[ISN] Mac users 'too smug' over security

InfoSec News isn at c4i.org
Wed Jan 18 04:07:53 EST 2006


http://news.bbc.co.uk/1/hi/technology/4609968.stm

Bill Thompson 
BBC World Service 
16 January 2006

The first known computer virus, the Elk Cloner, is 25 years old. Since
its appearance we have seen hundreds of thousands of malicious
programs and their impact on our computer use has been immense.

Millions of people have lost work, had their private information
stolen or simply had to waste precious hours cleaning up their
computers after infection.

A small number of companies have grown rich on the sales of anti-virus
software, while organised crime is believed to commission many of
today's viruses as a money-making venture, selling services to
spammers or using them to blackmail websites.

That first virus was specific to the Apple II computer and spread by
inserting itself into the operating system files that were installed
on every boot floppy, since this was in the days before hard drives in
personal computers and few of us had network connections.


Slipped disk

Those halcyon days when you only had to remember to scan every floppy
disk for infection are long gone, of course.

Now the broadband internet connection that keeps me always online
leaves me always vulnerable, and regular virus scans are the order of
the day.

And viruses are only one of the ways that malicious software spreads.  
Worms and Trojans are just as dangerous, and often harder to protect
against.

These days Apple users are almost unbearably smug when the subject
turns to malware. I was invited to appear on Radio Four's You and
Yours this week to talk about viruses and other malware and our focus
was on issues with Windows since it is the most commonly used
operating system.

After the show we got dozens of e-mails from complacent Mac users
pointing out that they were safe and suggesting that people simply
abandon Windows if they want to be secure.

It would certainly be wonderful if the Macintosh computer and its
operating system were immune to attack but this is just wishful
thinking. Mac OS is certainly a lot better than Windows, but being
better isn't nearly enough.

Mac OS may not have the gaping holes that let viruses spread, but
worms, spyware and even keyloggers are out there.

They can't spread as easily, and most would only be installed by a
careless user clicking "Accept" on a dodgy install dialog, but the
regular stream of security fixes from Apple's software update service
makes it clear that there are real dangers.

After all, Mac OS is built on top of the Unix operating system and it,
like its close relative Linux, has many well-known security problems
that can allow it to be compromised.


Owner occupier

Sometimes Apple make things worse. For example, widgets, small
programs that can do things like search online dictionaries or let you
listen to streamed BBC programs, can be installed without your
permission when you visit a website using the Safari browser, just
like Windows does with ActiveX controls. It took Apple weeks to fix
this.

And though Microsoft's tribulations over the recently-discovered
vulnerability in the way Windows Meta File images are handled made the
papers, accompanied by howls of protest from those who wanted the
company to rush out an untested fix, a similar flaw in Apple's own
QuickTime received very little publicity.

Any Mac user who believes they are totally safe is being reckless with
their files and personal information. What's worse, they are also
being reckless with mine.

One reason why there aren't many malicious Mac programs is that there
are fewer Mac users out there, but the fact that some have been
written shows that they are possible in principle.

If the millions of internet-connected Macs are left open to attack
then this increases the chance that an effective Trojan or piece of
spyware will reach critical mass and spread rapidly, and it also
increases the incentive for a bright programmer to write Mac-specific
malware that could affect me.

It's exactly like the spread of infectious diseases, and one of the
reasons why we vaccinate our children against many illnesses that are
now uncommon. If we maintain what is called "herd immunity", then even
if there is an outbreak, it will not spread and become an epidemic.

There may not be any Mac viruses at the moment, and the way the system
handles user accounts and security means that they are unlikely, but
we need to take steps to safeguard ourselves against other malicious
software.

As things stand, the Mac community has no herd immunity because most
users seem to assume that they don't need to take preventive action.

Although the risk of a malicious Mac program spreading as quickly as
any Windows one is very low, it should not be ruled out. After all,
the very first internet worm, back in 1988, affected Unix systems with
a security model very similar to Mac OS.

The Mac ships with a good firewall, and it should be used. There are
tools to scan your system for known malicious programs or to check
whether it has been hacked into, and they should be used too.

Mac users demonstrate an indefensible smugness when it comes to the
dangers of having their systems compromised by malicious software and
opened up to exploitation by others. It's time they started behaving a
bit more responsibly.





More information about the ISN mailing list