MacForensicsLab Publishes White Paper on Mac Malware
MacForensicsLab Publishes White Paper on Mac Malware
by , 1:50 PM EST, March 5th, 2008
Some users believe that their Macs are absolutely invulnerable to viruses, trojans, and worms. Technical professionals, however, know that all OSes have some degrees of vulnerability. The MacForensicsLab, in concert with SubRosaSoft, has published a white paper on the state of Mac OS X malware with a mind towards educating users on the state of Mac system security. One observation was that a sense of false security can be very dangerous indeed.
In order to keep the reading light and approachable, the white paper is sprinkled with graphics, anecdotes and some Apple history. There are plenty of references if users want to dig further.
One of the themes was that the growing market share of Macs make it more financially rewarding for professional hackers to engage the Mac. When combined with a false sense of security by Mac users, the benefits of attacking the platform are compounded.
"Most Mac users take security too lightly. In fact, most are quite proud of the fact that they don't run any security at all," Chris Christiansen , an IDC analyst was quoted. "That's an open door; at some point it will be exploited."
Some proponents of the Mac have pooh-poohed the idea that Mac OS X users need to be cautious and go on to claim that companies that specialize in security software are just trying to drum up business with alarmist reports. They point out that the FreeBSD system on which Mac OS X is based is open source, patched regularly, and well architected.
Despite the occasional Chicken Little story, this white paper pointed out some things that literate Mac users should be aware of. Some components of Mac OS X are not open source, but proprietary. In addition, the package/bundle structure of Mac OS X applications is one possible mechanism for embedding malicious code. That's because many Mac users don't know that their applications are, in fact, entire directory structures full of scripts and code, comprising perhaps many hundreds of files.
Some of the other design issues of Mac OS X and its strengths (the Leopard Sand Box) and weaknesses (Address Book) were discussed in a calm, professional fashion.
Apple's own document on Mac OS X security was cited as a handy reference.
Technical professionals know how to secure their Macs in the enterprise, and while non-professional Mac users know that Mac OS X is well designed and constantly patched, being armed with a little more knowledge is always a good thing. This white paper serves that purpose.
Observer Comments
It would be more convincing if the people who write articles about holes discovered in the operating system could give examples of viruses or other successful attacks on the Mac.
Hackers like a challenge, and hacking a PC is old hat. Hacking a Mac would be a great exploit. So, market share is not a valid measure for virus frequency.
Before Mac OS-X there were plenty of viruses for Mac. Please list the active viruses now.
From the summary, it doesn't sound as though they're claiming that there is malware out (other than proof-of-concept), they're claiming that there are exploitable *people* who run OS X.
I admin many Mac boxes, and don't worry about viruses, but I know enough to lock down the machines anyway. You run an open Telnet server, or type your Admin password whenever it's asked, or engage in other unsafe behaviors and you're looking for trouble.
Doesn't matter what the OS is, if you run everything without a skeptical eye.
rm -rf script in an app could cause a lot of damage before you know it...
when a destructive virus/trojan/malware does become widespread within the apple community, Apple CO will take the hit for not 'making OS X" perfect and 100% - whatever that means.
I think prudence and constant education are not a bad thing. Give the propensity for people in the US to NOT TAKE personal responsibility and to bring legal law suits at the drop of a hat, (hot coffee anyone? - have you seen the stickers on ladders lately? - patent trolls) Apple should do more to educate the Apple base about the potential for virus/malware etc.
However, how I relish the current lack of virii for mac. Windows users do have it tough.
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated February 13th
- Sat, 4:11 PM
- MacOS KenDensed - MacOS KenDensed: iPad 3 Frenzy, Big-time Apple & Steve Jobs, G-Man
- Fri, 8:10 PM
- News - Apple Sues Motorola Mobility in California Over German Case
- 7:54 PM
- Free on iTunes - OnLive Desktop: Windows & Office on Your iPad
- 7:43 PM
- Product News - Apple Rolls Out MacBook Air Configurations for Education
- 6:35 PM
- Just a Peek - Battle Pocket Bulge With The Hint for iPhone
- 6:01 PM
- Rumor - Apple Reportedly Bringing MacBook Air Styling to Pro Line
- 4:50 PM
- Particle Debris - The Hidden Gotchas of Browser Security
- 3:56 PM
- Apple Stock Watch - Analyst: Paying a Dividend Makes Sense for Apple
- 2:58 PM
- Deal Brothers - iMac 27-inch 2.93GHz Intel Quad-Core i7 processor: $1,999
- 2:45 PM
- In-Depth Review - Theodolite App for iOS is Breathtaking
- 12:52 PM
- Apple Stock Watch - Mizuho Securities Starts Apple Coverage with $635 Target
- 11:35 AM
- Hot Forum Topic - Forum Poll: Are You Planning on Buying a New iPad?
The Mac Observer Reader Specials
TypeStyler 11 is now in the Mac App Store!! -- Special Introductory Price of $59.95!! -- To Buy From The Mac App Store Click Here Now!! Or buy direct
from Strider Software.
Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
If you're using a Mac, then you've gotta check out Online Poker Mac.
This mac poker and online casino mac site
actually does the unthinkable, it actually rewards!
