backtop


Print 65 comment(s) - last by sarfralogy.. on Apr 30 at 1:12 PM

Kaspersky says Apple needs to change its approach to updates and patches for its machines

Computer security company Kaspersky Labs said that Apple is at least 10 years behind Microsoft when it comes to security.

Eugene Kaspersky, co-founder of Kaspersky Lab, discussed the security of both PCs and Macs at the Info Security 2012 event. He concluded that Apple's security is far behind Microsoft's, and that Apple will need to change its ways when it comes to updates and patches.

According to Kaspersky, Macs are becoming increasingly targeted by malware due to increased Mac sales. In Q2 2012, Apple sold 4 million Macs, which was a 7 percent boost from Q2 2011. Cyber criminals are starting to notice that these computers are becoming more popular and are easy targets for malware attacks.

Earlier this month, Apple finally admitted that its machines have been prone to malware problems. It has had issues with Flashback trojan, also known as Flashfake. This particular trojan disguises itself as an install Java applet on hijacked sites, and when users approve it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It also installs alternative control programs, turning the machines into bots.

"Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on," said Kaspersky. "We now expect to see more and more because cyber criminals learn from success and this was the first successful one.

"They will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software. That's what Microsoft did in the past after so many incidents like Blaster and the more complicated worms that infected millions of computers in a short time. They had to do a lot of work to check the code to find mistakes and vulnerabilities. Now it's time for Apple [to do that]."

According to Kaspersky, Flashback infected about 600,000 machines worldwide (approximately 3,000 in the U.S.) at its peak where 98 percent of these machines were Macs.

"I think they are ten years behind Microsoft in terms of security," said Kaspersky. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."

Source: CBR



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Nonsense
By djdjohnson on 4/26/2012 11:16:12 AM , Rating: 2
The problem with that approach (and MS is guilty of this too) is that the assumption is that you are only installing software if it is attempting to put it in a common area of the system, like the Applications folder on Mac, or the Program Files folder on Windows. Both systems are still perfectly happy to run unsigned, unverified code in user-owned folders, like the desktop or your Documents folder. I know that even code signing doesn't prevent malware (the bad guys could get a certificate too), but the idea that requiring a password (or even a UAC prompt) to install software will prevent malware from being installed is just plain false.

Google Chrome is a great example of an application that runs out of user-owned folders. At least on Windows, anyway, it installs for each user and doesn't attempt to put anything into the Program Files folder. So it technically never requires a UAC prompt. I haven't investigated how it does it on the Mac, but the same thing applies... it could run out of a folder that is owned by the current user and no permission would ever be required to install it that way.

Both Windows and OS X are vulnerable here. Neither one has come up with a magic solution to prevent this.


RE: Nonsense
By Reclaimer77 on 4/26/2012 11:41:14 AM , Rating: 2
But that doesn't matter because without Administrator elevation, nothing can effect your system anyway no matter what folder it's trying to run out of.

quote:
but the idea that requiring a password (or even a UAC prompt) to install software will prevent malware from being installed is just plain false.


This is correct. However in reality it doesn't matter, again. It can install, sure. But unless you're using the Administrator as a USER account (extremely bad practice), the software will still require UAC confirmation to ACCESS and alter system files etc etc.


"My sex life is pretty good" -- Steve Jobs' random musings during the 2010 D8 conference














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki