Apple Mac botnet FUD from New York Times?

“In their persistent quest to breach the Internet’s defenses, the bad guys are honing their weapons and increasing their firepower,” John Markoff reports for The New York Times.

Markoff reports, “With growing sophistication, they are taking advantage of programs that secretly install themselves on thousands or even millions of personal computers, band these computers together into an unwitting army of zombies, and use the collective power of the dragooned network to commit Internet crimes.”

“These systems, called botnets, are being blamed for the huge spike in spam that bedeviled the Internet in recent months, as well as fraud and data theft,” Markoff reports.

Markoff reports, “Although there is a wide range of estimates of the overall infection rate, the scale and the power of the botnet programs have clearly become immense. David Dagon, a Georgia Institute of Technology researcher who is a co-founder of Damballa, a start-up company focusing on controlling botnets, said the consensus among scientists is that botnet programs are present on about 11 percent of the more than 650 million computers attached to the Internet.”

Markoff reports, “‘It represents a threat but it’s one that is hard to explain,’ said David J. Farber, a Carnegie Mellon computer scientist who was an Internet pioneer. ‘It’s an insidious threat, and what worries me is that the scope of the problem is still not clear to most people.’ Referring to Windows computers, he added, ‘The popular machines are so easy to penetrate, and that’s scary.’

Markoff reports, “So far botnets have predominantly infected Windows-based computers, although there have been scattered reports of botnet-related attacks on computers running the Linux and Macintosh operating systems.”

MacDailyNews Take: Stop right there. Markoff reports of “scattered reports of botnet-related attacks on Macs” and leaves it at that, but we would like to know more. Where did these “scattered reports” originate? Were they accurate? If so, were these “attacks” actually successful? Yes, we’re highly skeptical. There have been “scattered reports” of Bigfoot-related “attacks” on people, too. Does that prove the existence of Bigfoot? We wonder, did Markoff include this sentence based on proven fact or as an attempt to soften the blow struck against Microsoft’s Windows by the Carnegie Mellon computer scientist he quoted in his previous sentence? Do you have any proof of any Mac OS X-based botnets in operation today or at any time, Mr. Markoff?

Markoff continues, “Some botnet-installed programs have been identified that exploit features of the Windows operating system, like the ability to recognize recently viewed documents. Botnet authors assume that any personal document that a computer owner has used recently will also be of interest to a data thief, Mr. Dagon said.”

Markoff continues, “Serry Winkler, a sales representative in Denver, said that she had turned off the network-security software provided by her Internet service provider because it slowed performance to a crawl on her PC, which was running Windows 98. A few months ago four sheriff’s deputies pounded on her apartment door to confiscate the PC, which they said was being used to order goods from Sears with a stolen credit card. The computer, it turned out, had been commandeered by an intruder who was using it remotely. ‘I’m a middle-aged single woman living here for six years,’ she said. ‘Do I sound like a terrorist?’ She is now planning to buy a more up-to-date PC, she said.”

Full article here.

[Thanks to MacDailyNews Readers “Whit” and “j.c” for the heads up.]

MacDailyNews Take: She ought to be planning to buy a Mac:

“By default, Mac OS X does not ship with any network services running. None. Not a one. Out of the box Mac OS X is not sharing files, running SSH, sharing its printers, or even exposing the CUPS configuration page to anything but the loopback port — and most consumers are running it in that default configuration. If you portscan a fresh install of Mac OS X, you get bupkis,” Adam Knight wrote for Mac Geekery back in April 2006.

Knight explained, “Contrast this to Windows, or even many Linux distributions, where services are run on the public ports by default. Doing this opens the machines to network-based attacks such as overflows and injections and whatnot. That’s what lets so many Windows machines become network zombies. Because the Mac ships with nothing running, there’s no door to get a foot into, and even with outstanding security issues for the local side, the system is secure enough on the public side that your standard machine is safe.”

Full article here.

Contact info:
To send comments and suggestions (about news coverage only) or to report errors that call for correction: nytnews@nytimes.com
John Markoff: markoff@nytimes.com

[UPDATE: 11:45am EST: Added contact info.]

34 Comments

  1. Is ignorance (99.9% of journalists these days) really FUD? FUD is done on purpose for your own benefit, Markoff is just another lazy journalist. I can’t imagine why newspaper reading continues to drop, TV news watching continues to drop with the word journalist hardly applying to anyone anymore. Yet, “they” claim it’s because the public is ignorant (LOL!) That’s what is more sad than claiming this as FUD. You can’t write FUD, if you have no clue about what your writing.

  2. Sounds like the global warming people: “some scientists say… “scientists report…”

    They seldom give names and specifics.

    Also, I’m amazed how some people smear Macs by dragging Apple into the PC sewer without facts. These are the same people who would claim a Nobel Prize winner “might have cheated on college exams…” this stems from ENVY folks, just plain dirty envy

  3. Is this the same John Markoff about which scattered reports of him loitering by public toilets frequented by perverted old men seeking anonymous sexual gratification circulate?

    I thought so. Gotta be careful about them “scattered reports.”

    MW: “Kind,” I’m not to those who play loose with the news.

  4. This is how it’s done in jounalism. This is simply a technique used by the biased mind. Just a little FUD smeared on the underside of the readers cerebellum.

    It’s done in politics all the time but in regard to the Mac it’s called Mac-Envy. Oh, yeah…red hot envy. It’s a severe rash that exists in the kishkes and particularly far and away up the ass of many tech writers like Rob Enderle.

    There are times when the veil is flung aside and the venom really spews like the recent Enderle options article. so sad. such a sad, sad man.

  5. Well, it’s true in a sense. Macs have been attacked by botnets. So have computers by Sun, HP, and every other machine attached to the internet, because botnets attack EVERYTHING while looking for new hosts to infect. Obviously there is a glaring omission here, no Mac has ever been SUCCESSFULLY attacked by a botnet. Sure maybe a botnet could flood a Mac’s IP with a DDoS attack. But this isn’t what the article implies.

  6. Journalists are taught that nothing is Black & White. Windows can’t be all bad and Apple can’t be all good…. which is actually true. However, the mistake they make is taking that attitude of equivalence into specific areas of performance. These writers have been taught in college that if they are going praise someone that have to find others to praise in the same sentence. Conversely, they can’t damn someone or something without implying that the offender is not alone in being offensive. I frankly dispise this type of wishy-washy writing; one that cannot single out someone for praise or scorn without blunting the message by bringing others into the arguement. Yes, I know that nothing happens in a vacuum, and stories need context. But those that really know this story about botnets know that IF linux and macs are involved, it is an insignificant fraction of a single percent. The writer should have had the courage to let the indictment against Windows stand alone. His article would have been of more value . Really! What are we, as readers, left with? Uh… computers are used as botnets. Gee, what’s the solution? Uh, I guess I’d better buy a newer model like that lady in the article is going to do. Why even write if you are so afraid of offending that ultimately whitewash over the problem and don’t spotlight the culprit?

  7. “…there have been scattered reports of botnet-related attacks on computers running the Linux and Macintosh operating systems.”

    If you parse the sentence carefully, he is saying there have been *attacks* on Linux and Mac OSX machines, not infections. If he wanted to keep up the NYT reputation for careful reporting (deserved or not) he would have continued, “however there have been no reports of these attacks having been successful”

  8. “So far botnets have predominantly infected Windows-based computers, although there have been scattered reports of botnet-related attacks on computers running the Linux and Macintosh operating systems.”

    Obviously, this statement needs clarification – something beyond the ken of many journalists. Botnets may indeed “attack” non-Windows systems, trying to take them over, but fail. Non-windows systems can also be flooded by spam generated by compromised systems, or be subject to denial-of-service attacks. But it’s another thing to be compromised itself.

    Apropos, I once connected my Mac OS X through my DSL to Gibson Research (grc.com) to check for open ports. NOTHING was open. According to GRC, my Mac is effectively “invisible” to an outsider.

    Yes, that poor middle-aged woman, after losing her PC to compromise, should have purchased a Mac. (Ignorance is NOT bliss.) I did work for a colleague’s Toshiba laptop recently because it was “crawling”. I detected about 12 pieces of malware running on it, though “protected” by anti-virus and anti-spyware software. The woman’s new “up-to-date” PC will eventually fall as well.

  9. MDN:

    Outstanding commentary.

    Have you forwarded this to the NY Times?

    Do you have contact information?

    This isn’t the first time that Markoff has pulled this stunt, so I think it is time to pull out the heavy artillery.

    Maybe we can get NY Times’ David Pogue to comment/try and straighten out Markoff/put a comment/question on his blog.

    Work to do here…

  10. Don’t be too concerned about FUD, about statements like “Macs have been attacked also”. The truth eventually comes out. But as in most situations many people will never know the truth anyway because they are either ot interested or just don’t want to know something that disagrees with their preconceived ideas.

    Just enjoy using your Mac and it’s not being infested with viruses and all other forms of malware. Apple is growing and Macs are not going to dissapear so don’t worry about trying to increase Macs market share and don’t worry about other people not knowing the truth about Mac security.

  11. Joe Blow – while you’re quite right in saying that the truth will eventually come out, it never gets reported in the way that the original FUD was reported and is generally ignored by those who made the most noise in the first place.

    The BBC has now three times published reports of the first Apple virus. By definition at least two of those stories must be incorrect and in fact, all three were, but that doesn’t mean that they won’t print the same sort of headline again when the next FUD comes along.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.