Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.
In its seventh bi-annual Internet Security Threat Report, Symantec said over the past year, security researchers had discovered at least 37 serious vulnerabilities in the Mac OS X system. According to Symantec, as Apple increases its market share — with new low cost products such as the Mac mini — its userbase is likely to come under increasing attack.
"Contrary to popular belief, the Macintosh operating system has not always been a safe haven from malicious code," Symantec said. "Out of the public eye for some time, it is now clear that the Mac OS is increasingly becoming a target for the malicious activity that is more commonly associated with Microsoft and various Unix-based operating systems," the report said.
"Apple Computer has become a target for new attacks… The appearance of a rootkit109 called Opener in October 2004, serves to illustrate the growth in vulnerability research on the OS X platform… The various OS X vulnerabilities allow attackers to carry out information disclosure, authentication bypass, code execution, privilege escalation, and DoS attacks. Symantec believes that as the popularity of Apple’s new platform continues to grow, so too will the number of attacks directed at it," the report said.
Symantec’s concerns were echoed by James Turner, security analyst at Frost & Sullivan Australia, who said many of the people who bought Apple products were not concerned about security, which left them wide open to attack.
"The iPod, PowerBooks and mini Macs are cool products," Turner said. "The by-product is that people are buying these products for form over function. They say it looks pretty and then buy it but don’t secure it. As Apple increases its market share, it will be a legitimate target".
Trend Micro senior systems engineer Adam Biviano said all complex operating systems had security flaws and the more popular the platform, the more likely it would be attacked.
"All sophisticated platforms — Mac, Linux, Solaris or anything else — will have vulnerabilities," Biviano said. "The only reason Windows has had mass exploits written for it is the sheer number of connected devices that are present on most networks. As soon as you start seeing mass deployment of any technology you are going to see exploits".
According to Biviano, while there have not been any mass outbreaks of viruses targeting the Mac, the potential does exist.
"You don’t see Macintosh viruses in mass outbreaks but you do see them in the labs as proof of concepts. There aren't any outbreaks because there are simply are not enough [Macs] out there. For a virus to be successful it needs a combination of an exploit and a large target audience," said Biviano, who nominated the mobile phone market as an example of malware writers targeting the most popular platform, not Microsoft’s platform.
"Look at where mobile viruses are going and they are not targeting Microsoft — they are targeting the market leader, which is Symbian," he said. The Symantec report found in the second half of last year, an increasing proportion of malware was designed to expose confidential information. The report also found that phishing attacks increased by 366 percent while the number of Windows-based worms and viruses increased by 64 percent, when compared to the first half of 2004.
Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.
Talkback
Failing of course to mention that yes- although virii and other malicious attacks can be launched against ANY OS from any vendor- it is very hard to do so against a Unix-based OS.
As market share of OS X increases, what you will find is that people will realise just how weak MS is, and how feeble are "security" firms such as Symantec who actually build their business model on malicious code happening. And here's a conspiracy theory for you: Symantec want Mac users (especially new ones) to adopt their software, so the best way of doing that is by scaring them into a purchase.
If you keep your system (OS X system) patched, and use sound passwords, and then implement the excellent FileVault technology on your home drive (especially for mobile users), and OpenFirmware password etc etc., then the likelihood of getting a serious security threat on your system has been reduced as humanly as possible, bar disconnecting it from the internet altogether. Rather than spending stupid amounts of time on Symantec products you really don't need and inordinate amounts of time big fixing the big fixer!
Rest easy. OS X and Linux/Unix is the secure(er) way to go. It has nothing to do with popularity, but instead all to do with poor code design and weak OS implementation from the ground up that Windows is so bug-ridden. Sticking plasters over Windows' poor security model is one way of ensuring that Windows users will never have a safer and more productive envirobment through which to work. And some of that has to do with poorly implemented and intrusive anti-virus and "security" software from people like Symantec!
Attack does not equal vulnerability, except on Windows. OS X is not invulnerable and there is always room for improvement, but let's not get carried away. OS X has many advantages over MS-Windows that prevent the security travesty that we've come to know of with Microsoft's products. Having a machine attacked is not the same as having it compromise. Talk with any administrator of non-Microsoft systems and they'll tell you that their machines are attacked hundreds if not tens of thousands of times per day. However, none of those attacks get through.
(1) Symantec is in the business of selling protective/corrective software; seems like the statements made in this article are meant to drum up business
(2) See item 1
This is just such a load of self-serving crap ...
Just last night my fiancée told me people were telling her they couldn't access her MSN Group site because "Spyware Doctor 3.1 wouldn't let them" ... I downloaded it to my work PC and installed it (it wouldn't run in Virtual PC 7 on my home Mac).
However the part that handles "live" blocking of sites is in their persistent "OnGuard" section which you have to pay for ... not wanting to pay just to test it once I found a [k] on an Astalavista-type [k] site ... downloaded it and ran the "start" script and immediately things went haywire (not to mention it didn't [k] Spyware Doctor). In a self-referential act I ran Spyware Doctor which now said there were over 1000 infections ... the [k] had installed toolbars, HTML hijackers, you name it. Found another [k] and removed all of those ... or so I thought.
To make a long story short, I ran 3 or 4 programs including a Registry fixer and spent a couple of hours removing all of this crap (including 5 reboots) before everything was finally eradicated ... and NONE of this would ever happen on a Mac ... the "Registry" concept is so damn retarded ... TSR's that sit there and can't be killed with Task Manager ... blah blah blah and so on and so on ... the reason there's all these viruses and trojans and malware/spyware for the PC is because WINDOZE BLOWS, not because of market share - Mac OS X is, fundamentally, a UNIX under the hood so it's subject to the same issues as Linux and other Unices/derivatives - yes there are vulnerabilities but I see them every day at work and the Linux ones are so obscure and unexploitable compared to the Windoze ones it's not even comparable.
The bottom line: Symantec is screaming "The sky is falling! The sky is falling!" - would you trust the company saying that when they're the ones selling the fallout shelters?
Total nonsense. Yes, of course as OSX grows market share it will come under more attack. It hardly takes a rocket scientist to see that. But any idiot can see that an OS which requires root password before installing any software is inherently going to stop more viruses than an OS like Windows which doesn't. Grow up and quit whining.
When a company that sells anti-virus software announces that I am in imminent danger of being infected by some worm in the future, even though no such malware are currently in existence, I take it with a grain of salt.
When a company that does NOT have a financial motivation to pump up virus fears tells me that a threat exists in the wild, I will take notice.
In the meantime, my machine is fully up to date on all Apple patches, and I feel quite secure WITHOUT having to pay the Symantec tax.
Symantec writes to worst software for the Mac in existence
their applications/utilities cause more problems for the user than cure them
they should make their software work before spreading rumors and trying to pass themselves off as the saviour for a situation that does not exist for Mac OS X
What's Symantec's Anti-Virus for Mac going to do? Sit there and scan for Windows viruses like the antivirus software for Linux does? Wow, that makes me feel secure, knowing my UNIX system is safe from Windows virii.
They're right, but only in a trivial sense -- since there are currently no MacOS X viruses, and it's entirely possible that someone will write a MacOS X virus, this could lead to an infnite percentage increase in MacOS X viruses.
That being said, it's somewhat pathetic that ZDNet bothered to "print" this "story" since it's clearly self-serving fearmongering from Symantec. If they were journalists rather than a marketing channel, they'd put this FUD in context -- that Microsoft just released a free security tool for Windows (which, if you remove IE and Outlook is actually fairly secure), and MacOS X is secure by design, so the security business is a bit desparate to drum up sales.
What a load of FUD. Anyone with the smallest sence of knowledge about any of these operating systems know that the biggest issue with windows security are the basic design flaws that it keeps dragging on from its past eras, to ensure compatibility.
OSX and Linux, like any other UNIX, are far more secure because they have been built from the ground up with these security measurements in mind. OK, that rootkit on OSX is a nice toy but it is still nothing more than that. Its not a virus, its a troyan at best.
Offcourse its not a strange thing to hear such words from a company like symantec, as its their business model to live on the fear of internet security. The sad reality is, however, that apart from VBA viruses, there is not a single virus out on the Macintosh platform. So as long as you steer clear from the M$ applications, you're safe.
Unfortuantely ( and expectedly ) the virus mongers on the PC side of the pond always choose not to mention the differehces in design of the platforms they see as the "next big thing" in virus distribution.
Windows is a swamp full of holes, and the only building blocks Microsoft has to offer to cover these holes is rotten wood. See how that helps you... Symantec, Sophos and others only offer safety nets to cover the holes. Albeit a tad better than the rotten wood, your feet will still get wet.
UNIX ( and lookalikes - Linux, Mac OS X etc ) are rocky ground. Sure, there are holes as well. Not as many. Some equally deep, and some truly shallow. But the real difference is that you get cement to fill up the holes. There is no need for patchwork corporations that live and feed on the fears of the common user as is in the windows world. The only thing needed is awareness from software vendors. And there is a lot of that.
The true solution to the viral problems of Windows is to switch to another platform ( software and/or hardware ).
What a load of cobblers.
A couple of years back I was Mac consultant at a design studio (all Mac of course) when I had a call from a Symantec rep to remind them that the AV subscription was up for renewal (we were on OS 9). The studio head had signed up for this a year previous. (!)
I saw no benefit in pursuing the sub, in fact, the AV software caused installation problems many times. So I said no thanks, we wouldn't be needing it. The rep launched into a diatribe of how 'vulnerable' we'd be etc, I said no, I didn't think so as we're all Mac. He then insisted that I had to remove all their products from the Macs as otherwise we would be in 'breach of the licensing agreement'. Apart from the fact that the licensing agreement covered the UPDATES not the original software, I said fine, you can take it from me it will be removed within an hour of this call....
He was very aggressive.. I wonder why...? Money stream?
Ziff Davis continues to embarrass themselves with this obvious shilling for MS. There is no real point to this article other than to drum up business for Symantec and create more FUD for those considering the Mac Mini. Get back to us when there is a real world virus, trojan, or worm.
Symantec is just concerned about their profits. They don't have much in the way of anything outside the viral wasteland that Windows is.
The question is who are the security researchers that Symantec is quoting about the 37 serious vulnerabilities in MacOS X that were 'discovered' last year? What are those serious vulnerabilities? Are they viruses? Are they worms? Or were they vulnerabilities covered by updates to the OS that Apple has already patched?
This article sounds more like they are trying to equate security vulnerabilities with chronic virus or a worm vulnerabilities like those that Windows has. They are trying to inspire fear in the Mac-using population to by their products, when all they really need to do is use Software Update that is already in MacOS X.
Symantec needs to back up their claims, rather than spewing generalities and making invalid comparisons.
It is true that all operating systems are at risk of attack and the number of successful attacks do increase when compared to platform market share. But as a systems administrator for both the Windows and Macintosh platform it is plain to see what OS is the easiest to exploit. It's the same OS that is the most difficult to support and the same OS that has the most problems aside from hackers and viruses. The core of the OS and the firmware that it runs on is what will consistently make an OS vulnerable or not. Yes, there will be increasing attacks on OSX and yes, some will be successful. But I will always put my money on the company that that makes the software and the hardware it runs on.
They are desperate because MS is about to put them out of business.
Has this guy ever seen a computer? what a tool!
There are some cases where it actually is very important to have virus protection on Macs. The main case is when you have networks of machines running MacOS and Windows. The culprit for the viruses on the Mac is always Microsoft Office, which can spread macro viruses from Mac to Mac. They cause very little to no effect on the MacOS 9 (Classic) or MacOS X (Unix) platforms, but can become a haven of viruses which can trash the windows machines.
In a corporate or educational network setting (I have worked most recently in edu), it's essential to make sure that the Macs aren't harboring viruses which can cause problems for IT (meaning me) on the less secure platform. In doing some research, viruses (about 50-70 of them) exist for classic MacOS, they don't run on OS X, although I have not tried to launch any under classic. I have found 3 for Linux, but I couldn't get them to work without doing something completely stupid. There was a worm (The Ramen Worm) that infected Linux based web-servers for a short while, but it only worked on RedHat, so I didn't care, since I run Slackware.
Windows user sees b.s. I don't buy the hype and won't buy Symantic products... ever.
In other news, if you run Windows you run the risk of being gang-raped by a herd of stampeding buffalo, but it's unlikely to happen.