Barbarians At The Mac’s Shaky Gates

The surest sign an operating system has arrived is when virus writers begin to target it.

Welcome to the party, Mac OS X.

Malware researchers found a new and, for Apple, extremely rare piece of malicious software for the Mac, which comes on the heels of a scathing security review of the Mac OS X 10.5, a.k.a. Leopard. Apple released the operating system last week after some delays due to the iPhone and other projects.

The virus in question is actually a Trojan, a DNS changer called OSX/Puper. There is an identical version of this on Windows as well. It was found on pornographic Web sites where it pretends to be a codec (define) that the user needs to install to view the naughty material.

Once installed, it intercepts DNS calls to Web sites and redirects the user to a malicious Web site where more malware awaits.

Fortunately, McAfee and the few other antivirus vendors supporting the Mac have upgraded their definitions and can detect it.

But as Dave Marcus, security research and communications manager at McAfee’s Avert Labs told InternetNews.com, “most Mac users don’t run antivirus software because they are under the impression there are no viruses for the Mac. That’s been true up until a day or two ago.”

McAfee, prepared for the worst, made antivirus software for the Mac not only because of the potential for infection, but also because it can store virus files that could also infect PCs.

“We’ve been expecting it, but Mac OS has never been a target of opportunity,” Marcus said. “But now there’s more Mac OS in people’s hands than ever before, so it’s becoming more of a target of interest for malware writers. And we always knew they could come anyway.”

While Mac OS X 10.5 is generally earning high marks, one area where it’s getting a thumbs down is security. Upgrading a computer to Leopard disables the firewall and the firewall isn’t restored until the installation is completed. Other problems are noted in a widely distributed report on the Internet from the UK security firm Heise Security.

Among the shortcomings: at its default setting of “allow all incoming connections,” the firewall is essentially off. The firewall does not allow for different levels of security, such as the difference between a safer environment—like a corporate network—and something riskier, like a public Wi-Fi.

Heise said Mac OS X failed every test, reminiscent of Window XP, which Mac OS is often favorably compared against. “Apple is showing here a casual attitude with regard to security questions which strongly recalls that of Microsoft four years ago,” wrote Heise in its conclusion.

An Apple spokesperson was not immediately available to comment on the security concerns.

McAfee’s Marcus, a Mac user, admitted he’s holding off on upgrading because of the negative anecdotes he’s already heard from others.

“I’ve heard enough feedback that makes me want to wait,” he said. “Some of the features, like sandboxing, are a step in the right direction. It’s a very effective way of addressing certain issues. But most of us are waiting because of all the feedback we’re hearing.”

But IDC analyst Bret Waldman is willing to cut Apple some slack. “In general, security built into operating systems has not lived up to a gold standard regardless of which operating system it is,” he told InternetNews.com. “It’s not their forte, it’s not their core competence. If you really want security you need to go with a security vendor.”

This article was first published on InternetNews.com.

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020