Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Mac users finally waking up to security
ZDNet Australia ^ | 12/19/2006 | Munir Kotadia

Posted on 12/20/2006 2:49:52 AM PST by Swordmaker

Following a number of attacks against OS X in 2006, Mac users are finally getting the message that they are not immune, according to an IT security manager responsible for over 5,000 Apple systems.

Just over a year ago, Mark Borrie from the University of Otago in New Zealand, said that Apple users were their own worst enemy when it came to security, because they considered themselves immune from attack.

However, since that time Apple has been the subject of much debate as researchers found the first Mac-targeting malware samples and discovered weaknesses in the platforms' AirPort wireless network system.

Borrie claimed that this new focus on OS X has already increased the level of awareness amongst Apple users.

"That was part of the issue I had last year...with Mac OS you can get hacked and you can get taken over--that message is slowly getting through to the key people," Borrie told ZDNet Australia in a telephone interview on Monday.

Borrie explained that he does not expect to see OS X plagued by spyware and replicating viruses that infest Windows systems, but he believes there will be more Mac-related malware.

"Keyloggers are all PC based but there is no reason why those keyloggers couldn't be written for Macs--but I haven't seen any around yet," he said.

Macs used to control Windows bots?

Borrie said that during the past year he has seen Apple-based systems hacked and then used to control bots of Trojan-infected Windows PCs.

He explained that the hacked Mac systems were left vulnerable because users had employed weak passwords or misconfigured their services.

"We are seeing Macintosh systems being targeted for hands-on hacking as opposed to worms...In one situation, Macs were being used as a bot net channel in IRC--they were taking over PCs," said Borrie, who warned that this kind of activity is difficult to recognise because it does not generate much network traffic.

"The problems can be there for months. If somebody breaks into a machine all they are doing is a bit of IRC activity. There is not a lot to trigger a warning. Your traffic loads and processing loads do not increase dramatically," added Borrie.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: apple
". . . first Mac-targeting malware samples . . .

One proof of concept that had no payload, that never left the laboratory, and had no means of propagating does not "samples" make.

"Keyloggers are all PC based but there is no reason why those keyloggers couldn't be written for Macs--but I haven't seen any around yet," he said.

Hasn't seen any around yet... and they build a FUD article on this???

". . . Macintosh systems being targeted for hands-on hacking as opposed to worms . . ."

Local exploits? Yep. You have access to a weakly passworded computer and you can make it do computer things... Whow. I'm underwhelmed.

1 posted on 12/20/2006 2:49:54 AM PST by Swordmaker
[ Post Reply | Private Reply | View Replies]

To: 1234; 6SJ7; Action-America; af_vet_rr; afnamvet; Alexander Rubin; anonymous_user; ...
It's FUD... Macworld must be coming up... so out comes the FUD writers. PING!

If you want on or off the Mac Ping List, Freepmail me.

2 posted on 12/20/2006 2:51:17 AM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

^


3 posted on 12/20/2006 3:00:40 AM PST by Sam Cree (don't mix alcopops and ufo's - absolute reality)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
Borrie said that during the past year he has seen Apple-based systems hacked and then used to control bots of Trojan-infected Windows PCs.

Is the writer ignorant of the difference between a system with security issues and a user setting a weak password?

4 posted on 12/20/2006 5:00:23 AM PST by 6SJ7
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker
Mac follows traditional Unix principles which accounts for its better security record.

WinXP does not have, or breaks the layers of abstraction, which makes for exponentially more security holes.

5 posted on 12/20/2006 5:38:57 AM PST by ikka
[ Post Reply | Private Reply | To 1 | View Replies]

To: 6SJ7
the difference between a system with security issues and a user setting a weak password?

Authentication and security are two different things.

6 posted on 12/20/2006 5:39:42 AM PST by cowboyway (My heroes have always been Cowboys)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Swordmaker

what program would you use to customize labels and use with your address book?... is there a general Mac freeper thread for these kind of questions. You all have been helpful in the past.


7 posted on 12/20/2006 10:43:17 AM PST by Dick Vomer (liberals suck......... but it depends on what your definition of the word "suck" is.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Dick Vomer
what program would you use to customize labels and use with your address book?

If you select print from the Address Book app, you will find that you have options of printing envelopes, labels, lists or pocket address book. You can print to Avery labels by product number, to a Dymo label printer, or custom.

To select the addresses you create a custom group in the Address book and add the names you want to send to. You select that group to print.

is there a general Mac freeper thread for these kind of questions.

There is a general Tech Help that you can post your question as a vanity in Chat and there is a Tech Ping List which includes Mac users. The guy who runs the list (N3WBI3?) will Ping the members to come and answer.

8 posted on 12/20/2006 11:41:33 AM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 7 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson