backtop


Print 62 comment(s) - last by Silent-Ninja.. on May 17 at 6:04 PM


Looks like "PC" isn't the only one to have malware woes.  (Source: Apple)
Kaspersky recently published an analysis indicating that the Cupertino company was ten years behind Microsoft

Things haven't been pretty for Apple, Inc. (AAPL) of late as its seen a number of high-profile security embarassments surrounding its Mac personal computers.  Most recently OS X 10.7.2 Lion was caught dumping passwords in plaintext, thanks to some sloppy programming by an Apple engineer.  Before that, Apple suffered a Trojan infection of Conficker proportions (between 1 and 2 percent of Macs -- or roughly 600,000 machines were estimated to be infected) and was caught telling its technicians to lie about another wide-spread piece of malware, a fake antivirus program dubbed "MacDefender".

I. Kaspersky Recruited to Remedy Woeful OS X Security

Famed OS X hacker Charlie Miller once told a security blog, "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

Today the developer -- who Apple recently gave the boot from its developer program for revealing it flawed security -- has a softer perspective on the topic, stating to Kaspersky's threat post blog, "
It's always been the easiest to exploit and now it's to the point that it's not that easy anymore.  OS X has always been way behind on security, but now it's more or less comparable [to Windows]. Once you have ASLR and DEP and some sandboxing, that's all anyone has."

Still that wasn't enough to keep Kaspersky from delivering a scathing perspective on Apple's security, which it estimates to be a full decade behind Microsoft Corp. (MSFT).

In the aftermath of that assessment, Kaspersky's chief technology officer,
Nikolai Grebennikov has been quoted in a Computing.co.uk interview as saying that Apple has approached it desparate for security support.  The top security firm reportedly agreed and is in the midst of a likely lucrative assessment of the OS X code-base.

Kaspersky's criticism and Mr. Miller's praise may at first seem oddly divergent commentaries.  But in reality much of Apple's recent security flaws have come down to its insistence on redistributing third-party updates, coupled with a handful of careless programming errors.  Apple does not allow third-parties like Oracle Corp. (ORCL) the ability to directly patch their Mac OS platforms, such as Java.  While Apple views this as a security "feature" it has become more of a nightmare of late, as Macs are being exploited via gaping Java or Flash holes that were long ago patched in Windows.

Not surprisingly, Mr. Grebennikov indicates that much of Kaspersky's early advice to Apple revolves around letting third parties update their own platforms -- or at least assume a more responsible pace of mandatory updates.  Comments the security chief:

Mac OS is really vulnerable and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it.

Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago.

Apple blocked Oracle from updating Java on Mac OS, and they perform all the updates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That's far too long.

II. iOS Malware Expected to Soon Become Serious

Kaspersky  indicates that Apple was fortunate to seek help when it did.  Mr. Grebennikov estimates that malware will soon be targeting Apple's coveted iOS platform, which shares much in the way of security -- or lack thereof -- with OS X.  He comments, "Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS."

Thus far a couple of harmless Trojans and worms have struck iOS, but have almost exclusively attacked users of jailbroken iPhones or iPads.  Apple does not care about these infections as it does not consider jailbroken device users to be part of its user base.  Jailbreaking, or removing Apple's control over what apps can be run, voids users' warranties.

iPhone 4 fan
Kaspersky expects malicious hackers to target Apple's iOS mobile platform.
[Image Source: Toru Yamanaka/AFP/Getty Images]

Apple has long maintained an arrogant air from a marketing perspective, claiming its machines were impervious to malware or hacking, while portraying machines running Microsoft Windows operating system as "buggy" and "virus prone".  The company is surely eager to prevent the public from wising up to the reality that it may actually be well behind Microsoft in terms of system security.

Source: Computing.co.uk



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: That's Convenient
By Pirks on 5/14/2012 7:00:52 PM , Rating: -1
There are three kinds of fools: fool, damned fool and Reclaimer77.


RE: That's Convenient
By Reclaimer77 on 5/14/2012 8:59:07 PM , Rating: 2
Red ant's Pirks. Now. That tingling sensation mean it's working.


RE: That's Convenient
By Mitch101 on 5/14/2012 9:45:59 PM , Rating: 2
Im tempted to send you money for the cause.


RE: That's Convenient
By Alexvrb on 5/14/2012 10:57:54 PM , Rating: 2
Call and donate now! Operators are standing by!


RE: That's Convenient
By retrospooty on 5/15/2012 8:11:49 AM , Rating: 2
Crap... I was really busy at work yesterday and missed another Pirks being a complete douche thread. Oh well, I can pitch in for the cause too.


RE: That's Convenient
By Pirks on 5/15/12, Rating: -1
RE: That's Convenient
By retrospooty on 5/15/2012 2:27:18 PM , Rating: 2
No, irritating way in which you talk to people makes you a douche... Also the way you think you pwn people when you didn't is very douchey. You are like Vanilla ice saying he is the greatest rapper of all time. Just hilarious in a laughing at you not with you kind of way.


RE: That's Convenient
By Pirks on 5/15/12, Rating: -1
RE: That's Convenient
By kattanna on 5/15/2012 3:54:05 PM , Rating: 2
hmm.. the fact that you have actually thought about writing poetry to him is..interesting.

i say.. let the prose come forth


RE: That's Convenient
By Pirks on 5/15/2012 4:00:51 PM , Rating: 2
RE: That's Convenient
By retrospooty on 5/15/2012 6:01:13 PM , Rating: 2
"Whoa, you seriously expect me to talk like Shakespeare "

Not at all... I really don't expect you to even know what I am talking about, you come off like a childish douche-bag in every subject, regardless of the topic. I think if you were capable of knowing what that meant, you wouldn't do it, so I wont bother.


RE: That's Convenient
By Pirks on 5/15/2012 10:24:23 PM , Rating: 2
I really don't expect you to grow up and understand some basic things like that Reclaimer comes off like a childish douche-bag in every subject, regardless of the topic, so I won't bother either.


RE: That's Convenient
By retrospooty on 5/16/2012 8:40:19 AM , Rating: 2
Reclaimer is just angry. Not childish or douchey like you. He is extremely angry, about everything... LOL, but not a douche.


RE: That's Convenient
By jabber on 5/15/2012 6:27:33 AM , Rating: 2
I think I speak for many here when I say both of you should have along hard think about what you are doing with your lives.

We only say cos we care.


"I f***ing cannot play Halo 2 multiplayer. I cannot do it." -- Bungie Technical Lead Chris Butcher














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki