Mar 12 2009

Apple’s easy to hack after all?

Published by at 7:53 am under Apple/Mac,Hacking

Dino Dai Zovi showed at SOURCE Boston just how easy it is to get into the memory of a Mac.  Apple apparently left off tools that are available in the GNU compiler collection to protect against exactly this sort of attack.  Dai Zovi even says that the current version of OS X is easier to hack than XP.  Ouch.

Does this mean that Mac’s are less secure than PC’s?  Not really, since they’re still such a small percentage of the market that they’re not under heavy attack by malware.  Even though the capability exists to take advantage of this vulnverability, the return on time and effort is still a lot better on the Windows side for malware writers.  Of course, someone could always decide that Macs are an underutilized target for malware and create something interesting.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

3 responses so far

3 Responses to “Apple’s easy to hack after all?”

  1. Robert E. Leeon 12 Mar 2009 at 9:55 am

    “Does this mean that Mac’s are less secure than PC’s? Not really, since they’re still such a small percentage of the market that they’re not under heavy attack by malware.” …

    The security of the platform is not usually measured by the number of people trying to attack it.

    The information at the following links describe the security mechanisms built into the platforms, and where the security mechanisms are expected to be used.

    Apple:
    http://images.apple.com/support/security/commoncriteria/CC_Whitepaper.pdf
    http://www.niap-ccevs.org/cc-scheme/st/vid4012/

    Microsoft:
    http://www.niap-ccevs.org/cc-scheme/st/vid4025/
    http://www.niap-ccevs.org/cc-scheme/st/vid10184/

    –Robert

  2. Alexon 12 Mar 2009 at 10:26 am

    Not trying to be an @ss here, but I think you’re confusing security with risk.

    OSX might be less “secure” for the reasons Dino shows, but the reasons you give (frequency driven by motivation driven by perceived value for effort) might actually make them less “risky” than XP.

  3. Martinon 12 Mar 2009 at 10:55 am

    Alex, you wouldn’t be the man you are if you didn’t point out the difference between risk and security. I wasn’t confusing them so much as not making my point clearly. I was definitely trying to say OS X is still less risky than Windows.

    Martin

Trackback URI | Comments RSS

Leave a Reply

%d bloggers like this: