Wednesday, February 22, 2006

The woodpecker that destroyed the world... (Macintosh Security)

If you ever talk to a Mac user about security, they will sing the praises of their operating system. They will let you know how impervious it is too attack. I am exaggerating this point a bit, but there is truth in what I say.

Take for example a close friend of mind who is a Mac user. I am forced to listen to his rhetoric all the time about how much better the Mac is to other OSes.

I will agree that the Mac OS X is a great OS. It has a great GUI, and overall it appears to be fairly secure. I will also give the Mac high marks for being very powerful, and stylish.

Being a Windows user, I run several different layers of security on my home computer, and I make sure that I keep all my software up-to-date. I have been hit by a few viruses over the years, but never had my machine infected or any damage caused by it (Thank God).

I have also cleaned several systems that belong to friends of mine that have been infected by viruses. To be honest, after your system has been compromised by malicious software, you are better off to backup your data, format the hard drive and re-install your OS and applications.

The one big mistake that I have seen companies and individuals make over and over again is a claim that their operating system, application, etc. can't be hacked, or compromised. Fairly soon after the claim has been made, someone generally manages to penetrate these defenses.

For example, Larry Ellison once declared his company's databases were 'unbreakable,' until one day somebody managed to break it. My only point is that if you have a secure product don't flaunt it, it only brings trouble. Hackers love to prove companies wrong very publicly.

I don't have any recollection of Apple ever making any outlandish security claims. Although, as the Mac gains more popularity Apple will need to address its security problems more quickly.

In a fairly recent article from ZDNet, the opening paragraph states: "OS X contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago, according to a security researcher credited with finding numerous bugs in Apple's increasingly popular platform."

There also was an article in CNET News.com: "Just a day after experts warned of what is believed to be the first Trojan in the wild to target Apple Computer's Mac OS X, alerts are being published on a new worm that exploits an 8-month-old vulnerability in the operating system."

I want to be fair in saying that most of the attacks that I have seen against Mac OS X have been pretty benign. Although, I really believe that there is a false sense of security in the Mac community about how secure their OS really is.

Just remember, according to Weinberg'’s Second law: 'If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization'

1 comment:

Anonymous said...

i tottaly agree. no os is bulletproof; the important thing is how the os is popular. fanatic atari st users are safe from viruses too. how much those users are there? comparing to others, a few. but they are safe because there are no virus coders on their platform. the similar is with mac; the more popluar it will becoming, the more chances there will be for virus coders to show up. i remember a worm on os9 back in '97 or '98 in croatia that infected almost every graphic studio. os9 users beleived that the platform is completely virus free, none had used any protection but they all had exchanged media and files and worm cloned itself on every media you put in a os9 machine. in time of few weeks or months almost every mac involved had the worm. and for weeks the users were thinking that the worm's activity (taking complete tasks for itself) is something due to os, i saw they sitting and calmly waiting a few minutes. until someone realized that it was a worm and that almost every mac machine in the business had it on the disk and belonging network. so to point out: mac is not safe by default. there was viruses and will be viruses on mac. mac os *is* safer than windows just because it is not home platform for virus coding kids. the more popular mac os will be, the more chances for coders challenge will be, and that's the all story. period.