backtop


Print 107 comment(s) - last by Smilin.. on Dec 8 at 9:51 AM


Sadly, even Macs need to practice computer safety these days.  (Source: GameSpot)
Macs are not the virus-free playground they once were, says Apple

Most computer users take buying or otherwise obtaining antivirus software protection for granted as part of normal computer maintenance.  However, users of Apple's Macs, while being greatly in the minority compared to PCs for years have most gone with no virus protection.  Apple even supported this belief, through ads indicating that Macs don't get viruses.  And while Apple's software security-related patching rate is among the worst in the industry, for years Apple was mostly right; its computers just didn't get targeted in great numbers by malicious users.

Recently, however, Mac has been building up a slightly larger market share, thanks to multiple months in the number 3 computer retailer spot.  While PCs still greatly outnumber Macs, there are now many more Macs, and that spells trouble for Mac security.  This growing problem is exacerbated by Apple's poor patching as was demonstrated at a recent hacker convention, in which an Apple machine was easily compromised a full day before Linux and Windows machines could be.

Now Apple has recognized this new problem and for the first time is recommending its users install antivirus software.  A little notice popped up on its support website, entitled "Mac OS: Antivirus utilities".  In the page Apple states, "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."

Apple goes on to suggest three products -- Intego VirusBarrier X5 and Symantec Norton Anti-Virus 11 for Macintosh, both available from the Apple Online Store, and McAfee VirusScan for Mac.  Just three months ago Brian Krebs, who first noticed the notice and reported on it in Washington Post, bought a MacBook and was told by Apple employees that he didn't need antivirus software.

Similarly, Apple ads like this have long indicated that Apple is immune to viruses.

So what caused Apple to change its tune?  One major factor appears to be the rise in non-OS attacks.  While Apple's base OS is relatively secure, many of its programs, both Apple and third party have numerous vulnerabilities; among them Flash and Apple's Safari web browser.  Dave Marcus, director of security research and communications at McAfee states, "Apple is realizing that malware these days is targeting data, and valuable data exists just as much on an OS platform that is a Mac as it does on an OS platform that is Windows."

Apple is likely also conscious of the increasingly strong security from Microsoft, and its possible effect on its own users.  With Microsoft beefing up its patching system, adding more OS security layers, and offering free antivirus and malware protection for Windows Vista in mid-2009, hackers may turn to easier hijack Mac computers as a source of bots for botnets or other malicious schemes.

One type of malicious program Apple is particularly vulnerable to is password-stealing Trojans.  Explains Mr. Marcus, "The malware we see today is Trojans, password-stealing Trojans," Marcus said. "They are little apps that are dropped onto the machine to do something. They don't infect files and copy themselves. They are looking for specific information and they send that information somewhere else."

Several such Trojans have popped up, such as the AppleScript.THT Trojan, and another one that targeted Mac users searching pornographic sites.

Apple also has to worry about its adoptees -- Microsoft Office for Mac and Firefox for Mac, both popular targets of exploits.

While some, particularly Mac users may find Apple's new announcement surprising, Mr. Marcus says at the end of the day, it is merely an acknowledgment of reality.  He continues, "At the end of the day, they're (Apple is) advising people to be safe and take precautions.  That's a prudent thing to tell people in Web 2.0 world."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Hi I'm a MAC
By Gzus666 on 12/3/2008 9:02:53 AM , Rating: 2
No, they patched the vulnerability with an update. It still wasn't a hole in the OS, it was a whole in the DNS implementation that is platform neutral. As I stated before, you can easily fault Apple with taking forever to patch the thing, but when you realize like 2 servers in the world are Mac, you see why they would probably not care to do it in a timely manner.

http://en.wikipedia.org/wiki/BIND

Berkley made it so you expect all the OS manufacturers to be responsible for its problems? They integrate it in cause it follows the standards, there was a problem, so it was fixed independent of OS. No inherent problem will go across all operating systems just for the pure fact that they don't share the exact same code. Any problem that is across them all is a problem with a shared program or protocol, like Flash for instance, not their core OS.

What next, we blame Microsoft for an HTTP flaw that allows an attack? I don't like Apple, but it's kinda hard to fault them for something like 4 people in the world use on their machines and isn't even their fault or any of the OS maker's fault.


RE: Hi I'm a MAC
By Smilin on 12/3/2008 11:18:30 AM , Rating: 2
Wow you guys are really missing my original point which was this:

The DNS vulnerability (a RFC deficiency that manifested in nearly every RFC implementation) created a level playing field that made for a great real-world comparison of how companies react to security flaws. In this level playing field it became very obvious that Apple sucks. Period.

Regarding the "OS" debate:
There is no such thing as "THE dns implementation". There is the DNS specification which frankly is riddled with ambiguity on on a great number of topics. It is up to OS makers to follow the *specification* to come up with an *implementation*. In the case of this vulnerability the net result was that everyone had a problem in their implementation. In other words it's an OS vulnerability. The fact that everyone had the same one doesn't change this.

And to answer your question (as a Microsoft fan), yes we would blame MS for an HTTP flaw that allows an attack...if they fail to fix it once the flaw becomes known. I therefore blame Apple for leaving their customers vulnerable to the DNS flaw.

Flip the argument:
If MS had waited two months to fix the DNS flaw what would everyone be saying? You're damn right MS would catch hell. So don't go cutting Apple any slack.


RE: Hi I'm a MAC
By Gzus666 on 12/3/2008 11:56:24 AM , Rating: 2
quote:
The DNS vulnerability (a RFC deficiency that manifested in nearly every RFC implementation) created a level playing field that made for a great real-world comparison of how companies react to security flaws. In this level playing field it became very obvious that Apple sucks. Period.


I agreed with this in my post. On that same basis, also stated in my subsequent post that the obvious reason they weren't in a hurry to patch it is cause what runs on a Mac server? Nothing. Windows and Linux had to patch it quickly, cause they are actually used for this, Apple most likely realized the 2 people who run a Mac server weren't priority.

Also, no the OS manufacturers do not make DNS, as I showed they are all made by third parties. The most popular being BIND by Berkley.

I am not cutting Apple slack, Apple is a piece of crap company with other examples of piss poor patch times, the DNS issue is just a stupid example for the above reasons. The difference is I hate Apple for things they actually do wrong, you hate them just to hate them.

Also, if you are dumb enough to blame MS for an HTTP attack, why don't we blame them for driver problems and browser problems while we are at it? Can we also blame them for any 3rd party program issues? How about we blame them for holes in Flash? Good fun, needlessly blaming those not involved. If it falls beyond the Kernel, I wouldn't really blame the OS maker, since they are not in direct control of it. Granted there are areas where this is gray and we aren't sure, but this problem isn't one of those times.


RE: Hi I'm a MAC
By Smilin on 12/3/2008 1:32:37 PM , Rating: 1
I'm going to disagree on one final point:

I don't think apple wasn't in a hurry because nobody uses their DNS. I think they actually were in a hurry and simply lacked the capability respond properly.

It's doubly sad because for months they were able to look at others fixed source code (FreeBSD).

MS had to do their own fix (NT 4.0 DNS was BIND but that code all but gone) and put it through far more rigorous regression testing given the size of their install base.

We forget just how shitty apple is at writing OSes. They essentially had to give up and start over because they had fallen so far behind. FreeBSD caught them back up but unless something changes they'll eventually lag again.


"This is about the Internet.  Everything on the Internet is encrypted. This is not a BlackBerry-only issue. If they can't deal with the Internet, they should shut it off." -- RIM co-CEO Michael Lazaridis

Related Articles
Apple's Safari Security Woes
March 31, 2008, 12:22 PM
Microsoft Gets Cozy With The iPhone
March 26, 2008, 2:39 PM
MacBooks Get Hacked Within 60 Seconds
August 4, 2006, 12:46 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki