Ivory Tower May 2009
By Ted Bade
This month we are putting our attention toward security,
malware, and keeping your data safe. If you read my not-so-regular rants, you
probably know this is one topic I definitely have opinions on! This month, I
would like you, my reader, to consider how all this affects you. I will rant a little and I would like you
to rave a lot!
Malicious software. Sure, the Mac platform has been pretty
safe from it for a long time. This doesn’t mean the Mac platform is immune.
More then likely factors such as lower market share, the perceived higher cost of
a Macintosh, and the fact that Mac OS X is a bit more secure then, say MS
Windows, have made the Mac an unsatisfying target for those people who write
this type of code.
However, I expect we will see more and more attempts to hit
the Mac OS X platform in the coming months. I see three main reasons for this:
1. Macintosh market share is increasing not only in the
consumer market but also in the enterprise (aka business) market. Okay, I
assume most Macintosh users would agree with me when I say increasing market
share is a good thing. I am sure those people who work for corporations that
have recently agreed to allow employees to use Macs are even more happy about
it. With more Macs at work and more and more at homes, the Macintosh platform
becomes a more juicy target.
2. Developers of security software are really really pushing
the Mac OS X market as the next great target for malicious code. I have ranted
about this many times in the past. How many times have we heard this or that
security company has offered a cash
prize to anyone who can break into this or that Macintosh? On the
surface the reason for this is that these security companies really want to
make things more secure. They feel that Mac users have their “heads in the sand”
about malicious software. It is only a matter of time before a nasty piece of
code hits the Mac OS X platform very hard. By exposing these security holes
quickly, there is hope that the hole can be patched before it is exploited.
While these are nice sentiments, I lean toward the sarcastic
side. I seriously doubt these companies would be willing to invest money unless
they could imagine a way to make even more money back. Perhaps they believe
that, doing a noble thing, Mac users will thank them in some way, like buying
other products.… Frankly, it is my opinion that they see a fat, untouched
market and they want to exploit it.
How many Mac owners that you know own and maintain any type
of virus software? More than likely, there aren’t many. If you know any, they are
probably Windows converts who are just so used to buying such software they did
it out of habit! Then again, some people just like feeling safe, but not the
majority. The majority of Macintosh users don’t own security software. Which
means the Mac OS X market is big and juicy and just ripe for exploit. Now if
they can only ensure we will need their software.…
3. My final main reason is Apple itself. Like many Macintosh
users, I just love those Mac/PC commercials. I just love John Hodgman,
the guy who plays the part of PC (and who is, in real life, a Mac guy), and how
he portrays the PC. It can be a real hoot watching the commercials.
But, all this, “the Mac doesn’t have any viruses” talk is
probably heard as a challenge to many an aspiring malicious code programmer. It
is kind of like Apple is saying:
“Na na na na na na, we don’t have any viruses, pttth! I DARE
you to write some code.”
IMHO, Apple is asking for it, lol.
All these things make the Macintosh platform a more and more
attractive target. However, there is some truth to the statement that the Mac
is harder to write malicious code for. It is also a lot harder to get a piece
of malicious code installed, then on a Windows PC. So far, most of the
malicious code that has made it to the Mac requires that the owner of the Mac
gives the code permission to install itself. So you say, who could be that
dumb?
The trick to getting malicious code installed into a Mac is
one of tricking the user. We all know how gullible people can be ☺. The people trying to get
control of the Mac are working very hard trying to figure out how to convince
you to give their software permission to install itself. A couple of
interesting angles we have witnessed so far include the following;
1. A “free” MP3 piece of music that when played installs a
piece of malicious code. Classic trojan. Easy solution, don’t pirate music. Pay
for it. If you don’t pay up front, you might pay a big price after, lol.
2. You want to watch a video. The web site hosting it
indicates you need a driver (codec) in order to play it. It gives you’re the
option of clicking to install the driver. How nice of that site to make the
driver for this new video format available! While this has only hit certain
porn sites, there is no reason any site offering any video couldn’t do this.
Say like a fake version of YouTube!
The solution for this one is pretty easy. Don’t accept
drivers from sites you don’t have a safe relationship with. If a new driver
exists, it will be available on the Apple site or on the site of a reputable
company like Real or FlipForMac. Get drivers, updates, and additions only from
companies you trust.
Part two is, to change a setting in Safari. There is a
setting in the Safari preferences that allows it to automatically open “safe”
files that are downloaded. Click this off. Now if you accidentally download the
“driver” it will simply be an archived file on your Mac. All you need to do is
toss it into the trash. Nothing happens unless you install it.
3. A bootleg copy of iWork or iLife or some Macintosh
software contains a hidden program that turns your Mac into a Zombie that can
be controlled by someone out on the Internet. What happens is you download the “free”
copy of the software, then install it, the installation includes the malicious
code. Since you approve the installation, you have also approved that the
malicious code is to be installed.
The solution is very easy. Don’t use
bootlegged copies of Macintosh software. Buy the software, if you can’t afford
it, get your Mom to buy it for you. (Don’t ask you dad, he will probably give
you the blighted copy.…)
It comes down to trying to get something for free. Perhaps
it is a form of cyber Karma. Pay for your music and your software. Help others
in the Macintosh community, and perhaps good things will happen on your Mac!
I am not a proponent of music sharing. I will listen to
music a friend has and even borrow a CD now and then, but if I like the music,
I will buy it myself. IMHO it is the only fair exchange you can have with the
Artist. Think about any job you have had, what if your employer said: “Today
the work you do will be for free, because I don’t feel like paying for your
services.…” You probably wouldn’t stay working there for very long. So why
expect that a music artist would either?
Malicious software, this is scary stuff. But like anything
that is scary, understanding what it is and how it occurs can put you in
control. My advice st to stay away from free stuff (unless it is from a really
reputable source), and keep an eye to a few Mac OS X related news sites, like
macCompanion. If something new turns up, you are sure to hear about it.
Think about how you use your computer, the places on the internet you take it. There are a lot of places to visit out there. I think
most people have enough sense to know when the sites they are visiting are less
then honest. If you do take your Mac there, keep your eyes open. Keep yourself
aware of the current tricks and tactics. Don't become a dupe!
Will I run out and buy anti-virus software for my Mac? Not
today. Perhaps in the future malicious code will become a different type of
threat, perhaps someone will figure out how to exploit some port that cannot be
closed, or some security hole in
some piece of software. Until I hear of this as a common occurrence, I think I
will wait.