Ramblings from another nerd on the grid
Unfortunately it appears all of those Macs that have been procured are going to need to pay more attention to security matters, really soon. The days of not having to worry about a virus, worm or any other security matter are coming to a close. Heck, that door needs to be officially shut now.
I think we’ve all known this for a long time. As any platform gets popular, it’s going to become an attractive target for criminals. That’s just the law of physics. So it didn’t surprise me to see the article, “iBotnet: Researchers find signs of zombie Macs” written by Ryan Naraine published today. Was it really a question of IF? No, probably not. It was really a question of when.
Now granted, the origins of the problem stem from the use of pirated copies of some Apple programs. I don’t even need to read the article to surmise the rest. Why people download “free” software like this is beyond me. How the hell would anyone know what an executable program does from an untrusted source? The answer is that you don’t. And it doesn’t matter if you are using a Mac, Linux or Windows.
The moral of this story is pretty simple. If you are a Mac user, you need to start paying more attention to what is coming and it should be no surprise that you are going to need good tools to defend against the coming attacks.
You can debate the merits of the story, but I think common sense should probably prevail here. As the number of Mac users grows, so does the interest of criminals. They aren’t going to ignore that target. It isn’t a matter of if.
what's worse is MACs are increasingly becoming a "target" of consumer choice as well. It's fast-growing into other market niches where Windows held ground. Gone are the days when a MAC was a marketing or graphic design computer only. With the advent of Intel CPUs, Bootcamp, and VMs it will naturally occur that more consumers will go for the MAC aesthetic. Business PCs will remain largely untouched as this will be MS sacred ground for a long time to come, but in the home....well, let's just say I'm personally hoping Windows 7 gives my wife and family all kinds of pause this Christmas because they want MACs after Vista. I say this as a 15-yr MCP who has been Windows-loyal in the workplace, but hopefully good security approaches will reign for both platforms. Apple and Microsoft have to cooperate in this area and protect users.
Steve Riley has been talking about this for years and has also been warning that the threats have changed focus to go after application specific vulnerabilities and getting users to install the malware themselves (and therefore bypassing whatever securitysystem are built into the OS or bolted on after the installation).
The new threat is probably going to be cross-platform programs, because then it doesnt matter which OS the malware-victim uses.
The Firefox extension Greasemonkey, which allows easy extension of Firefox with user-generated ECMA-scripts, have been targeted a couple of times already. Some of the problems are discussed here: http://www.greasespot.net/2008/01/greasemonkey-security-update.html
I havent been paying attention to Safari or Chrome, but it is only at matter of time and widespred use before they will be abused.
Users of "alternative" browsers are no more securityminded than MAC-users, the users i have talked to thinks that it is only Internet Explorer that have vulnerabilities.
The advent of Intel CPUs? Bootcamp? VMs?
You do realize that Windows used the intel cpus LOOOONG before Apple, when Apple was stuck on that PPC junk. "Bootcamp" is just a multi-OS bootloader....Windows has done this for what...almost 20 years? Virtualization has been around for windows way longer than for OSX as well, and atleast you can choose the box you put a windows VM onto.
One of the main differences between a MAC and a PC is the MAC will attempt to handle security threats through non-confrontational, pacifist, tree-hugging like techniques only to receive the proverbial digital punch-in-the-face from whatever the threat is. In all seriousness, I really get tired of the notion that there is any one "super" OS out there that is somehow immune to any and all threats based on its awesomeness factor. Any OS can be exploited and it has only recently become profitable enough for the criminal element to start exploiting MACs. I'm really not sure what all the fuss is about Vista either. I've been using it for two years and have literally run hundreds of different applications with no issues. I guess you just have to buy into the anti-Vista propaganda. Most of the people I talk to who bash it start the conversation out with something like..."I've heard that Vista..." and not "I've ran Vista and ...."
I agree, Casey.
The worst part is, Apple just released another commercial talking about how "Macs are automatically immune from the viruses and other malware that affect PC's"
Heck there are viri/trojans that nest on OSX and just use it as a propogation point to find Windows machines.