“The recent move by Apple Computer to begin shipping Macintosh computers that use microprocessors from Intel could open the door to more attacks against computers running the company’s OS X operating system, security experts warn. The change could put more pressure on Apple to build security features into OS X, according to interviews conducted by eWEEK. Apple declined requests for interviews. In an e-mail statement, the company said that the security technologies and processes that have made Mac OS X secure for PowerPC remain the same for Intel-based Macs.” Update: Here’s a rebuttal.
I hate to say this, but I agree with Apple on this one. Hardware very rarely affects the security of the software running on it (except maybe making it easier to implement if it has NX bit support and other goodies). Most viruses are fairly targeted and it’s fairly unusual to see one that’s cross platform. Maybe you’ll see a 2-10 virus increase per year, but I think most of any increase will be due to more people owning macs, not to it being on Intel.
Processors do have bugs too! It is possible, and it has been demonstrated before (HT Exploit!) that even the software can be fooled by a processor specific flaw.
To crack at the processor level for OSX would require a G5 machine, expensive and generally not wanted by most crackers. Now that Apple are using Intel, that’s one less hurdle to coming up with an attack vector for macintels.
In fact, there are 34 known bugs/errata in the Core duo/Solo:
http://geek.com/news/geeknews/2006Jan/bch20060123034350.htm
:/.
Eek… I know that all hardware is likely to have some number of bugs, but the number of those that are marked “showstopper” is kind of frightening!
Me thinks I’ll be putting off my planned purchase of a MacBook for a while ;^)
http://geek.com/images/geeknews/2006Jan/core_duo_errata__2006_01_21…
Seems its all scaremongering and ill-informed silliness.
http://www.theinquirer.net/?article=29321
makes more sense to me.
Well this is actually a half truth. One of the many factors that made Apple PPC boxes appear to be secure (small user base, we know that) was that PPC asm is a total pain to learn compared to x86 asm. This is mainly due to the very logical syntax structuring of x86 asm. All the directives have English sounding names, mov (move), push, pop, xor, and, jmp (jump), nop (no operation), intr (interrupt). Also the amount of data a directive handles is denoted by the appended letter b (byte), w (word), l (long) and q (quad, x86-64). PPC asm reallies more on acronyms which are very difficult to memorize, lwz – load word zero is my favorite. PPC asm also has lots of specialized directives which one has to memorize as well, where as x86 you only need to know a few to get work done. Top it all off with not as much PPC asm learning material available and it’s no surprise many people fear PPC asm like it’s voodoo or something. Some people do manager to learn PPC asm and love it, they might also be hitting the koolaid.
So with Apple moving to x86 one could make the claim that virus writers, shellcode designers and other types who craft malicious payloads will look twice at Apple Intel boxes. This isn’t to say that OSX’s security WILL BE HORRIBLE, that depends on how many vulns are discovered and Apple’s security response.
It appears that this is just one more article in the long line of sensationalist journalism which has no clue what the difference between a payload, vector and a vuln is. I almost suspect some of these articles seem to imply that we should not buy Apple’s products, that the grass isn’t secure on the other side, and we should instead stick with our Wintels; but maybe that’s just me…
So you’re saying that one of the main reasons that nobody’s written code to attack PowerPC processors is because the ASM is harder to remember? All of the examples you listed for “logical” names on the x86 side might seem pretty hard to remember to some, easy to others. I’d say it’s completely subjective and not a very likely reason someone would avoid it.
There aren’t that many people who write machine-level code, period, mainly because it is very hard to learn and doesn’t sound very English compared to higher-level languages.
If your going to write a virus/worm or design shellcode for an exploit you must write custom assembly code or use someone else’s.
And yes it is subjective, like I said some people enjoy PPC asm, most find x86 easier to grasp. Most people find “mov” very similar to “move”, and there are fewer directives required for basic things like invoking syscalls.
Wasn’t Next developed for x86 originally? would it not be safe to assume that Apple has a pretty good handle on the code?
Wasn’t Next developed for x86 originally?
No, 68000. Later followed by PowerPC, x86, PA-RISC and Sparc.
The article says that this should put pressure on Apple to put more “security features” into OS X. Is it just me, or should you really not be thinking of security as a “feature,” but just as something that your OS just “has.”
Security is a process, some of the process involves using security features. One such good feature is ExecShield (non-executable stack, ascii armoring, shared lib randomized addresses), which is an utter pain to circumvent.
OSX is still based of BSD, I think Apple developers and administrators will find plenty of things to utilize.
All of these windows only VB scripts will work on intel mac all of the sudden, yeah right. Security guys today are only sales guys. The worst security bug on mac os x was only there if you were running some stupid useless virus killer on the mac.
And no, next was originally on a Motorola 68030, later 68040, then they made openstep which ran on x86, PA-Risc, Sparc and Moto 040
In order that a malicious program could access privileged mode, this program need to find a hole in the OS, after that hole is found the malicious program could be a universal binary.
that is not how a UB works.
all a binary on OS X is is a directory structure. you double click on the icon which then executes a script which then launches the program code in the directory structure…. in a UB, the script simply identifies what CPU it is running on and then launches the right program code. a UB is about 2 times the size… installer based programs will not be as they will simply install the right binary for the platform, but shareware and such will be some what larger.
It is the same tech that NeXT used in their FAT binaries when they were on 4 different platforms.
Yes, the fact that an Intel chip is in a Mac now means viruses will finally infect OS X.
And the new engine I put in my car now means that I will get more bird’s nests in my headlights.
I’m really stretching my memory here, but Sun used to claim superior security because it used Big-endian (Sparc) processors.
The basic idea (and this may actually be implimentation dependent) is that the stack tends to grow in different ends of memory (up from the start of memory or down from the end of memory) on big-endian vs. little-endian platforms. On big-endian platforms, a buffer overflow in a static array (thus on the function’s stack frame) often means you’re writing into unused memory, limiting what harm you can do. On a little-endian platform, buffer overflow tends to clobber things below your function’s stack frame (say, a calling function), which you can exploit by replacing the important parts of that stack frame with carefully crafted data (say, a function pointer).
So the switch from PowerPC (set to big-endian for Apple systems – it can do both) to Intel x86 (little-endian) will make innocuous buffer overflows a tad more serious.
Can someone better versed in architecture issues and buffer overrun exploits comment?
except that intel procs have features that stop buffer overflows.
Excuse me, they have WHAT?
Any facts?
Well, it may not be that simple but you can take the most secure os in the world with an ignorant user and and the super high security os suddenly becomes just as insecure as any other os.
While I do not think there will by any means be a massive influx of Mac viruses, I do think there will be a few and the few that do pop up will most likely be very wide spread. The reason I say this is because Mac users are not used to having to watch out for malicious code or be careful with the links they click on or the emails they open.
Ironically enough, this most likely means more Linux and BSD viruses as Mac is loosely based on BSD (and Mach), the difference is that most Linux and BSD users tend to be techies and are more aware of security and what to avoid and the implications compromising the security of their system.
Wait guys!!!
Noone think that the article of eweek is basically wrong?
I mean look a t the fact. Yes Intel processors have a security flaw in their Hyperthreading implementation, that’s right (but it has never been used by any hackerthis and does not affect Apple, Core Duo processors do not use hyperthreading). Yes any processors may have bugs, Intels processors, the G4 and G5 have also bugs (
http://www.freescale.com/files/32bit/doc/errata/MPC7447ACE.pdf,
http://www-306.ibm.com/chips/techlib/techlib.nsf/techdocs/79B6E2442…).
But the eweek article is not talking about bugs of a processor, what they are saying is that the x86 ISA is less secure than the powerpc ISA, or in others words that the CISC is less secure than the RISC. Which is another story!!! They say that without any prove, no data, no fact, no numbers. And do you know why they dont have any data or fact? Simply because there is not.
Does someone here say that he or she has even heard about any virus attack or whateever else which was specifically designed to attack the x86 processors or any x86 based computers whatever the OS running on it?
Personnally i never heard so. Every attack that you hear in the pc world are software attack primarly focused on using security holes in Microsoft products. If any virus would have existed to attack x86 cpus, then why Linux has not been affected? Why always windows on pc? What i am saying is that a virus which target a hardware security hole would affect any computer whatever the os, right?
Thats not the case, there is no x86 attack, not a single one. The statement of eweek is wrong, wrong and wrong… And by the way, why to talk about the so-called x86 ISA insecurity now and not before. x86 processors have been in the market for many years, why to suddenly inform people about that when precisely Apple swtiched to Intel?
Why haven’t they pointed it out in the cae of Linux? Linux runs on Powerpc and x86, why did’nt they come with a story saying that Linux may be less secure on x86 than on Powerpc?
Strange isnt it???
And again we never saw any case of security related attack based on the x86 processors architecture or ISA. Never. always software.
So the question is why eweek and zdnet do that? Because what they are doing is saying wrong informations. Well to attract people for a maximum web sit hit with a story getting some cash behind it, maybe? or simply try to help some security related software compagny to sell some of their products on mac, now that Microsot is a competitor to those compagnies on Windows, maybe?.
The best way to sell such software is to scare people!!!!!]
OS X as any human written code has flaws, and the only security concern come fron that not from the fact that whether it runs on x86 or powerpc, that’s simply poor journalism and crap…..
You have to know the ins and outs of the memory management of your particular OS and how all this translates to the specific CPU architecture if you want to execute arbitrary code.
The PPC is with the arrival of the mini fairly accessible.Thus OSX also.But not many computers run OSX so it’s far less attractive to code en masse exploits,worms viri for OSX.Unless you really have to because your specific target is.
Turns again everything in generall to the numbers.
But if you an interesting target,it doesn’t matter if your platform is used by a lot of other poeple too,they will get you anyway period.
MS suddenly made a build of WinXP on PPC platform, would this mean vulnerabilities on the OS will suddenly *just* disappear?
eWeek’s argument is flawed.
Anything said by a “non-biased” security company about security exploits must be true. Especially when they can offer you the programs that will make your computer “safe”.
> Maybe you’ll see a 2-10 virus increase per year
Just make an increase of 1 virus and I’ll be impressed. My virus scanner on my mac is good for only one thing: detecting windows viruses.
But anyway, MacOS X has plenty of security features, and Apple is working on more. I don’t think there is anything to worry about.
As someone else mentioned above, the biggest threat to Apple’s security is a larger userbase.