Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


What Will Apple Do When the Malware Comes?



 By: Larry Seltzer
2006-02-20
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


  Table of Contents:
  1. What Will Apple Do When the Malware Comes?
  2. ' What Would Apple Do'

Rate This Article:
Poor Best
What Will Apple Do When the Malware Comes?
( Page 1 of 2 )

Opinion: A serious outbreak of Mac malware still isn't likely, but what would happen if it took place? Read more for the flip side of the monoculture problem.

The release in the last few days of malware for the Mac and Linux underscore some old issues about how it is possible to have malware on those platforms. I have some new thoughts though. Ive begun to wonder what Apple would do if a real problem developed.

To be very clear, a real problem has not yet developed, and Inqtana.A and Leap.A are not a real problem, except to the extent that they may be bellwethers. They are more interesting for what they suggest than what they actually do.

Its true that the Mac OS has had, for many years, an important level of protection that will only emerge in Windows with Vista: By default, Mac users run at a restricted privilege level, and any malware they run will be similarly restricted.

The user may be presented, as with any legitimate software install, with a request for the Admin password, and at that point they may exercise discretion.

Apple updates Mac OS X. Click here to read more.

This is almost entirely a consumer issue I believe; in managed business networks it has been well understood for a very long time how to create Windows clients with restricted privileges, and any administrator who doesnt do it is to blame for problems that result.

Resource Library:

This process protects against silent installations of malware, but it doesnt protect against all fraudulent installations.

Much of the garden-variety malware on Windows pretends to be a data file of some sort (as if data files were inherently safe, but thats another story). Double-click the icon and it turns out that youve actually run a program.

But much malware, especially of the adware variety, doesnt hide the fact that its a program. The user is told that they are installing some slick browser toolbar or perhaps a special viewing program for some porn, but in fact they could be installing anything at all.

And even if they were on Windows Vista and not initially allowed to install the program they would provide the Administrator password to install it because they know they intend to install a program.

When good social engineering attacks are developed for the Mac, the same thing will happen. Its not hard to imagine Web sites and e-mails offering programs for the Mac that do more than they claim to do.

Just in terms of adware, there may be some benefit to being able to deliver known Mac users to advertisers, but for the most part the "value" of infecting the user is the same: to spread itself, and perhaps to create a Mac botnet.

The small size of the Mac community has protected it so far even more effectively than the security features of the software. Few have even tried to write malware for OS X, although in earlier days of Mac OS, back when we still passed floppy disks around, it was a frequent virus target.

I still think this has to be an important limiting factor on malware for the Mac. Since Im talking about attack methods that are universal, most attackers will want to go after the larger audience.

Next page: What would Apple do?





  Reader Comments: What Will Apple Do When the Malware Comes?
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Network Security & Hardware Articles          >>> More By Larry Seltzer
 


x}kw6DىCO-ȶĶ<=h)S$V'{Oo*|AI۝ؖ*T B; IM+לٔO]sPç} $5]2I*_ d&@ jہ)}mk4 uB;{#|6S%߽w *s=NN5K&O†|gM$ƾlM1 dckdp,FcwO5drZC'AjZ$6m(GJ|,ZB;"?*B43 \2ITߦuB)~{Te膡;? CKt/"(?F#&c?9;~'f^B(ƻFՉziZg#2]hj:TN`Uƞfn =KQF3r{BM*- Dƞ4IC d#̒JKQ`:tm3G^C]õ]Z.R͌eCwtPzOMҳB($g >v?$K8Q+)Kk0~b[4I܃N8CEnOU[۾twgyDffrt˜HJ6ԃ P2zhNt(`_dY7;Ͱ-P6cMTjR>>-trf-\hӟF_{JU4E9]w.n $(֝{p m+iu]+i0Wn{'ݏwy@.{A~$Vj}&UJDZ-i& 0h!5&tt<_B^,9BFI?nn9,4E;J KHs = (2,"t'3Ҿoon;6O/Nn;sdo̲5<ZMӀ Zvb!?>X VkYGλs!+|rg>!5M0\̱¬:֪o~=cK'^CShr Q@e)#8?݇IhJq䨉kYSl؅ R揇o4| ~ަ,-|y"brݢHPsnSEI7#DL<vxr!DKI88g^R]E1\aU<8yuwެ-Ujմޅ/~iYwθyn?ܶH{⧫vz߆)WIC EhYf7-vI%qM}{QU1y+YEPU^p-Aqb2B c=M:gvXϳp: 0hv?SOiͦ89yt$AG61^K ucb>'ݸäp;pw>>-Fv13{Q {>0iCkJQD47 l"&q3)z`a2yàF{wt( ,/{@`\@48`$8ʼ E]uCb賀B=ٚ?薭-L<ħ̠~(~9-WRC/0""D% R h4A'EBENNA7fw$]Vi+RaD4T*nOu$]cwV*+esRأXB YX/E_R23#CdɬaX91{MfT`"[ᛥLKak`FZ,cM;1M{ڣeX#>df&i &蝐`2Ґ(s?G\ g!a\9:<f335g{80q}`] k9tݴyFSˁ2&$vTD>L˄Fr=g=϶Y$uuKv;u`|d:Nk'h6?>{@-\nb4դ4<3rGֶ-/ ?W*|z[.z:ԍ$r%5kb$T`CL <<Gy5&㓫(\=P=ДT318 FL@ ('wJFJV !zh'>eg HuXKnuooI8T*Ұ.Z)eY mc-׾0^Ԣ,Q|u$"!lsiŰ,B /0|:Cb&^fthQs&u|pöV/UKW+@zESZ2ej=[`B]PeܠQ@7%X3PQ[ lxkuꟺPCߵ+|> w=dsgH~qP93?磔YTp$480T]2agRhj]Maf(0q |0b=9ߟ{8[=z,.K y{y]ؕ[RR|~nN >(zp4'Z>pd`/R=:¿uouj)ӃI ,䧒ZQJ~&[b"ud\6˰@eִ &;rm}' zfdݙ(yR+rf!%֐I4U$\ ؕGQ/AY@*#܉k Bo` 12l3u/.zrwݱM% ynssQ*/K7+ f)R;Oz^*k 5ЪZZfAq{ 8pG#}y>W&wXfe^:~m^F39X>>: '012&z@j9ajv6 (&Lt0Ȑ%|=Wl1۩t>xtVPBK&nƚ73}&mno^E{y<S۝ErN?dZIp|]avKrekH˷bgfo餙֗E@<sU*)_LbT~3gbg`+w22Owž~XFpaNpgD7g| U;I?sԳлMklsGq3`S"豥mBtP+'& jUav bȈCzf{zJ$~ g~{qw?I a9pT*JZӳ$*+@:erz埍8iJC 裦xc_7)~(zC9[m{~>KTU]H#U\+ԊR?YTAtuEZdЯdL5AKgl!/`.S(S/l`^ASV<^ےtK3קA(6E&7 u5Yx\sXҌd;}X^5ItH"J7e^V*\%T/IjYtn:0ȘُYD[^:L&rOfss]``On{ܝ90F4H jYʠ5ZV-'0Lpĵ)$jZ9 OYdY.eժR+8N3Ay vBs=c#|{W !&1ǷWXL\tKOWƒ"'!M43,`jRU\ό&͇}g=N п"}QLAUv٩G#{?J䏽:g#R>y/: ?Nٿ:N00vE?0+-5.J?HgR&Fø@o9)P K1cE1>dt߫](cooZgg-a=lF;"^9+us-d}ڽxsݖҽN7s5A DH#䄬W!yN/ۭFS̠o2XGzz0<㥑a3DH[h`Y3 N/Ns>\zF_j,8Eψa6Z4ZGkފGq֭ Bf-.3bB!bN<؇APc{ z H)'4 geS|$;3^v[}Ih !:Ua2"(BS.iDO§,}ڽmq3 lo}AF_(ί(Kѷo5E߈>O1Ofo4~ ɮP=8Y,rh縵vY#^c~:)}AOmN9˝~L!gÍ76w jE-pXIS"9oթ-ݱi'>fax!wl(q%ӝr*(oBٺCO[,lmSsSdGAGJ脚fye5-eH5NRMLC]OC/%$;kB6z{ gaM.m2jt6Dr0&@v\f(Ӑ` q.@P)V<(m1n`}Xki-jշΫ؉C6OY̓`((rq]ȩzxXuwX̧E~"rFntL7ýԎ+^@(NEVu2k7x'[_YN.t0o 89]cޓd=tWcT1;>^Y ]s>ͥ`L̴M\gwh^PD(Vp9c㻞0]vYy{lo&})s'AuhaJwfim6Ş`4 ݣoR:i?{޽s¾"CWq ;:i)`* 94XhHn X"2NIJa/>8zdM#}۾Jfy7ki^d̠t4s {!.`0/E+R!EkEwWSU+ Tڢ&E%:mחF}޿V5BĬxBw V2OJ/&[qVL>9bzQ%Fc?Y+xϗt8a8Y&?5#,Ӝe6RY]&?  pru_,yv\ɕn0 ԝz~pDSg)5 ]r?П/FD>z4Sˁ5m=p.GǖSקʡZQ-'?)+#"@Vc툲&7 <]Svt|++*X48 |tAá~ }uhx?^tJ}wjkBexv9MNS^>vc"/Rb` ގC;ۊSS-f>kbb {DLd;nr--WxT"tIt+NynU%!+,L/} zI$)f/jM7F0O'\"uYEN(ONϓEdEe,1aF#'RL>0qsIReeąL#ZS*ʇ|YxYLF(# aHgZH܈xw3R)R""Î7w|?IU%m_[iOg+n9/HD.x64ZW8Tw8X[@$zňVޖ]J/X0nI0HW.dVŜ@͓ׅ I-# K{6%4Le[)8 us[J-NeDK ʔMu6T%"ʶ,Sy)aE&Z]: NEᙠ+s˄8imo y:`ܢҮRڶR}qrH4` lL;T '`%FpXD:"%o5.mbDtx 'ԥjZߖj/oEčOM˰B\t\_XT`]:$*Eؾل^sS'km3H|]|#xqi7?7?7?7?CkU~D_;sҤrKMQ"&a}( !2I:/5 oKI-DzK1?eG,؏ѱԽ>g~Yיg4"=^gؒ1bL0]:1gL37c%LyƮtSa1QVEhAcbď/w)DNٌ 7gݑ{s}۔4{p͈v*H CwXI0?Ai"&|[2OAά>̴v(>w1e b\F-핰h50knXV^|,[Ԟ3E1=,m) L\LRQqxvs "+݁s5:&ե*'uad`j}`9W^(jDo9>/Kά+"Hk*~wnxw6spK#\ñUu>N.ʽ\UR:|^XXJ,j供l[A0lˤ>ૄl~ "(_y57V.$*uݓ0uGL][+p Z[? $\ q5)F?Z D=ôD-P׳)F軦>_]"W  pb""θ7w}kPԵmf7$ɍ{wf7,Ofsѧ9 bQՉ.edg$M?; O o.dx5-Bx}zűiW_؈l<kn}Q)\h=^a=:D11Ae!PKpf=lJC؆_?  ZRˬkDI3Ʊ)+{]4cT2,, %df+' sԐy׮I|`u1ASp\|@Qׂ]^_Vd&yZX '-at75b%1Y~Gj w/Q5F6>&Dtjq?}6īGX&A'rя"p@9 es^ѧ7>k_A'-gĬjgϡ?6 ?=fT؀Cn$pK47 DF/xTݥ1eLNYl%pìfo!ۿP'}fɷ+lw1V^=cV2Qȏa:J~/x`M=u'<~/"&ТC>y| [DpSȯ0\x?*n&@ eqvo $1 FQwǶ^& G˸v0)cK[,zKpAYWSEPf88!"9tElXx@u5F?PM}{=2Dn|Qk""]PVĝ>dUĠAɌB<쪛ĸW=m軏IȕHWkMS+ ,Jb֪Y"'"KIE/]Q|`~l?QX2!G6K ʹ<8?%ԣtnQ8gFSYh9MBcjF:j5P]-O?P/ ]ZX,:Ȓ~WeL<^^A֋/鞐ք1x*B 'UٜAGu ۊoDZ!դFKR -5נ)؜>3-yM13bcCyol+=A6j=!vKѦvD+e|W@O[fkw1l0YՉJZ mݹ_8=!5&<(ڢ 2TXfoX!b[Kx6_f~R!gI ] 011C^U߱VR*jZ?";М|W}yj]SjZYS#LH3P T'[1a P}"Z{2ֱ: rJE+ mݷe.֐c8pOT΅rO}TK;RJH`o3)CqOa>8(-zp׳7K+f{),5o$㽻WԄm%5DX#%NgNtѩF;1vCWIеARɠ{;eF-h>#y|A'b^o9f0؞b.,9+Z|fVVTm}qV.iJ!%N'09ݱX.эDaIp)HkW"Y0lgJK.&`*F6#Zikxw4»&׈1hcrpW<00t+PγjNT\OpY}XC3 éL_|RVWruYSn_D_t[6lf|˞17эǤ`(8NщB|xTkVyKb?{rEfـjcEl~%:td[ 6Ƀ:&&s?f\NL_ _߰,VIm{d72[ EꊍBLS!" p7w/%n.~V };C}m!<S]\ hs!T8b8 gv`3g<9$O⺢ 2۶1-wGE–s\vf+ZC8 ްnbķ5|$rkIC9Ҕo?/=P)a#s~! gL-G D"c)41GJ[!1}s? mǤg)45aBRAA>F |wJpbZŘ!&"c36#|pꀜDl/u z 8 &(?,p֋D {GLƙ;fSZ,Ws Ѿуsx@ Tz0t]\VP*@J>S|6XP؟SeKM)Qw3a/xlSN\<O ,2E<ex?,Gzaq2?y :RL$zy6t(QS1U&ǮK+n ryLR ] 4Bq0h6@:߰|cm|?뽉e2'{xbRWkJ%zu3ʰLXU+#ͪg2QqbJV!J`xFA dhz?Z~@L€،\ݹ1B9ޒ9mIIstI{痰}ZGݩ;'ݳOݛOm_h[>|iKyl2/*f(H_NQʩ٦ΘksYx9%e:w8lb(/7PJTَ/!jb\Se0_n)oݶ{=-ZI-'>;eIS:jS#[}uy1FIc r!>/ۧ}ҽnIJ/./s_r_sov}i >ʁrڿi.s$CPʑ .N pNr+IT/ޯ<<sYU~vïUXйZ*4ˑ*Sҿw2~2Aܜv aqʍz^S_xڞꖽpLڭe]9hq_l %^a/ ^敽d<"xEB+gٔ@#X{#uO'NW6#ﹺ d^)Wsr>V=ןbMedG,DlG\%[n3'rOy?'%Y#/ܻGzʉnS'\2fAP`26UF` Ԋz!J1 #4`֭tK1;BDO"Oӱ:fCWe",dƋ&æʗጽNۯDʑ $` f@2b/`{z38;MY0`wKemf.eа!,%sv[F8 S|v83,>ಓJ_`'cEBqE&fbD23rf5xݱc 6{Nz̄0QtS`r? TxW= 5{\6LDR }N0yN:]v8NH? `nwn9cˎ) Mm'#84#>غ lQF޺%76x}҂ ]@1Su .ѫv>cx Lw65Tc *۳|?OGe Lt8͡o0kn>wq$LsizQڃ`솧q?d|E#b[p!@pM62QTĻ Q)Yj%xd휙gmrxsg_(LWv:mmlP/¼@W=Q'zalh[d%^FHM`WH؂{XiW1RpCV)tO䋰ANt3#W5`/=Hݰ .78ǩk[Vmx~Gݾǀ gkOUg{*)ue6r%* XGڦZ-QaWAn`P%hw2b5g_yfȅ^a\YG+n:' wX{EB(ϻ}uչtC*G꛺U]Dώ7z_Q}BeFBl4.$wъe6nғ/oϤ4hI:۳vJݴ:񲞽P7w r̳?s7*Ѡ,jU z' 4mEgl3W'J^R۽wz"f/ROa6%s|N1VKi+^ϦO*L +q>lgLp -ϱeRZ`l/Z6Uv&'