“eWeek writer Paul F. Roberts’ piece on the Mac looks like a detailed article on potential security exploits which may be uncovered with the Mac’s switch to Intel chips. It’s not. Since Mac users will be quick to point out the error of his fiction, eWeek will generate a lot of hits to their web site. More hits, more ad impressions, more revenue,” Tera Patricks writes for Mac360. “Enough with the fiction already. Mac users know better.”
“The very first sentence of the article says Intel Macs ‘could open the door’ to more attacks against Mac OS X. I’ll buy that but not worry about it, because ‘could’ is probably correct. Sales of Macs will continue to increase, market share will continue to increase, so, hey, it “could” happen.” Then Roberts follows up the first step down the Fiction Parade route with: ‘The shift to Intel processors from the Motorola Power PC processors will make it easier to create software exploits for Macintosh systems, and could result in a steady stream of Mac exploits in years to come,'” Patricks writes. “It ‘will’ make it easier? Ok, how about some proof. eWeek did interviews about the so-called mounting ‘pressure’ on Apple to build security measures into Mac OS X. The implication in that line is that OS X does not currently have security features.”
“That’s bad journalism, poor writing, and factually wrong,” Patricks writes. “While Apple thoughtfully declined an interview with eWeek (see! The folks at Apple are smart; don’t feed the literary monkeys), they did say, ‘the security technologies and processes that have made Mac OS X secure for PowerPC remain the same for Intel-based Macs.’ Let’s recap. eWeeks says Apple doesn’t have security features in OS X. Apple says they do. Mac OS X has no viruses, no trojan horses, and no spyware exploits despite being on the market for five years and with tens of millions of customers,” Patricks writes. “Don’t misunderstand my perspective or history. I know that ALL operating systems have exploits and security issues. All. Some are well known, some haven’t been found yet, some are used to mess up your computer. The real issue is, ‘does it happen often enough to be an issue of concern?’ The answer is, YES. For Windows. No, for Linux on Intel. No for Mac on PPC, and no (so far) for Mac on Intel. When it happens, we’ll hear about it. For now, those hackers have much more fun chewing through Windows Swiss Cheese XP SP 42.”
Full article here.
Advertisements:
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. $49.00.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related articles:
Security technologies that have made Mac OS X secure for PowerPC remain same for Intel-based Macs – January 27, 2006
Windows virus threatens 170-year-old Toldeo newspaper’s perfect record, Apple Macs save the day – January 27, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Microsoft Windows virus spreads rapidly; Apple Macintosh unaffected – November 28, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
Although the original article was mainly crap, I wish people would stop writing these articles about how secure Mac on Intel is without any real knowledge.
It is quite possible that the change to Intel chips will make Mac OS more susceptible for Buffer Overruns. Intel chips simply are more susceptible to buffer overruns than PowerPC chips.
It really doesn’t do any good for Mac users (of which I am one) to be so complacent about this switch.
Also, I’ve had Linux machines infected by the various “worms” out there and rootkitted. It was a big f***ing pain in the ass, so my answer to “does it happen often enough to be an issue of concern?” is: Yes!
Not had a Mac hacked yet though, I must admit.
Speaking of buffer overruns, does anyone know if the Intel version of OS X supports the Execute Disable Bit. A look on Intel’s site doesn’t have it listed as one of the OSs that do.
Shame on you, eWeek. How can you report this crap and get away with it?
Signed,
Dan Rather
“eWeek”. Yeh-heh-hehesssssss. There’s no way they should be charging to advertise on that site. I’ve seen more accurate reporting in Monkey Monthly magazine. And that’s run by chimps. Yeh-hesssss, the quality of information on eWeek is so bad it’s like me trying to charge for my POOP!
eWeek should change their name to “freeWeek”.
What are these people smoking???
http://www.g-zus.net/
pog… True! .. but what tells you that Apple Intel based computers are not Mac? Cause you clearly say: “Not had a Mac hacked yet though, I must admit.”
I am sure Apple has checked the risks of this move and is willing to deal with what ever it needs to in order to keep its Intel base computer as secure as its PowerPCs.
You started your argument much better by recognizing this as a paradox due to the inaccessibility of the commentators to Intel base computers for real testing. Hold it right there until we all see the real deal.
Monkies COULD fly out of my butt too.
MW ‘designed’ as in Apple has designed OSX to be inherently more safe
Am I missng something else in this ‘story’? The guy writes, “The shift to Intel processors from the Motorola Power PC processors…” [my emphasis].
I was under the assumption that it was IBM and Freescale that manufactured PPC chips… was I wrong all this time?
Always enjoy reading what Tera Patricks has to say – she knows her Mac.
These reports of OSX security weaknesses and susceptibilities seems to be of the “wishful thinking” category. Details are usually absent…
It’s almost as if eWeek writer Paul F. Roberts is saying (under his breath) “Come-on guys, write a virus for the Mac, something, anything… Pleeeease”
Going on 22 years now, no viruses, no successful break-ins, no security breaches, nothing…even after I double-dog dared the entire planet and the sum of humanity. That alone tells me all I need to know.
MacDaddy: I don’t own any Intel based Macs. However my PPC based Macs have been fairly invunerable.
I have some pretty hands on experience with Buffer Overruns however. We have some software at work that is so poorly written it basically buffer overruns itself and crashes. At least it does on Intel Linux.
On Macs in compiles and runs perfectly. I assumed this was an OS issue, so installed Darwin on an x86 box to test it out (it’s an X11 app). Nope – crashed just as bad as on Linux.
Essentially the only difference between the Darwin machine and the Mac was the processor.
What happens if you put a different engine into a car? You may have to re-route some hoses or wiring. You may have to cobble some parts together to get them to fit just the right way. You may have to cut some mounting holes or add some bolts in the right places.
You have the same steering wheel, brakes, accelerator, transmission, windshield, roof, seats, doors, body, wheels, etc., etc., etc…
Does it make it any easier to break into or hotwire?
Same thing.
little man: a shockingly innaccurate analogy.
Reseach, research, research… if you’re a tech journo, surely one knows to check these simple facts….<rhetorical>!
What the hell is this supposed to mean…
“It is quite possible that the change to Intel chips will make Mac OS more susceptible for Buffer Overruns. Intel chips simply are more susceptible to buffer overruns than PowerPC chips.”
In what way are x86 chips more susceptible to buffer overruns? This is utter nonsense. Please put away the hash pipe before you pretend to be an ubergeek and astound us with your bigger-dork-than-thou wisdom.
Or back up your wild claim somehow.
Dave
Continued from my last post:
Let’s say Apple makes a car and Microsoft makes a car. The Apple car has a really good lock, the windows all roll up, and everything is secured. The Microsoft car has broken locks (which everyone has the same keys to), a window that won’t roll up, a hole in the roof, and a door that you have to hold closed as you’re driving it. The only way to improve this state in any way is to go to the auto parts store and buy a 3rd party upgrade which amounts to some duct tape and a roll of visqueen.
Does it really matter what engine is in what car?
pog,
In referring to the way in which the OS interacts with the processor and any security changes which would go along with it, how so?
Oh pog, I see you responded already. Anyway, let me assure you that you’re wrong. That was an Apples and oranges comparison. There’s no new greater susceptibility to buffer overruns on Intel than on PowerPC. Next topic.
pog… that is a fine test you did but I am sure if you would hear the same story from another person who has done this test you would not be satisfied by just assuming that it is the processor’s problem… there is a whole architecture on a motherboard as you already must an expert of which includes also a bunch of masked logarithms and layers of programs written only for that BIOS and setup.
Think again… I am not rulling out possible vulerabilities of Intel based Mac but your argument is as possible as its anti-theory.
Go get ’em, Tera!
MW: “maybe”?
MacDaddy: I know for a fact that the crashes were caused by Buffer Overruns because I can see them in the code. The trouble is the project is so big and important it was cheaper to buy a Mac to run it on than to spend time porting the thing to Linux.
I’m quite happy about that however as it has lead to us moving to Macs on mass at work. However I do worry that when we upgrade to Intel Macs this code will no longer run.
In that eWeek article one of the guys quoted states that OSX allows any code in memory to be executable which suggests that Apple isn’t using the no-execute bit. Anyone actually know if this is true.
Regardless of any of this, I don’t think buffer overruns will lead to viruses as we know them on Windows, they don’t on Linux. However the chances of being hacked are higher, especially local user root hacks (a big issue for people adminstering University computers).
Sum Jung Gai:
You can assure me all you like, but unless you can prove:
a) you have initimate experience of the workings of OSX Intel.
b) you know more about computer programming than I do and actually understand the buffer overflow issue as well as I do.
I’ll choose not to take your word for it.
pog… I know I cannot ask for your code and what exactly the error was on the intel processors but again, the intel PCs have different BIOS and different architecture than Mac-Intel computers. I know if buffer-overrun occur on a platform with a poor code that can be used as a base for the attacker’s code. Buffer overrun exploits can happen on Mac-Intel but it assumes that Apple has not managed to protect its memory properly.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
This conversation will not go anywhere unless I see some code that causes such error on your intel based PCs.
As for your mass move to Apple hardware I can only say… damn you are lucky to work at such environment! Cause here at my work we have Micro$ucks “running” on my servers and the only thing we are secure about is our job until they move to Macs.
the ‘F ‘ clearly stands for fu*kwit