Menu
Mac (insecurity): How to secure Macs in business

Mac (insecurity): How to secure Macs in business

As Macs make their way into the enterprise, IT needs to address these six security flaws before disaster strikes

Security flaw No. 5: Complacency over malware

The recent appearance of a kit that lets malicious parties install Trojan horses in legitimate software to, in turn, obtain root access to a Mac seems to run counter to the widely held view that Macs are immune from many of the exploits that once plagued Windows (and that Vista has ameliorated).

But that Trojan horse doesn't meet the smell test: Like a few other "concept attacks," the exploit requires that someone download and install software, although no password is required for the malware to run. (The exploit relies on the escalated privileges available for the Apple Remote Desktop agent, or ARDAgent, even when it's turned off. An AppleScript command can be sent to the agent, which is handed off as a root-level shell command.) A survey of security experts and the buzz among the Mac enterprise management community shows that this threat is a nonstarter.

The fact is that the Mac has not been a malware target, and it is safer than Windows from such threats. And that's where the risk lies: The Mac is safer from malware today, and there's very little concern about the Mac being a gateway to infecting Windows users.

But that may not be true in the future, and there is some concern that IT won't be ready to protect Macs from malware when that day comes.

Today most of those who follow Mac security closely seem to abjure anti-virus software. "It's not unreasonable to use anti-virus in an enterprise, especially if compliance is an issue," says Mogull -- but "I wouldn't necessarily recommend that for a consumer," he adds, because today's anti-virus apps don't address Mac OS X's actual risk profile today. "Anti-virus is an industry failure," Ptacek says. Because of this, he can't recommend that companies install anti-virus software at all.

Dino Dai Zovi, an independent security researcher, is concerned about acceleration in this area. "Because there is still very little malware in the wild targeting Apple, it is still a safe platform, and it is in a lot of ways safer than the Windows equivalent. But I think that that time is rapidly changing," he says.

Mogull cautioned that the worst could be yet to come. "It isn't that the Mac is immune or even more resistant to these attacks, there just hasn't been very much interest in them," he says, a sentiment echoed by security experts and IT managers. With more Macs in the enterprise, it's likely that attacks designed to extract information or take over Macs to use them as zombies will hit the wild.

While the Mac OS itself is fairly safe, at least for now, from malware, the Mac OS X's default Safari browser is not. "We've long since moved into this place where it's about the browser and about JavaScript," Ptacek says.

Even security experts unconcerned over OS-level malware threats are worried about browser-based threats. The fears center on as-yet-undiscovered flaws in the Safari browser and on Apple's use of the Webkit, a browser engine that's both employed throughout OS X and available to third-party developers. The concerns are not theoretical: A flaw in Safari on the iPhone found in a TIFF library module lets an iPhone forfeit root control just by visiting a Web page. (This was briefly a popular way of jailbreaking iPhones to install third-party software.)

Solutions: Keep abreast of security updates and security news related to Macs. Make sure the same outgoing firewall monitoring tools cover Macs as other platforms to identify hallmarks of hijacked systems.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments