Published in News

Apple's faith-based security by obscurity failing

by on15 October 2015


Running away from that bunny


Malware writers are finally getting around to writing code for Apple gear and needless to say it is falling over fast.

For years Apple has made much of the fact that Apple's did not get viruses. It claimed that unlike Android and Microsoft its superior security systems protected its users. When rare malware tipped up, Apple fanboys would write long dull comments about how it was not really "a virus."

The reality was that Windows, and later Android were under constant attack because they were the operating systems of important systems. A hacker who took out an iPhone would end up with a Coldplay collection and a stack load of selfies of a kid in his basement.

However all that has started to change after Apple's notebooks became a little more popular, popular enough at least for people write malware to take them down. Apparently the security system Apple has in place is not that difficult to take down.

A report by the security company Bit9 + Carbon Black shows that more malware has been found this year for OS X than in the last five years combined.

The company found 948 unique samples of malware this year compared to just 180 between 2010 and last year.

The malware isn't very sophisticated and is easy to remove, but that is sort of the problem. If Apple's security was that great, then it should not even be there. The fear is that if someone sat down and created the sort of malware which Windows has to deal with it would be incredibly successful.

More than half of the malware found this year was aimed at forcing people to view advertisements, a class of annoyances known as adware. Also, infections were mostly dependent on users making poor decisions, such as downloading what should be recognized as questionable software.

The amount of Mac Malware out there is still not high. In fact all of it can fit in the amount of Windows malware you will see in an hour. But it is growing at the same speed that Microsoft saw in the early days of virus writing.

Apple has basic coding problems which even Microsoft would not have made.
For example its Gatekeeper software, introduced in 2012, checks if applications have a digital signature and will block those that don't have one approved by Apple.

Sounds good, but was easy to get around and earlier this year Patrick Wardle of Synack did so. Apple patched it but did so superficially and it took a while. Needless to say the same vector was adapted to take advantage of Apple's slap-dash approach Wardle hacked it again.

Wardle said that Apple's security team were "sharp guys" but the corporate culture is all about usability and looks over security.

Apple introduced a new defence in OS X El Capitan called System Integrity Protection (SIP), which should make it a lot harder for malware writers to touch critical OS files.

But Wardle said Apple has fixed more than 100 security bugs in El Capitan so far, which means there are likely other opportunities to get malware onto a machine.
"I'm sure more advanced adversaries could find remote vulnerabilities if they needed to," he said.

Last modified on 15 October 2015
Rate this item
(8 votes)

Read more about: