Apple's Mac Isn't as Secure as Some Want Us to Believe

By Don Reisinger  |  Posted 2009-06-15

Apple's Mac Isn't as Secure as Some Want Us to Believe

Apple and its supporters want everyone to know that Mac OS X is a secure operating system that easily bests Microsoft's Windows platform.  They contend that because Mac OS X hasn't had nearly the number of security outbreaks that Windows has, it's more secure. And some contend that Mac OS X doesn't even require the use of anti-virus software.

Those folks might be surprised to know that Mac OS X isn't nearly as secure as they want to believe. Has it had fewer security outbreaks? Sure. Does Windows have some serious security holes that makes it a less secure operating system? Of course. But does that mean that a user who buys a Mac, plugs it in and starts surfing the Web will be protected from any intruder? No way. And recent evidence suggests that Mac users should start considering installing anti-virus software on their computers.

Just last week, security researchers at Sophos found an updated version of malware that targets Mac OS X users. The outbreak is a new variant of the Jahlav Trojan, which is disguised as an Active X video codec on a pornographic Website. Once downloaded, the Trojan will attempt to download other malicious files from the Web.

But that's not all. Researchers also found a new strain of the Tored worm, which was originally discovered in May. The worm's authors are trying to create a Mac botnet. So far, though, they have been unsuccessful-the worm is still too buggy to pose any threat to Mac users.

Apple's new Snow Leopard operating system might face even more trouble. An old security note has been added to the new operating system's information page. According to Apple, users should consider installing anti-virus software on their Snow Leopard installation.  Even with Apple's security features built into the operating system, there's no guarantee that Mac users will be safe, even though its staunchest supporters say there's nothing to worry about.

But just how did this happen?  Years ago, the idea of finding malware on a Mac was unheard of.  Most security experts ignored the Mac simply because they knew that the chances of a security outbreak affecting the operating system were quite low.  But in recent years, more Mac outbreaks have emerged.  From Inqtana.A and Leap.A to Tored and Jahlav, the Mac is being affected by more malware than ever before.  The reason why might surprise you: money.

Today, most Trojans and worms are developed to make money for their authors.  Since there are far more Windows users than Mac users, it was simply more financially beneficial to target Windows users-more people translates to more cash. But as Apple's Mac OS X has gained in popularity and captured more market share, more malicious hackers are realizing that there are opportunities to earn cash by targeting Mac users who believe they can do anything they want with their Macs and not worry about an outbreak.

The Jahlav Trojan, for example, is believed to be a money-making tool for the malware's authors.

According to one Sophos security expert, Graham Cluely, the Jahlav Trojan "will lead to a fake anti-virus [program]."  He went on to say that "if you go to the Web page [containing the Trojan] on a Windows computer, you get served Windows scareware.  So, if that's how the hacking gang is planning to make money from Windows users, it's probably the same methodology for their Mac victims."

A Simple Numbers Game?ö?ç?ÂOr Is It?

So it seems that as more people join the ranks of Mac users, malicious hackers will be targeting them more often. It's a simple numbers game. The more people who use an operating system, the more hackers who take notice, thus the greater the chances that an outbreak will occur.

But some don't believe that logic.  They contend that it's Mac OS X that's keeping Mac users safe.  It's not that hackers haven't tried to target Mac users, but they simply can't get the job done, thanks to Mac OS X's security features.

It's a compelling argument.  Apple's OS allows users to run with restricted rights, which limits malicious software from making its way into the OS. Mac OS X also uses sandboxing to protect users. With that help, programs are restricted to a finite number of actions they can perform on the Mac, they have little access to other files and are limited in what other programs they can launch.  Mac OS X also uses library randomization, which, in theory, keeps the malware missing its target.

There's no debating that Mac OS X has some security features that make it a capable operating system. But there's no chance that it can keep its users safe in every instance.  As recent evidence has shown, breaking into Mac OS X-once believed to be an impenetrable fortress-isn't nearly as secure as Apple wants us to believe. 

It's time we all realize that simple fact.

Rocket Fuel