Skip to comments.Mac bomb ticks for security smug users—OS X, Safari weaker than Windows
Posted on 05/02/2009 12:51:51 AM PDT by Swordmaker
The idée fixe that Macintosh is impervious to attack could be shattered if cyber-criminals act on their arsenal of 0-day exploits, security experts say.
Hackers need only a few critical vulnerabilities, common to all operating systems including the security-focused OpenBSD, to craft a successful attack.
Pure Hacking senior security consultant Chris Gatford said hackers may retain 0-day Macintosh vulnerabilities unknown to the industry and exploit them at an opportune time.
It's only a matter of a time before Macs get more market share and become a more viable target, Gatford said.
Mac users now are exposed to less risk because bad guys see the money in compromising Windows machines as they have a better chance of a hit with malware.
Most Mac users don't run anti-virus and those that do rarely update. Apple are a lot slower to patch holes for the Unix/BSD back-end than the other Unix variants, he said.
Only last year, a MacBookAir was hacked in less than two minutes using the Safari browser. The hacker, a US security analyst who scored US$10,000 at the pwn to own competition, said the fully updated and patched OSX 10.5.2 was easier to hack than the updated Vista and Unbuntu systems.
Securus Global CEO Drazen Drazic said it is well reported that Macs are not invulnerable and said it is doubtless that hackers are hiding unreleased exploits.
Very surprised if there is not exploits that guys are sitting on as 0-days for their own private use, Drazic said. It's far more beneficial to keep private a vulnerability for an iPhone.
Hackers that keep vulnerabilities on the down-low have more time to write and perfect exploits. It could take say three months to write an exploit for a standard memory-corrupting vulnerability for OpenBSD, Drazic said, adding that it may take a few days or hours to exploit address space randomisation and memory protection which are new to Apple systems.
Still, industry figures say the security of an operating system cannot be rated by its exploit count an approached favoured by many vendors because more vulnerabilities will be discovered in popular operating systems than obscure alternatives.
Moreover, the most prevalent Mac infection techniques require reckless users as it is arguably more difficult to hack the latest OS X and Windows Vista systems - if only because they do not allow root access by default and contain better application installation controls than their predecessors. The iServices Trojan Horse, discovered in January which triggered a Mac botnet scare, typified the use of pirate software as a vector of attack.
Researchers are not suggesting that Mac exploits will be launched in a collective Armageddon, rather they may be quietly in use now, and taking advantage of Mac users smug on security, or vendors that are ignorant to the holes.
You can't be certain that their not using exploits just because you're not hearing about it. Many organisations don't have decent logging or monitoring and don't run penetration tests, so they can't tell if they are compromised, Drazic said.
If you want on or off the Mac Ping List, Freepmail me.
So there is some widespread plot to state the obvious just to “ruin” WWDC?
We’ve seen story after story of REAL exploits found, trojans contracted by Mac users, and stories of how Macs were easily compromised quicker than Windows and Linux, and yet Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apple’s feelings?
In order to perpetuate the marketing myth that Macs are magically invulnerable, all of these people that say otherwise have to be lying.
Hey, if they want to keep pretending that they are bulletproof just to appear to be a good Apple users, then don’t scream when it does hit you personally. Likely you wont scream for long because other Mac users will accuse you of spreading FUD, because WWDC is right around the corner.
I noticed it mentioned the Linux flavor “Ubuntu” . I’m using that right now. It’s been a hoot.
The grammar in this article is horrible.
Huh? Show some examples.
And this may be Bigfoot.
Same article that has been written for the past ten years.
This is just silly, everybody knows Apples are impervious to any and all exploits, virus attacks, trojans, you name it.
Apples are perfect, everything else is just flawed.
Exactly, whoever wrote this article is a pure Microsoft troll
The security through obscurity lie is getting old. IF there are exploits out there targeting specific smartphones, then how can the claim still stand that OS X is not a target because there are not that many targets. How many million new Apple computers were sold in the last quarter? And how many total OS X computers are out there? Enough to make any hacker salivate if it were an easy target.
...In order to perpetuate the marketing myth that Macs are magically invulnerable, all of these people that say otherwise have to be lying... -VDK
Nobody says that. What we do say is that Mac users are smart enough not to load a program they didn't request! Viruses and trojans are programs that cannot run any other way. But you probably know that, right?
As for Vista security, what's Vista but a poor emulation of OSX? They finally got the memo that says "ask"!
Apple knows security!
Apple are a lot slower to patch holes...
Very surprised if there is not exploits...
It’s far more beneficial to keep private a vulnerability...
You can’t be certain that their not using exploits...
“Apple knows security! “
Not really, they just happened to select a platform which is inherently more secure. However it is not perfect and we will see more and more attacks focused on Macs.
As more unsophisticated users buy Macs it will easier to exploit them.
Virtually every “infection technique” require reckless users.
It doesn’t matter if you are someone surfing to a porn site or some guy downloading a bootleg copy of iWork, in the end no OS can guarantee, not even one with an Apple logo, that the person using it isn’t ignorant.
It isn’t like some hacker looks at installation controls on a Mac and said “Oh darn! I’m totally out of options!”
“Only last year, a MacBookAir was hacked in less than two minutes using the Safari browser. The hacker, a US security analyst who scored US$10,000 at the pwn to own competition, said the fully updated and patched OSX 10.5.2 was easier to hack than the updated Vista and Unbuntu systems.”
Like I said, keep repeating the marketing if it makes you feel better.
“Its far more beneficial to keep private a vulnerability...”
The general trend by hackers now days is not to crash hacked computers. Its to monitor it for valuable information and use it as a safe platform from which to conduct other attacks.
Most computer crime is not jimmy in his bedroom. Its Chinese or Russian organized crime intent on stealing dollars and/or valuable information.
Oh by the way, in the end the Great Wall didn’t work.
"You keep using that word. I don't think it means what you think it means."
"idée fixe" has a meaning similar to "obsession," which doesn't seem to fit the attempted use here.
Do you what the "ground rules" were or only the headlines ?
The author seems unfamiliar with the origins of OS X.
In the end, I'm going to die. Until then, I will try to keep on the right path! My Mac is an appliance I use.
What will keep me, is the love of God!
Nothing can stand against God, but a computer operating system must be strong. I prefer Apple's ideas. I own and use Macs daily, most of which are as much as 10 years old. I have not bought an intel portable, but have an iMac with one. I can run Windoze, but don't.
One guy didn't conquer that Wall, FRiend. It took hordes of them...
...As a compromise, they decided to keep the Mongols out by constructing walls along Chinas northern border. Ultimately, the walls proved ineffective, as the Mongols were easily able to pass around or break through them during raids. For this and other reasons, sections of the walls periodically required repair. ...
Apple sends me periodic updates to keep me from buying from these guys hawking their wares! With "Time Machine", I don't worry about my computer life!
At least your happy. Just as I am with my Windows machines.
The polar ice cap *COULD* melt and the ocean *MAY* swamp coastlines.
Someone *COULD* find an as yet *UNKNOWN* exploit and *MAY* hack one Mac in his mother’s basement.
I *COULD* fly by expelling methane from my patoot.
...According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.
It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.
Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.
Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down.
I missed the part about OSX!
Somebody set us up the bomb!
Weve seen story after story of REAL exploits found, trojans contracted by Mac users, and stories of how Macs were easily compromised quicker than Windows and Linux, and yet Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apples feelings?
Name the real exploits in the wild that are NOT trojans, VanDeKoik.
Remember vulnerabilities are NOT exploits unless they have been used to get into a machine. Proof of concept examples that have not been seen outside of a demonstration, and malware written for the previous Mac OS don't count. The exploit has to have actually infected some unsuspecting non-participating Mac OS X user in the wild.
Those Macs that were hacked at the CanSec West conference were broken into using vulnerabilities developed over several months by a team of three crackers, all of whom were ex-NSA computer experts. In both contests, Windows fell shortly after to other crackers who had not bothered to pre-prepare their exploits as did Charlie Miller. As of now, there are still ZERO self-replicating, self-transmitting, self-installing OS X viruses or worms in the wild. There are similarly no self-replicating, self-installing, self-transmitting spyware applications in the wild for OS X.
Even the latest so called iBotNet has little to no evidence that it even exists besides an article written by two Symantec employees who did not even report it to their own employer before publishing their claims in a subscription only ($175 perear) eMagazine, The Virus Bulletin. Even stranger is that the original reports of the infected pirated softwarewhich was freely available without the infected attachment from multiple sites, including Apple's own software servers was reported to have total downloads in the DOZENS by the two bit torrent sites where it was found... yet these authors claim, with out evidence, 20,000 infections, and offer as proof, the Denial of Service attack on one unnamed website. Why waste a 20,000 machine botnet just to deny access to an obscure, unnamed website? Why was this DOS attack not reported? The week after the article's publication, Symantec's own listing for the infected pirate files stated the number of affected machines at under 50! NO verification from other sources has been forthcoming. We are left with an essentially one source claim of the existence of a Botnet that went undetected, even after the widespread announcement in the press that those who downloaded the trial software from a bit-torrent site had possibly gotten an infected version (which was easy to detect and remove), until it was activated months later to deny service to some unnamed website. Absurd. The iBotNet report, like all other previous so-called "first" OS X Malware, became a three day wonder, a tempest in a teapot, as Mac users looked and did not find what was claimed. It has joined the others, OSX-Macarena, OSX-Leap.A, OSX-Inqtana, etc., that will be trotted out by FUD spreaders as examples of "real" OS X malware in the Wild... examples that have been debunked and will have to be debunked over and over again.
These warnings are exactly the same warnings as we have seen in the weeks prior to every major Apple event in the past eight years... and for eight years nothing serious has EVER been developed to prove these warnings as truthful.
When someone finally creates a viable OS X worm or virus and releases it into the wild and it infects enough Macs to become a problem, then, and only then, will i purchase or install any anti-malware software to steal CPU cycles, delay startup and shut down, and cripple my productivity.
You may know that... I don't.
I know that there are about 12-14 working trojan horse applications out in the wild for Mac OS X. No OS that allows a user to install software is safe from the user's idiocy.
What and who are you criticizing? That is a phrase used in the article written by Darren Pauli. I don't believe I have ever used idée fixe in written communications in my life.
I was criticizing the author of the article. And I used the quote from The Princess Bride just for the fun of it.
OK, got it. I thought it was from the PB...
So in essence all of these people are either lying or promoting a fraud.
If that’s what you want to believe, then go for it.
The point is that people have been able to find holes in OSX and exploit them, they have been able to infect, for whatever reason that OS. And most of all Apple, again with an OS that is next to bulletproof supposedly, issues security patches.
Keep telling yourself it’s all a lie, as if you are find some shame in actually being prepared and aware. You are not an employee of Apple nor garner a paycheck from them, so goodness knows how you could be almost offended by people pointing out that stuff like this exist and can happen.
At worse Apple loses a marketing talking point. At best their users are more cautious.
You are not an employee of Apple nor garner a paycheck from them, so goodness knows how you could be almost offended by people pointing out that stuff like this exist and can happen.
I am not offended. I am challenging you to prove your assertion that there are exploits in the wild that are adversely impacting Mac OS X users.
Where are the self-replicating, self-transmitting, self-installing viruses, worms and other malware like those that infect the Windows users' computers?
You made the claim "...stuff like this exist..." So prove it. Show us the exploits that have impacted thousands of Mac users. Show us the evidence that you speak from superior knowledge to those of us who actually use the platform. By the way, how much have you actually used a Mac, not just played around with one in a store, actually used one, to give you superior knowledge about Macs and their strengths and weaknesses compared to Windows?
"Can happen?" Of course it can... but has it? So far, in over eight years, it has not happened.
You come into Mac threads and belittle the Mac users.
. . . Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apples feelings?
We discuss the OS... you attack the users.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.