Wednesday, July 27, 2011

Growing List of Security Threats to Mac OS X Lion


Long gone are the days when Apple lovers could take pride in their virus-free Macs while snickering at PC owners' constant worries about security. Apple's brand new Mac OS X Lion operating system is already acquiring an unhealthy list of reported vulnerabilities less than a week after its official release.
Some Lion vulnerabilities are carry-overs from Snow Leopard, like the "Mac Defender" class of scareware that first surfaced in May. Apple's recent software update to prep Macs running Snow Leopard for Lion installation includes identification and removal of known variants of the malware.
Like Mac Defender, another newly identified OS X threat called the Olyx backdoor appears to be a variant of Microsoft Windows-targeting malware that's simply been tweaked to go after Macs.
Researchers say the remote-controlled Trojan application resembles 2009's GhostNet malware, a threat to Windows-based PCs. And as with the various strains of Mac Defender, some of the most knowledgeable and quickest responses to this latest backdoor threat are coming from Apple's longtime rival Microsoft.
Another threat to Lion (and earlier versions of OS X) that's been identified by password recovery software vendor Passware is a vulnerability that enables passwords to be recovered from Macs via Firewire's use of Direct Memory Access (DMA). Yet another is a laptop battery chip vulnerability—that doesn't appear to have been addressed in any OS X 10.7 updates as of yet—which securityresearcher Charles Miller of Accuvant Labs says can be exploited to "brick" batteries in several Applelaptops.
Apple's success at gaining market share for OS X (not to mention its leadership in mobile operating systems with iOS) has clearly not come without a cost—whereas malware developers generally ignored Macs when they made up a fraction of the market, now they have every reason to target Apple.
I'm sure the Apple fans will somehow blame Adobe for this!


  1. More anti-Mac FUD as usual. Not quite as OMFG as the haters would like.

  2. I smell bigotry. This blog is pathetic.

  3. Bigotry? Wow you are taking an OS too seriously. You must be part of the Mac cult.

  4. Oh and btw Zach, you call my blog pathetic? What's that little ZuseFM blog you have. There's nothing on it! Talk about pathetic. At least I have articles with information and conversations about them.

  5. you list 4 threats and 2 are hardware and 2 software, that nothing compare to the millions of threats that are still in circulation for your stupid Windows OS.
    My Fanboy OS is still more secure then yours ......

  6. Sure, I can admit that Windows has had it's problems but MS acknowledges them and quickly puts out a patch or I use free security software to stay safe. Apple will deny there are problems and tell their employees not to help. If Mac OS is more secure, than why is it always the FIRST to fall at Pwn2Own? Sounds pretty vulnerable to me.

  7. Not that again. Pwn2Own isn't a race. All the exploits are identified and developed in advance of the competition.

  8. Check out what iSec Partners say about Mac Security:
    Macs provide good protection against the initial phases of the attack, but once the bad guys are on the network, it's a whole different story. "They're pretty good for protecting from remote exploitation," Stamos said. "But once you install OS X server you're toast."

    The problem is that many of Apple's server protocols -- mDNS, Apple Remote Desktop, the Mac Kerberos authentication, for example -- use weak authentication models that give the attackers ways of getting access to parts of the network that should be blocked. "Every password-based authentication mechanism in OS X has problems," Stamos said.

    For example, Mac's Keychain software is vulnerable to what's known as a brute-force attack, he said.

    That could be a big problem to a company facing a determined attacker, because it's pretty easy for APT hackers to get a foothold on a desktop, and they have shown that they're willing to do hard work in order to break into a network. Stamos, whose firm investigates hacking incidents, says that it's often easy to trick someone in any company into installing software that they shouldn't -- the first step in an APT attack. "Most people get malware because they intentionally install it," he said. "At an institution of thousands of employees, you have to assume that one of them going to get tricked."

    In their recent Black Hat presentation, they showed how Windows had several more "advantages" when it came to security and said "Bottom Line: Run your Macs as little islands on a hostile network."

  9. Despite all of Windows' so-called "advantages" and OS X's purported vulnerabilities, I'll bet that statistically I'm less likely to encounter malware than the average Windows user. I'll take reality over theory any day.

    Meanwhile Apple isn't standing still. As Mac popularity is on the rise, Apple is stepping up their game. Lion offers lots of improvements to security compared to Snow Leopard.

  10. Well, my reality is that all of my machines are protected and none of them have ever had a virus or malware. I also know a bunch of "non-technical" people that have had the same experience. I also know people with Macs that have gotten viruses. Sounds like a pretty good reality to me.

  11. In a recent interview dealing with his newly announced battery exploit (I'm surprised Dave hasn't made a stink about it here yet), Charlie Miller (of Pwn2Own fame) was asked how Apple's OS security compares to the competition. His reply:

    "(Apple) iOS is definitely more secure than Android. Lion is basically comparable to Windows 7."

    So if Macs are basically as secure as Windows, but for market share reasons, get attacked about 100 times less, who is at greater risk?

  12. Well, at least we're not at rick of having our laptops explode. I think the benefits of using Windows 7 outweigh any threats. I've never had any attacks or threats on my network or machines and I can do more than Apple can. I'll take that.

  13. There's no evidence that the Mac battery can be hacked to explode (Did you even read the article?)

    Regarding who can do more... So far I get by exclusively using Mac programs, but I can run Windows programs on my Mac, should I ever really need to. Admittedly this adds cost, but it IS possible.

    If Charlie Miller is correct that OS X and Windows are about equal in terms of technical vulnerability, as long as Windows remains dominant, it will be the one actually attacked most often. There will be a wider variety of Windows exploits. They will mutate more frequently, requiring a higher degree of vigilance and attention by Windows users.

    While neither of us has had malware problems personally, actual historical statistics for the platforms tell a different story.

    Although Mac market has been steadily rising, it has a long way to go to attract the same level of malware attention as Windows.

  14. Yeah, "cost" is the important word there as always with Apple. It is in my experience supporting idiots that 99% of the people that get the virus are really bad users. With safe-surf habits and free security software, there would rarely be any problems.

  15. True, those idiots out there make the rest of us look bad. I've never had a virus either. Malware creators play the numbers. With more Windows users out there, odds are there will be more idiots among them. Those people are the targets.

  16. Yes, there are several ways to configure Mac OS X and Mac OS X Server with poor security. Yes, if you don't use the most secure option (Kerberos), then you get less security. And if you turn off all the latest security modes of CIFS, you get DES based NTLMv1, which is like all sorts of vulnerable. Well duh.

    Oh, wait... this is on a LAN, where it is possible to sniff all the data going between server and client! Oh snap! That happens on SMB too! Unless you have L2/L3 network switches with the appropriate levels of security, which I bet most SMB's, much less homes have. For real LAN security, you'll have to wait for encrypted LAN standards to make it into actual shipping products.

    The battery "exploit" requires admin access. It is not remotely exploitable. It's also not clear if lots of other laptops are also vulnerable, as all Li-Ion batteries must have smart chargers.

    As it stands today, whether you like it or not, whether it is for good reasons or not, it is far safer for your average computer user to be using Mac OS X than Windows 7.

  17. I like my chances with Windows 7 better.

    "Security expert Alex Stamos of iSec Partners says the conventional wisdom is wrong. And this week at the Black Hat Conference, he claimed that Mac OS X is “significantly more vulnerable” than Windows 7 when it comes to network-based attacks—you know, the kind that actually occur in the real world"

    “OS X networks are significantly more vulnerable to network privilege escalation,” Stamos said at the show. “Almost every OS X server service offers weak or broken authentication mechanisms.”