Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Mac bomb ticks for security smug users—OS X, Safari weaker than Windows
Computerworld AU ^ | 01 May, 2009 15:37 | Darren Pauli

Posted on 05/02/2009 12:51:51 AM PDT by Swordmaker

The idée fixe that Macintosh is impervious to attack could be shattered if cyber-criminals act on their arsenal of 0-day exploits, security experts say.

Hackers need only a few critical vulnerabilities, common to all operating systems including the security-focused OpenBSD, to craft a successful attack.

Pure Hacking senior security consultant Chris Gatford said hackers may retain 0-day Macintosh vulnerabilities unknown to the industry and exploit them at an opportune time.

“It's only a matter of a time before Macs get more market share and become a more viable target,” Gatford said.

“Mac users now are exposed to less risk because bad guys see the money in compromising Windows machines as they have a better chance of a hit with malware.

“Most Mac users don't run anti-virus and those that do rarely update. Apple are a lot slower to patch holes for the Unix/BSD back-end than the other Unix variants,” he said.

Only last year, a MacBookAir was hacked in less than two minutes using the Safari browser. The hacker, a US security analyst who scored US$10,000 at the pwn to own competition, said the fully updated and patched OSX 10.5.2 was easier to hack than the updated Vista and Unbuntu systems.

Securus Global CEO Drazen Drazic said it is well reported that Macs are not invulnerable and said it is doubtless that hackers are hiding unreleased exploits.

“Very surprised if there is not exploits that guys are sitting on as 0-days for their own private use,” Drazic said. “It's far more beneficial to keep private a vulnerability for an iPhone.”

Hackers that keep vulnerabilities on the down-low have more time to write and perfect exploits. “It could take say three months to write an exploit for a standard memory-corrupting vulnerability for OpenBSD,” Drazic said, adding that it may take a few days or hours to exploit address space randomisation and memory protection which are new to Apple systems.

Still, industry figures say the security of an operating system cannot be rated by its exploit count — an approached favoured by many vendors — because more vulnerabilities will be discovered in popular operating systems than obscure alternatives.

Moreover, the most prevalent Mac infection techniques require reckless users as it is arguably more difficult to hack the latest OS X and Windows Vista systems - if only because they do not allow root access by default and contain better application installation controls than their predecessors. The iServices Trojan Horse, discovered in January which triggered a Mac botnet scare, typified the use of pirate software as a vector of attack.

Researchers are not suggesting that Mac exploits will be launched in a collective Armageddon, rather they may be quietly in use now, and taking advantage of Mac users smug on security, or vendors that are ignorant to the holes.

“You can't be certain that their not using exploits just because you're not hearing about it. Many organisations don't have decent logging or monitoring and don't run penetration tests, so they can't tell if they are compromised,” Drazic said.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: ilovebillgates; iwanthim; iwanthimbad; microsoftfanboys

1 posted on 05/02/2009 12:51:51 AM PDT by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: ~Kim4VRWC's~; 1234; 50mm; 6SJ7; Abundy; Action-America; acoulterfan; Aliska; aristotleman; ...
It'a FUD Season again... the Apple WWDC is just weeks away, so the FUD spreaders are spreading again...PING!


Mac FUD Ping!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 05/02/2009 12:54:39 AM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

So there is some widespread plot to state the obvious just to “ruin” WWDC?

We’ve seen story after story of REAL exploits found, trojans contracted by Mac users, and stories of how Macs were easily compromised quicker than Windows and Linux, and yet Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apple’s feelings?

In order to perpetuate the marketing myth that Macs are magically invulnerable, all of these people that say otherwise have to be lying.

Hey, if they want to keep pretending that they are bulletproof just to appear to be a good Apple users, then don’t scream when it does hit you personally. Likely you wont scream for long because other Mac users will accuse you of spreading FUD, because WWDC is right around the corner.


3 posted on 05/02/2009 1:11:00 AM PDT by VanDeKoik (Enemy of the state since 1978!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker

I noticed it mentioned the Linux flavor “Ubuntu” . I’m using that right now. It’s been a hoot.


4 posted on 05/02/2009 2:37:23 AM PDT by Nateman (Windows free since 2007!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

The grammar in this article is horrible.


5 posted on 05/02/2009 2:44:39 AM PDT by zeebee
[ Post Reply | Private Reply | To 1 | View Replies]

To: Lil'freeper; big'ol_freeper

ping


6 posted on 05/02/2009 2:50:41 AM PDT by sauropod (People who do things are people that get things done.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: zeebee
The grammar in this article is horrible.

Huh? Show some examples.

7 posted on 05/02/2009 3:33:05 AM PDT by raybbr (It's going to get a lot worse now that the anchor babies are voting!)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Swordmaker
Wow, that one hit the whole list and then some. Here's a short article I'm going to send out for publication. How much do you think they'll pay me for this? 10% of the computer market, owned by the wealthiest owners, is not worth attacking. Foolish Mac owners don't bother protecting against something that has never happened. It hasn't happened only because those wily hackers are hiding their ability to do it. If I install software on my computer that allows someone elsewhere access to it, he has "hacked" my computer. Oh, and they have already quietly released a real Mac virus, and no one has noticed it yet because foolish Mac owners don't bother... Think I should bulk it up a bit before I send it out, or is that ok?
8 posted on 05/02/2009 3:58:29 AM PDT by publiusF27
[ Post Reply | Private Reply | To 2 | View Replies]

To: Swordmaker
Pure Hacking senior security consultant Chris Gatford said hackers may retain 0-day Macintosh vulnerabilities unknown to the industry and exploit them at an opportune time.

And this may be Bigfoot.

9 posted on 05/02/2009 4:21:23 AM PDT by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Same article that has been written for the past ten years.


10 posted on 05/02/2009 4:23:53 AM PDT by big'ol_freeper ("You used to be so charming, before you 'became' God")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

This is just silly, everybody knows Apples are impervious to any and all exploits, virus attacks, trojans, you name it.

Apples are perfect, everything else is just flawed.


11 posted on 05/02/2009 4:34:10 AM PDT by mkjessup (You're either with our Constitution, or you are with TKU ("The Kenyan Usurper"). CHOOSE!!!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mkjessup

Exactly, whoever wrote this article is a pure Microsoft troll


12 posted on 05/02/2009 4:40:03 AM PDT by GreatDaggar
[ Post Reply | Private Reply | To 11 | View Replies]

To: Swordmaker
“Mac users now are exposed to less risk because bad guys see the money in compromising Windows machines as they have a better chance of a hit with malware.

The security through obscurity lie is getting old. IF there are exploits out there targeting specific smartphones, then how can the claim still stand that OS X is not a target because there are not that many targets. How many million new Apple computers were sold in the last quarter? And how many total OS X computers are out there? Enough to make any hacker salivate if it were an easy target.

13 posted on 05/02/2009 4:51:26 AM PDT by TheBattman (Pray for our country...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: VanDeKoik
Moreover, the most prevalent Mac infection techniques require reckless users as it is arguably more difficult to hack the latest OS X and Windows Vista systems - if only because they do not allow root access by default and contain better application installation controls than their predecessors. -from the article...

...In order to perpetuate the marketing myth that Macs are magically invulnerable, all of these people that say otherwise have to be lying... -VDK

Nobody says that. What we do say is that Mac users are smart enough not to load a program they didn't request! Viruses and trojans are programs that cannot run any other way. But you probably know that, right?

As for Vista security, what's Vista but a poor emulation of OSX? They finally got the memo that says "ask"!

Apple knows security!


14 posted on 05/02/2009 4:59:55 AM PDT by WVKayaker ( God said, 'Cancel Program GENESIS.' The universe ceased to exist.- Arth. C. Clarke's shortest story)
[ Post Reply | Private Reply | To 3 | View Replies]

To: raybbr

Apple are a lot slower to patch holes...

Very surprised if there is not exploits...

It’s far more beneficial to keep private a vulnerability...

You can’t be certain that their not using exploits...


15 posted on 05/02/2009 6:42:07 AM PDT by zeebee
[ Post Reply | Private Reply | To 7 | View Replies]

To: WVKayaker

“Apple knows security! “

Not really, they just happened to select a platform which is inherently more secure. However it is not perfect and we will see more and more attacks focused on Macs.

As more unsophisticated users buy Macs it will easier to exploit them.


16 posted on 05/02/2009 6:51:52 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: WVKayaker

Virtually every “infection technique” require reckless users.

It doesn’t matter if you are someone surfing to a porn site or some guy downloading a bootleg copy of iWork, in the end no OS can guarantee, not even one with an Apple logo, that the person using it isn’t ignorant.

It isn’t like some hacker looks at installation controls on a Mac and said “Oh darn! I’m totally out of options!”

“Only last year, a MacBookAir was hacked in less than two minutes using the Safari browser. The hacker, a US security analyst who scored US$10,000 at the pwn to own competition, said the fully updated and patched OSX 10.5.2 was easier to hack than the updated Vista and Unbuntu systems.”

Like I said, keep repeating the marketing if it makes you feel better.


17 posted on 05/02/2009 6:52:04 AM PDT by VanDeKoik (Enemy of the state since 1978!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: zeebee

“It’s far more beneficial to keep private a vulnerability...”

The general trend by hackers now days is not to crash hacked computers. Its to monitor it for valuable information and use it as a safe platform from which to conduct other attacks.

Most computer crime is not jimmy in his bedroom. Its Chinese or Russian organized crime intent on stealing dollars and/or valuable information.


18 posted on 05/02/2009 6:53:45 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 15 | View Replies]

To: WVKayaker

Oh by the way, in the end the Great Wall didn’t work.


19 posted on 05/02/2009 6:56:37 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Swordmaker
idée fixe

"You keep using that word. I don't think it means what you think it means."

"idée fixe" has a meaning similar to "obsession," which doesn't seem to fit the attempted use here.

20 posted on 05/02/2009 7:01:41 AM PDT by B Knotts (Calvin Coolidge Republican)
[ Post Reply | Private Reply | To 1 | View Replies]

To: VanDeKoik
“Only last year, a MacBookAir was hacked in less than two minutes using the Safari browser. The hacker, a US security analyst who scored US$10,000 at the pwn to own competition, said the fully updated and patched OSX 10.5.2 was easier to hack than the updated Vista and Unbuntu systems.”

Do you what the "ground rules" were or only the headlines ?

21 posted on 05/02/2009 7:30:09 AM PDT by Uri’el-2012 (Psalm 119:174 I long for Your salvation, YHvH, Your law is my delight.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Swordmaker
Hackers need only a few critical vulnerabilities, common to all operating systems including the security-focused OpenBSD,

The author seems unfamiliar with the origins of OS X.

22 posted on 05/02/2009 7:32:11 AM PDT by Uri’el-2012 (Psalm 119:174 I long for Your salvation, YHvH, Your law is my delight.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: driftdiver
Oh by the way, in the end the Great Wall didn’t work.

In the end, I'm going to die. Until then, I will try to keep on the right path! My Mac is an appliance I use.

What will keep me, is the love of God!

Nothing can stand against God, but a computer operating system must be strong. I prefer Apple's ideas. I own and use Macs daily, most of which are as much as 10 years old. I have not bought an intel portable, but have an iMac with one. I can run Windoze, but don't.

One guy didn't conquer that Wall, FRiend. It took hordes of them...

from Encarta:

...As a compromise, they decided to keep the Mongols out by constructing walls along China’s northern border. Ultimately, the walls proved ineffective, as the Mongols were easily able to pass around or break through them during raids. For this and other reasons, sections of the walls periodically required repair. ...

Apple sends me periodic updates to keep me from buying from these guys hawking their wares! With "Time Machine", I don't worry about my computer life!


23 posted on 05/02/2009 7:38:24 AM PDT by WVKayaker ( God said, 'Cancel Program GENESIS.' The universe ceased to exist.- Arth. C. Clarke's shortest story)
[ Post Reply | Private Reply | To 19 | View Replies]

To: WVKayaker

At least your happy. Just as I am with my Windows machines.


24 posted on 05/02/2009 7:40:24 AM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: Swordmaker

Global Warming:

The polar ice cap *COULD* melt and the ocean *MAY* swamp coastlines.

Mac FUD:

Someone *COULD* find an as yet *UNKNOWN* exploit and *MAY* hack one Mac in his mother’s basement.

I *COULD* fly by expelling methane from my patoot.


25 posted on 05/02/2009 7:49:59 AM PDT by noblejones (<deprecate>Ben Stein 2008.</deprecate> Sarah 2012, 2016, 2020.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: VanDeKoik
...Like I said, keep repeating the marketing if it makes you feel better.

...Method BBC quotes from Microsoft!

...According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.

It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.

Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down.

I missed the part about OSX!

26 posted on 05/02/2009 7:52:47 AM PDT by WVKayaker ( God said, 'Cancel Program GENESIS.' The universe ceased to exist.- Arth. C. Clarke's shortest story)
[ Post Reply | Private Reply | To 17 | View Replies]

To: zeebee

Somebody set us up the bomb!


27 posted on 05/02/2009 11:12:59 AM PDT by Tribune7 (Obama wants to put the same crowd that ran Fannie Mae in charge of health care)
[ Post Reply | Private Reply | To 15 | View Replies]

To: VanDeKoik; antiRepublicrat; Spktyr; noblejones; publiusF27; big'ol_freeper; TheBattman; XeniaSt; ...
We’ve seen story after story of REAL exploits found, trojans contracted by Mac users, and stories of how Macs were easily compromised quicker than Windows and Linux, and yet Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apple’s feelings?

Name the real exploits in the wild that are NOT trojans, VanDeKoik.

Remember vulnerabilities are NOT exploits unless they have been used to get into a machine. Proof of concept examples that have not been seen outside of a demonstration, and malware written for the previous Mac OS don't count. The exploit has to have actually infected some unsuspecting non-participating Mac OS X user in the wild.

Those Macs that were hacked at the CanSec West conference were broken into using vulnerabilities developed over several months by a team of three crackers, all of whom were ex-NSA computer experts. In both contests, Windows fell shortly after to other crackers who had not bothered to pre-prepare their exploits as did Charlie Miller. As of now, there are still ZERO self-replicating, self-transmitting, self-installing OS X viruses or worms in the wild. There are similarly no self-replicating, self-installing, self-transmitting spyware applications in the wild for OS X.

Even the latest so called iBotNet has little to no evidence that it even exists besides an article written by two Symantec employees who did not even report it to their own employer before publishing their claims in a subscription only ($175 perear) eMagazine, The Virus Bulletin. Even stranger is that the original reports of the infected pirated software—which was freely available without the infected attachment from multiple sites, including Apple's own software servers— was reported to have total downloads in the DOZENS by the two bit torrent sites where it was found... yet these authors claim, with out evidence, 20,000 infections, and offer as proof, the Denial of Service attack on one unnamed website. Why waste a 20,000 machine botnet just to deny access to an obscure, unnamed website? Why was this DOS attack not reported? The week after the article's publication, Symantec's own listing for the infected pirate files stated the number of affected machines at under 50! NO verification from other sources has been forthcoming. We are left with an essentially one source claim of the existence of a Botnet that went undetected, even after the widespread announcement in the press that those who downloaded the trial software from a bit-torrent site had possibly gotten an infected version (which was easy to detect and remove), until it was activated months later to deny service to some unnamed website. Absurd. The iBotNet report, like all other previous so-called "first" OS X Malware, became a three day wonder, a tempest in a teapot, as Mac users looked and did not find what was claimed. It has joined the others, OSX-Macarena, OSX-Leap.A, OSX-Inqtana, etc., that will be trotted out by FUD spreaders as examples of "real" OS X malware in the Wild... examples that have been debunked and will have to be debunked over and over again.

These warnings are exactly the same warnings as we have seen in the weeks prior to every major Apple event in the past eight years... and for eight years nothing serious has EVER been developed to prove these warnings as truthful.

When someone finally creates a viable OS X worm or virus and releases it into the wild and it infects enough Macs to become a problem, then, and only then, will i purchase or install any anti-malware software to steal CPU cycles, delay startup and shut down, and cripple my productivity.

28 posted on 05/02/2009 5:06:15 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: mkjessup
This is just silly, everybody knows Apples are impervious to any and all exploits, virus attacks, trojans, you name it.

You may know that... I don't.

I know that there are about 12-14 working trojan horse applications out in the wild for Mac OS X. No OS that allows a user to install software is safe from the user's idiocy.

29 posted on 05/02/2009 5:08:11 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 11 | View Replies]

To: B Knotts
"You keep using that word. I don't think it means what you think it means."

"idée fixe" has a meaning similar to "obsession," which doesn't seem to fit the attempted use here.

What and who are you criticizing? That is a phrase used in the article written by Darren Pauli. I don't believe I have ever used idée fixe in written communications in my life.

30 posted on 05/02/2009 5:17:13 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 20 | View Replies]

To: Swordmaker

I was criticizing the author of the article. And I used the quote from The Princess Bride just for the fun of it.


31 posted on 05/02/2009 5:24:57 PM PDT by B Knotts (Calvin Coolidge Republican)
[ Post Reply | Private Reply | To 30 | View Replies]

To: B Knotts
I was criticizing the author of the article. And I used the quote from The Princess Bride just for the fun of it.

OK, got it. I thought it was from the PB...

32 posted on 05/02/2009 5:27:16 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 31 | View Replies]

To: Swordmaker

So in essence all of these people are either lying or promoting a fraud.

If that’s what you want to believe, then go for it.

The point is that people have been able to find holes in OSX and exploit them, they have been able to infect, for whatever reason that OS. And most of all Apple, again with an OS that is next to bulletproof supposedly, issues security patches.

Keep telling yourself it’s all a lie, as if you are find some shame in actually being prepared and aware. You are not an employee of Apple nor garner a paycheck from them, so goodness knows how you could be almost offended by people pointing out that stuff like this exist and can happen.

At worse Apple loses a marketing talking point. At best their users are more cautious.


33 posted on 05/03/2009 10:25:09 AM PDT by VanDeKoik (Enemy of the state since 1978!)
[ Post Reply | Private Reply | To 28 | View Replies]

To: VanDeKoik; antiRepublicrat; Spktyr; noblejones; publiusF27; big'ol_freeper; TheBattman; XeniaSt
You are not an employee of Apple nor garner a paycheck from them, so goodness knows how you could be almost offended by people pointing out that stuff like this exist and can happen.

I am not offended. I am challenging you to prove your assertion that there are exploits in the wild that are adversely impacting Mac OS X users.

Where are the self-replicating, self-transmitting, self-installing viruses, worms and other malware like those that infect the Windows users' computers?

You made the claim "...stuff like this exist..." So prove it. Show us the exploits that have impacted thousands of Mac users. Show us the evidence that you speak from superior knowledge to those of us who actually use the platform. By the way, how much have you actually used a Mac, not just played around with one in a store, actually used one, to give you superior knowledge about Macs and their strengths and weaknesses compared to Windows?

"Can happen?" Of course it can... but has it? So far, in over eight years, it has not happened.

You come into Mac threads and belittle the Mac users.

. . . Mac users still march around like these warnings are all an elaborate lie cooked up just to hurt Apple’s feelings?

We discuss the OS... you attack the users.

34 posted on 05/03/2009 4:09:22 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 33 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson