Security through obscurity threatened as Macs become more popular?

At Apple's in the eye of flaw finders, Mac users are warned that the growing popularity of the platform will attract viruses and security hacks.

An unsettling report states that:


At the recent ShmooCon hacking conference,
one security researcher found out the hard
way that such venues can be hostile, when an
unknown hacker took control of the researcher's
computer, disabling the firewall and starting
up a file server.

While such compromises have become common in
the Windows world, this time the computer was
a Apple PowerBook running the latest version
of Mac OS X. The victim, a security researcher
who asked to remain anonymous, had locked down
the system prior to the conference and believes
that a previously unknown exploit caused the compromise. However, in the following
weeks, forensics performed on the system did not reveal any clues as to how the
PowerBook had been compromised.
 

Hmmm. No clues? Did anyone think that maybe there was physical access to the machine either before or during the conference? Or maybe the "security researcher" is really just a security wannabe with "r00t" as his root password? Who knows - anonymous and vague reports aren't worth the bits they are transmitted on.

Yes, of course there might be an unknown hack into Mac OS X. Might be. But this kind of FUD isn't worth worrying about.

Oh, wait, there's more:

The compromise underscores a number of trends that has already
caused a shift in focus among flaw finders and could result in more
attacks on Mac OS X. Security researchers themselves have moved
over to Apple computers in the past few years and have learned the
ins and outs of the operating system. The company's move to
Intel-based hardware for its next-generation of Macs also gives
flaw finders familiar territory in which to look for bugs.
 

Aha! So it's that damn Intel CPU architecture that's been causing all of Microsoft's problems! I knew it: virus writers are an incredibly stupid bunch who understand nothing but 80x86 machine language, and moreover, that's all they need to know to "hack wreavoc" on any operating system. That of course explains why Windows viruses and worms have been so easily transported to Linux systems, completely destroying any and all security there. BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. And now Apple is switching to Intel? Idiots - can't they see this? Won't someone think of the children?

Yeah. Apple should be really worried about that. It's right up there with worrying about getting hit by a house sized asteroid.

We all know that it's the popularity of Microsoft that is the reason for all their security problems. You do know that, right? If not, this article reminds you:

Finally, as Apple continues to garner more market share, the lure
of a larger set of targets will make attacks more likely, say
security researchers.
 

Indeed. Of course some of us are old enough to have had experience with Apples back in the late 80's and early 90's, long before OS X. Funny thing: Mac's had viruses then. I can well remember chasing a virus through a big Mac Network and I'm sure some of our readers here have done the same thing. Older Mac operating systems had viruses and worms. How big a "target" was Mac then compared to now? A heck of a lot smaller, I'd say. But they had malware problems - why was that?

I know the Microsoft crowd doesn't like it, but the simple fact is that Windows is easy pickings. Microsoft even admitted that themselves, which is why they had to start over from scratch with Vista. Will Vista be more secure? Almost certainly (unless they screw it up, which really is a possibility) but that's some day in the future. Right now, Mac OS X is much safer and more secure than Windows in every respect. Will it stay that way? Well, I'd say it's more likely that Vista will have problems from the legacy baggage it has to carry, but sure, it's possible that OS X will be badly breached. Possible, but not as likely as articles like this one suggest.



Got something to add? Send me email.





(OLDER) <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> -> Security through obscurity threatened as Macs become more popular?

6 comments



Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Anthony Lawrence







Thu Feb 9 12:51:20 2006: 1614   anonymous


Unfortunately, the article you link to in your "Microsoft Messes Up" post at Smart Office News of Australia gets a 404.

However, the full text is available at the WSJ:

(link)



Thu Feb 9 12:55:45 2006: 1615   TonyLawrence

gravatar
Thanks for the link finding.. it's annoying when people move or delete pages..



Wed Mar 15 00:22:26 2006: 1790   anonymous


With the DMCA it's impossible to say what vurinablities are, so you're assumtions just make an *redacted* outta yourself.



Wed Mar 15 11:16:32 2006: 1791   TonyLawrence

gravatar


I don't know what "assumptions" you think are off base - I'm not sure there even are any assumptions above. My bet is that your reading skills are as bad as your spelling and you misunderstood what was said entirely. If you can bumble your way through a dictionary, try looking up the difference between "assumption" and "opinion".



Wed Mar 15 15:03:51 2006: 1792   BigDumbDinosaur


With the DMCA it's impossible to say what vurinablities are..."

Aside from the various grammatical gaffes and assorted nonsense in the poster's diatribe, I fail to see how/where the DMCA has anything to do with this discussion. Did he mean to say it will require an act of Congress to fix whatever it is about which s/he is ranting?



Wed Mar 15 20:43:44 2006: 1793   TonyLawrence

gravatar
I imagine that (s)he thinks that I am insisting that the "attacker" should reveal his methods and that Apple or Microsoft or whoever could conceivably prevent that with the DMCA.. of course I didn't say that at all; I merely pointed out that without more information, it's impossible to assign any value to the breach.




------------------------
Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us