Mac users finally waking up to security

By Munir Kotadia, ZDNet Australia
Tuesday, December 19, 2006 10:57 AM

Following a number of attacks against OS X in 2006, Mac users are finally getting the message that they are not immune, according to an IT security manager responsible for over 5,000 Apple systems.

Just over a year ago, Mark Borrie from the University of Otago in New Zealand, said that Apple users were their own worst enemy when it came to security, because they considered themselves immune from attack.

However, since that time Apple has been the subject of much debate as researchers found the first Mac-targeting malware samples and discovered weaknesses in the platforms' AirPort wireless network system.

Borrie claimed that this new focus on OS X has already increased the level of awareness amongst Apple users.

"That was part of the issue I had last year...with Mac OS you can get hacked and you can get taken over--that message is slowly getting through to the key people," Borrie told ZDNet Australia in a telephone interview on Monday.

Borrie explained that he does not expect to see OS X plagued by spyware and replicating viruses that infest Windows systems, but he believes there will be more Mac-related malware.

"Keyloggers are all PC based but there is no reason why those keyloggers couldn't be written for Macs--but I haven't seen any around yet," he said.

Macs used to control Windows bots?
Borrie said that during the past year he has seen Apple-based systems hacked and then used to control bots of Trojan-infected Windows PCs.

He explained that the hacked Mac systems were left vulnerable because users had employed weak passwords or misconfigured their services.

"We are seeing Macintosh systems being targeted for hands-on hacking as opposed to worms...In one situation, Macs were being used as a bot net channel in IRC--they were taking over PCs," said Borrie, who warned that this kind of activity is difficult to recognise because it does not generate much network traffic.

"The problems can be there for months. If somebody breaks into a machine all they are doing is a bit of IRC activity. There is not a lot to trigger a warning. Your traffic loads and processing loads do not increase dramatically," added Borrie.


WORTHWHILE?

0

0 votes
Blog

Talkback 13 comments

Weak passwords are not an OS flaw.
Posted by DD on Tuesday, December 19 2006 10:12 PM

Attacks? When? Where? Must have been in a coma or does this "story" come with a strong whiff of bull doo-doo?
Posted by Kid Plutonium on Tuesday, December 19 2006 11:10 PM

First, list the so called attacks- not the ones created by software security makers that only work if the Mac is hobbled to the point of being barely able to run, but real ones found in the wild. My count is zero, how about yours?
Second, list the ones that (1) actually infected a Mac and (2) did harm. Still zero by my count.
Third, list the number of viruses found for Mac OSX to date. My count, once again, still zero.
Finally, list the number of "OSX needs security because maybe, possibly, somehow but we don't know how, OSX may get a virus, the sky is falling, bad things will happen, booga booga Apple articles (like this one) to date: My count, at least a hundred.
Posted by azureblue on Wednesday, December 20 2006 12:35 AM

Clearly you and Borrie are both liars. If however your stupid enough to actually believe what you've written then you should never be reporting these lies.

Obviously your another security software company or Microsoft shill out there spewing your bullshit hoping to dupe the ignorant.
Posted by Ralph Tindle on Wednesday, December 20 2006 02:04 AM

WHAT!?! I do Mac setup and maintainance for a number of companies and individuals and have yet to see any virus in the wild. Most are just proof of concept examples. I do believe in security software when needed and had it on the Macs when they ran OS9, but since the release of OSX I have not found the need to do so.
Posted by Lantz Newberry on Wednesday, December 20 2006 03:36 AM

Another load of ZDNet drivel. What "attacks against OS X in 2006" are you referring to? Perhaps people who write for ZDNet are so dumb that they happily tell total strangers their passwords? Maybe Munir Kotadia leaves his front door wide open with a sign inviting criminals to have a poke around his home? Or maybe this is just another piece of sloppy ZDNet journalism?
Posted by Russell Hall on Wednesday, December 20 2006 04:12 AM

I personally think Mac users have been fully awake, because a majority of them use non-Mac systems to gain a living and have "walked in those moccassins" and is why they slid on over to the Mac in the first place.

We have been "gifting away" copies of ClamXav donationware over on our website as part of the signup process for our February "I Love My Mac" campaign so we will know that all who frequent our websites, podcasts and audiocasts will have their Mac OS X security blanket in place.

If there have been real Mac OS X "infections", we would like to have details, instead of bogus "the sky is falling" stuff.

www.maccompanion.com...
Posted by Robert Pritchett on Wednesday, December 20 2006 04:22 AM

If your Mac is in a lab at McAfee or at Symanetc - funny, then it's insecure - everywhere on planet Earth - SAFE.
Posted by jbelkin on Wednesday, December 20 2006 06:58 AM

Fanboys fanboys
Watcha gonna do
When they come for you
Fanboys fanboys
Haha
Posted by Fred Fanboy Fighter on Wednesday, December 20 2006 07:08 AM

Our MS mail server is down - virus, our MS File server is down - the geeks can't tell us why - our MS print server is dead. Our xserve has taken their jobs on single handedly. All our macs are up and running (in design dept) most of the PC laptops have viri. Can you please point out what was the name or M.O. of said flaw - I must have been away when OSX squashed it.

Isn't Znet part of microsoft?
Posted by Michael L Jones on Wednesday, December 20 2006 09:31 AM

FUD, FUD and More FUD. Stop making this crap up already. There have been ZERO reported attacks, only proof of concept vulnerabilities. Get your facts straight.
Posted by Scott Free on Wednesday, December 20 2006 10:00 AM

Ralph Tindle's comments highlight why some Mac users are not waking up to security issues. One of the computers Mark Borrie refers to was in the next office to me. The administrator of that computer has learned his lesson - he used to make comments similar to that which Ralph Tindle has, but no longer does.
I have a lot of respect for Mark Borrie - he is always careful in getting his facts right.

Simon Høgh
Mac Specialist & Mac Developer (for 11 years)
ITS
University of Otago
PO Box 56
Dunedin 9054
New Zealand
Posted by Simon Høgh on Thursday, December 21 2006 10:54 AM

I find that OS X is not immune. I won't pretend that it's the "golden pinnacle of security". But some key points that need to be addressed.

- Weak Passwords are indeed not an OS error.
- Recent 2006 Mac Malware require Admin privileges to run, and therefore OS X alerts the user prior to activation of the script.

And finally, if all you can do is post messages on ZDNet saying nothing about "Fanboys", then you must be fairly passionate a fanboy yourself to spend the time to bash the rest. Not a Mac Fanboy, but there are Anti Mac Fanboys out there.
Posted by iMac600 on Saturday, December 23 2006 09:05 PM


Tech Jobs Now!

Search for your ideal tech job:

News from Countries/Region

Hands-on programming: Extract plain text from documents with Syncfusion's components

Web Development

Justin James recently tried Syncfusion's Essential DocIO and Essential PDF to help him extract text from documents he downloaded from the Internet. Here's the code he wrote to get the plain text.


Read more »



Will technology divide us further?

Blog thumbnail

So I finally watched 2012 over the weekend, but the film left me feeling extremely agitated.

The possibility that the world may meet its watery end in three years didn't..... by Eileen Yu

Read more »

Tags

  1. attack
  2. authentication and encryption
  3. blog
  4. data security
  5. e - mail
  6. hacking
  7. internet
  8. malware
  9. microsoft corp.
  10. network
  11. network security
  12. pc security
  13. researcher
  14. security
  15. security management
  16. software
  17. spam and phishing
  18. symantec corp.
  19. viruses and worms
  20. web