Wednesday, February 22, 2006

The woodpecker that destroyed the world... (Macintosh Security)

If you ever talk to a Mac user about security, they will sing the praises of their operating system. They will let you know how impervious it is too attack. I am exaggerating this point a bit, but there is truth in what I say.

Take for example a close friend of mind who is a Mac user. I am forced to listen to his rhetoric all the time about how much better the Mac is to other OSes.

I will agree that the Mac OS X is a great OS. It has a great GUI, and overall it appears to be fairly secure. I will also give the Mac high marks for being very powerful, and stylish.

Being a Windows user, I run several different layers of security on my home computer, and I make sure that I keep all my software up-to-date. I have been hit by a few viruses over the years, but never had my machine infected or any damage caused by it (Thank God).

I have also cleaned several systems that belong to friends of mine that have been infected by viruses. To be honest, after your system has been compromised by malicious software, you are better off to backup your data, format the hard drive and re-install your OS and applications.

The one big mistake that I have seen companies and individuals make over and over again is a claim that their operating system, application, etc. can't be hacked, or compromised. Fairly soon after the claim has been made, someone generally manages to penetrate these defenses.

For example, Larry Ellison once declared his company's databases were 'unbreakable,' until one day somebody managed to break it. My only point is that if you have a secure product don't flaunt it, it only brings trouble. Hackers love to prove companies wrong very publicly.

I don't have any recollection of Apple ever making any outlandish security claims. Although, as the Mac gains more popularity Apple will need to address its security problems more quickly.

In a fairly recent article from ZDNet, the opening paragraph states: "OS X contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago, according to a security researcher credited with finding numerous bugs in Apple's increasingly popular platform."

There also was an article in CNET "Just a day after experts warned of what is believed to be the first Trojan in the wild to target Apple Computer's Mac OS X, alerts are being published on a new worm that exploits an 8-month-old vulnerability in the operating system."

I want to be fair in saying that most of the attacks that I have seen against Mac OS X have been pretty benign. Although, I really believe that there is a false sense of security in the Mac community about how secure their OS really is.

Just remember, according to Weinberg'’s Second law: 'If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization'
Post a Comment