Intel Macs vulnerable to 'chip-level' threats

VNUNet ^ | 5/22/2006 | Tom Sanders

[Swordmaker]

Chip-level attacks target a vulnerability in the processor rather than the software

Researchers have claimed that "chip-level threats" pose a potential problem for Intel-powered Mac systems.

A chip-level attack targets a feature or vulnerability in the processor rather than attacking software as is the case with nearly all today's security threats.

Examples of chip-level attacks are rare. The last known serious outbreak dates back to 1998, when the CIH/Chernobyl virus embedded itself into the flash-BIOS of infected systems.

Security vendor McAfee said in a recent white paper about security challenges for Apple systems that chip-level threats are a potential problem now that Apple has switched to Intel chips. But the firm admitted that there are no examples of such attacks.

The cautionary white paper was published on the same day that McAfee launched a version of its security software for Intel-based systems.

Critics could use this fact to point out that the security firm was trying to spread fear, uncertainty and doubt about Mac security in an effort to advertise its software. McAfee did not return several requests for comment.

The threat of chip-level attacks is theoretical at this stage, according to security researchers.

Bruce Huges, a senior antivirus researcher at Trend Micro, believes that chip-level attacks are too hard to craft.

"[Attackers] going after the chip is not something that we see as a great threat right now," he told vnunet.com.

"Whenever you go the Bios or chipset level, it is very easy to ruin things so that the computer will not boot.

"[Attackers] want to use your computer to steal credit card information and install spyware or adware. The last thing that they want to do is destroy your computer."

Despite the fact that Apple computers and traditional PCs run on Intel chips the features of those chips tend to change frequently, so there is no guarantee that an attack that works on one Intel Mac will succeed in targeting another.

An attacker looking successfully to infect as many systems as possible needs a most common denominator or critical mass.

"We may see that critical mass some day, but I cannot see that happening," Shane Coursen, senior technical consultant at Kaspersky Labs, told vnunet.com.

Chip-level attacks are more likely for industrial espionage or data theft. " The bigger danger is where malware writers know that a company has standardised on one specific chipset," said Coursen.

"With that knowledge, an attacker could successfully target that place of business."

But Coursen and Huges argued that the public should be made aware of the potential threat of chip-level attacks, even if there is only a small chance that such an attack could take place.

"There is always a fine line between fear-mongering and being realistic about what's out there. Everything I say can be a double-edged sword," said Coursen. "It might just help if the threat materialises."

[Swordmaker]

The threat of chip-level attacks is theoretical at this stage, according to security researchers.

Let's see if I have this right... the last chip level attack on an Intel system was in 1998... EIGHT years ago on a writeable BIOS chip... but somehow this is a vulnerability now that Apple has adopted Intel CPUs for Macs? Oh. I see...

It's FUD!

[Swordmaker]

McAfee's releases a "white paper" that says that Apple Macs are now vulnerable to "Chip Based" malware because they switched to Intel processors... PING!

I am certain we will see this spread in the MSM...

If you want on or off the Mac Ping List, Freepmail me.

[glorgau]

Yeah, it's another sales pitch for virus "protection" software.

[SlowBoat407]

[Logophile]

The cautionary white paper was published on the same day that McAfee launched a version of its security software for Intel-based systems.

The timing was undoubtedly just a coincidence.

[antiRepublicrat]

This is the most despicable scare tactic I've seen so far. It is only news because Macs are now on Intel.

[DesScorp]

The obvious interest of McAffee and Norton is to scare Mac users into buying anti-virus products....the problem is, there are no such threats out there for OSX. They're trying to scare users by saying it could happen...buy our stuff NOW.

I've heard Norton's stuff for the Mac described as Malware more than once. Don't buy the hype.

[Mind-numbed Robot]

Those who attack Macs are like terrorists, they hide in secret cells for years before they get their marching orders. Eight years is nothing for these folks. (grin)

[TheBattman]

Examples of chip-level attacks are rare. The last known serious outbreak dates back to 1998, when the CIH/Chernobyl virus embedded itself into the flash-BIOS of infected systems.

A couple of observations:

#1 - "chip level" attacks are rare. So I suppose they will start coming out of the woodwork like an Ivory-billed Woodpecker to attack Intel based Macs???? Please...

#2 - embedded itself into the flash-BIOS? Since when do any Macs (including Intel Macs) use flash-BIOS?

And of course - the next paragraph spills the beans on the whole supposed issue - Anti-virus company spouting the "info"....

[coconutt2000]

Buy their products now, so you can protect your computer from attacks tomorrow.

But when the attack happens, the version you have is too old to protect you and your data, and so you have to shell out another $50 for the upgrade, a chunk of change for a subscription to their incremental updates, and multiply that by the number of computers you own or have to protect.