Get the ECT News Network Editor's Pick Newsletter » View Sample | Subscribe
Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

MacNewsWorld Talkback

 
ECT News Community   »   MacNewsWorld Talkback   »   Re: Hackers Learn To 'Think Different'



Re: Hackers Learn To 'Think Different'
Posted by: Gene J. Koprowski 2005-04-20 06:03:10
See Full Story

Hackers are learning to "think different," so to speak, and now might be targeting Macintosh computers. Long-thought to be impervious to viruses, malware and computer vandals, Apple's Mac OS X is an increasingly succulent target, experts say. Macintoshes are not impervious," said Corbett Consolvo, chief information security officer at the College of Charleston, in Charleston, S.C. "As they are now based on a more common operating system, they have become more susceptible to hacks and malware. Their reputation continues to be that they are impenetrable, however."


Re: Hackers Learn To 'Think Different'
Posted by: arminw 2005-04-21 19:36:37 In reply to: Gene J. Koprowski
I would like to know specifically hown many and what viruses, trojans and other malware are out there on the Internet for the Mac. Exploits where someone has physical access to the computer don't count, since in that case they could simply steal the thing and crack it at leisure. The article speaks in generalities, but is devoid of specific instances where Macs have been affected by malware. No computer is impenetrable, but Macs seem pretty darn secure compared to Windows.

Re: Hackers Learn To 'Think Different'
Posted by: martmart 2005-04-21 01:52:05 In reply to: Gene J. Koprowski
In comparing vulnerabilities between platforms, I believe it is important to look at the overall picture to achieve an honest perspective on the issue of security - something I don't believe this article has covered very well.
.
Let's look at the statistics:
Microsoft Windows:
Viruses and Worms = 17,500 (symantec.com)
Spyware and Adware programs = 78,000 (www.pestpatrol.com)
Burrowers = 40 (www.pestpatrol.com)
80% of PCs infected with spyware (webroot.com)
Last year (2004) alone:
- 500 new Trojans (www.pestpatrol.com)
- 500 new keyloggers (www.pestpatrol.com)
- 1,287 new adware apps (www.pestpatrol.com)
- 7,360 new viruses and worms (symantec.com)
.
Mac OS X:
Viruses and Worms = 0
Spyware programs = 0
Adware = 0
Keyloggers = 0
Burrowers = 0
Trojans = 3
Last year (2004):
- 1 Rootkit (symantec.com)
.
When the evidence is considered, it becomes immediately obvious that with zero worms, viruses, spyware or adware recorded targeting it, Mac OS X remains the safest, pest-free OS by a more than considerable margin.
http://www.mi2g.com/cgi/mi2g/frameset.php?pageid=http%3A//www.mi2g.com/cgi/mi2g/press/190204_2.php
.
Symantec's espousal of the theory of "Security through Obscurity" fails to explain the fact that the number 1 web server, Apache with around 69% marketshare has far fewer attacks (including viruses and worms) than Microsoft's IIS which has captured only 21% of the market (Netcraft.com). This theory also does not explain why the many flavours of Linux suffer from so many instances of malware themselves despite collectively having as small a marketshare as OS X.
.
Note that Trojans can't spread by themselves - they are bits of code that pretend to be something innocuous and need to be downloaded and opened by an authorised user. In the case of the three targeting Mac OS X, two are harmless while the third deletes a user's home directory if run by that user.
.
Note also the Rootkit discovered on a couple of OS X machines is a set of scripts that requires root access to be turned on (turned off by default on all Macs). The hacker then also needs to know the root password and the malware has no mechanism of spreading and infecting other computers by itself.
.
On the subject of browser vulnerabilities, it is a bit disingenuous to state the higher number of vulnerabilities associated with Mozilla compared to Internet Explorer has much meaning - MSIE after all has been sitting stagnant for years now while Mozilla has been under continuous development with new features added all the time - which of course means it will have increased numbers of vulnerabilities discovered and then patched. Not to mention the fact that Symantec states: "Internet Explorer does, however, still have a greater proportion of high-severity vulnerabilities."
.
37 vulnerabilities (mostly in open source components of Mac OS X) which were promptly patched by Apple does not constitute "increased attacks on OS X" as no attacks using any of these now closed vulnerabilities have been recorded.
.
John Gruber has a useful article on why Windows suffers so much malware:
http://daringfireball.net/2004/06/broken_windows
.
However, no software can be perfect and it would be foolish to say there won't eventually appear some malware targeting the 10 million+ OS X users out there - however, today is not that day. Mac OS X has been sitting untouched for 4 years now pretty much without blemish which speaks to a very impressive security story even if/when some effective malware appears. This is the quite amazing and constructive issue you should be writing about.
.
Martin Hill
IMS
Curtin University of Technology
Jump to:
Which best describes what you think about requiring Covid-19 "vaccine passports?"
It will prompt more people to take the vaccine to help end the virus.
It will lessen restrictions and provide more freedom for individuals.
It is a violation of privacy and civil liberties.
It will lead to stigma and discrimination.
It will encourage counterfeits and other criminal activities.