(Page 2 of 2)
But, as Melissa, the IloveYou, and other widespread infections on millions of Windows machines have proven, people often tend to click before they look. This preying on impatience and faith is key to the security issue with Macs that does point to a danger. Reported by German news web site Heise Online, and originally discovered by a German graduate student, Michael Lehn, this security hole, labeled "Mac OS X File Association Meta Data Shell Script Execution," has been deemed "extremely critical" by security firm Secunia.
Basically, it relies on the way Apple web browser Safari handles downloaded files. By default, Safari automatically opens "safe" files without asking for user confirmation. Lehn discovered that, although Safari usually requires confirmation before it opens an application or shell script, it won't recognize a script that doesn't have certain code in it. Eric Bangerman, who covers Apple issues for the web site Ars Technica, says that this hole could allow someone to create a disguised script that could wreak havoc on an Apple machine, deleting a directory or worse.
Yet the hole actually doesn't offer a malicious hacker much else. Bangerman notes that most criminal hackers want financial gain. As a result, many Trojan horses or worms either turn users' machines into "zombies" for sending spam e-mail, or install keyloggers, programs that log all keystrokes made on a computer and steal that information.
Mac OS X makes these options highly unlikely, if not impossible, Bangerman says. In the case of keyloggers and other malicious applications, Mac OS X warns users when an application is starting up for the first time. Again, many users might just click through this warning, but at least it's there. And Apple designed Mac OS X so that it is difficult to run as a root user (that is, with full access to operating system settings), which would be required to turn a Mac into a zombie.
Still, it's a good idea for Mac OS X users to take some defensive action. Even though no cases using this Safari hole have been spotted, it's no secret that the hole exists. Fortunately, the best solution is the easiest. Users can go to Safari's preferences and turn off the "safe files" option. Or they can use Firefox, Camino, Opera, or another alternative Web browser that doesn't have an auto-open feature. For further security, one can run the ClamAV anti-virus application or Unsanity LLC's Paranoid Android 1.3 -- both are free.
Of course the best solution would be for Apple to close the hole in Safari -- a task that Bangerman says should be easy to do.
(Apple declined several requests for comment on this story.)
Guest (NetGuru)
the anti-virus vendors are all hard at work turing the proof of concepts into exploits. are they going to stand by and watch the size of their addressable market shrink? if not the vendors themselves, then at least some shareholder has an interest in this.
if apple users want to continue to keep their head in the sand then so be it, but i think apple users are actualy more at risk than windows users in ONE respect. A huge % of windows users have some AV running while almost no apple users do. if someone really wanted to do something mean, like manipulate APPLs stock price, then they could easily, given the "head in the sand" mentality of apple and so many users.
Guest (DWalla)
Apple released security patches today that fixed all the aforementioned security holes.
Guest (NetGuru)
patches were released today. Yippeeee! And does that mean that every vulnerability has been fixed? There are none out there that are not public?
Let's talk about an even worse thought...what if professional software developers are working on machines with malware infected compilers. The compilers are quietly adding hooks and backdoors for later exploit.
Here is the complete list of 100% trusted computing platforms:
Guest (Dave)
My impression of this article, and what I think is general knowledge is that yes, there are vulnerabilities in OSX, it's practically impossible to have a totally secure OS thats flexible enough for the consumer market. With security comes sacrifice, usually in functionality.
What people usually mean when they say OSX is more secure than, say, Windows is that to exploit security holes in OSX there needs to be much more user interaction in the process.
BTW - With regard to the malware complier theory, while it could be possible, the people with the skills to build such a virus generally tend to have landed themselves pretty well paid jobs that don't leave them as much time to take over the world as they may have liked =P
Guest (Noki)
Daniel,
you got yourself several errors in your piece:
1. The Bluetooth hole "Inqtana" is exploiting wsa fixed last year already, not with some swift release of Mac OS 10.4.5. I.e., only people who hadn't upgraded last year were even theoretically vulnerable.
2. "Eric Bangerman" is really Eric Bangemann
Cheers,
Noki
Guest (Dan Turner)
Noki,
Thanks for the notes. First, Inqtana was fixed with 10.3.9 and 10.4.1, but then needed to be fixed again with 10.4.5. For the sake of not making the timeline too confusing, I did leave that info out.
As for Eric's name, actually it's Eric Bangeman. I apologize to Eric for my inital typo, which I then propogated.
Guest (James Bailey)
>First, Inqtana was fixed with 10.3.9 and
>10.4.1, but then needed to be fixed again with
>10.4.5. For the sake of not making the
>timeline too confusing...
You made that part up didn't you? If not, where did you learn about this? Not from Apple. Apple has this to say about security in 10.4.5
"CVE-ID: CVE-2006-0382
Available for: Mac OS X 10.4.5, Mac OS X Server 10.4.5
Impact: A malicious local user can cause a system crash
Description: A malicious local user may trigger a system crash by invoking an undocumented system call. This update addresses the issue by removing the system call from the kernel. Credit to David Goldsmith of Matasano for reporting this issue."
Guest (Dan Turner)
James, what you describe doesn't seem related to Inqtana, which has had not reports of being able to do anything like causing a system crash. Are you sure you're looking at the correct issue?
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
This document is part of the “How-To Guide for Most Common Measurements” centralized resource portal. This tutorial provides a detailed guide for measurement and device considerations to take temperature measurements using thermocouples. Get an introduction to thermocouples, which are inexpensive sensing devices widely used with PC-based data acquisition systems. Also review some specific thermocouple examples and learn how thermocouples work and ways to integrate them into a data acquisition measurement system.
View full PDF >
Listen to story > 
Our list of the 50 most innovative companies, including the following:
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
Guest (tom barta)
thomas_e_barta@yahoo.com
I think it is unlikely that many hackers will have the skill to infect OSX; it's not full of holes like Winodws. But I agree the Safari bug is worrisome. I warned my relatives about that one.
Reply
Guest (Dave)
Don't be so sure..
The OSX hackers will! As this article points out, once of the biggest vulnerabilities in OSX is the complacency of its users (myself being one of them). Because of the perception of OSX being 'impenetrable' users are more likely to execute malicious software than perhaps Windows users, who through past experience, have become more cautious of such things.
Keep an open mind and you'll likely stay safer, even if malware targeting OSX becomes more rampant.
Reply