Apple users now hacker targets (News)

So it'll happen soon hah..... Finally experts now agreed about OSX market share.

 

we all knew it was going to happen soon (for years)

now, its still going to happen soon...

i agree. soon it will happen.

 

Good...its about time, too.

 

"The Earth is approximately round, security experts say."

?

Can you imagine how news-less you have to be to write such an article?

Anyways, I'm sure Apple will keep up with the hackers better than Microsoft, after all, we've got this toy operating system, right? How hard can it be?

 

Fudzillas so called toy is better than buggy windows.

 

It was a matter of time and being a former Apple user I can honestly say it sucks when losers have nothing better to do but make life difficult for the end user and company who have to spend resources counteracting these idiots.

 

They didn't even fix the security problems concerning Quicktime, Safari, and iTunes....these apps are potential targets to hackers....and the guys at the Apple will ignore it until it becomes a big problem....after all...a macbook air is hacked in 2 minutes in "Pwn to Own" challenge.

 

Honestly I could care less about hackers and virus'. Maybe I just know what sites to visit and what sites not to visit but I don't even run anti-virus software and when I finally download a free trial it comes up with nothing and neither does ad-aware or spybot (except for cookies and whatnot).

Virus' really don't bother you that much if you aren't an idiot. There is a facebook virus going around that makes you open up a .exe to see "naughty" pics of yourself. So basically intelligent users won't have a problem but some mac users might start complaining in the future.

Sucks that its going to happen to you guys though

 

Somebody mis-read the article. Then so did everybody else.

That article is about hacking the software for the user's benefit. It mentioned the jailbreak for the iPhone as an example incase anybody missed it.

For those who don't know, Hacking is modifying the software or hardware for your benefit... And anybody at Def-Con knows that.

But this article does not state that there are any active virii for the Mac.

 

I didn't read it. I don't really care. Never had any problems with viruses or spyware in Windows, I'm not going to have any problems on OS X either.

 

QFT !

I've never had any spyware or virus issues in Windows XP or Vista because I know better than to open email from someone I don't know or visit sites I shouldn't go to in the first place.

The same applies to OSX.

 

@Robknee - exactly what I said earlier. I don't get **** on vista what so ever because I'm not stupid.

 

I read the article because I'm worried that the true vulnerability in my household might be exploited. My kids. They downloaded software on windows so they could play games and brought 1200 worms and virii into our home. I spent dozens of hours in safe mode cleaning up the damage and I was so happy to get Macs for them with Parental Controls. The problem is that Parental Controls on Leopard is buggy. It's less buggy on 10.5.4 than it was on 10.5, but it is still buggy nonetheless. I'm worried that they will download and run some program that promises to bypass parental controls just so they can visit some site I've blocked or use their computer outside of the hours I allow.

But the article contained so little factual material and so much FUD. Perhaps that's why the site is called fudzilla, eh? The second article wasn't much better. They were arguing that the ability to "jailbreak" an iphone meant somehow hackers could do damage to OS X.

Before there was windows, there was Unix. Unix is set up to run in a networked environment. It has been the target of hackers for longer than windows has been around. What have they accomplished? A buffer overflow here, a port exploitation there. But underneath, the OS is set up to be a lot more difficult to own. You have to be logged in to run something. You can't easily run something as root. I'm not saying you can't own a Linux box. You simply can't do it as easily as you could on Windows. The guys who pwned that Macbook weren't able to do it remotely. They required somebody running Safari on that Macbook to click on something on a site they created. There are exploits on windows that come in as email, that require clicks or that spread as worms without any user interaction whatsoever.

What can Apple do to ward off this (very slightly) increasing threat? Turn on the firewall by default. Go to a 2 way firewall implementation that blocks unknown outgoing packets and not just incoming connections. Stay current on including patches for known exploits in Software Update. I've seen articles accusing Apple of falling behind the Open Source community when it comes to patching vulnerabilities in Leopard that were first discovered in Linux.

The main reason for my lack of fear is not merely the robustness of the underlying technology of OS X as much as it is the company that wrote it. Apple has never had the "security is your problem" attitude that Microsoft had for many years. As such, I expect better response from Apple Software Update to emerging threats. And while my kids may do something stupid, I can wipe and reinstall their systems in minutes from time machine. The kids aren't allowed at my keyboard so my system is safe. The next time somebody links something from "fudzilla" I may decide I needn't bother to look.

 

I have to sorta agree. Apple has been touting security as a selling point for years. Now its time for them to put their money where their mouth is and tightened the straps down for OS X. Especially with so many iPhones in the wild.

The initial setup for OS X should include setting up the Admin account AND the standard account. The default permissions for new files and folders need to be changed. If you create a new folder in your home directory they give read-only permissions to staff (admins, other user accounts on the system) AND everybody else. They still can't open, execute or write anything but they can at least snoop around and see file and folders names and what not. I think that is unacceptable (and, I believe, not the norm). The rest of the folders in home, besides sites and public, are locked down so only the owner and admin of the system can browse them.

That means if I have a multiuser system, other users on the system (say a room mate) can potential browse folders in my home directory that I didn't explicitly authorize as browsable by other users. The same applies If I enabled file sharing and didn't set up further restrictions—which is easy to do—other users on the local network could potential browse folders in my home directory that I thought only I could view.

 

$10 bucks when apple gets a bad virus microsoft will have a statement saying how they have worked so hard on all of the security features of vista, etc .

I hope Apple is prepared because it would be a shame for them to be embarrassed in front of all their loyal fanboys.

But yea this article is a little tough to believe so we will see when apple users start actually reporting bad virus' hitting their systems.

 

Yeah, well, yawn!

We've been having this discussion since Panther. Where are the killer viruses? Huh? I don't see any.

Time for somebody to make some? Sure, why the hell not. Maybe it'll make all the people who go "It's about god **** time" sleep a little better at night.

 

Microsoft really isn't too bad when it comes to addressing security threats. Today they released several security hot fixes for Vista. When I had a Mac Apple wasn't too bad either but then again they weren't as popular as they are today. So I agree with others that they'll need to keep a better eye for threats and vulnerabilities to their OS.

 

haha, thats what you get when you read the headlines, which are about as meaningful as. . . well, they aren't.

that team spent weeks developing a way to specifically go after that machine, which means absolutely nothing in real-world security, as this could occur with any single system.

Apple is extremely consistent in terms of releasing security updates, and probably releases more updates for their OS than nearly any other non Open-Source OS.

and quite honestly, I really don't understand what the major worry is anyway, I have never even had a security related problem on my Windows machine either. The funniest thing to me is that people think all of this is so simple, and also that they believe that they are being targeted.

 

The OSX Market share is really taking off for the first time in years. There were a lot of hackers at defcon running around with Mac's this year. As the OS becomes more popular, it's not an IF but a WHEN. It's a price that has to be paid for popularity and it's one that Microsoft has been paying for years. In the next 2-3 years it will be Apple's turn if their market share keeps rising.

 

First rule of thumb, don't wave an open flag to an attacker. Use a firewall, don't visit questionable sites, and for goodness sake's don't open questionable email. With those three, everyone should be pretty safe, which all of us at NBR already know.
Still, I don't miss having to use A/V software on windows and checking for updates every day.

Which is why I use linux. It might sound selfish, but for those reasons you stated, I really hope linux stays in the minority (~0.8%) marketshare for quite some time...

 

I wasn't going to say anything, but I have seen it said twice on this thread already. You can open all the email you want and read the message, its the attachment and the links that are dangerous. Even if you get an email forwarded from someone you know, ask them to make sure it is OK to open it.

I have a neighbor that was forwarded an email by his wife with a virus in the attachment. He assumed it was safe to open since his wife sent it to him, and BAM! His desktop was infected(Windows of course). So just beware.

Haha, seems unlikely man, Ubuntu is getting pretty popular.

 

Thank you! Every year we get these stupid messages that "Macs are now being targeted" and nothing happens. I'll bet 10 years from now Macs will still have no need for Anti Virus or Spyware crapware unlike that **cough cough** Vista, XP.

 

Agreed!

M$ still struggling to sell over hyped vista & i heard Vista can infected with 10 year old virus because of the poor kernel

 

Not entirely true. They're doing interesting things with single white image dots these days. And they revealed at Defcon that all of the hackers had been hacked using a middle-man attack which is virtually undetectable by re-routing internet traffic. This is different from the DNS exploit they announced and patched already, this is a different one.

The fact is that people are stupid for doing anything unencrypted these days. The only way to have reasonable safety on the Internet is by using encryption. Whether it's an encrypted VPN or just simply encrypting your emails, IM's and sensitive data. Unfortunately VPNs are often slow (even the ones you pay for) and aren't much good for every day use.

http://www.physorg.com/news137743962.html

 

Exactly. There was a bug in Safari that could be exploited via Mac OS X or Windows. They used this bug to win the more desirable machine. Once an exploit was used at the event, that exploit was then not allowed to be used again on any other machine.

Also, it was half way through day two before anybody did anything, with event staff browsing to sites that the team asked them to visit.

Headlines are misleading on purpose, to state something that people think is amazing so that they will read the article.

 

do people really believe mac engineers are so much more skilled at stopping viruses than windows engineers? talk about PS2 vs gamecube.

 

of course not, but people do believe that in general, the unix/linux kernal(s) are designed to be secure from the ground up.

the windows kernel is not.

 

I dont know. I mean i havent had very many security issues with windows. I mean i have had a few trojans but nothing like really major.

I still think osx can get viruses, its just who wants to pay the license to develop these viruses? To develop on Macs you need a License and you need to pay for it. That is one reason why you arent going to see games on OSx cause many pc developers dont want to pay this fee.

 

what are you talking about?

 

I think he's talking about this:
http://developer.apple.com/products/

 

seeing as the membership is free, i still have no clue what he is talking about. plus, you don't need to pay money for the membership, nor do you even need to be a part of the ADC in the first place to develop mac osx applications. xcode comes with mac osx, and you can develop mac applications with it. done. no money or memberships or fees or paid licenses.

you don't even *need* a mac or mac osx or xcode to develop mac applications. you could use notepad and the gnu compiler

 

this is kind of old news, besides unix system efi

And hackers had 20 years to do what they wanted to do, I'm not worried at all.

 

Good, now that Mac vs. PC commercial where apparently Mac has no viruses can go to hell.

 

Funny how you didn't even read the article, or what's been said on this here thread. You just read the title and went ahead and posted this.

Awesomeness! I should +rep you.

Nah, I'm not gonna do it.

 

Well, duh. Mac's entire security setup is based on hacker disinterest.

There was a contest where hackers could win a computer if they hacked into it.

The Mac went down in two minutes, Vista in 2 days (because of Flash), and no one got into Ubuntu.

 

Both of you have some trouble with reading eh? Oddly enough, both new to the forum.

Fred; There are still no viruses for the Mac. It is still theoretically possible for one to exist, but none do.

Mikey; I don't know what to say... You must be able to only read the bold headlines, and have trouble with the point 16 helvetica font. The event you are referring to suggests that everything you said isn't even close to how you worded it, and there are at least two posts in this thread explaining the event. If you can even manage to read this post, I'd be shocked.

 

I think the number one reason Mac (and Linux for that matter) are secure is due to the ability to actually run as a limited user. That is also why Vista is more secure than XP. Requiring a password and having limited permissions is a big component of security.

Now there is no amount of security to stop stupidity. If you install a malicious program on your own you are asking for trouble, and that affects all OS's.

 

that contest the mba was hacked because of a vulnerability found on safari which apple fixed with an update. Anyway hacked into is totally different than getting a virus.

I remember on xp someone hacked into my pc and was chatting with me telling me he had access from one of the many Trojans place in my filesystems.

He actually helped me remove them and I never spoke/saw him again. Hackers are pretty nice.

 

http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html

http://antivirus.about.com/od/macintoshresource/p/oompa.htm

http://antivirus.about.com/b/2006/11/03/osxmacarena-virus.htm

I mean c'mon. Apple Programmers can't even get the bugs in iTunes worked out, and you think their code is invulnerable to viruses? The fact is that 90% of all computers in the world run on some version of Windows. As Apple's market share increases, you will see Apple users and OSX Targeted more and more by hackers. So please stop perpetuating the myth that Apple and it's O.S. is safe from being hacked.

 

I don't think anyone's stated that Mac OS X can't get viruses. The truth is, there is no major virus targeting Mac OS X in the wild right now.

 

I know that is was way back at the beginning of the post, but are you seriously happy ???
Why ???
The real issue/***-h%& are the virus writers (hackers are a different breed). These are the people to hate. Your anger is a bit like screaming at a runny nose, when you should be upset at the flu ... (i.e. symptom not the cause).

If anything you should be sad that maybe mac's will get virus's. Mac's resistance maybe due to market share, but the fact is that MS is now taking them as a serious competitor, and this pressure will result in a better safer MS products. Apple is good for competition, which means its good for everybody. Also while market share is most likely the main reason for the lack of virus's, its still possible that mac's have a better foundation. If this is true, then MS can learn from this. The MS vs apple situation is a good healthy competition. But the war is society against virus writers, we should be working together (thru competition) not fighting against each other for scraps of hope.
a

 

All of which are proof-of-concept (Written by security professionals), and must be executed by the user. None self install. None can self spread. Also, Leopard fixed vulnerabilities for most of the attacks, and has a safeguard to prevent the rest.

Back to your other mention though... Are there some bugs in the Windows version of iTunes? Because iTunes has been open for three weeks straight on my Mac Pro without closing it. (Uptime on this box is 60 days now... I can't believe it's been that long since I moved).

 

http://discussions.apple.com/thread.jspa?threadID=1567332&tstart=15

That's just one of them, Oh and BTW. That occurs on the Mac version too.

There was a report recently that Safari users are more vulnerable to phishing schemes because Safari doesn't "have" any anti-phishing abilities. Surely this can't be so. Firefox and IE have had the ability to detect Phishing sites for quite a while now. The report went on to mention that Safari users think nothing of opening emails that might lead to phishing sites because they feel their Mac's are more secure. My point is two-fold. #1: If you think your invulnerable to the 'Net. You don't belong here. #2: The myth that Apple Computers are "more secure" than PCs is just that, a myth. And it's a myth that eventually will be taken advantage of to wreak havoc on the apple user base.

Nobody can afford to be lackluster about security on the Internet. Especially with more and more people storing valuable information on the Cloud.