Security Professionals Continue to Be Critical of Apple
Other security professionals took issue with Apple. In an April 13 post on Sophos NakedSecurity blog, Paul Ducklin, the companys head of technology for the Asia-Pacific region, took issue with the lack of information from Apple around its removal tool.
I'd love to tell you more about the Flashback remover supplied by Apple, but I'm afraid I don't know how, Ducklin wrote. There's no documentation about it; there's no information about how to run it by hand in the future, or how it works, or what variants of the malware it finds; andat least on my uninfected 10.6 computerit didn't give any visual indication that it had run at all. (Three words for Apple about security bulletins: promptness, clarity and openness.)
Some also suggested Apple needs to learn how to work better with the security community, particularly given that the number of attacks on Apple products are expected to increase. Boris Sharov, Dr. Webs CEO, told Forbes.com that not only did Apple never contact him after he gave them the information he had about the Flashback malware, but that at one point Apple asked a Russian registrar to shut down a domain that Dr. Web had set up and was using in a sinkhole operation to monitor the malware and lessen its impact. Sharov said he thought it was an honest mistake, but that it illustrated how Apple needs to improve how it relates to outside security experts.
They told the registrar this [domain] is involved in a malicious scheme. Which would be true if we werent the ones controlling it and not doing any harm to users, Sharov told Forbes. This seems to mean that Apple is not considering our work as a help. Its just annoying them.
If the security experts are correct, Apple will have plenty of chances in the future to interact with the security community. In an April 9 post on Kasperskys SecureList blog, security expert Costin Raiu said cyber-criminals will continue to target Apple systems.
At the beginning of 2012, we predicted an increase in the number of attacks on Mac OS X which take advantage of zero-day or unpatched vulnerabilities, Raiu wrote. This is a normal development, which happens on any other platform with enough market share to guarantee a return on investment for virus writers, so Mac OS X fans shouldnt be disappointed because of this. During the next few months, we are probably going to see more attacks of this kind, which focus on exploiting two main things: outdated software and the users lack of awareness.