"Apple computers have long been prized for being relatively virus-free. But as more people use Apple products, experts say the company is increasingly becoming a target for cyber pranksters and criminals writing viruses and other forms of malware. Oliver Friedrichs, director of security response at Symantec, a leading anti-virus software vendor, said 72 vulnerabilities were discovered in the Mac's OS X operating system in 2006, up from 19 in 2004." Please consider the source, though.
Post a Comment
Member since:
2006-04-03
So does he have any numbers that compare number of attack attempts and SUCCESSFUL attacks? I'm quite sure that would be telling. I can have my Mac sitting wide open on the net with no firewall all day and sure it'll get attacked but of course nothing will get in. There have been ZERO remote exploits for the Mac for years now. There just aren't any ports or services running by default.
Member since:2005-11-10
Member since:2006-06-01
Member since:
2006-04-29
Member since:
2005-07-07
Member since:
2005-11-12
More reported crimes mean more crime?, no there is just no proof at all. Just because they(Apple) find more vulnerabilities dont mean they will be attacked.
Come on, people know apple, alot of crackers know Linux, it would make big news if crackers made a mess of them like Windows. OS X/unix OS's have the security in place and people are stupid to think OS X is a win95/98/me/XP.
Member since:2005-11-27
Member since:2005-08-18
"you can still tank the system if somebody finds a system vulnerability"
Good thing this isn't an issue with every other OS.
"app-level viruses can still screw over the user in the biggest area that counts--his files."
Good thing this isn't an issue with every other OS.
In fact, it's a problem that cant be solved at the OS level since the user needs to be able to work with his/her own files.
Member since:2005-11-27
Good thing this isn't an issue with every other OS.
I find it highly improbable that there's a production OS out there that doesn't have exploitable bugs in it.
Good thing this isn't an issue with every other OS.
In fact, it's a problem that cant be solved at the OS level since the user needs to be able to work with his/her own files.
No. Why would word need to modify all my files when I'm only editing X?
Member since:2005-08-18
"I find it highly improbable that there's a production OS out there that doesn't have exploitable bugs in it."
Well, that was wasted sarcasm.
"No. Why would word need to modify all my files when I'm only editing X?"
I have a hard time understanding this sentence.
If you mean that only certain document should be able to be modified by certain programs, well, that's one way to do it. Not a way that I think is practically usefull or feasable but one way nonetheless.
Presuming, of course, that there are no exploitable bugs in the authorized programs, that authorized program cant be called from other programs etc etc.
Member since:2005-11-27
I have a hard time understanding this sentence.
If you mean that only certain document should be able to be modified by certain programs, well, that's one way to do it. Not a way that I think is practically usefull or feasable but one way nonetheless.
What's hard to understand about it? If I have a program and I want to open a single file with it, why should it be allowed to modify any other file? In any event, this method is far more practical than what you're suggesting: how does one "authorize" a program? How can the authorizer be sure that said program isn't malicious in any way? In short: they can't.
Member since:
2006-04-06
Member since:2006-10-08
Let me highlight from article quoted before:
"The threat was highlighted earlier this week after a handful of the company's iPods were shipped with the RavMonE.exe virus, which targeted iPods used with Microsoft Windows-based computers."
Concerning iPods, that's the answer. Who would youse an iPod with MICROS~1 "Windows"?!
And from another reply:
"Since most Apple users are not running anti-virus, how would they know they aren't compromised?"
You could ask this millions of MICROS~1 "Windows" users around the world who spam on the Internet. "My computer is safe!" seems to be an usual answer, but has nothing to do with the sad truth.
Finally:
And most analysts... they can tell everything from not knowing anything. :-)
Member since:2005-08-18
Member since:2006-04-09
QUOTE
> From the first article, "Hackers look to crack Mac":
> "The threat was highlighted earlier this week after
> a handful of the company's iPods were shipped with
> the RavMonE.exe virus, which targeted iPods used
> with Microsoft Windows-based computers."
A handful of iPods? The number of 'infected' iPods were less than 25 ! Yes its true, less than 25 units! In total for FY 2006, Apple has sold 39,409,000 iPods...
And how does a Windows virus on a small batch of iPods that originated from an iPod subcontractor's infected Windows PC, became related to "hackers" or "Mac security" articles? The quest for Mac flaws makes some of these opinions look ridiculous...
I can only suggest some of the Apple bashers to read "Linux vs. Windows Viruses" by Scott Granneman from SecurityFocus and really understand how the Unix/BSD/Linux/MacOSX platform works comparing to Windows.
Edited 2006-10-25 16:42
Member since:2006-06-01
I can only suggest some of the Apple bashers to read "Linux vs. Windows Viruses" by Scott Granneman from SecurityFocus and really understand how the Unix/BSD/Linux/MacOSX platform works comparing to Windows.
Or you could read the Apple security bulletins and count up the ones that say "arbitrary code execution".
http://docs.info.apple.com/article.html?artnum=303752
Apple doesn't just write an OS. They also write applications.
Sure, many are Quicktime and Safari and iTunes holes, but the bad news is that the same holes appear in Quicktime for Windows and iTunes for Windows.
http://www.winplanet.com/article/3119-.htm
"Attention Apple users: Step away from reading about MacWorld, put down your iPods and update your QuickTime software now to prevent a hacker from taking over your system.
There are five highly critical flaws in Apple's QuickTime application that affect both Apple and Windows versions, as well as Apple's popular iTunes application.
The flaws all relate to image-handling issues inside of QuickTime. CVE-2005-2340 is described by security firm Secunia as, "a boundary error in the handling of QTIF images [that] can be exploited to cause a heap-based buffer overflow." Such a buffer overflow could allow an attacker to execute arbitrary code.
CVE-2005-3707, CVE-2005-3708 and CVE-2005-3709 involve the TGA image file format that, when viewed, could also result in arbitrary code execution. CVE-2005-3710 and CVE-2005-3711 are similar flaws but related to the TIFF file format. CVE-2005-3713 affects GIFs.
CVE-2005-4092 is described by Secunia as, "a boundary error in the handling of certain media files [that] can be exploited to cause a heap-based buffer overflow." Again the potential impact is arbitrary code execution when a malicious media file is viewed.
According to Security firm eEye, which claims credit for discovery of a number of the vulnerabilities, QuickTime users aren't the only ones at risk. Users of iTunes are also at risk due to its tight integration with QuickTime and, as such, "all of these security issues are also exploitable via the iTunes software."
Member since:
2006-04-05
Member since:2005-07-13
Member since:
2006-02-01
Every OS is going to have problems along the line, I'd much rather Apples quick patch time than Microsoft slow as treacle patch time.
Even Vista, seen patches that come in, that were supposed to have been fixed in Windows 2000 or XP. So much for code re-writes.
As a side note, Hey, I love the site, but you better get rid of that ErrorSafe Crap right now I'll tell you.
Edited 2006-10-24 22:01
Member since:
2005-06-29
Member since:
2005-07-09
Member since:
2005-07-06
Member since:
2006-03-06
I am sorry, but . .
Daring Fireball's Jackass Stamp of the Week was running low on Ink, last week:
Link: http://daringfireball.net/2006/10/jackass_stamp
(quote)
First CNN's Steve Hargreaves Wrote:
Apple computers have long been prized for being relatively virus-free. But as more people use Apple products, experts say the company is increasingly becoming a target for cyber pranksters and criminals writing viruses and other forms of malware.
The threat was highlighted earlier this week after a handful of the company’s iPods were shipped with the RavMonE.exe virus.
Then it was changed to:
The threat was highlighted earlier this week after a handful of the company’s iPods were shipped with the RavMonE.exe virus, which targeted iPods used with Microsoft Windows-based computers.
.. and finally it was edited, downplayed and teeth-pulled to read as:
Security Analysts: Mac Attacks Rare but May Rise
(/quote)
This is great. The future may actually happen !
Symantech actually wrote (as of July 13Th 2006) this:
Let’s start with the hot-button issue of Mac OS X viruses. Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X.
Link: http://www.symantec.com/enterprise/security_response/weblog/2006/07...
And even on this very late 28Th of September Symantec's Mac OS X spyware prediction also burst into flames, - and again, this very same and unfortunate year of 2006 for Mac OS X. Bad, bad.:
Link: http://www.zdnet.com.au/blogs/securifythis/soa/Symantec_s_OS_X_spyw...
How are things over in Rotemünde this time of year?
Mac OS X has been on the market for 5 years now, and the Wolf is coming (in a future that may happen). I can't wait!
Mom ! They said IT would be here by now, and it's not.
.
Edited 2006-10-24 22:58
Member since:
2006-06-01
A vast quantity of the Apple OS X security holes are "arbitrary code execution" holes.
Including the wireless driver holes that Apple denied existed and then fixed quietly.
Since most Apple users are not running anti-virus, how would they know they aren't compromised?
That was the logic used to attack someone a couple of topics ago when they mentioned they weren't running anti-virus on their XP box.
Member since:
2006-03-06
Since most Apple users are not running anti-virus, how would they know they aren't compromised?
I am attempted to say: "because they know (at least some of them) they are not running Microsoft Windows"
- but instead I will say: - first you have to have the vaccine. And as far as I know, vaccine for unknown viruses & deceases is not produced by Computer Pharmaceutical Companies. They demand a living virus (or at least a half-dead body) on the table first. Maybe the future that may happen will provide us with vaccines for unknown viruses & deceases - a universal drug for computer operating-systems, systems that don't operate as they should (some of them actually do exactly that)
.
Edited 2006-10-24 23:22
Member since:
2006-04-09
With all these Apple articles about supposed exploits and pseudo-viruses... well... where are they really? Where are these packs of infected Macs being dragged to the Apple Stores?
bah!
1) Symantec's OS X spyware prediction in flames
Symantec published its 10th Internet Threat Report this week and quietly admitted a few days later that its predictions of increasing Mac-targeted spyware threats have not been realised.
More info here:
http://www.zdnet.com.au/blogs/securifythis/soa/Symantec_s_OS_X_spyw...
2) Symantec report about Mac OS X: Viruses and Security
Let’s start with the hot-button issue of Mac OS X viruses. Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X.
More info here:
http://www.symantec.com/enterprise/security_response/weblog/2006/07...
3) SecureWorks admits falsifying Apple MacBook '60-second wireless hijacking'
Sounds like SecureWorks, the company who sponsored all this Mac hackery, is finally fessing up to their falsification and admitting that they, in fact, did not find the flaw in Apple's drivers, and that they used a 3rd party card and software to facilitate the exploit.
More info here:
http://www.tuaw.com/2006/08/18/secureworks-admits-to-falsifying-mac...
4) SecureWorks Statement
This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook.
More info here:
http://www.secureworks.com/newsandevents/blackhatcoverage.html
5) Apple sees the clarification as vindication
'Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is,' Apple spokesperson Lynn Fox said in a statement. 'To the contrary, the SecureWorks demonstration used a third party USB 802.11 device - not the 802.11 hardware in the Mac - a device which uses a different chip and different software drivers than those on the Mac. To date, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship.'
More info here:
http://www.varbusiness.com/sections/news/breakingnews.jhtml?article...
6) Mac OS X - 5 years on the market
By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.
More info here:
http://www.apple.com/getamac/viruses.html
Member since:2005-07-06
6) Mac OS X - 5 years on the market
By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.
I was going to make a joke about Mac advocates repeating Apple marketing hyperbole verbatim, then I followed the link and realized that the paragraph above actually *is* Apple marketing copy - and some really cringe-worthy copy at that.
Member since:2006-02-16
well.... let all chat again on the topic in say.... hum... 1 year... then 3 years... then 5 years....
and we will see if this was "marketing hyperbole" from from the mother ship!
cool?
cus i am willing to bet, that OSX... will continue with this "clean bill of health" as there market share rises! i am KNOW apple is up for the challenge!
Member since:2005-07-06
and we will see if this was "marketing hyperbole" from from the mother ship!
You miss the point. There's something profoundly disturbing about anyone being willing to mindlessly parrot corporate propaganda with absolutely no sense of irony, no matter which corporation the propaganda is coming from.
Member since:2006-02-16
""I was going to make a joke about Mac advocates repeating Apple marketing hyperbole verbatim, then I followed the link and realized that the paragraph above actually *is* Apple marketing copy - and some really cringe-worthy copy at that.""
um... whats your point? and by chance... did you follow the other links?
are you still in denial that OSX is more secure than Windows?
Member since:
2005-06-30
Member since:2006-04-21
Member since:
2006-04-21
Member since:
2006-06-01
http://secunia.com/advisories/11622/
"Two vulnerabilities have been reported in Mac OS X, allowing malicious web sites to compromise a vulnerable system.
1) The problem is that the "help" URI handler allows execution of arbitrary local scripts (.scpt) via the classic directory traversal character sequence using "help:runscript".
2) It is also possible to silently place arbitrary files in a known location, including script files, on a user's system using the "disk" URI handler. Files on disk images can be executed without using the "help" URI handler.
Various variants of the URI handler vulnerabilities are currently being discussed.
This has been confirmed on Macintosh OS X using Safari 1.2.1 (v125.1) and Internet Explorer 5.2. Other browsers and applications supporting URI handlers may also be used as attack vectors.
NOTE: The rating has been upgraded to "Extremely Critical" because the issues are very easy to exploit and a large number of working exploits are available."
Member since:2005-06-29
Member since:
2006-06-01
http://secunia.com/advisories/18963/
"Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment.
This can also be exploited automatically via the Safari browser when visiting a malicious web site.
Secunia has constructed a test, which can be used to check if your system is affected by this issue:
http://secunia.com/mac_os_x_command_execution_vulnerability_test/
The vulnerability has been confirmed on a fully patched system with Safari 2.0.3 (417.8), Mail 2.0.5 (746/746.2), and Mac OS X 10.4.5.
Solution:
Apply Security Update 2006-002.
NOTE: The update does not completely fix the vulnerability as it is still possible to trick users into opening malicious shell scripts (masqueraded as a safe file type) in ZIP archives. Do not open files in untrusted archives."
Member since:
2006-06-01
http://www.betanews.com/article/Mac_OS_X_Exploit_Emerges_After_Patc...
"October 3, 2006, 1:01 PM
Exploit code for a patched flaw in the Mac OS X operating system was discovered over the weekend, which allows an attacker to gain full system access through flaws in the core of the operating system. Apple provided a fix for the issue in a security update issued last week.
Researchers with Matasano Security, who are credited with discovering the flaw, said the malicious code appeared to be a zero-day exploit and may have been available on the Internet before Apple released its patch. Tuesday's news also highlights attackers' increasing focus on Mac OS X."
Member since:2006-06-24
It seems pretty obvious that Symantec is looking for a new market to replace its Windows cash cow, which is just about to implode (they could save it by doing some actual code development, but they seem unwilling to do that).
As I've said before though, I'm not convinced that MacOSX is more or less vulnerable than Windows:
1/. There are far less people with technical MacOSX expertise, so far less people are able to actually take advantage of these exploits.
2/. To write an exploit, you have to buy a Mac. Relatively speaking, very people will buy a computer JUST to write viruses for it. This of course, doesn't apply to professional virus writers (the nice folk who raid your bank details), and they are not going to invest the time or money to attack a machine when there is such a small share of actual users (about 3.7%, give or take).
3/. Microsoft is not a popular company; at times Apple seems to be closely resemble a church that has a tendency to manipulate its flock when the need arises. Case in point; that unpleasant business with the iPod virus. In order to divert folk from looking to closely at the quality control problem that allowed this to happen; Apple issues a statement designed to rally the troops against Microsoft, effectively allowing to divert attention away from the fact that it was they who were at fault, not Microsoft. Sheer cowardice; it was very sad to see from a company like Apple.
Here's another one for your list:
http://alastairs-place.net/archives/000079.html
If MS allows something like this through in Vista, there will be (quite rightly) hell to pay.
Edited 2006-10-25 04:38
Member since:2005-10-12
Its obvious that OSX is more secure than Windows, and peoples remarks about the lack of exploits being used in the wild are right. But I modded NotParker's posts back up because they are relevant, factual and totally inoffensive.
For goodness' sake people, learn to hear different points of view without instantly shouting them down. If he is wrong, post an argument.
Member since:
2006-07-25
symantec has been saying the same thing for year, the same old argument has been said for years.
"No one has created a virus for the mac because of it's small market share"
Office was a small market share compared with the number of windows installed pc's, but that didn't stop virus writers not taking advantage of it.
SQL server has had virus's written for it and that has a small market share.
The market share doesn't matter at all for virus creators, what virus created wouldn't want to be the sole creator of a market with no antivirus protection with millions of connected machines.
If it could be done by now it would have been. Now i like all operating systems windows etc.. but it's quite plain that unix and it's dervertives (Mac OSX and Linux) are secure by design, and it is this design which has kept the mass proliferation of viruses.
Member since:
2006-01-16
Having made the jump from Windows to Linux, then to OSX, I must say that the security issues discussed haven't affected me yet. In linux the ability to move applications and information to locations I desire w/o messing up the system along with the encryption capability and passwords galore make the system a very poor target for the opportunistic malware writer. The same seems to hold true for OSX, that was one of the things that attracted me to it. My daughter is a college student who surfs the web and chats constantly, even with a Windows firewall, anti-virus software (that was up to date), as many passwords as I could come up with, I still spent hours a month cleaning out her computer. Her behavior hasn't changed and the only thing filling up her MacBook Pro are the silly pictures and e-mails her friends send. I realize this is just our experience, but what Apple says seems to be true....it is much more secure.
Member since:
2006-01-16
(sorry about the two quick posts, but I forgot something), When we did use windows symantec came installed, naturally, Try getting rid of that crap. It is worse than many viruses. It won't go away. It is hidden everywhere. It keeps popping adds constantly. When I decided to get rid of Symantec and go with another company, it took me a long time to rid myself of that commercial spyware (it is disguised as anti-malware software...don't be fooled). Even if OSX suddenly developed a bunch of malware...Symantec would not be the answer....How stupid do they think we are?? Don't answer that. Further, the reason most people are vulnerable is because they buy a computer that is cheap and don't bother with learning how to secure it. XP can be secure, I think the 'nixes are more secure naturally, but any operating system in the hands of a knowledgeable user can be made secure. Problem is the people who need to learn this stuff will never read OSNEWS.....
Member since:
2005-07-07
This is being written by:
A company whose primary business (Windows security) might be about to be Netscaped. Given their record for utterly abysmal, unstable, non-functional software that only sells because of MS's utterly abysmal, unstable, non-functional software, they are understandably under a bit of stress.
There are companies selling Mac antivirus software. It doesn't do anything, but it's there. Symantec may want to take over that market, but after almost (with Apple's help) destroying the PPC platform before abandoning Mac development they have a bit of a credibility problem. Maybe trying to arouse fears is a strategic move?
There are too many wheels within wheels here to even try to guess what they're really up to.
Member since:2006-01-03
"A company whose primary business (Windows security) might be about to be Netscaped"
So, MSFT will release an "OK" antivrus product, will drive Symnatec out of business, and 3 years later, when MSFT has failed to make even miniscule updates to their product, there will be an an Open Source AV package, with tabs, that will beat its pants off?
"There are companies selling Mac antivirus software. It doesn't do anything, but it's there. "
Some of helps prevent virus PROPAGATION, e.g. in mail attachments. Still not worth the bucks, IMHO, though.
Member since:
2006-01-03
Member since:
2006-01-01
Member since:
2006-02-16
at one point.... Microsoft had "marketed" NT and 2000 as: "the most secure business OS"... (and publisher as the "number one page layout application for business"... but that is a diffferent story)
and all these Windows Droids love to point out apple's "marketing tactics" which regard to OSX security! like WE as OSX users are suckers or somthing.....
HEY.... i'll put my foot in my mouth in the future if the OSX userbase finds them selves in the same Virus situation as the windows crowd... I am reasonable! but the thing is.... Microsoft specifically design Windows to be "Virus friendly" (they actually called it Developer friendly... but what ever!!!) and thats what every ones got!
OSX is NOT virus friendly.... (but still remarkable developer... and user friendly)
Member since:
2006-01-23
And Symantec identified six threats of malicious code written for the Mac OS X operating system in the first half of 2006, versus zero in the second half of 2005 and two the year before that.
Of course, they've probably written all of these themselves, just to stimulate their failing business.
In another source, they mentioned that they were sending out threats monthly, not anti-virus solutions, which sounds about right for the company. Their software hobbles more Macs than it helps.
Member since:
2005-07-10
Ever heard the term "Clueless User?"
http://www.securityfocus.com/columnists/402
http://securosis.com/2006/10/21/its-time-to-turn-off-wifi-and-bluet...
(not just wireless)
Can you read/understand firmware/EFI settings?
(Quick!, edit/check your disk drivers - edit/check your "bad boot blocks" sectors for pre-initialized network settings.
You'll never know it's there.
Really, don't pretend you "know" anything.
Member since:
2005-10-02
Of course it's likely that the threat against Mac OS X will rise.
It's also likely that the sun will be up again in Denmark in around 3 hours from now.
It's also likely that the sun will be going down again in 16 hours.
I'll go further than Symantec. I'll boldly claim that the threats against an OS will increase more or less as the installed base increases. But that is no surprise.
Member since:
2005-07-06
Repeatly I have heard the claim that once the market share rises that certain virus-free OSes will start to have problems. This does not ring true to me. Maybe I am just too old, but I seem to remember virus software being written for OSes that had small market shares in the past.
My Amiga had viruses written for it when it was just a fraction of the marketshare, and the same for my friend's Atari ST. And in raw numbers those machines were on a fraction of the installed based of present day Macs. The early MacOS 1.x-7.x also had virus code written for them, and again the nyumber of machines then were a fraction of the present day installed base.
Unix has had virus and worms written for it, and to a limited extent so have some Linux distros, but none of those have gotten far - making a virus that can cross distros does not appear to be easy in any sense of the word.
Suddenly, after years of no real virus code today's Mac are in danger of being infected, but no-one can show a working virus! I smell FUD, and start looking for SCO lawyers under the rocks.
Member since:
2005-11-16
Seeing the Apples ads on TV and on their website (especially the virus one). "Hi, I'm a Mac!" "and I'm a PC". If I new how to write viruses and was that way inclined I would stop writing Windows viruses and focus 100% on writing OS X viruses. Wouldn't rest until I wipe the smile off that skinny fool.I can see it now: "Hi, I'm a Mac, and I don't feel so good..."
