a previously unknown exploit caused
the compromise. However, in the following weeks, forensics performed
on the system did not reveal any clues as to how the PowerBook had
been compromised.
 

Hmmm. No clues? Did anyone think that maybe there was physical access to the machine either before or during the conference? Or maybe the "security researcher" is really just a security wannabe with "r00t" as his root password? Who knows - anonymous and vague reports aren't worth the bits they are transmitted on.

Yes, of course there might be an unknown hack into Mac OS X. Might be. But this kind of FUD isn't worth worrying about.

Oh, wait, there's more:

The compromise underscores a number of trends that has already
caused a shift in focus among flaw finders and could result in more
attacks on Mac OS X. Security researchers themselves have moved
over to Apple computers in the past few years and have learned the
ins and outs of the operating system. The company's move to
Intel-based hardware for its next-generation of Macs also gives
flaw finders familiar territory in which to look for bugs.
 

Aha! So it's that damn Intel CPU architecture that's been causing all of Microsoft's problems! I knew it: virus writers are an incredibly stupid bunch who understand nothing but 80x86 machine language, and moreover, that's all they need to know to "hack wreavoc" on any operating system. That of course explains why Windows viruses and worms have been so easily transported to Linux systems, completely destroying any and all security there. BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. And now Apple is switching to Intel? Idiots - can't they see this? Won't someone think of the children?

Yeah. Apple should be really worried about that. It's right up there with worrying about getting hit by a house sized asteroid.

We all know that it's the popularity of Microsoft that is the reason for all their security problems. You do know that, right? If not, this article reminds you:

Finally, as Apple continues to garner more market share, the lure
of a larger set of targets will make attacks more likely, say
security researchers.
 

Indeed. Of course some of us are old enough to have had experience with Apples back in the late 80's and early 90's, long before OS X. Funny thing: Mac's had viruses then. I can well remember chasing a virus through a big Mac Network and I'm sure some of our readers here have done the same thing. Older Mac operating systems had viruses and worms. How big a "target" was Mac then compared to now? A heck of a lot smaller, I'd say. But they had malware problems - why was that?

I know the Microsoft crowd doesn't like it, but the simple fact is that Windows is easy pickings. Microsoft even admitted that themselves, which is why they had to start over from scratch with Vista. Will Vista be more secure? Almost certainly (unless they screw it up, which really is a possibility) but that's some day in the future. Right now, Mac OS X is much safer and more secure than Windows in every respect. Will it stay that way? Well, I'd say it's more likely that Vista will have problems from the legacy baggage it has to carry, but sure, it's possible that OS X will be badly breached. Possible, but not as likely as articles like this one suggest.

6 comments

More Articles by Anthony Lawrence - Find me on Google+

Click here to add your comments




Thu Feb 9 12:51:20 2006:   anonymous


Unfortunately, the article you link to in your "Microsoft Messes Up" post at Smart Office News of Australia gets a 404.

However, the full text is available at the WSJ:

http://www.wsjclassroomedition.com/archive/06jan/bigb_microsoft.htm



Thu Feb 9 12:55:45 2006:   TonyLawrence


Thanks for the link finding.. it's annoying when people move or delete pages..



Wed Mar 15 00:22:26 2006:   anonymous


With the DMCA it's impossible to say what vurinablities are, so you're assumtions just make an ass outta yourself.



Wed Mar 15 11:16:32 2006:   TonyLawrence




I don't know what "assumptions" you think are off base - I'm not sure there even are any assumptions above. My bet is that your reading skills are as bad as your spelling and you misunderstood what was said entirely. If you can bumble your way through a dictionary, try looking up the difference between "assumption" and "opinion".



Wed Mar 15 15:03:51 2006:   BigDumbDinosaur


With the DMCA it's impossible to say what vurinablities are..."

Aside from the various grammatical gaffes and assorted nonsense in the poster's diatribe, I fail to see how/where the DMCA has anything to do with this discussion. Did he mean to say it will require an act of Congress to fix whatever it is about which s/he is ranting?



Wed Mar 15 20:43:44 2006:   TonyLawrence


I imagine that (s)he thinks that I am insisting that the "attacker" should reveal his methods and that Apple or Microsoft or whoever could conceivably prevent that with the DMCA.. of course I didn't say that at all; I merely pointed out that without more information, it's impossible to assign any value to the breach.


Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar

Jump to Comments

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them. I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.

Specific links that take you to pages that allow you to purchase the item I reviewed are very likely to pay me a commission. Many of the books I review were given to me by the publishers specifically for the purpose of writing a review. These gifts and referral fees do not affect my opinions; I often give bad reviews anyway.

We use Google third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.