The Mac Observer

Skip navigational links

Choose text size: Select small text. Select medium text. Select large text.

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
MacForensicsLab Publishes White Paper on Mac Malware

MacForensicsLab Publishes White Paper on Mac Malware

by , 1:50 PM EST, March 5th, 2008

Some users believe that their Macs are absolutely invulnerable to viruses, trojans, and worms. Technical professionals, however, know that all OSes have some degrees of vulnerability. The MacForensicsLab, in concert with SubRosaSoft, has published a white paper on the state of Mac OS X malware with a mind towards educating users on the state of Mac system security. One observation was that a sense of false security can be very dangerous indeed.

In order to keep the reading light and approachable, the white paper is sprinkled with graphics, anecdotes and some Apple history. There are plenty of references if users want to dig further.

One of the themes was that the growing market share of Macs make it more financially rewarding for professional hackers to engage the Mac. When combined with a false sense of security by Mac users, the benefits of attacking the platform are compounded.


"Most Mac users take security too lightly. In fact, most are quite proud of the fact that they don't run any security at all," Chris Christiansen , an IDC analyst was quoted. "That's an open door; at some point it will be exploited."

Some proponents of the Mac have pooh-poohed the idea that Mac OS X users need to be cautious and go on to claim that companies that specialize in security software are just trying to drum up business with alarmist reports. They point out that the FreeBSD system on which Mac OS X is based is open source, patched regularly, and well architected.

Despite the occasional Chicken Little story, this white paper pointed out some things that literate Mac users should be aware of. Some components of Mac OS X are not open source, but proprietary. In addition, the package/bundle structure of Mac OS X applications is one possible mechanism for embedding malicious code. That's because many Mac users don't know that their applications are, in fact, entire directory structures full of scripts and code, comprising perhaps many hundreds of files.

Some of the other design issues of Mac OS X and its strengths (the Leopard Sand Box) and weaknesses (Address Book) were discussed in a calm, professional fashion.

Apple's own document on Mac OS X security was cited as a handy reference.

Technical professionals know how to secure their Macs in the enterprise, and while non-professional Mac users know that Mac OS X is well designed and constantly patched, being armed with a little more knowledge is always a good thing. This white paper serves that purpose.

Observer Comments

Show: Subjects Only | Full Comments
Close Name:Guest
Wed Mar 05, 2008 4:53 pm Subject: Proof, please!

It would be more convincing if the people who write articles about holes discovered in the operating system could give examples of viruses or other successful attacks on the Mac.

Hackers like a challenge, and hacking a PC is old hat. Hacking a Mac would be a great exploit. So, market share is not a valid measure for virus frequency.

Before Mac OS-X there were plenty of viruses for Mac. Please list the active viruses now.


 Reply | Quote
Close Name:Guest
Wed Mar 05, 2008 5:44 pm Subject: C'mon

From the summary, it doesn't sound as though they're claiming that there is malware out (other than proof-of-concept), they're claiming that there are exploitable *people* who run OS X.

I admin many Mac boxes, and don't worry about viruses, but I know enough to lock down the machines anyway. You run an open Telnet server, or type your Admin password whenever it's asked, or engage in other unsafe behaviors and you're looking for trouble.

Doesn't matter what the OS is, if you run everything without a skeptical eye.

rm -rf script in an app could cause a lot of damage before you know it...


 Reply | Quote
Close Name:DaiMac Posts: 952 Joined: 29 Jun 2001
Wed Mar 05, 2008 6:25 pm Subject: So...

Don't execute files that aren't from a trusted source, basically?

Caution is fine, as long as there isn't a "If you buy my product you'll be safe!" behind a Mac security report its at least an interesting read if nothing else.


 Reply | Quote
Close Name:UpQuark Posts: 92 Joined: 26 Aug 2001
Wed Mar 05, 2008 11:06 pm Subject: Ironically...

when a destructive virus/trojan/malware does become widespread within the apple community, Apple CO will take the hit for not 'making OS X" perfect and 100% - whatever that means.

I think prudence and constant education are not a bad thing. Give the propensity for people in the US to NOT TAKE personal responsibility and to bring legal law suits at the drop of a hat, (hot coffee anyone? - have you seen the stickers on ladders lately? - patent trolls) Apple should do more to educate the Apple base about the potential for virus/malware etc.

However, how I relish the current lack of virii for mac. Windows users do have it tough.


 Reply | Quote
Comment on this Article


Guest Posts Visible. Hide Them.
Back to top  Page 1 of 1    

You cannot edit your comments.   You cannot delete your comments.

Comments are currently closed. Please email the author instead.


Recent Headlines - Updated November 8th

Sun, 11:59 AM
Mac Geek Gab Podcast - MGG 226: Magic Mouse, Apple Battery Secrets, Q&A
Sat, 7:58 PM
News - Apple TV 3.0.1 Update Fixes Missing Content Bug
Fri, 7:45 PM
Rumor - Taiwan Leak Shows Verizon UTMS/CDMA iPhone for Q3 2010
6:40 PM
News - iPhone Moves Into RadioShack
6:30 PM
News - Apple to Open Stunning Paris Apple Store in Le Louvre on Saturday
5:43 PM
Free on iTunes - Dictionary, Dictionary, Dictionary, And More
4:09 PM
John Martellaro's Blog - Particle Debris (week ending 11/6) Failure IS an Option
3:32 PM
Games - The Latest App Store Games: Gravity Sling, RocketBird, Ground Effect, Checkers!
2:25 PM
Games - Star Soccer 2010 for Mac Puts Gamers in Role of Up-and-Coming Player
2:15 PM
How-To - The Mysteries of Rosetta Housekeeping
1:33 PM
News - iPhone Game Developer Sued for Collecting User’s Cell Numbers
1:17 PM
Games - Warhammer Online Expands Trial Play Option

The Mac Observer Reader Specials

  • TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
  • RamJet Memory: Mac Pro 8-core 8GB Kit $199.99, 4GB Kits $109.99! Sale on MacBook and MacBook Pro 8GB kits $549.99! New MacBook DDR3 2GB for $49.99. iMac and Mac mini 4GB Kits for $79.99! 1TB SATA Hard Drives for $109.99! Click here
  • OWC: We Make DIY Upgrading Easy! Maximize your Apple MacBook / MacBook Pro. Up to 8.0GB Memory, up to 1.0TB HD & More. Easy Guide + Free, Detailed Installation Videos. Click here
  • Poker Mac If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!

  • For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.

  • Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!