backtop


Print 40 comment(s) - last by The Raven.. on Apr 10 at 12:06 PM


  (Source: Science Photo)
Apple refuses to let Oracle patch Java directly, cybercriminals celebrate 2 months of easy hunting

If you have a Mac and you browse the internet, there's a chance your "secure" Apple, Inc. (AAPL) computer may have been compromised, allowing hackers to use your computer as part of a botnet to spread spam and launch distributed denial of service (DDOS) attacks.

I. Half a Million Macs Infected

A report by security firm Dr Web claims to have discovered at least 600,000 Macs to be infected by "Flashback" the latest in a growing deluge of Mac malware [1][2][3][4] [5].  

The new malware first takes root by masqerading as a Flash player update, which many users haplessly approve.  It then does various devious and dastardly deeds, depending on the variant.  

Early versions disabled XProtect, Apple's pseudo-secret antivirus program, which it quietly slipped in version 10.6.7.  The crippling of the protector program was a multi-step sophisticated process where the trojan first decrypted a file attached to the program, then decrypted the path of the updater binary, and finally stopped the updater daemon and overrwrote key files.
Macs

The latest version v39, has even more dangerous capabilities:

Systems get infected with BackDoor.Flashback.39 after a user is redirected to a bogus site from a compromised resource or via a traffic distribution system. JavaScript code is used to load a Java-applet containing an exploit. Doctor Web's virus analysts discovered a large number of web-sites containing the code.

The exploit then reportedly downloads other malicious programs to control the computer, conscripting it into the authors' botnet.  Typically every program installed on the Mac requires user permission to install, a process similar to the user account control (UAC) warnings in Windows.  However, after the Java exploit, users no longer receive such warnings about the malware installations.

II. Apple Moves Sluggishly to Fix Gaping Holes

In recent months Flashback has been exploiting three specific known Java vulnerabilties.  Oracle Corp. (ORCL) had fixed these vulnerabilities way back on Feb. 14, but Mac users did not have access to the free protection as Apple does not allow Oracle to directly update its machines.

Instead Mac users had to wait until 4/4/2012 -- this Wednesday -- to receive a patch for the last of the flaws.  A second update was released yesterday, according to security firm Intego.  Given that there are commonly other flaws that are patched by Oracle, but not on Macs, these latest patches are likely only to slow -- not stop -- the malware.

In addition, Apple does not automatically install such critical updates on users machines.  Rather it prompts them that the update is available in OS X, then allows them to install the update at their own convenience.  As a result, many users may never patch the flaws or go weeks unprotected.  This contrasts with Microsoft who forces users to endure the occasional nightly reboot in the name of security.

Apple has long practiced a negligent approach when it comes to security.  Where Microsoft rewards developers who point out potential security flaws, Apple bans them.

III. Macs -- Not That Safe Anymore

Apple users, like Linux users, long trumpeted their platform's "superior security".  Even Apple joined in this fun, attacking veteran operating system maker Microsoft Corp. (MSFT).  While there was some truth in these claims, it was largely due to Apple's miniscule market share -- malicious hacking tends to be profit-motivated and spending a whole lot of work to infect a small portion of a few million machines seemed a lot less attractive than being able to infect hundreds of millions of machines with Windows-geared exploits.

But Apple has risen in market share, shipping 16.8m Macs in its fiscal 2011 (which ended in calendar Q3 2011).  Now it's learning the pain Microsoft felt for years.

Blind Faith Cafe
Many Apple users blindly believe their favorite company will protect them sufficiently.  In reality Apple does less than Microsoft to protect its users. [Image Source: Eater]

Apple's reaction has been slow at best.  Apple still insists on redistributing third parties security updates, but does so at a leisurely pace, endangering its users.  At the same time, the company was revealed to have been instructing its technicians to lie to users and not tell them if their systems are infected.

Timur Tsoriev, an analyst at Kaspersky Lab tells BBCNews, "People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth."

Unfortunately many Mac users don't realize that, faithfully believing that Apple is delivering them superior protection.  Sadly their faith is misplaced.

Sources: Dr Web, BBCNews



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Beside the point
By borismkv on 4/6/2012 12:24:00 PM , Rating: 5
You know, I haven't had a virus in about 10 years on any of my Windows machines...People get viruses because they fall for social engineering tactics. The security of the OS doesn't matter at all when the person behind the keyboard clicks on every pop-up warning they see. I have no jealousy about Apples having fewer viruses, because I know that the people who use Apples are stuck with that idiotic OS.


RE: Beside the point
By Argon18 on 4/6/12, Rating: -1
RE: Beside the point
By Hyperion1400 on 4/8/2012 2:31:31 AM , Rating: 2
quote:
Say what you will about Apple's stance on security, or on how they run their company, but the FreeBSD operating system with a bit of Apple branding and UI "design" sprinkled on top is quite brilliant. Windows is a real turd in comparison.


Fixed :P

Anyway, now to a few legitimate points of contention I have with your post.

U-EFI is not the revolution in PC tech Intel keeps making it out to be. Yeah, it improves boot time, and that's about it; it offers no real performance advantage. All the low level stuff is still handled by the BIOS and U-EFI just acts as a go between.

However, it DOES make for a much nicer UI when you do need to fiddle with the BIOS, that much I will give it.

Windows XP-x64 hit the Market on April 25, 2005

OSX 10.4 (Intel Version) didn't show up until April 29th...

I'm will to call that a draw :P

As for viruses, nobody is willing to put forth the time and effort to develop a fully functional virus for OSX when building a trojan is far simpler and can accomplish what they need just as well. Most Black hats also tend to have hard-on for open source code and a fondness for Unix-like OSes and any virus they create will inevitably have some cross compatibility with FreeBSD since OSX shares kernel commonality with FreeBSD. So yeah, they don't want screw over their compandres.

And, when it comes up, may I direct your attention to the bottom of the page for a very insightful quote...may need to press refresh a few times...

Of course it take 50 tries when I'm actually looking for it:

"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." -- Charlie Miller


RE: Beside the point
By The Raven on 4/10/2012 12:06:07 PM , Rating: 1
quote:
It is fully POSIX compliant, while Windows is not compliant with anything but itself.
Just noticed this part but depending on the product Windows is POSIX compliant. But at any rate you can install the layer if you should need it. So I wouldn't knock MS for that.

As far as the OSX being "brilliant" comment... compared to what? Windows? Hardly. If anything they both are equally impressive (in different areas). And certainly not compared to "name your flavor" of Linux where you are brilliantly free to do whatever the hell you want.

But I certainly agree that the OS itself should not be called idiotic. Though the company policies are...So essentially you would be an idiot to buy said OS given the subject matter.


"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki