Does Mac Have Potential For Hacker Attacks?

Discussion in 'MacBytes.com News Discussion' started by MacBytes, Feb 12, 2006.

  1. macrumors bot

    Joined:
    Jul 5, 2003
    #1

    [​IMG]

    Category: Mac OS X
    Link: Does Mac Have Potential For Hacker Attacks?
    Description:: The Apple Macintosh enjoys a reputation as one of the more secure systems out there, but the recent discovery of vulnerabilities in two of Apple’s most popular applications serves as a reminder that no Internet user is immune to attacks.

    Posted on MacBytes.com
    Approved by Mudbug
     
  2. macrumors regular

    Joined:
    Sep 4, 2004
    #2
    Marketshare myth

    This is getting to be annoying. Every time security is discussed, some bonehead has to claim the Mac is secure because it's obscure. I'd love to know how these guys explain the fact that before OS X, when the Mac market share was lower than it is now, there were Mac viruses. Or maybe they could explain how at least one cell phone OS with far fewer users had a virus.
     
  3. macrumors P6

    ~Shard~

    Joined:
    Jun 4, 2003
    Location:
    1123.6536.5321
    #3
    OS X Is based off UNIX, which is inherently secure. It doesn't matter whether OS X has 5% marketshare or 95% marketshare, the fact that it is secure would remain the same.
     
  4. macrumors 603

    Stella

    Joined:
    Apr 21, 2003
    Location:
    Canada
    #4
    Yes, you are correct.

    Take a good example: Symbian is the market leader in smartphones ( still outsells windows mobile ( people were raving about mobile 6 ) by a HUGE margin ( thanks to Nokia )), its user base is quite small... on a population basis, but still, there are viruses.


    HOWEVER, OSX is still software, it may be UNIX based - inherently, more secure than windows. BUT STILL, Unix has its vulnerabilities... OSX has more.. with its UI interfaces et al - I'm sure there are plenty of Vuns to take advantage of. AppleScript I'm sure is quite unsecure - if taken advantage of.

    As the previous poster correctly says - security by obscurity, is NOT security.

    Mac Users are waaaay too smug. Far too smug.
     
  5. macrumors newbie

    Joined:
    Dec 18, 2005
    #5
    I found another discussion happening on another forum. One user states that he got something called the nachi worm on his Mac. Any idea what exactly that was?
     
  6. Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #6
    And if you want to examine that even closer, Unix split into Sys5 and BSD. BSD is considered the most secure OS ever. OS X was built directly off BSD. How insure can OS X possibly be?
     
  7. macrumors P6

    ~Shard~

    Joined:
    Jun 4, 2003
    Location:
    1123.6536.5321
    #7
    Nope, not possible according to Symantec's site:

    Also Known As: W32/Welchia.worm10240 [AhnLab], W32/Nachi.worm [McAfee], WORM_MSBLAST.D [Trend], Lovsan.D [F-Secure], W32/Nachi-A [Sophos], Win32.Nachi.A [CA], Worm.Win32.Welchia [Kaspersky]
    Type: Worm
    Infection Length: 10,240 bytes
    Systems Affected: Microsoft IIS, Windows 2000, Windows XP
    Systems Not Affected: Linux, Macintosh, OS/2, UNIX, Windows 3.x, Windows 95, Windows 98, Windows Me, Windows NT
     
  8. macrumors P6

    ~Shard~

    Joined:
    Jun 4, 2003
    Location:
    1123.6536.5321
    #8
    Yep, another good point.

    I'm not saying that Mac users should ignore any possible threats and be smug about it, but the facts are the facts - we are running a very secure OS. :cool:
     
  9. macrumors newbie

    Joined:
    Dec 18, 2005
    #9
    Thanks for the reply. The user must have had something else wrong with his computer.
     
  10. macrumors P6

    ~Shard~

    Joined:
    Jun 4, 2003
    Location:
    1123.6536.5321
    #10
    There have been some Office-based exploits involving macros which technically could manifest themselves on a Mac, since they use the same programs, however even then they probably wouldn't be able to do much damage. Apart from that, you won't hear about too many Mac users being affected by things such as this. :cool:
     
  11. Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #11

    I agree. I turn on the firewall and use little snitch. I'm not stupid. Things could go wrong. I run a mac webserver that was once hacked. Nothing major, but it was enough to take the server off down. We fixed it and added better firewall rules. No problems since.

    It feel nice to not have to "baby" my Mac. My windows box runs very smooth. Almost as nice as my Mac. But I "baby" my PC. I probably put about 1 hour of work into a week just to keep it running right.
     
  12. macrumors 68020

    winmacguy

    Joined:
    Nov 8, 2003
    Location:
    New Zealand
    #12
    The poster is labeled as a new member :)
     
  13. Guest

    #13
    I remember the one and only Virus/Worm I got on a Mac - it was about 7/8 years ago (AUTOSTART 9805 as I remember).

    This worm spread like wildfire through the design community via Zip disks ... this was in the days when few people used the internet.

    I suppose what I'm saying is that Mac Users are a close and friendly community and surely IF a Worm/Virus was written for the Mac then it would spread as fast as it did 7 years ago between us?
     
  14. macrumors G4

    Applespider

    Joined:
    Jan 20, 2004
    Location:
    looking through rose-tinted spectacles...
    #14
    Well, he might have got it - if he downloaded a file with it or received an email with it attached - and an AV scanner might have picked it up as being on his Mac. But since it couldn't run on the Mac, it wouldn't have done anything to his system except take up a miniscule chunk of HD space.
     
  15. Moderator emeritus

    Mitthrawnuruodo

    Joined:
    Mar 10, 2004
    Location:
    Bergen, Norway
    #15
    Noone has said there never was ant Mac viruses, in fact there were several back in OS 7, 8 and 9 days... in addition to above mentioned macro viruses that could exploit holes in Office... but none, I repeat none, for OS X. Yet (;)).

    Wildfire...??? :rolleyes:

    Never knew anybody that got infected, and I used zip disks on a daily basis... ;)
    It's not that it's impossible to write a nasty trojan, but I still don't see how you gonna get massive distribution... All Macs has built-in secutrity and unless you get thousands of Mac users to either provide their admin password when the malware asks for it, and ignores all other warnings, I don't see how any trojan can do more than minimal damage for a few poor suckers... ;)
     
  16. macrumors 6502a

    Joined:
    Jul 15, 2003
    #16
    Obscurity is one of the best things OS X has.

    OS 9 and it's similar predecessors had it's own flaws. OS 9 was so easily hackable. Attack the resource forks and you're in. OS X is better in ways. Authentication provides protection from background applications installing themselves.

    Cell phones however are easy targets. The operating system is simple and looking for exploits is easier. There isn't as much disassembly and other shenanigans to do.

    All it takes though is one application. Maybe a cross-platform virus written in java that not only attacks Windows, but also Macs.

    I think the only thing Mac users can hope for is for a benevolent virus when the first one makes the rounds. Otherwise, firewall or not, 5 percent of computer users could get screwed.

    Windows users are aware that at any point a virus may delete all their data. Macs have more to lose. Not only will it be a blow to Mac "fanboys", but ever since my Powerbook, my backup habits have been a tad sloppy.
     
  17. macrumors 6502a

    Joined:
    Jul 15, 2003
    #17
    I think you only need to look at the jpeg rendering problem of IE to realize your firewall isn't going to help. Mail, safari, any application receiving data or handling it is open to attack.

    Let's say someone targets Safari. There's some sort of PNG handling error that allows the virus to run malicious code. This malicious code could modify iTunes and insert malicious code so that every time iTunes the program tries to infect other people.

    It really isn't that hard. Mac's low user rates have helped more than the mac faithful are willing to give credit for. If we Mac users had as many people after us Windows does, all of us would have a little black and white virus-scan logo right next to the time display in the upper right.
     
  18. Moderator emeritus

    Mitthrawnuruodo

    Joined:
    Mar 10, 2004
    Location:
    Bergen, Norway
    #18
    Never mentioned my firewall... :confused:

    And who's stupid enough to have preview and load images on in Mail, as default...? :rolleyes:

    And still it hasn't happened, yet... not in Safari, nor Firefox, nor Mail... funny, hah...?

    And the trojan attempts has been really embarrasing so far... much like the old "manual virus" joke...

    The only known vulnerability in OS X that I fear at the moment is the sudo grace period... still, even that I don't fear enough to manually set it to 0, myself... ;)
     
  19. jhu
    macrumors 6502a

    jhu

    Joined:
    Apr 4, 2004
    #19
    inherently secure? i don't think so. take a look at xenix, sco unix, or even sunos back in the day. however, often it is the ancillary programs that give the entire os a bad rap. take sendmail for example. for the longest time it was a bug infested piece of something. even bind isn't immune to exploitation. saying unix is inherently secure is rather off-base. rather it's the programmer's attention and vigilance to security that gives that group of oses its good name.

    additionally, marketshare does matter. take a look at this zombie net. now, how are you going to get a significant zombie network on a computer architecture with a 2% market penetration?
     
  20. macrumors 65816

    Joined:
    Jan 4, 2005
    #20

    In theory you are correct but in pratic it is really hard. To think that ones computer is impossible to hack is plannly stupid. There is only one way to make sure your computer is never compromised, that is not to have it be able to connect to any out side sorce and never install any software on it. That is impossible for one to compromise.

    But something that could be intersting is as soon as some one finally figures out how to hack or put a virus on a mac more will soon follow based on the same sorce code. A lot of virus for windows use very simlure sorce code. But first thing first is some one figuring out how to hack into a mac.
    It is correct that it is really hard to hack and compromise a mac. It is far from impossible. Just no one has figured out how to do it yet. By the time some one figures it out OSX may no longer be in use but some one will figure it out some time. It is not a question on if. It is more of a question on when will some one figure it out.

    There is potentional there for something to be as damaging to more damaging that MSBlaster was but the chances of that happening are very very low. Because first of the very small user base and the fact that mac are also very hard to hack and write viruses for in the first place. No one figured it out yet. I for one am not going to complain about that. I kind of dread the day that someone does figure and release it because it going to run very wild with the average mac have less 2nd line defences than the average window users (2nd line being AV, firewall program, OS and what not is first line. And lets face it Apple first line of defences is really great to the point it understandble why there is no really need for a 2nd line of defences that windows users really need)
     
  21. macrumors 68000

    Joined:
    Oct 8, 2003
    #21
    Good thing that OS X uses Postfix then isn't it? ;)
     
  22. jhu
    macrumors 6502a

    jhu

    Joined:
    Apr 4, 2004
    #22
    in this day and age, the question is whether it is profitable to successfully exploit the mac. given its low user penetration compared to windows, the answer is no (please see my previous post). the same can be said for linux, *bsd, aix, solaris, openvms, or practically any non-windows operating system.
     
  23. macrumors 65816

    Joined:
    Jan 4, 2005
    #23
    Boy you really dont know much about the underline stuff on a mac. I not going to deny the fact that the low market share out there helps out with the defence. That never been a question. It is a fact that is also harder to compromise a mac. You would think in 5 years that something would of come out that would of done something.
    Windows is easier to hack that the others. Plus there is quite of bit of sorce code out there for a start point.

    Unix based OS (and guess waht bsd, Linux and OSX I know for a fact are all based on) are just more securit then the others. You my friend dont know much about the underworking of the OS's
     
  24. macrumors 6502a

    asherman13

    Joined:
    Jul 31, 2005
    Location:
    SF Bay Area, CA
    #24
    Just because we are secure doesn't mean we're completely secure, IMO. Most Apple users aren't stupid enough to download a virus, but, IMO, if there's a strong enough will, those who have it will find a way, and I'm just thankful that there isn't a strong enough will yet.
     
  25. jhu
    macrumors 6502a

    jhu

    Joined:
    Apr 4, 2004
    #25
    you don't understand how unprofitable it is to exploit systems with a low installed user base. you also don't understand that unix-based oses are not necessarily inherently more secure. please refer to my previous posts (and this link)
     

Share This Page