Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Intego's "Year In Mac Security" Report

kdawson posted more than 4 years ago | from the almost-popular-enough dept.

Security 132

david.emery notes the release of Intego's "Year In Mac Security" report (PDF), adding: "Mac OS X and iPhones that haven't been jailbroken fare pretty well (although vulnerabilities exist, there's not been a lot of exploitation). Apple does come in for criticism for 'time to fix' known vulnerabilities. Jailbroken iPhones are a mess. The biggest risk to Macs are Trojan horses, often from pirated software."

cancel ×

132 comments

Sorry! There are no comments related to the filter you selected.

So, avoid pirated Mac software... (4, Informative)

Chris Tucker (302549) | more than 4 years ago | (#30901222)

...and let Software Update do it's thing with Security Updates.

Don't go online as Root, and really try not to open email attachments that claim to be "Nude Photos of (insert female athlete name here)"

Really, how hard is that?

yapyapyapyapyap!!! (-1, Troll)

Adolf Hitroll (562418) | more than 4 years ago | (#30901280)

Nice doggie, just keep on chanting the expected bullshit to the politically correct crowd.

Re:yapyapyapyapyap!!! (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#30901306)

for the past several years I've been mailing all my feces to Ron Paul. Every time I defecate, I do so in a zip lock bag, which I then send to Ron Paul's home address via USPS priority mail. Though I always clearly write my name and address on the return portion of the envelope, I have never received a reply, nor have any of my mailings been refused.

Re:yapyapyapyapyap!!! (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30901380)

for the past several years I've been mailing all my feces to Ron Paul. Every time I defecate, I do so in a zip lock bag, which I then send to Ron Paul's home address via USPS priority mail. Though I always clearly write my name and address on the return portion of the envelope, I have never received a reply, nor have any of my mailings been refused.

Pics or it didn't happen

Re:yapyapyapyapyap!!! (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#30901784)

for the past several years I've been mailing all my feces to Ron Paul. Every time I defecate, I do so in a zip lock bag, which I then send to Ron Paul's home address via USPS priority mail. Though I always clearly write my name and address on the return portion of the envelope, I have never received a reply, nor have any of my mailings been refused.

your dad sucks my cock clean right after I fuck your mom

Re:So, avoid pirated Mac software... (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30901324)

Don't leave your Mac outside if you learn that horses have escaped from stables in Troy. It's the biggest risk.

Re:So, avoid pirated Mac software... (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30901422)

But... but... she's hawt!

Re:So, avoid pirated Mac software... (5, Insightful)

silentace (992647) | more than 4 years ago | (#30901544)

So you basically said what PC users do everyday (the ones that don't ever get viruses)...

Re:So, avoid pirated Mac software... (0)

Gr8Apes (679165) | more than 4 years ago | (#30902626)

I guess you missed the IE8 zero day exploit just last week? It's only the latest way in which PC users get owned through no fault of their own.

Re:So, avoid pirated Mac software... (0)

Anonymous Coward | more than 4 years ago | (#30903314)

not if they are not admin you simplistic moron

Re:So, avoid pirated Mac software... (1)

DJRumpy (1345787) | more than 4 years ago | (#30903890)

The exposure for IE (it wasn't targeted at IE8 but IE8 could be vulnerable) will own any XP PC on IE6. If they have XP SP3 and IE7 they are not currently vulnerable to the initial threat, but that will change quickly. If they have XP SP3 and have upgraded to IE8, they are currently safe, unless they then turned of DEP.

http://blogs.technet.com/srd/archive/2010/01/15/assessing-risk-of-ie-0day-vulnerability.aspx [technet.com]

Re:So, avoid pirated Mac software... (3, Informative)

lseltzer (311306) | more than 4 years ago | (#30903700)

The public exploits only affect IE6 users on XP.

Private exploits could affect IE7 users on Vista or even IE8 users on XP, but not if they activate DEP. If you activate DEP even XP users are protected. IE8 users on Vista and Win7 are effectively protected by DEP/ASLR.

So, in effect, if you update even just to year-old technology you're protected.

Re:So, avoid pirated Mac software... (2, Insightful)

dave562 (969951) | more than 4 years ago | (#30906020)

Except for those exploits that target Acrobat, or Flash, or .. or .. or.

Microsoft has made some improvements with DEP and IE8 on Win7, but there are still far too many vulnerabilities in commonly used and widely distributed applications to make me comfortable with Windows.

Re:So, avoid pirated Mac software... (1)

Shados (741919) | more than 4 years ago | (#30905092)

Perhaps you missed that IE8 with dep and/or uac installed on a version of windows thats not 10 years old didn't have issues? Sure, Microsoft had to put it as vulnerable in their articles because DEP and UAC should be a last line of defence, which doesn't change the fact that there's a bug in the app itself, but good luck getting an exploit to work in that configuration.

Everytime I see an IE exploit, the first thing I do, just for giggles, is to try to make it work in Vista/Win7 on IE8 with default configuration (on a spare box obviously, just in case). None so far :)

Re:So, avoid pirated Mac software... (2, Informative)

shutdown -p now (807394) | more than 4 years ago | (#30905476)

I guess you missed the IE8 zero day exploit just last week? It's only the latest way in which PC users get owned through no fault of their own.

It's not like OS X never had glaring [zdnet.com] 0-day [zdnet.com] exploits [about.com] of its own, so what's your point?

Re:So, avoid pirated Mac software... (1)

Chris Tucker (302549) | more than 4 years ago | (#30907012)

Essentially, yes.

With the proviso that smart Windows users have the their AV software and definitions all up to date and use something other than Outlook Express and IE for their email and web use.

Re:So, avoid pirated Mac software... (0)

Anonymous Coward | more than 4 years ago | (#30901660)

Don't go online as Root, and really try not to open email attachments that claim to be "Nude Photos of (insert female athlete name here)"

Not looking at pictures of naked females ... easy? Are you a eunuch?

Re:So, avoid pirated Mac software... (0)

Anonymous Coward | more than 4 years ago | (#30901848)

Don't go online as Root, and really try not to open email attachments that claim to be "Nude Photos of (insert female athlete name here)"

Not looking at pictures of naked females ... easy? Are you a eunuch?

He is running a unix :P

Re:So, avoid pirated Mac software... (2, Informative)

mario_grgic (515333) | more than 4 years ago | (#30903338)

Both Mail and Finder will warn you that what you are opening has been downloaded from the internet and ask you to confirm you want to execute it.

Each file you download is put into a quarantine and your answer to the question is recorded.

You generally don't have to worry about opening non-executable files like images, zip files, video files etc. But, you of course, do have to worry about shell scripts, apple scripts, applications and application documents that contain java script (like PDF if you use Adobe reader which almost no one on a Mac does, since Preview app is so much better and it's there on each Mac)

Any savvy user should already know all these things no matter what platform they use.

Re:So, avoid pirated Mac software... (1)

scatter_gather (649698) | more than 4 years ago | (#30904098)

Any savvy user should already know all these things no matter what platform they use.

The existence of the "Genius Bar" indicates that savvy users are in short supply.

we don't need economic buzz (1)

Adolf Hitroll (562418) | more than 4 years ago | (#30901224)

We need an economist to explain us how the us, by privatizing gains and socializong losses turned into a fascist state.
Get up, people, or remain slaves.

Re:we don't need economic buzz (4, Funny)

icebike (68054) | more than 4 years ago | (#30901582)

We need an economist to explain us how the us, by privatizing gains and socializong losses turned into a fascist state.

And an English teacher to straighten out that sentence.

Re:we don't need economic buzz (2, Funny)

value_added (719364) | more than 4 years ago | (#30901600)

And an English teacher to straighten out that sentence.

I think it's Korean.

Re:we don't need economic buzz (0)

Anonymous Coward | more than 4 years ago | (#30902372)

We need an economist to explain us how the us, by privatizing gains and socializong losses turned into a fascist state.

And an English teacher to straighten out that sentence.

No you dont need an english teacher here.

The meaning is still there and I can see what the person is thinking.

I just have no idea what prompted this passage as we are talking about computers getting viruses/hacked right?

With great freedom comes great resposibility (1)

BadAnalogyGuy (945258) | more than 4 years ago | (#30901268)

Should it be any surprise that unmoderated software could introduce security vulnerabilities? All a CPU does is execute instructions, so "jailbreaking" a phone just gives you the opportunity to run more software which may contain malicious payloads.

When 20/20 took a look at dangerous "exploding" trucks, it was found that if you put a small amount of explosive near the crash area, that you could indeed cause a truck to explode in an accident. But does that mean that the truck company should be found at fault for a usage scenario that is not supported?

Analyze the security of this phone in terms of its default use. It burns up (literally), it causes network packet flooding, and does a bunch of other unwanted things, but don't blame it for something that its users do in direct violation of their TOS.

Re:With great freedom comes great resposibility (3, Insightful)

rsborg (111459) | more than 4 years ago | (#30901462)

Should it be any surprise that unmoderated software could introduce security vulnerabilities?

Really, the main problem is that jailbreak processes don't try to change your default root password. So the vulnerability is that Apple supplied a default root password (that isn't workable without jailbreak), and the haxx0rs remove the protection but fail to force user to change or randomize (and remember/show to user) that password.

Nothing bizarre about that.

Re:With great freedom comes great resposibility (3, Insightful)

bdsesq (515351) | more than 4 years ago | (#30902540)

Apple either supplies a default root password or it has to build in a backdoor. Otherwise there is no way to upgrade the OS. Which way do you think is more secure?
The jail break issue isn't Apple's problem. It is a problem with people doing things they don't understand.
Looks like the jail break is just another way to root kit a computer (phone).

Re:With great freedom comes great resposibility (1)

socsoc (1116769) | more than 4 years ago | (#30904854)

This has nothing to do with jailbreaking or upgrading the OS (which flashes the firmware). The password Alpine only leaves those vulnerable who were savvy enough to install SSH, but not smart enough to change the pass.

Re:With great freedom comes great resposibility (2, Informative)

UnknowingFool (672806) | more than 4 years ago | (#30904180)

What? The jailbreak exploit has nothing to do with jailbreaking itself but the fact that most people that used the process installed SSH onto their iPhones and didn't change the default password on SSH. It had nothing to do with what Apple supplied on the phone but what 3rd parties modified the phone.

Re:With great freedom comes great resposibility (0)

EzInKy (115248) | more than 4 years ago | (#30901516)

Should it be any surprise that unmoderated software could introduce security vulnerabilities? All a CPU does is execute instructions, so "jailbreaking" a phone just gives you the opportunity to run more software which may contain malicious payloads.

Apple should have anticipated that users would want to use software outside of their control and provided detailed instructions on how to do so in a safe manor.

Re:With great freedom comes great resposibility (4, Funny)

grouchomarxist (127479) | more than 4 years ago | (#30901630)

in a safe manor

My security guards keep my manor safe.

Re:With great freedom comes great resposibility (0)

x2A (858210) | more than 4 years ago | (#30901640)

"that users would want to use software outside of their control"

hahaha, it's funny because it's apple! Hardwired batteries, single sheet aluminium cases, Apple don't like letting you into -anything-, control will be theirs... somewhere in rural America (probably) is a giant warehouse, filled with giant crates, which in turn are filled with all the second buttons from the mice, being looked at by "top men". And you thought they were designed with only one button, HA shows what you know. They just only give you one, and keep the other. Rumour has it that from time to time, people in the warehouse will select a few of the second mouse buttons at random, lay them out on the floor, and play Dance Dance Revolution on 'em.

Re:With great freedom comes great resposibility (2, Informative)

uglyduckling (103926) | more than 4 years ago | (#30903050)

Actually, the 'single sheet aluminium case' being a non-user serviceable part thing is a myth. My MacBook Pro came with printed instructions in a little booklet telling my how to open the back panel and replace the hard drive. It did have strict instructions not to attempt to replace the battery, but when I opened the case the battery was right there next to the hard drive so I'm not really sure why they say that.

Re:With great freedom comes great resposibility (1)

Brandee07 (964634) | more than 4 years ago | (#30903504)

Probably because hard drives are largely inert, while batteries will explode if you do it wrong. Yes, it's perfectly possible to replace the battery yourself, but Apple doesn't want to be liable for your medical bills from the burn unit if you do.

Re:With great freedom comes great resposibility (2, Funny)

DNS-and-BIND (461968) | more than 4 years ago | (#30901666)

Please don't bash 20/20. Their scientific methodology might have been a little bit off, but their motives were in the right place. They were just trying to show that a major car manufacturer was corrupt...this is the media's job, isn't it? To expose corruption? Unless you can show that the car manufacturer has lily-white hands (and none of them do) please stop the bashing. These are educated, dedicated people who are doing a tough job under very difficult circumstances, and it's hard to get the stories to come out the right way 100% of the time.

Re:With great freedom comes great resposibility (1)

arb phd slp (1144717) | more than 4 years ago | (#30901878)

When 20/20 took a look at dangerous "exploding" trucks, it was found that if you put a small amount of explosive near the crash area, that you could indeed cause a truck to explode in an accident. But does that mean that the truck company should be found at fault for a usage scenario that is not supported?

Point taken, but to be fair that was NBC's Dateline that did that, not 20/20.

Re:With great freedom comes great resposibility (4, Insightful)

mdwh2 (535323) | more than 4 years ago | (#30903166)

When people point out something the Iphone can't do, we hear "Oh it can, but you just have to jailbreak it". When we get stories about security holes, we hear "Oh that doesn't count, you just have to not jailbreak it".

So er, which is it?

The problem is that the Iphone is the only phone where "jailbreaking" is necessary to get basic functionality working (e.g., tethering, running applications that Apple don't like).

Consider, do you ever hear people talking about "jailbreaking" in the context of any other phone?

My 5800 works fine, not had a virus (indeed on any of my phones), never needed to hack it.

Re:With great freedom comes great resposibility (2, Interesting)

iamhassi (659463) | more than 4 years ago | (#30903882)

"The problem is that the Iphone is the only phone where "jailbreaking" is necessary to get basic functionality working"

Correct. Something as simple as deleting [techarena.in] a [appleiphoneschool.com] call [everythingicafe.com] is not possible on the iPhone without jailbreaking, which is shocking because on every cellphone I've used in the past 10 yrs I've had the ability to delete a phone call from the call log and it's a feature iPhone owners have been asking for since 2007. If you want to remove a single call you have to delete the entire phone call log

Honestly I don't know how anyone can use their iPhone without jailbreaking it, unless they're not really using it as a smartphone so they're not installing applications, using data, etc.

Re:With great freedom comes great resposibility (1)

ColdWetDog (752185) | more than 4 years ago | (#30905020)

every cellphone I've used in the past 10 yrs I've had the ability to delete a phone call from the call log and it's a feature iPhone owners have been asking for since 2007

If you're so worried about your wife seeing your calls to your mistress, get another phone. Or delete the entire log.

While I grant you it shouldn't be hard to delete a single call as opposed to the entire log, I cannot imagine needing to do so.

Re:With great freedom comes great resposibility (0, Flamebait)

BitZtream (692029) | more than 4 years ago | (#30909398)

And never once in 10 years have I had a reason to delete a single call from my call log. Perhaps the reason that the feature doesn't exist is because no one of any importance gives a shit? You're asking for a feature with almost 0 usefulness unless you're trying to hide something from someone close to you to perpetuate some lie you've told. In which case, you could just delete the entire call log.

Honestly I don't know how anyone can use their iPhone without jailbreaking it, unless they're not really using it as a smartphone so they're not installing applications, using data, etc.

I can only assume you mean that because you can't delete a single entry in the call log that you think the phone is unusable, since you most certainly can install applications and use data from multiple networks or local storage.

If a phone isn't useful to you because you can't delete a single entry from the call log, I'm sorry for you as your life must be very very sad, I truly and sincerely suggest you seek counseling, what you have is very unhealthy.

Re:With great freedom comes great resposibility (1, Flamebait)

JasonBee (622390) | more than 4 years ago | (#30905750)

I'm not sure what you mean by "basic functionality".

My iPhone isn't broken and I have tethering enabled. Sounds like your problem is with AT&T. I'm in Canada under Fido/Rogers so YMMV.

With "both" companies my tethering is enabled with a quick call. My provider asserts that my data plan must be 1 GB or higher, but this is largely to protect me from ignorantly going over my data plan usage allowances. I go to my settings and turn on tethering. There is no step three ;)

As for "applications that Apple doesn't [sic] like", you must mean malware, trojans, and data theft mechanisms. If you want to run those by all means do so. You could save yourself some trouble and just write your date of birth and credit card numbers on a placard and hang that around your neck when you head to the mall.

But I keed.

Re:With great freedom comes great resposibility (1)

BitZtream (692029) | more than 4 years ago | (#30909326)

How about you don't jail break it if you're a 'fucking moron'? Or in your case, just don't buy one cause you can't understand the basic premise behind both of those statements.

It isn't open and requires jailbreaking to prevent 'fucking morons' from causing problems.

So a 'fucking moron' who doesn't know what they hell he/she is doing shouldn't jailbreak it, and those are the people who get exploited, which are the people 'who shouldn't jailbreak it'

This is the problem with todays hacks. Hackers forgot the point. Now days its all about getting popular, not really street cred, like it used to be. Now they make a freaking GUI app to do all the work, which instantly cuts out the check that prevents 'fucking morons' from damaging their phones because now any 'fucking moron' can do it without any knowledge about WHAT they are actually doing. They then proceed to go to a freshly installed app, click the 'install all' button basically because they think that their Ubuntu desktop machine made them a leet hax0rs who knows everything about computing.

No, people don't talk about jailbreaking other things because its a term specific to the iPhone. Partly because very few people care about other devices in this way, but I've certainly hacked the firmware on my WinMo phones to do other things the carrier didn't want me to do, I know of people who've hacked Nokia smartphones for various purposes.

More important however, is that your 5800 has never had a virus ... You know why? The number of them in use is so small that NO ONE gives a shit about it. No one ever hacked any of my old cell phones either, because they weren't the fastest growing device on the market, nor did they have anything a hacker could do to them.

Take any of your statements without any knowledge about the subject matter and they make sense, but as soon as you have even the slightest clue about the subject manner your post quickly looks like something submitted by a 'fucking moron' who just happens to own a 5800 and thinks they know wtf they are talking about.

join the party (-1, Redundant)

doood (534531) | more than 4 years ago | (#30901282)

Seriously,

It's sad to see OS X joining the rest of the group.

Biggest Mac security threat... (2, Funny)

Anonymous Coward | more than 4 years ago | (#30901342)

Installing Windows.

Re:Biggest Mac security threat... (1, Informative)

Anonymous Coward | more than 4 years ago | (#30901438)

The results of pwn2own indicate the contrary.

Re:Biggest Mac security threat... (0)

Anonymous Coward | more than 4 years ago | (#30901476)

Installing Windows.

Is anyone still installing Vista?

Re:Biggest Mac security threat... (2, Funny)

x2A (858210) | more than 4 years ago | (#30901676)

Yep, I'm still installing it... started last october... it's still only on 78% :-/ What the bet it'll crash at 99%? You know it's like a fundamental law of the universe; the longer any computer process takes, the more likely it will crash when it gets to 99%.

Re:Biggest Mac security threat... (1)

CisJokey (1625407) | more than 4 years ago | (#30901722)

But it does not go to kernel panic when deplugging usb drives

Re:Biggest Mac security threat... (2, Informative)

x2A (858210) | more than 4 years ago | (#30901876)

Oo you definitely don't want to be deplugging usb drives, you kind of need them to keep their plugs so you can plug them in.

As for unplugging... what does that? Kernel panic sounds very linuxy, but I've never had that happen, and I've been plugging 'n unplugging up to three usb drives at a time on it (a client of mine's stock has become somewhat disorganised and lost track of what's faulty and what they've used themselves, and as testing harddrives themself is much quicker 'n easier on Linux as you can just badblocks the drive, completely partition 'n filesystem independant, I volunteered. So I was production lining a load of drives, different sizes, using three usb interfaces) ... and yeah, all without problem, apart from when a drive actually did have bad sects, but it didn't affect the machine or anything.

Re:Biggest Mac security threat... (2, Informative)

gyrogeerloose (849181) | more than 4 years ago | (#30901948)

As for unplugging... what does that? Kernel panic sounds very linuxy, but I've never had that happen, and I've been plugging 'n unplugging up to three usb drives at a time

I think what he was trying to get at is what sometimes happens on a Mac if a user unplugs an external drive without un-mounting it first, a quirk that Macs have had since at least the System 7 days. I'm not sure why OS X will still occasionally have trouble handling that situation gracefully (although ninety-nine times out of one hundred the only "bad" result is a dialogue box that pops up advising you not to do that again) but it's not really a big deal as long as you remember to follow the proper procedure for disconnecting an external drive on any OS.

You mean OSXWindows? (1)

Ilgaz (86384) | more than 4 years ago | (#30907434)

Some fan guy modded you flamebait but, I guess you mean installing boot camp or a virtual machine (hypervisor) and running it just like OS X, without antivirus/firewall and giving it access to OS X file structure.

IMHO Apple made a huge mistake by allowing (SL Bootcamp) Windows to see (read only though) OS X drives. That is not a favour, it is a huge security risk especially for Mac only people not knowing the extent of Windows threats/trojans/data leakage.

Fix? "My Computer", "Manage", "Disk Management", remove drive letter of the OS X drives. At least 99.9999 malware which isn't very modern will fail to find the personal files to steal.

To the "my virtual machine resets itself each boot" guys: If some real mean thing hits you, have fun explaining why your IP/computer was involved in some child porn distribution network "until it rebooted". Run some antivirus, it is NOT Mac once it runs Windows.

bad karma (-1, Troll)

nexie (1008519) | more than 4 years ago | (#30901382)

i have bad karam well fuck you slashdot i only ever bother loggin in and posting about 5 times you are all wankers anyways wooo HOWS MY KARMA NOW

Re:bad karma (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30901406)

HOWS MY KARMA NOW

Worse than it was before you posted that.

--Anonymous Mod

Re:bad karma (1)

pipatron (966506) | more than 4 years ago | (#30901484)

See, that's why it's called karma. Your previous posts clearly shows that you're an immature idiot without anything to say except to waste everyones time.

Re:bad karma (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30901588)

That sucks, but don't give up yet. Keep at it, you'll get your karma back eventually :-)

Re:bad karma (0, Troll)

nexie (1008519) | more than 4 years ago | (#30903182)

yea still ogged into slashdot sorry i'm not an immature idiot i just enjoy winding up anal postes such as yourself you loser! woooooooooooooooooooooooooo WOOOOOOOOOOOOOOOOOOOOOOOOOOOo come to ircNET #trolls we have an entire channel devoted to listening to your unfounded insults wooooooooooooo

'Pretty well' isn't good enough (2, Interesting)

Anonymous Coward | more than 4 years ago | (#30901430)

Apple doesn't care enough about security [serverwatch.com] .

Re:'Pretty well' isn't good enough (3, Informative)

mario_grgic (515333) | more than 4 years ago | (#30903526)

The article you like to is talking apples and oranges literally. If the implication is that BSD bug is also a bug in OS X, then it's false. The bug is not present in OS X.

iPhone on the other hand is a completely different beast and yes it is locked down platform mostly for the benefit of the users, so we don't have to worry if an application is safe to install and use.

Yes, there may be security issues in iPhone apps, but even the security updates of applications go through the same review process, which may catch an omission in the review of the previous version (which is what happened in the case of the software discussed in the article).

The review process is not perfect nor ideal, but I for one am thankful that someone else is testing the applications for me and I don't have to waste the time and money on tools to check what each app does and it it is safe to use on my phone.

You can't handle the truth (1, Informative)

kindnation (1712166) | more than 4 years ago | (#30901478)

As much as Intego wants to present the state of malware on the Mac, the truth is that even Intego works pretty much like any other AV engine which tries to detect malware based on its signature or heuristics (behavioral), that they receive either from someone sending them a sample or collected with their honeypots around the world.

The bots/trojans/RATs that are written for specific targets, do not have a signature, thus, are undetected. Then it becomes obvious that Antivirus solutions are not enough. You also need to control the apps that are reverse connecting (phone home), with products like (Little Snitch).

What they don't address are the vulnerabilities that exists in every day applications, which subject to a stack buffer overflow, will execute code in memory with the same level of permissions as the application/daemon that is running. Antivirus doesn't provide any protection for exploits in software.

On a side note, Intego mentions a "crack" for CS4 which is actually a Trojan, but doesn't mention that Adobe's own CS4 install tries to phone home.

Re:You can't handle the truth (2, Funny)

x2A (858210) | more than 4 years ago | (#30901696)

"but doesn't mention that Adobe's own CS4 install tries to phone home"

Riiight... cuz that's what trojans are famous for isn't it... checking to make sure that you're allowed to run then. My god I do wish trojans actually did do that, and better than other software does it. I'll admit on here, I don't legally own any trojans at all, which means all I have to do is make sure that they can phone home to verify this, and never have to worry about them again! Ahh... pleasant thoughts.

Re:You can't handle the truth (0, Troll)

intheshelter (906917) | more than 4 years ago | (#30904776)

Riiight. . . cuz that's what he was getting at, legally running a trojan. My god I do wish you were smart enough to get the point he was trying to make about CS4. That he doesn't want crap phoning home from his machine. ANY crap!!

Software updates,activations and anon statistics (1)

Ilgaz (86384) | more than 4 years ago | (#30907534)

So, original Adobe CS4 user who paid more than $1000 and gave his credit card number, home address and telephone should be protected from "evil Adobe" from checking updates or trying to figure which parts of software is used anonymously?

Well, Intego and couple of other companies offer a application firewall but, obviously if you use original/activation system software, it will fail to work if it can't access to net. Solution is GIMP but, it would be a bit unrealistic.

my summary of the white/sales paper - fluff mostly (4, Insightful)

prawn_narwp (1579473) | more than 4 years ago | (#30901486)

This is basically 7 total pages:

* first couple pages on installing bitorrent'd software
* Page 4 and 5 about people who installed openssh on their jailbroken iphones and didn't change their passwords
* last page has citations back to their own blog

The meat of it is about PDF, Java -- surely those have a more widespread effect right? But they spend a lot less words on those topics. Note that all the visuals have to do with the stupid ssh-admin-password and bittorent'd malware.

Skip to the concluding paragraph -- they just have to emphasize the iphone again.

I was going to say "I declare this posting unfit for Slashdot" but the good I see is that we can pick it apart to sort out the fluff.

My rating system on severity overall on the entire population of apple products:

1) pdf/java (5 stars)
2) I-enabled-ssh-w/o-a-password (1 star - you're fault for being a retard)
3) Charles Miller iphone vuln (5 stars when it wasn't patched)

Re:my summary of the white/sales paper - fluff mos (1)

Stuarticus (1205322) | more than 4 years ago | (#30901800)

You forgot to mention the shiny shiny screenshots of the product!

Surely something with a button that big and red must be awesome.

Re:my summary of the white/sales paper - fluff mos (1)

x2A (858210) | more than 4 years ago | (#30901814)

"* last page has citations back to their own blog"

*lol* it's like when some breaking story (ie, any story) hits the news, but perhaps controversial or unconfirmed, and they say "it has been reported that blah blah blah" and then you flick over the channel and they're saying "blah blah has reported that blah blah blah", and it doesn't take long to notice that all people are telling you is that people are telling you what they're telling you.

Someone somewhere get tipped off about some rumour, phones someone he knows in another network says "have you heard about blah blah" and they have, as they received the same tip off. So guy on other end of phone mouths over too his boss saying "it's whatshisname over at thingy, they're going with the blah blah story" so the boss says "we'll go with it, put it on the 10 bullitin after the bit about the elephant who only has a monkey sized head". "Yeah we're going with the story" he says back, so now the first person says to his boss "yeah they're already going with it" and so gets it on their 10 o'clock bullitin too.

I can prove that it happens - check out the replies to this comment here [slashdot.org]

Re:my summary of the white/sales paper - fluff mos (1)

socsoc (1116769) | more than 4 years ago | (#30904936)

i see what you did there.

lose/lose (2, Funny)

starbugs (1670420) | more than 4 years ago | (#30901506)

lose/lose (from the article) seems like a fun game to play right before installing Debian.

cue the iZombies (-1)

Anonymous Coward | more than 4 years ago | (#30901520)

this article foolishly implies that Macs could be less than absolutely perfect. It fails to adequately explain why any potential problem a Mac might possibly have A: is actually a feature B: is actually your own fault or C: doesn't matter because Macs "just work".

blathering fanboy postings in 3.. 2... 1...

Re:cue the iZombies (1)

x2A (858210) | more than 4 years ago | (#30901826)

"any potential problem a Mac might possibly have A: is actually a feature B: is actually your own fault or C: doesn't matter"

Macs are just weird... on my windows machine, both A: and B: are redundant as it doesn't have a floppy drive and C: really does matter cuz the bootloader's there. Like Chalk 'n iCheese.

Frist prsot!! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30901550)

Macs are not secure. (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#30901614)

Macs feel secure, but only because of Apple's market share. It's a fact.

http://www.youtube.com/watch?v=Hn5K3V62CFQ

By the way, if Apple makes claims that Macs don't get viruses in their commercials, why does an anti-virus solutions exist that Apple actually recommends installing as read on their website?

Re:Macs are not secure. (1)

mdwh2 (535323) | more than 4 years ago | (#30903224)

The particular problem is the false claim in their adverts of PCs getting viruses, since you could just run Linux (not to mention that Macs are PCs anyway). If they were comparing to Windows, it would be fair enough, but they don't. Possibly it's to avoid getting sued, which makes me suspect that they have no confidence in their claims in the first place (if the claims were true, it wouldn't be a problem to mention Windows).

Re:Macs are not secure. (1)

damnbunni (1215350) | more than 4 years ago | (#30905158)

The vast majority of computer users aren't aware that 'PC' does not mean 'x86/x64 based architecture running Microsoft Windows'.

Trying to cram too much information into a 15 or 30 second spot is just asking for fail. Commercials (for anything) need to be kept simple.

WTF, people. (2, Interesting)

Anonymous Coward | more than 4 years ago | (#30901828)

The ability to jailbreak is a security hole. Last I knew the techniques people use are remote code execution.

For example as I recall the 1st gen jailbreak was to get a specially crafted TIFF file that exploited a buffer overflow when a page was loaded in Safari. Stop and think about that for a minute. This is the kind of behavior you don't want to be possible. Yet in the reality distortion field, it's a great thing suddenly. Users are totally unconcerned about this.

I'm not sure if the exploit mechanism has changed since then, but... Personally, I stopped paying attention to iPhone when I witnessed that.

Re:WTF, people. (1)

dangitman (862676) | more than 4 years ago | (#30903578)

This is the kind of behavior you don't want to be possible. Yet in the reality distortion field, it's a great thing suddenly.

Ummm, citation needed?

Re:WTF, people. (2, Informative)

TJamieson (218336) | more than 4 years ago | (#30904460)

FWIW, this has changed about jailbreaking. What you said used to be true on the 1.x series of iPhone software, where everything always ran as root. Therefore, a hole in libTIFF lead to (remote) root code execution. Starting with the 2.x series, Apple finally forced the restricted user account named Mobile to be used instead of root. That made it so now a libTIFF exploit *also* would require a privilege escalation exploit rolled inside; made things much harder. Starting around the 2.x software, the new way to jailbreak is by exploiting Apple's software update mechanism built into each device (Google: iBoot). This means that to jailbreak newer software/devices, one is required to attach the device to the computer first; the exploit is then done via USB.

Re:WTF, people. (1)

JasonBee (622390) | more than 4 years ago | (#30907652)

http://secunia.com/advisories/27213/2/ [secunia.com]

Yeah that is ancient news my friend. It was patched with OS version 1.1.2. in 2007 if my information is correct.

iPhones and iPods can now run OS version 3.1+

I would say that pretty much anyone going online has patched as version 3 of the OS brought copy/paste functions.

I can't imagine using my iPhone or iPod without copy/paste.

so what they are saying is... (1)

thephydes (727739) | more than 4 years ago | (#30901874)

don't jaibreak your iphone, don't trust bittorrent, don't visit suspect sites, don't click on emailed links that are not from trusted sources - well DUH!

Re:so what they are saying is... (0)

Anonymous Coward | more than 4 years ago | (#30905570)

don't jaibreak your iphone

What good is a shiny brick that works in mysterious ways, and not how its owner wants it to?

Re:so what they are saying is... (1)

BrokenHalo (565198) | more than 4 years ago | (#30905684)

so what they are saying is... don't jaibreak your iphone

I think I'll just settle for not buying one. ;-)

Apple's DRM seems to be the main problem (3, Insightful)

DrXym (126579) | more than 4 years ago | (#30901922)

If Apple didn't put such draconian limits on what a person could do with their own property, perhaps there wouldn't be the need to "jailbreak" it.

Re:Apple's DRM seems to be the main problem (3, Informative)

RMH101 (636144) | more than 4 years ago | (#30902086)

THis is missing the point. The reason jailbreaking is allegedly unsafe is because once jailbroken, you can install SSH, and if you're dumb enough to not change the default root password, you can get owned. You get warned about this specifically when you install SSH anyway. If the phone were sold "open" and you installed SSH, you'd have the same issue. The point is that if someone goes out of their way to install SSH on their phone (which is a pretty hardcore geek activity anyway) and doesn't change the root password, then they're kind of asking for trouble.

Re:Apple's DRM seems to be the main problem (0)

Anonymous Coward | more than 4 years ago | (#30902458)

You're an idiot.

Re:Apple's DRM seems to be the main problem (1)

jo_ham (604554) | more than 4 years ago | (#30902622)

So, you're blaming Apple for a user's inability to think umm, I am installing SSH on my device, maybe I should not use the default root password".

Right.

Is it also Ford's fault that I can't easily get into my car because of the draconian limits on copying car keys when I lose my main and spare set?

Re:Apple's DRM seems to be the main problem (1)

DrXym (126579) | more than 4 years ago | (#30902814)

People who jail broken phones don't care about ssh. They just want phones which work on other networks and with unsigned apps. It is a direct consequence of Apple locking their phone down in draconian ways that people want to jailbreak. Thus they turn to software cracks.

If the reasons that motivate most people to escape were addressed, then so would the unintended side effects. There would be a fraction of the hacks if a) Apple sold a proper unlocked network free model and b) Provided a simple and painless way for people to legally unlock phones when their contract expired and c) didn't have such absurd restrictions on the kinds of app you can run on a phone.

As for your analogy, a better one would be a prisoner escaping confinement and promptly being run over by a bus. Perhaps they should have looked both ways when crossing the road, but it doesn't invalidate any reason they may have wished to escape in the first place.

Re:Apple's DRM seems to be the main problem (1, Troll)

indiechild (541156) | more than 4 years ago | (#30902918)

iPhone unlocking has nothing to do with jailbreaking. I unlock my iPhone but I definitely don't jailbreak it (don't want the instability and hassle of dealing with stuff that comes from non-official sources).

Re:Apple's DRM seems to be the main problem (1)

RMH101 (636144) | more than 4 years ago | (#30904788)

Well, if your carrier won't unlock you (interestingly O2 UK will do at any point, for free, for pay-monthly customers!) then you *have* to jailbreak it to unlock it.
My jailbroken phone isn't unstable...

Re:Apple's DRM seems to be the main problem (1)

socsoc (1116769) | more than 4 years ago | (#30904960)

Ummm... You have to jailbreak in order to run the unsigned code to unlock it. Unless you perform magic.

Re:Apple's DRM seems to be the main problem (1)

jo_ham (604554) | more than 4 years ago | (#30908902)

Or you just ask your carrier to unlock it for you. O2 will do it for you here in the UK now that the exclusivity deal has finished.

Locked phones are not unique to to Apple.

Jailbreaking the phone to run the unsigned unlock code also doesn't make you vulnerable. Installing SSH and not changing the default password does. That is a separate thing.

Re:Apple's DRM seems to be the main problem (1)

jo_ham (604554) | more than 4 years ago | (#30908856)

The two are *totally* unrelated. Unlocking to other networks has *nothing* to do with jailbreaking your phone.

Nor does jailbreaking itself cause you to be vulnerable - you need to also install SSH as well.

If you are installing SSH, you really ought to know what you are doing.

Re:Apple's DRM seems to be the main problem (1)

intheshelter (906917) | more than 4 years ago | (#30904848)

Draconian? Really? I own many Apple products and I am rarely stopped from doing anything. Perhaps your hatred of Apple has colored your post to the point that it's ridiculous hyperbole?

Re:Apple's DRM seems to be the main problem (1)

DrXym (126579) | more than 4 years ago | (#30905252)

I think it is quite obvious that I was referring to the iPhone here. It is also quite obvious that the restrictions on the phone are draconian, as witnessed by the large demand for jail broken devices.

Re:Apple's DRM seems to be the main problem (1)

david_thornley (598059) | more than 4 years ago | (#30906926)

How big is the demand for jailbroken devices? I know there are a lot of people on /. that would almost reflexively jailbreak one if they owned it, but how does that translate to the general population? Hardcore geeks like us are neither typical of people in general nor Apple's target market.

I have an iPhone with quite a few apps on it, and it's not jailbroken. This means that any software I install on it gets at least a screening from a company that has a lot to lose by allowing malware on the phone. I find it very useful. The "draconian" restrictions mean that I have a usable phone and web browser and email reader that I'm not going to lose by installing the wrong software.

When I want to program something, I usually use the laptop. It's much more convenient, I can do more with it, and if I screw up (with my own software or somebody else's) it isn't as vital.

Re:Apple's DRM seems to be the main problem (2, Insightful)

DrXym (126579) | more than 4 years ago | (#30907886)

This means that any software I install on it gets at least a screening from a company that has a lot to lose by allowing malware on the phone.

They also have a lot to lose by allowing apps like voip, instant messaging, map readers, voice search, flash player, browsers, podcasters, movie players, music players, file downloaders etc. etc.. Basically anything that competes with their tech, or offends the network, or they simply don't like on grounds of taste or any other arbitrary reason. They even ban apps with scripting / runtime capability even extending to the absurd banning of a C64 emulator lest somebody figure a way of using it to jailbreak the phone. It's not even the small fry that have been hurt - Google have had apps rejected.

The restrictions are draconian, and it isn't surprising given the above, and the way the device is locked to certain networks (even outside of contract) that people want to jailbreak it.

Re:Apple's DRM seems to be the main problem (0)

Anonymous Coward | more than 4 years ago | (#30908058)

>>If Apple didn't put such draconian limits....

Really, just shut the fuck up, douche.

Talking through their hat since 2004 (3, Informative)

argent (18001) | more than 4 years ago | (#30902162)

Back in 2004 Intego's big complaint about the Mac was that because it's based on UNIX, if you could get it to execute a shell script you could do anything on the computer, and that Applescript wasn't sandboxed. They never noticed that the same was true of CMD.EXE and VBscript on Windows, DCL on VMS, and every other native scripting environment on every OS, ever, anywhere.

Intego's business model appears to be FUD.

Mac keyboard firmware security issue (keylogger (1)

blankoboy (719577) | more than 4 years ago | (#30902268)

I recall reading this (URL:http://www.semiaccurate.com/2009/07/31/apple-keyboard-firmware-hack-demonstrated/) last year but never heard any follow up from Apple. Does anyone know if there was actually any firmware release for this to close this potential security hole? It appears the likelihood of this getting exploited is rather small (requiring local access at this time) but it still warrants a response from Apple IMO.

Re:Mac keyboard firmware security issue (keylogger (1)

AHuxley (892839) | more than 4 years ago | (#30902996)

Take your pick
Its an active hole in the wild used by anyone. (no hint yet?)
Its an active hole in the wild used by the NSA, CIA, FBI. (not going to be fixed anytime soon)
Its not an easy hole to use in the wild. (no chatter yet?)
Apple staff are so distracted by itoys. :)

Jailbroken = not Apple's responsibility (0)

Anonymous Coward | more than 4 years ago | (#30902360)

I would think that would be obvious.

Not so fast (0, Redundant)

Swift2001 (874553) | more than 4 years ago | (#30906786)

I ran a Windows computer at work. And I had one at home. Never had a problem.

Then I went to another office. We had to spend a fair amount of time researching on the Web. All it took was one person landing on an illicit web site, and the shit hit the fan. All of a sudden, one after another, everybody's hit with trojans and God knows what else. No IT guy to run the thing, so I became the informal computer guy. Several computers are taken out and got the OS rebuilt. The only way to protect against the exploit that hit us is to update the OS. I do so, everything's fine with my machine. One computer after another gets hit with "You may be the victim of pirated software." Uh-oh. Turns out the boss bought the licenses for the software we used with Windows 2000. So then he upgraded to XP, but before the Microsoft Malicious Software (?) removal tool, nobody knew. Now it's picking up the proprietary program, reading the license, and going uh-uh. Can't upgrade. The new licenses would be about $8,000 per computer per year. (From the third-party software vendor. They only sell their program with the support, which costs that much. And they urge you to upgrade to the new version, which is another $13 grand.)

But we're going into recession. Not going to happen. So we have to go back to IE6 and Windows 2000 on some computers. They get hit again with web-based malware. It infects other software on the network. Could a good IT guy have fixed this? Yeah. We had 8 employees, and suddenly the phone wasn't ringing with the big contracts.

In the meantime, the Mac we had on the network for graphics and video conversions -- running like a top. Sure, I know. There are warning signs that show up on Security experts' blogs. Never, since I got a Mac in 1986, had an actual piece of malware. I realize I was a bit lucky in the early days, but I didn't exchange floppies with idiots, so I didn't get those old viruses.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>