Report: Apple Turns to Top Critic for Help With Malware Woes
May 14, 2012 4:37 PM
comment(s) - last by
Looks like "PC" isn't the only one to have malware woes.
Kaspersky recently published an analysis indicating that the Cupertino company was ten years behind Microsoft
Things haven't been pretty for Apple, Inc. (
) of late as its seen a number of high-profile security embarassments surrounding its Mac personal computers. Most recently OS X 10.7.2 Lion was caught
dumping passwords in plaintext
, thanks to some sloppy programming by an Apple engineer. Before that, Apple suffered a
(between 1 and 2 percent of Macs -- or
roughly 600,000 machines
were estimated to be infected) and was caught telling its technicians to
lie about another wide-spread piece of malware
, a fake antivirus program
I. Kaspersky Recruited to Remedy Woeful OS X Security
Famed OS X hacker
once told a security blog
, "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."
Today the developer -- who Apple recently
gave the boot from its developer program
for revealing it flawed security -- has a softer perspective on the topic, stating to Kaspersky's threat post
It's always been the easiest to exploit and now it's to the point that it's not that easy anymore. OS X has always been way behind on security, but now it's more or less comparable [to Windows]. Once you have ASLR and DEP and some sandboxing, that's all anyone has.
Still that wasn't enough to keep Kaspersky from delivering a scathing perspective on Apple's security, which it estimates to be a
full decade behind Microsoft
In the aftermath of that assessment, Kaspersky's chief technology officer,
Nikolai Grebennikov has been
interview as saying that Apple has approached it desparate for security support. The top security firm reportedly agreed and is in the midst of a likely lucrative assessment of the OS X code-base.
Kaspersky's criticism and Mr. Miller's praise may at first seem oddly divergent commentaries. But in reality much of Apple's recent security flaws have come down to its insistence on redistributing third-party updates, coupled with a handful of careless programming errors. Apple does not allow third-parties like Oracle Corp. (
) the ability to directly patch their Mac OS platforms, such as Java. While Apple views this as a security "feature" it has become more of a nightmare of late, as Macs are being exploited via gaping Java or Flash holes that were long ago patched in Windows.
Not surprisingly, Mr. Grebennikov indicates that much of Kaspersky's early advice to Apple revolves around letting third parties update their own platforms -- or at least
assume a more responsible pace
of mandatory updates. Comments the security chief:
Mac OS is really vulnerable and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it.
Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago.
Apple blocked Oracle from updating Java on Mac OS, and they perform all the updates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That's far too long.
II. iOS Malware Expected to Soon Become Serious
Kaspersky indicates that Apple was fortunate to seek help when it did. Mr. Grebennikov estimates that malware will soon be targeting Apple's coveted iOS platform, which shares much in the way of security -- or lack thereof -- with OS X. He comments, "Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS."
Thus far a
couple of harmless Trojans and worms
have struck iOS, but have almost exclusively
attacked users of jailbroken iPhones or iPads
. Apple does not care about these infections as it does not consider jailbroken device users to be part of its user base. Jailbreaking, or removing Apple's control over what apps can be run, voids users' warranties.
Kaspersky expects malicious hackers to target Apple's iOS mobile platform.
[Image Source: Toru Yamanaka/AFP/Getty Images]
Apple has long maintained an
arrogant air from a marketing perspective
, claiming its machines were impervious to malware or hacking, while portraying machines running Microsoft Windows operating system as "buggy" and "virus prone". The company is surely eager to prevent the public from wising up to the reality that it may actually be well
Microsoft in terms of system security.
This article is over a month old, voting and posting comments is disabled
Grebennikov is just fear mongering
5/14/2012 5:12:17 PM
I'd be fear mongering in exactly the same way if I were him. It's just a business. You can't sell your "antivirus" crap to iOS users if they are not scared.
Move along people, nothing to see here. Mick is just generating anti-Apple troll clicks here, more money to him and more BS from Motoman and his ilk too.
I'll believe it when I see it. So far iOS seems impenetrable because of pretty decent control Apple has over the contents of its App Store. Grebennikov and other deceiving "businessmen" like him can keep BSing lamers for all they want, and they will partially succeed for sure, a few idiots from iOS users camp will cough up some cash for some "antivirus" turd from Grebennikov and Co. But smart iOS users won't buy his BS, I'm sure.
RE: Grebennikov is just fear mongering
5/15/2012 5:38:19 AM
You wouldn't even believed it when you see it. You're simply blinded.
RE: Grebennikov is just fear mongering
5/17/2012 6:04:44 PM
Yes. A dead forum that takes its reviews from slashdot and then evenly mimics a reviewer. Website is funny, yes, people who can't write but only to try to be like someone else.
Keep working on your grammar pal, you still have a lot to learn.
You ever notice the number of websites owned by a group of losers, of whom, only keep making a new site everytime their site gets notary for being asinine.
Blogging does not sanctify as journalism.
"There is a single light of science, and to brighten it anywhere is to brighten it everywhere." -- Isaac Asimov
Apple Takes 3 Months But Finally Stops Printing Passwords in Plaintext
May 9, 2012, 5:20 PM
Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012, 1:46 PM
Kaspersky Labs: Apple's Security 10 Years Behind Microsoft
April 26, 2012, 7:39 AM
Malware Authors Get Boost from Apple's Sluggish Updates, Infect 600K Macs
April 6, 2012, 8:40 AM
Developer Demonstrates Serious Security Breach in iOS, Apple Bans His Account
November 8, 2011, 9:06 AM
AT&T Launches U-verse with GigaPower Network in Austin, Texas
December 11, 2013, 5:14 PM
Harlem to Receive U.S.' Largest Free Wi-Fi Network
December 11, 2013, 11:48 AM
Google's First Asian Data Centers Now Operational
December 11, 2013, 8:50 AM
Seattle's High-Speed Internet Rollout Delayed Due to Financial Issues
December 10, 2013, 12:14 PM
Report: Spotify Working on Free, Ad-Supported Mobile Service
December 6, 2013, 9:52 AM
Microsoft Protecting International Customer Data Through Increased Encryption, Litigation
December 5, 2013, 6:15 PM
Most Popular Articles
Experts: Masturbation Prevents Cancer, Diabetes, Insomnia, and Depression
December 6, 2013, 2:01 PM
Hackers Nab 2 Million Login Credentials from Facebook, Gmail, Twitter
December 5, 2013, 1:00 PM
Thieves Steal Truck with Cobalt-60 Onboard in Mexico, Will Die "Without a Doubt" from Exposure
December 5, 2013, 12:04 PM
Man Arrested for Using 5 Cents Worth of Electricity to Charge Nissan Leaf at Middle School
December 4, 2013, 8:00 PM
U.S. Navy Fires "XFC" Drone from Underwater Submarine
December 6, 2013, 2:35 PM
Latest Blog Posts
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
AT&T Explores $100B+ USD Deal to Acquire Vodafone's European Operations
Nov 4, 2013, 7:34 AM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information