For those we lost, We will not forget 09/11/2001 “We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.--That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, --That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness.”
— The Continental Congress, July 4, 1776

“The task of statesmanship has always been the re-definition of these rights in terms of a changing and growing social order.”
— Franklin D. Roosevelt (Commonwealth Club Address, 1932)

“Roosevelt was wrong! The principles laid down in the Declaration of Independence are the principles of individual liberty. Our unalienable rights, given to us by God are given to us as individuals. Our rights do not come from society or the government, and they cannot be redefined by politicians. The nature of these rights carries with it the implication of individual responsibility, without which we surrender them.”
— Perri Nelson, November 6, 2008

Hackers targeting Macs more often

Published Thu, Jun 7 2007 11:24 AM
Technorati Tags: Computers and Internet, Software Development

Remember the "I'm a Mac — and I'm a PC" commercials? Who could forget them? How about all of those rabid Mac zealots on various forum sites that defend the security of their Macs as opposed to Windows machines? Or the anti-Microsoft people (you know the ones they always spell Microsoft with a dollar sign — like this: Micro$oft) that just love to point out the hundreds, even thousands of security flaws that have been found in Microsoft software?

How could you possibly forget? Anyway, a recent Technology News article on FOXNews.com points out how the Mac OS is becoming a bigger target for virus writers.

Compared with Windows, the Macintosh platform is still largely untouched by vulnerability exploits.

Gee, you don't think that's got anything to do with the fact that Windows machines outnumber Macintoshes by over 9 to 1 in the marketplace do you?

But the prompt release of exploit code for a vulnerability detailed in a May 24 set of updates shows that it's catching up fast when it comes to grabbing the attention of exploit writers.

But wait! Don't those commercials tout the "security" of Macs? How can this be?

"It is very Microsoft. It's something we've grown to expect in Microsoft: The descriptions of patches lead people to write exploits for something that's been patched," said Rob Enderle, principal analyst for the Enderle Group. "It was only a matter of time before that kind of behavior hit [the Mac] platform. People are going after consumers, and they're going after consumers broadly."

So people start hitting the Mac platform because when Apple releases patches they describe what the patch is fixing? Why would someone patch their software without knowing what the patch was supposed to fix? This is "very Microsoft"? How about it's common sense?

If you want people to apply a patch, it only makes sense to tell them why. Just because the criminally minded are paying attention doesn't make it right to leave your consumers in the dark.

The release of the exploit code for this flaw shows that interest in Mac vulnerabilities is high, analysts say.

That's not surprising; even though Macs aren't used as broadly in businesses as Windows machines, plenty of consumers use them, Enderle said.

Another factor that may be causing attackers to focus more on Macs is that Windows operating systems are getting "much [harder] to penetrate," he said.

And to top it all off, Mac users constitute a "relatively lucrative demographic."

That's right. Microsoft has been paying attention to security flaws. They may not be reacting as quickly as some would like, and there may be a lot of flaws to fix but they have been fixing them and with the patches in place, Windows computers are a lot more secure than they used to be.

At any rate, as pointed out by Ray Wagner, an analyst at Gartner, nobody ever said OS X was impregnable.

Except for the "Mac guy" in those commercials I mentioned, or the Apple zealots on the various technology forums, or the rabid anti-Micro$ofties anyway. The important thing he had to say though followed

"Any large code base has vulnerabilities," he said.

That's right. ANY large code base. Even Microsoft Windows. Even Linux. What determines how big a target your OS is is most likely the size of the installed base and the potential for profit when it's attacked.

"Macs are not the bastions of security a lot of people would have you believe, but it's not like Apple's doing everything wrong, like some of the hacker types would have you believe," Mogull said.

Still, it will be a good day when the company gets its first CSO, he said.

"If we saw Apple getting up and warning people about things people are using to penetrate [its operating system], and talking about practices beyond patching, and embracing Symantec [and its Macintosh security products] instead of treating them like you would any other evil," it would all be for the good, he said.

"At some point you have to step up to full responsibility of protecting your platform, and that means being aggressive about protection."

It also means you (Apple) need to stop the misleading advertising that makes people think your system is impregnable. Everybody should know by now that it's not.

Trackback URI for this post: http://perrinelson.com/track.aspx?postid=788
Permalink URI for this post: http://perrinelson.com/2007/6/7/788.aspx

Subscribe to this entry's comment feed. (Atom)

Comments to this entry are closed.

View Perri Nelson's profile on LinkedIn I'm a proud friend of Israel! Are you? Republican National Committee