Fortress Mac is — Whoops — There it Goes…

Mac hardware is fabulous in every sense of the word. The shell that Apple can wrap around motherboards, hard drives and the other components that go into making a modern computer is truly a thing of beauty. Sure, it’s not magic and, like any other computer, it won’t type these words for me any more than my toolbox will spring into life and fix all the little things around the house that await my attention.

But one thing is for sure – home computers no longer have to be ugly, unstylish beige boxes. Now you can have a computer that tells everyone who sees it that you have style and good taste.

But strip away that outer shell and what you end up with isn’t all that different to what’s inside those beige boxes. You have a bunch of parts all hooked up to a motherboard and an operating system bringing the hardware to life. And that’s the weak link. Don’t for one moment be fooled into thinking that an operating system comes to life through a magical process that concludes with a flawless product. The reality is that operating systems are written by programmers who have too much to do and the birthing process is constantly being hurried along by managers at all levels who want the product to go out of the door and onto shelves as quickly as possible.

In reality it’s an ugly process, and while every company wants you to think that the software it is delivering to you is perfect in every way, the reality is that this can never be achieved, especially given the conditions under which it is put together. To err is human, they say (and they’re right). Windows is imperfect, Mac OS is imperfect, and Linux is imperfect. But, more importantly, users are imperfect.

Last week we saw the first example of a criminal group targeting the Mac OS X platform with a Trojan disguised as a fake codec. While this attack was very basic and the process far from smooth, it’s the kind of attack that has been very effective in netting Windows users in the past, so why not apply the same kind of attack to the Mac platform?

After all, since about 50 per cent of those purchasing new Macs are new to the OS, chances are that many of them were using Windows not all that long ago and gave up because they couldn’t manage the OS well enough – and as a result had set malware loose on it through their own actions. No matter what the OS, if users allow malware to get a foot in the door, their system can and will be compromised. All it takes is the smallest crack for the fortress to become insecure.

Mac users have long claimed that their OS is somehow immune or impervious to the collective intelligence of the hacking and cyber crime communities. Others say the reason for the lack of Mac OS X specific malware is due to the comparatively low number of users. Why go after an OS with a market share down in the low single digits when you can go after Windows users? Assuming that the proportion of ID10T usersare about the same for both Windows and Mac, hackers should be able to find ample victims without having to make their code work cross-platform.

Next page: The hackers are coming…

Mac bugs are there, waiting for hackers. Projects such as the Month of Apple Bugsclearly demonstrated the sheer number of bugs and ease with which they could be exploited. So far Mac has had an easy run, but more users are flock to the platform. Especially those looking for an escape from constant OS updates and having to worry about keeping antivirus and antimalware applications up-to-date. (I’m guessing that some of these new users will have thrown away their last PC because it ‘crashed’ and they didn’t have the know-how to fix it). It’s inevitable that hackers are going to be paying closer attention to the code that Apple releases.

Keeping any system (and the associated ecosystem it connects to) safe means practicing common sense when behind the keyboard. The Windows ecosystem has been let down for too long by people far too willing to click on anything and agree to everything they see on the screen. They’ve come to the mistaken conclusion that it’s not them that’s at fault but Windows, and switching OS is the obvious answer. But it isn’t. All that these people are going to do is make the Mac ecosystem just as bad as the Windows one (although, if enough migrate over to Mac OS X, maybe Windows as a whole will become just a little safer).

But, if fortress Mac does crumble, who will Mac users turn to for protection? Will Mac users rely on Apple for patches and updates to fix vulnerabilities as they are discovered? Or will they have to turn to third-party companies and clutter up the Mac OS with security suites and spyware scanners? My guess is that many Mac users will eventually have to give in and subscribe to a third-party security solution because there are some threats that an OS just can’t protect the user from.

The biggest threat to Mac security is user stupidity, and not even Apple can do much about that.