JonHoyle.com Mirror of MacCompanion
http://www.maccompanion.com/macc/archives/May2009/Columns/ivorytower.htm

macCompanion MyAppleSpace Forum Archives Products Services About Us FAQs

Resources

                                           

Consultants

Developers

Devotees

Downloads

"Foreign" Macs

Forums

Hearsay

Link Lists

Mac 3D

Macazines

Mac Jobs

MUG Shots

News

Radio

Reviews

Think Different

Training

 

Ivory Tower May 2009

By Ted Bade

This month we are putting our attention toward security, malware, and keeping your data safe. If you read my not-so-regular rants, you probably know this is one topic I definitely have opinions on! This month, I would like you, my reader, to consider how all this affects you. I will rant a little and I would like you to rave a lot!

 

Malicious software. Sure, the Mac platform has been pretty safe from it for a long time. This doesn’t mean the Mac platform is immune. More then likely factors such as lower market share, the perceived higher cost of a Macintosh, and the fact that Mac OS X is a bit more secure then, say MS Windows, have made the Mac an unsatisfying target for those people who write this type of code.

 

However, I expect we will see more and more attempts to hit the Mac OS X platform in the coming months. I see three main reasons for this:

 

1. Macintosh market share is increasing not only in the consumer market but also in the enterprise (aka business) market. Okay, I assume most Macintosh users would agree with me when I say increasing market share is a good thing. I am sure those people who work for corporations that have recently agreed to allow employees to use Macs are even more happy about it. With more Macs at work and more and more at homes, the Macintosh platform becomes a more juicy target.

 

2. Developers of security software are really really pushing the Mac OS X market as the next great target for malicious code. I have ranted about this many times in the past. How many times have we heard this or that security company has offered a cash prize to anyone who can break into this or that Macintosh? On the surface the reason for this is that these security companies really want to make things more secure. They feel that Mac users have their “heads in the sand” about malicious software. It is only a matter of time before a nasty piece of code hits the Mac OS X platform very hard. By exposing these security holes quickly, there is hope that the hole can be patched before it is exploited.

 

While these are nice sentiments, I lean toward the sarcastic side. I seriously doubt these companies would be willing to invest money unless they could imagine a way to make even more money back. Perhaps they believe that, doing a noble thing, Mac users will thank them in some way, like buying other products.… Frankly, it is my opinion that they see a fat, untouched market and they want to exploit it.

 

How many Mac owners that you know own and maintain any type of virus software? More than likely, there aren’t many. If you know any, they are probably Windows converts who are just so used to buying such software they did it out of habit! Then again, some people just like feeling safe, but not the majority. The majority of Macintosh users don’t own security software. Which means the Mac OS X market is big and juicy and just ripe for exploit. Now if they can only ensure we will need their software.…

 

3. My final main reason is Apple itself. Like many Macintosh users, I just love those Mac/PC commercials. I just love John Hodgman, the guy who plays the part of PC (and who is, in real life, a Mac guy), and how he portrays the PC. It can be a real hoot watching the commercials.

 

But, all this, “the Mac doesn’t have any viruses” talk is probably heard as a challenge to many an aspiring malicious code programmer. It is kind of like Apple is saying:

 

“Na na na na na na, we don’t have any viruses, pttth! I DARE you to write some code.”

IMHO, Apple is asking for it, lol.

 

All these things make the Macintosh platform a more and more attractive target. However, there is some truth to the statement that the Mac is harder to write malicious code for. It is also a lot harder to get a piece of malicious code installed, then on a Windows PC. So far, most of the malicious code that has made it to the Mac requires that the owner of the Mac gives the code permission to install itself. So you say, who could be that dumb?

 

The trick to getting malicious code installed into a Mac is one of tricking the user. We all know how gullible people can be . The people trying to get control of the Mac are working very hard trying to figure out how to convince you to give their software permission to install itself. A couple of interesting angles we have witnessed so far include the following;

 

1. A “free” MP3 piece of music that when played installs a piece of malicious code. Classic trojan. Easy solution, don’t pirate music. Pay for it. If you don’t pay up front, you might pay a big price after, lol.

 

2. You want to watch a video. The web site hosting it indicates you need a driver (codec) in order to play it. It gives you’re the option of clicking to install the driver. How nice of that site to make the driver for this new video format available! While this has only hit certain porn sites, there is no reason any site offering any video couldn’t do this. Say like a fake version of YouTube!

 

The solution for this one is pretty easy. Don’t accept drivers from sites you don’t have a safe relationship with. If a new driver exists, it will be available on the Apple site or on the site of a reputable company like Real or FlipForMac. Get drivers, updates, and additions only from companies you trust.

 

Part two is, to change a setting in Safari. There is a setting in the Safari preferences that allows it to automatically open “safe” files that are downloaded. Click this off. Now if you accidentally download the “driver” it will simply be an archived file on your Mac. All you need to do is toss it into the trash. Nothing happens unless you install it.

 

3. A bootleg copy of iWork or iLife or some Macintosh software contains a hidden program that turns your Mac into a Zombie that can be controlled by someone out on the Internet. What happens is you download the “free” copy of the software, then install it, the installation includes the malicious code. Since you approve the installation, you have also approved that the malicious code is to be installed.

 

The solution is very easy. Don’t use bootlegged copies of Macintosh software. Buy the software, if you can’t afford it, get your Mom to buy it for you. (Don’t ask you dad, he will probably give you the blighted copy.…)

 

It comes down to trying to get something for free. Perhaps it is a form of cyber Karma. Pay for your music and your software. Help others in the Macintosh community, and perhaps good things will happen on your Mac!

 

I am not a proponent of music sharing. I will listen to music a friend has and even borrow a CD now and then, but if I like the music, I will buy it myself. IMHO it is the only fair exchange you can have with the Artist. Think about any job you have had, what if your employer said: “Today the work you do will be for free, because I don’t feel like paying for your services.…” You probably wouldn’t stay working there for very long. So why expect that a music artist would either?

 

Malicious software, this is scary stuff. But like anything that is scary, understanding what it is and how it occurs can put you in control. My advice st to stay away from free stuff (unless it is from a really reputable source), and keep an eye to a few Mac OS X related news sites, like macCompanion. If something new turns up, you are sure to hear about it.

 

Think about how you use your computer, the places on the internet you take it. There are a lot of places to visit out there. I think most people have enough sense to know when the sites they are visiting are less then honest. If you do take your Mac there, keep your eyes open. Keep yourself aware of the current tricks and tactics. Don't become a dupe!

 

Will I run out and buy anti-virus software for my Mac? Not today. Perhaps in the future malicious code will become a different type of threat, perhaps someone will figure out how to exploit some port that cannot be closed,  or some security hole in some piece of software. Until I hear of this as a common occurrence, I think I will wait.