BBC – Mac users ‘still too lax on security’

“Apple Mac users are still too lax when it comes to security matters, an independent researcher has said,” BBC News reports.

“Kevin Finisterre caused ripples in the Mac community when he started a website in January revealing a different bug in Apple systems each day of the month,” The Beeb reports.

“Apple makes great play of the fact that its OSX operating has yet to be attacked by a virus while Windows XP machines are plagued with problems. Its recent global campaign of adverts pitching Macs versus PCs has focused on security issues. XP machines are represented by a flu-ridden, sneezing individual while the Mac remains untouched by illness,” The Beeb reports.

Apple’s “Get a Mac” ad – Viruses:

The Beeb continues, “Many of the problems highlighted by Finisterre are security holes in applications, which are not related to viruses… [Finisterre] said the Month of Apple Bugs (MOAB) project had succeeded in its original aim of raising the level of awareness around Mac security… But Mac experts have pointed out that none of the exploits have ever successfully been used to hijack an Apple computer.”

“By contrast hundreds of thousands of Windows machines have been taken over as part of so-called bot nets, which use the hijacked machines to deliver millions of spam e-mails around the world,” The Beeb reports. “At the moment there are no plans for the MOAB website to continue.”

Full article here.

Glenn Fleishman reports for TidBITS, “Two hackers wanted to show the world that Apple’s much-vaunted operating system wasn’t as secure as it was cracked up to be. The Month of Apple Bugs (MoAB) ran from 01-Jan-07 to 31-Jan-07, with the final day promising a future serious bug. Instead, they may have turned the Mac smugness dial up a notch.”

“MoAB backers ‘LMH’ (who does not reveal his or her real name) and Kevin Finisterre appeared to want to tweak Mac users, who often revel in the so-far absence of attacks on Mac OS X that are plausible, persistent (not quickly patched), and spreadable. In particular, the pair appear to take issue with the zealots and ‘fanboys’ who, when presented with credible information that shows Apple or Mac OS X in a bad light, reject it out of hand. But lmh and Finisterre also seemed to have a chip on their shoulders before, during, and after MoAB,” Fleishman reports.

Fleishman reports, “it seems that MoAB may have unintentionally given more ammunition to the extremists in the Mac faith, while making the larger community even more blase. None of the bugs released had any real potential of a vector – spreading from computer to computer as a worm through an Internet- or LAN-exploitable flaw – and as far as I have seen, no in-the-wild exploit was released for any of the bugs, despite the fact that MoAB refused to notify Apple or third-party developers before releasing the bug details to the public.”

Full article here.

[Thanks to MacDailyNews Readers “Alex” and “Tim” for the heads up.]

Related articles:
Bill Gates has lost his mind: calls Apple liars, copiers; slams Mac OS X security vs. Windows – February 02, 2007
Microsoft’s Windows Vista: Five years for a chrome-plated turd – January 30, 2007
McAfee: Microsoft ‘taking security risks’ with long-delayed, oft-pared-down Windows Vista – October 02, 2006
Why is Apple’s Mac OS X so much more secure than Microsoft’s Windows? – October 01, 2006
Apple Macs are far more secure than Windows PCs – September 26, 2006
$399 for Windows Vista Ultimate?! (Hint: Get a Mac) – August 29, 2006
Oxymoron: Microsoft security – August 12, 2006
With exploits in wild, Microsoft Windows braces for yet another critical worm attack – August 11, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Symantec CEO: We think more people ought to buy Apple Macs – May 15, 2006
FBI: Viruses, spyware, other computer-related crimes cost U.S. businesses $67.2 billion per year – February 01, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005

53 Comments

  1. I complained, and look at the response. Quite unbelievable…

    Thanks for your email.

    The article you are complaining about is a balanced piece looking at some of the security issues around Macs.

    As the piece says:

    But Mac experts have pointed out that none of the exploits have ever successfully been used to hijack an Apple computer.

    By contrast hundreds of thousands of Windows machines have been taken over as part of so-called bot nets, which use the hijacked machines to deliver millions of spam e-mails around the world.

    To allege that we are biased towards MS is absurd. We have written scores and scores of articles about XP security failings.

    The most recent was less than a week ago:

    http://news.bbc.co.uk/1/hi/technology/6360433.stm

    And at least half of the Technology team are Mac users at home – so no bias there either.

    I hope that helps.

    Darren Waters
    Technology editor
    BBC News Interactive

    MY REPLY:

    Hi Darren,

    Thanks for the reply. I can’t say I agree with the opinion that because some BBC staff members use Macs at home you aren’t bias towards Microsoft! I would, however, say that these articles provide enough information (one of them is from the BBC too):

    http://www.betanews.com/article/BBC_Microsoft_Sign_Strategic_Alliance/1159460142
    http://news.bbc.co.uk/1/hi/technology/5390000.stm

    Still, on a more positive note, I’m really looking forward to the massive in-depth coverage, numerous online articles, videos, interviews with Apple’s interface designers & product launch department and two half hour shows on BBC 2 that the BBC are going to produce when Leopard is released by Apple. After all, that’s what ‘balanced’ reporting is all about, isn’t it?

    One more point, the most recent article about XP security that you link to as evidence of balanced BBC reporting is about how Microsoft have fixed 20 security holes, and not about the myriad of issues and problems that occur every single day on Windows XP.

    Regards,

    Jim

    DARREN’S REPLY:

    There are 30,000 ish people who work for the BBC.
    We have deals with hundreds of companies. I have no idea what the strategic alliance with MS is – and I’m the tech editor.
    It’s never been mentioned to me, no-one in management has ever spoken about it.

    These things honestly do not affect what we write, how we write – I assure you. I’m amazed people even think these things do.
    If you ever wanted to spend some time with us on Technology I’d be happy for you to come and see what the reality is – complete editorial freedom.
    I see my boss once a day, who in turn probabaly sees the overall head of BBC News once a week, who in turn sees the overall BBC boss probably once a week.
    There is no conspiracy. There is no bias. Just journalists reporting the news.

    Will we cover Leopard’s release? Absolutely. I’m really excited about it.

    Will we do as much coverage as we did for Vista? No way.

    Windows machines account for 900 million machines worldwide. The world’s economy to a large degree relies on Windows machines.
    Apple has a 2 or 3% market share of the PC market.

    If we were balanced on a statistical basis, you’d be lucky to get a news story on its release.
    We’ll most likely do a news story, a sidebar looking at the new features of Vista and possibly an analysis piece on whether Leopard will dent Vista sales.

    I think that is balanced.

    SO THE TECHNICAL EDITOR OF THE BBC HAS NO IDEA ABOUT THE MICROSOFT ‘AGREEMENT’. I THINK THAT SAYS IT ALL.

  2. Yeah, the BBC is one to lecture anyone on security. They cannot be distracted by the real world, as they’re too busy wining and dining 7th-century death cultists. Only in the ears of the BBC does “death to the West” translate into “we are peaceful Muslims”. *shaking head*

  3. That was my “takeaway” from the experience. That they only proved that even if you SHOW the ne’er do wells 30 different security risks on the Mac, they STILL can’t create a Mac crippling transmittable virus.

    The best they could do is try to trick you into opening a file and then crashing your system which, while annoying and serious, at least points you to the fact that you have a problem more readily than, say, a Windows app that just installs itself and begins running happily in the background sending all manner of spam/porn all over the place.

    They’ve done more to add to the “smugness” than anyone else.

  4. you know, sounds like a ploy to get more site traffic.. this topic has been played out so much.

    Its an open challenge to the hacking community and you their response is obviously indifferent. There is no point in exploiting such as small group of users. Even if they were successful in turning all OS X machines into zombies for spam distribution, it would still be a tiny success compared to what can be done at any time with the countless easily exploitable WinXP machines.

    Anyhow.. hackers don’t care about ‘viruses’ anymore. They care about exploits that result in $$$$. OS X, luckily, is just not a profitable platform to exploit. When OS X finally takes over the world of computing, us users will probably need to be more conerned with security. Until then, I think you should all feel relatively safe and secure.

  5. “Apple iMacs Cause Global Warming”, “Apple Had Cancer Cure and did not Release it”, “Apple is funded by the devil”,
    “Apple Users Like Animals and Small Children”, “Airport Causes Brains to Explode”

    I want attention!!! I want attention!!! I want attention!!! I want attention!!!

    See how anything can be news if we report it, and they will believe it.

    Next target should be the lemming-like media who will lie to get viewers.

    Just a thought.

  6. ChrissyOne, you are one of the ones the BBC has set up as a target. It may just be possible that you have taken “reasonable” precautions, as I have, but it is at least as likely you are sitting back, running an Admin account as your “user” account, surfing porn, and otherwise ignoring the potential for danger. For what it’s worth, OSX has quite a number of security gaps sitting out there waiting to be crunched. Apple has made it easy for us to get past most of these threats merely by being sensible. You know, a) not running anything “non-admin” from an Admin account, b) decent passwords, c) “safe” browsing, d) …etc. That doesn’t make the potential threats go away, just keeps them at bay.

    Gloating only leads to collapse. I don’t want to be caught in “your” collapse.

    DLMeyer – the Voice of G.L.Horton’s Stage Page

  7. How appropriate that they are referring to the ploy as “MOAB” as the whole campaign turned out to be the “Mother of all Bombs”. People paid attention until about Jan. 3rd. After that it was nothing but yawns and crickets.

  8. Jeremiah 48:29-30: “We have heard of the pride of Moab, pride beyond bounds: His loftiness, his pride, his scorn, his insolence of heart. I know, says the Lord, his arrogance; liar in boast, liar in deed.”

  9. The real issue here is not whether their opinions are biased it’s just that they use the stupid numbers game to equiate importance of coverage.

    How can they say Vista os more important if it has proven to be crap compared to OS X?
    Surely if OS X can free the world from Spam to some extent and rid the average user of virus, spuware and adware issues then it should be recommended highly by the Beeb.

    I pay for my TV licence so therefore I deserve to see good equalled coverage.

    If it were about innovation and how many new technical computing innovations Apple put into Leopard compared to NEW innovations in Vista compared to existing computing platforms than they should spend a week covering Leopard. That’s based on the amount of coverage they have already given Vista.

    Or about innoveations Apple has given the world compared to MS. Now these are the numbers we need the Beeb to take notice of.

    It enrages me and I guess most of you too that they use numbers rather than technical achievement. After all. Numbers are irrelivant in a world of free competition. If the world moved to Macs tomorrow all that would change as far as the world economy is concerned i that people would be more productive and ISP’s would have far less cost as far as bandwidth was concerned because the spambots would diminish.

  10. @jim,

    greta series of email, obviously the tech director has no idea whats going on. but this reminds me of the washington times, whose managing editor claims journalistic agnosticism, while his staff including the executive editor, assert their particular biased viewpoint without a being scolded or checked on from another department.

    its just a way for one hand to have ‘plausible deniability’, while the other does whatever it wants.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.