“Researchers have claimed that ‘chip-level threats’ pose a potential problem for Intel-powered Mac systems. A chip-level attack targets a feature or vulnerability in the processor rather than attacking software as is the case with nearly all today’s security threats,” Tom Sanders reports for vnunet.com. “Examples of chip-level attacks are rare. The last known serious outbreak dates back to 1998, when the CIH/Chernobyl virus embedded itself into the flash-BIOS of infected systems.”
“Security vendor McAfee said in a recent white paper about security challenges for Apple systems that chip-level threats are a potential problem now that Apple has switched to Intel chips. But the firm admitted that there are no examples of such attacks,” Sanders reports. “The cautionary white paper was published on the same day that McAfee launched a version of its security software for Intel-based systems.”
“Despite the fact that Apple computers and traditional PCs run on Intel chips the features of those chips tend to change frequently, so there is no guarantee that an attack that works on one Intel Mac will succeed in targeting another,” Sanders reports.
Full article here.
[Thanks to MacDailyNews Reader “Judge Bork” for the heads up.]
MacDailyNews Take: In related news, McAfee also warned Windows PC users that if they continue to switch to Macs, McAfee will be forced to resort to even more egregious nonsense before the company files Chapter 11. McAfee thinks Mac users are stupid. Mac users should not buy anything from McAfee or Symantec (please see related articles below).
Advertisements:
• Introducing the super-fast, blogging, podcasting, do-everything-out-of-the-box MacBook. Starting at just $1099
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related MacDailyNews articles:
Symantec CEO: We think more people ought to buy Apple Macs – May 15, 2006
Analyst: McAfee’s recent Apple Mac security report is ‘sloppy scaremongering’ – May 08, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Network World: Apple’s Mac OS X is significantly more secure than Windows – May 01, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Mac OS X clearly offers superior security over Microsoft Windows – March 02, 2006
Apple Mac OS X has a lot more vulnerabilities than Windows XP? – February 28, 2006
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006
Patched in mid-2005 by Apple, Symantec warns ‘Inqtana-A’ worm could be ‘beginning of a trend’ – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
IDC: Apple Mac 2005 U.S. market share 4% on 32% growth year over year – January 20, 2006
Analysts: Apple Mac’s 5% market share glass ceiling set to shatter in 2006 – January 09, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – September 09, 2005
Joke of the month: Gartner warns of Mac OS X ‘spyware infestation’ potential – March 30, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
Isn’t this sort of thing illegal?
How can these guys get away with the FUD. Gullible twits will believe what they say. It amounts to false advertising to seel their products. Naughty naughty…
MDN’s take is seconded here… Please, any new switchers to Mac who have found this site and are considering purchasing anti-virus software – don’t waste your money. It’s utterly unnecessary, proven to slow your system down, as well as introduce security threats not present in OS X itself. McAfee are selling the emperor’s new clothes and should be ashamed of themselves.
haha so silly, especially as they dont use bios
You gotta feel sorry for them. They have done a great job filling in where others did not.
From what I am reading, they are all freaked out because MS supposedly has developed security for Vista? But from what I am also reading is that the security is such a bastardization of human interactive design that most users will probably turn it off (that is my favorite part – if our security software is to complicated for the average home user, just turn it off). Then most users how are already used to McAfee will continue to use them.
It is sad that they resort to fear mongering though on the Mac platform. It truly shows a company that is aware of it’s own demise.
This is all very natural. Actually, I’d say this is a healthy sign for Apple.
Sounds like the empty threats and alarms our government warns us of…
“..a credible threat, but we don’t know by who, what, where or when…and we don’t have any proof, just be afraid and trust us”
Mafia tactics.
Rats up against the wall…
Apple’s stock will come down to $52 soon. JUST WATCH!
Sheesh. It’s not like they’re running out of things to work on over on the PC side. Vista security won’t work.
“….asteroid threats are a potential problem now that Apple has switched to Intel chips. But the firm admitted that there are no examples of such attacks”.
Holy cow…
You know, realistically, none of this kind of b.s. is going to go away until the pc market place is in somekind of real equalibrium, better balance. Until Windows is percieved as just another OS product, as opposed to THE OS product for running personal computers, this, everybody’s-gotta-be-on-the-same-page-using-the-same-OS-running from the same viruses at the same time, thing, isn’t going to change.
MS and its Windows product sold the world on the idea that we can’t live without them/it, now they’ve got us by the private parts and they literally dictate how we work with computers, even whether or not we can have “safe” OS environments to work in.
And if MS can get away with it, why can’t every other Mfg. of software products?
By the way, who monitors companies that make security/anti-virus products? Anybody? How do we know for fact that these companies don’t actually do their part to perpetuate the problem?
This is getting ridiculous, do these guys really fear the threat of the Mac? It seems like a total overreation on their part. I find these reports very sinister when you consider how prolific they are becoming and how little substance seems behind them. The whole computer industry seems hellbent on preserving the status quo rather than progressing and innovating.
This has to be the most egregious example that I have seen from Symantec, yet. Absolutely horrible fear-mongering!
…Intel Macs vulnerable to ‘chip-level’ threats
This is very true, all the new Intel chips have numerous unfound errors that must be worked around in the operating system.
However it’s a job for Apple to fix and anti-malware software is a after effect if the problem doesn’t get fixed in a reasonable amount of time.
So far the Metadata file exploit still isn’t fixed on Mac’s yet. I’m concerned this is still a highly used vector to get trojans to run on our machines.
Will anti-malware stop metadata file exploits, no.
Static Mesh,
Are you sure you aren’t mixing up the errors that chips produce when crunching numbers with true exploits? What I’m talking about are the error numbers that the company releases whenever a new chip is debuted (usually in the range of 30-60). Although, I must admit I’m not sure if this is per clock cycle or for a standard test “set”.
Damn straight, Mac users are stupid! They don’t understand that they need McAfee (etc) to protect them from dangers nobody yet understands! Get their software and you’ll be protected against SIDS and Bird Flu … ya cheap-assed dummies!
It is true that every documented Mac OS X threat has been written by an anti virus software company.
I wonder how many they have written for the Windows side.
Protection racket in every sense of the phrase.
Why, exactly, MDN, do you ascribe all malice to Microsoft while believing that Intel is perfect? Microsoft and Intel were joined from sternum to hip for years. After extensive surgery, they are now joined from the lower sternum to the upper hip.
This team was not and is not good at security. Consider the following:
“Specific Windows buffer overflow vulnerabilities depend on the rigid stack-order execution and limited page protection inherent in the x86 architecture.” —Paul Murphy
Intel has added hardware protection to reduce this threat, but rigid stack-order execution and limited page protection is rigid stack-order execution and, and x86 architecture is x86 architecture. And now we have got it. Do you know with absolute certainty that OS X has no buffer overflow issues?
Don’t be too sanctimonious.
Is Satic Mesh the real MacDude or his twin brother?
I hear macs are also vulnerable to “coffee-level” threats
You need purchase macafee’s 60 dollar coffee protection layer to make sure you don’t get any spills
freaken ridiculus
MacPhee, nobody says buffer overflow are not existent on OS X. They are.
But OS X does not set the X bit on the stack, that is, the stack is not executable. So, if you know how buffer overflow do work then you know this undermines them a lot.
Second, you can only overflow a variable, ie, the culprit is the OS, not the chip. Intel has nothing to do with allowing or stopping overflows.
rigid stack order execution is not at hardware level, but at OS level.
OpenBSD has random stack offset and does that on x86 as well.
Btw, PowerPC neither had page protection that OS X was able to use, so nothing changed there. BUT, with x86-64 there is page level protection and OS X will use it.
Cheers
The only possible “threat” that Mac users face now that Apple has switched to Intel is that Malware writers are more fluent in x86 code (from hacking Windows for so long). I don’t think this will affect attacks directly on the OS (such as someone hacking into your system) because it is based on Unix, BUT, trojans may become more prevalent. Of course, I still won’t be running ANY anti-virus apps. With trojans it’s a matter of safe computing practices. As long as you don’t get TOO complacent about security, you will be fine. There are always those who will click on that strange attachment though. Shame.
me:
Whatever. We could get into a knock ’em down and drag ’em out, but I have to cut the grass.
To try to separate issues into OS or CPU issues is silly, anyway. The OS can’t run without a CPU, and the CPU only burns electricity without an OS. It all works together. I am merely pointing out that PowerPC architecture is vastly superior to x86 architecture, and losing PPC is a crime. Clearly, IBM didn’t like seeing all those Xserves in the Top Ten SuperComputers list a few years ago, and quickly and ruthlessly ceased all further development. If IBM had delivered 3 GHz when they (and therefore, Steve) said, do you think we would be having this discussion? No. We would be looking down our noses at Intel users, and not only game manufacturers, but PC manufacturers would be scrambling to get on the PPC bandwagon. Talk about shooting yourself in the foot, IBM. ‘Course, they rule the Top Ten List now. Good for them.
Since IBM pulled the plug Apple had to do something, and made the only sane choice. Their chip supplier now has only one motivation: to sell as many chips as it can. They don’t make desktops, workstations, laptops, or servers. Just chips. Apple is Intel’s first customer (or at least the biggest by far) for EFI. I’ll bet Intel likes that. I think that Apple will be working much more closely with Intel on CPU et. al. development than will Dell, HP, or even Microsoft. Soon, we will see a chip design that is not beholden to legacy.
Until then, don’t be sanctimonious.
I hear McAfee is coming out with a white paper about meteor threats for Apple systems. The new systems are so desirable that even small bodies of matter from outer space are gravitating to them. McAfee is working on a solution of protection that consists of a baseball cap wrapped entirely in aluminum foil to protect the user from being smited by this extraterrestrial threat. The cost will be determined by how much fear can be instilled in their focus group before they meet.
Remember “The Sky IS Falling!”