Despite the misleading claims in the article you cite, according to F-Secure, "Inqtana.A has not been met in the wild and has internal counter that prevents it's operation after 24. February 2006. So it is unlikely that this variant would be a threat to Mac Users." It was an academic proof of concept, not an in the wild spreading virus and I've seen no reports of it in the wild. Sadly, people writing articles parrot terms like "in the wild" "zero day" and "virus" without understanding what the terminology actually means.
This is possible to set up in Windows, GNU/Linux (using SELinux; you can also simplify things and run your web browser in the SELinux sandbox, which confines downloaded programs to the same sandbox, and by default deletes those programs when the sandbox is closed), FreeBSD (with TrustedBSD), TrustedSolaris (if anyone still cares about Solaris), AIX, etc...but I am not sure that this is something that is officially supported in Mac OS X. That being said, Mac OS X does have mandatory access control built into its kernel, and as far as I know that is what is used to implement "parental controls."
OS X's Mandatory Access Controls are a port of TrustedBSD. They are used to sandbox selected services in OS X to improve security, but not widely deployed yet for userspace software. You can configure them yourself using the CLI or using a third party application like "Sandbox".
The Mac scanner only scans for Trojans at this point (3 of them including MacDefender), not viruses. Apple has typically left virus scanning up to 3rd parties, while taking a more active role in alerting users about phishing and malware up front.
Ummm, what viruses would it be looking for? There aren't any real, in the wild Mac viruses unless you count Mac Guard, which barely qualifies and is only delivered via trojan that happens to spawn a separate app at run time.
So every virus for Macs will get killed in the next update? Very nice work for Apple if it happens that way.
Not really any different than Microsoft's monthly "Malicious Software Removal" update that's pushed for Windows.
Well, except that it is daily updates and not monthly, and it applies to downloads and first launch based on signature, rather than downloads, scanning, and every run time. It is, in fact, behind MS's offerings in several ways. It is probably more than sufficient to deal with the level of threat Mac users are facing.
Originally this malware asked for an admin password which means it could get access to admin privileges. This new variant installs under user permissions which means that the admin can more easily remove it.
While theoretically this could have been the case, it isn't. The original software just needed to be force quit and dragged to the trash.
Something like 97% of Windows malware infections these days are caused by users "deliberately" installing malware...
Citation please. When last I had access to real data, automated worms accounted for about 50% of infections. That was some time ago, but if you're making an assertion about this, a source is necessary.
More likely they'd want to create the "Mac FULL BLOWN APPLICATIONS Store" where they can extort a percentage of every software sale from every Mac publisher.
Right. So they create a single store that is a gateway to Mac app developers, then make money off of being the gatekeeper by extorting developers. So fewer people develop for the Mac, there are fewer applications, and Mac sales drop (or don't increase as rapidly) because some people can't find the applications they want and so don't buy Macs. Apple makes money on the service and loses money on hardware sales. That's the business plan you're proposing is their sneaky scheme? Why? Why would they break with their successful and very profitable business plan of using services and availability of applications to drive hardware sales?
And if they can convince their userbase the only way to be safe and secure is to purchase their software thru the Mac App Store, it wouldn't be a gold mine, it'd be the freaking mother lode for them!
How do you figure? Between the cost of running the service and supporting all the free software in the world (where Apple doesn't get a cut but still has to pay the costs) and the reduced incentive to developers that translates into fewer Mac sales (still a huge source of Apple's revenue) how do you figure Apple will be making more money? Do you even have some back of the napkin type figures or is it just a belief you thought was cool so you decided to buy into it?
4. Apple moving all software under the App Store banner is *precisely* what Apple wants to do because it makes them more money - it has *nothing* to do with anti-malware measures apart from giving them a good excuse to do it amongst the faithful. As that lockdown gets more and more, you will see a recurrence of exactly what has plagued Windows for many years - namely that not every fanboi has millionnaire parents and whilst some will buy every piece of software they use, most will get cracked copies which will be infected with all manner of malware because they won't or can't pay for the software.
This is an interesting assertion, but it isn't actually backed up with any facts. How lucrative is the Mac app store? Is it even profitable or are they running it at break even or at a loss in order to make Macs more appealing? My point isn't that you are incorrect, necessarily, just that you haven't provided any real reasons to support your hypothesis.
Personally, I think you're ascribing to Apple motives based upon a poor understanding of their business methods and based upon false assumptions about where profit in their model comes from and how they like to create business packages. Apple ran the iTunes Store at a loss for over a year and then at break even rates. They fought the RIAA when it came to policies that would have resulted in more duplicate sales of songs and higher profits on some sales. They didn't do this because they were being altruistic. They did this because profit from the iTunes store was never the purpose of that service. Apple made millions, possibly billions now selling iPods. They created the iTunes application and the iTunes store as a strategic loss designed to sell more of their devices by making those devices more appealing to consumers. That's a good strategy and a solid business model they've since repeated.
When Apple talks about bringing iPhone wins to the Mac platform, I see similar strategies in the background. Apple already develops OS X and all the included apps at a loss as a way to sell Macs. They sell upgrade licenses for some of that software, but not enough to cover the cost of ongoing development. But that's okay because sales of Macs more than make up the difference. So a Mac app store, it's primary purpose is almost certainly going to be to sell more Macs. Then, if it makes some money for Apple as well, great. The idea that they would do things to intentionally make the Mac experience worse, however, in order to gouge users for more money, well it doesn't seem likely to me. And, again, that's not because Apple is altruistic. It's because they have a good, profitable, working business model now and threatening the sales stream that still accounts for close to half of their profits in order to try to pull in some shares on some software sales, well that seems like a foolish business plan. Given the ratio of paid to unpaid software in the Mac store, especially if it is anything like the iTunes store, Apple isn't likely to be pulling in a lot of cash from that particular revenue stream.
Intel designed and developed the tech, and Apple just came to them and said "Hey, here's some ideas for the final implementation, and we'd like to put it in our devices soon." It is an Intel technology, and one in development for quite awhile.
Arstechnica: "According to a report from Engadget, Apple contacted Intel as early as 2007 to lay out the idea for a standard connector that could move massive amounts of data as well as replace the numerous different connectors currently in use—USB, FireWire, even DisplayPort—with just one standard connector."...and... "It turns out that Apple may have been heavily involved in getting Intel to develop the protocol"...and finally... "Conversations about how the connection standard would work are reported to have involved Apple CEO Steve Jobs and Intel CEO Paul Otellini, with Apple insisting that an optical interconnect was critical to its success."
You get the same "This program is going to delete all your data, send pictures of you with that asian hooker to your wife, list your house on eBay for $10, and kick your dog. Press OK to continue?" only multiplied by a hundred; and
You point out a horribly flawed user interface that causes serious security problems as evidence that the underlying technology (already used on the iPhone and in SELinux among other places) can't work? If you present a user with a "Press OK to continue?" dialog on Windows, ever, you have failed in creating a user interface that will actually get the user to read and make a conscious choice. There are whole books on this interface failure.
If the ignorant end user has the ability to allow a program access, they will.
Ignorant user is right. Currently a user is not informed what access an app wants, in plain English, what the ramifications of that are, and then are not given any good choices about what to do. Gee, "something wants something can it do everything forever?" Brilliant! How about, "The application MacDefendor is from an unknown source and wants access to modify your Web browser and have complete control of your computer from now on. We recommend not allowing it this access. [Close MacDefendor] [Run MacDefendor, but restrict it to normal application privileges] [Allow MacDefendor complete control of my computer from now on].
You cannot secure an unmanaged system.
You cannot secure any system, but you can do a better job than we do now for systems in general. Nor was I advocating, specifically, for an unmanaged system. Personally I feel we should be breaking the application trust verification and sandbox preferences away from the application repository to introduce some competition. Strangely I don't trust Canonical or Apple to be the one and only decider as to what apps are "good", but at the same time I do want to download and update and manage all my apps from the same interface in the OS. I like having experts decide what is and is not secure/malware, but I think they'd do a lot better job if there was more than one party I could choose (even if I had to pay an AV company a fee).
It is better than trusting packages from random sources.
Agreed.
Nothing is 100% secure, and I would daresay that if there are only three examples of crap getting through the repo system, those odds are really good.
There are two big problems with the current repo system: trojans getting in, enough software not being available in the repos that users are trained to download binaries. Frankly, I've never run a Linux desktop where I didn't both resort to both downloading binaries of apps I needed and hoping for the best and dropping to the CLI to work around usability problems with the GUI package manager software.
While nothing is ever 100% secure, we can sure as hell do a lot better than we are now. I would assert that, we need to start sandboxing all apps using ACLs. We need to decouple assessing the trust/security of apps from the act of making them available to the end user via package managers. Finally, we need to introduce competition into both of those aspects of the process. We need to make it easier to add a new repository and the software package a user wants from a Web page, than it is to download an installer binary from the same Web page and it needs to be easier for both users and software developers. Then we need to have software assessed for security by any and all comers and let end users decide who they trust and who they don't. Vendors can set good defaults, like don't trust apps not vetted by Apple or Microsoft or Google, and user can add free or commercial trust listings that encompass software those companies are not interested or diligent enough to have assessed. This might slow general time to market for software development a month or so, but it will also neatly crush the the trojan problem without sacrificing user choice.
Of course, i didn't say otherwise. If you don't trust, don't install.
This is a flawed and outdated security paradigm. Frankly a binary "trust" or "don't trust" is insufficient for the modern world. We need a lot more, "need to run, but don't trust any more than necessary". Frankly, all apps should be restricted by default from messing with the vast majority of the system. How many apps really, legitimately need to modify what pages your browser visits or needs to run background apps after the main app is closed? What is wrong with asking the user BEFORE allowing an app's sandbox to have these privileges?
I would argue that Linux, which gets updated VERY frequently would have significantly less open flaws which can allow drive-by-downloads. So that's one problem stopped.
Linux is a broad term, but a Linux desktop install like Ubuntu generally fairs about the same as OS X when drive by downloads are considered. Linux is less targeted by exploits to things like PDF readers. Exposed services are fairly locked down on both, maybe a little more on OS X as they have been applying sandboxing to exposed services like zeroconf and, thus, were not vulnerable to the exploits that hit that service on Linux a year or so ago.
Secondly, the Software Center/repositories/whatever mean that you can install stuff from there. Any updates will happen from the update manager which requires sudo. In fact, if you're a normal user - and its not the Software Center or the Update Manager which is asking for that password, you deny it. Simple. Something anyone can remember.
Again, this is fairly similar to OS X. Both Linux and OS X ask for your admin password to install apps and both have a repository for free and paid apps. On both platforms, these repositories are underused and users frequently bypass them to install apps not listed in the repository. Making these repositories more inclusive seems like an important step to improving security, especially against trojans like the one in this article.
Thirdly, I have this belief (which I have yet to prove) that Linux users are generally more 'nerdy' computer users than mac users who are drawn in by how 'fashionable' it is and by Apple's superior marketting skills.
In general, you're probably right. The percentage of Linux on the desktop users that are security conscious is probably higher than that for OS X users. One should not, however, discount that most security professions these days seem to be using OS X laptops (if security conferences are any indication) and the discovery of threats and malware on each platform is somewhat influenced by this specific user group.
Slashdot Mirror
There have been some actual viruses in the wild for Mac, but the vulnerabilities are quickly patched, effectively preventing the viruses from spreading on any up-to-date system. http://www.scmagazineus.com/second-mac-virus-in-the-wild/article/32987/ [scmagazineus.com]
Despite the misleading claims in the article you cite, according to F-Secure, "Inqtana.A has not been met in the wild and has internal counter that prevents it's operation after 24. February 2006. So it is unlikely that this variant would be a threat to Mac Users." It was an academic proof of concept, not an in the wild spreading virus and I've seen no reports of it in the wild. Sadly, people writing articles parrot terms like "in the wild" "zero day" and "virus" without understanding what the terminology actually means.
This is possible to set up in Windows, GNU/Linux (using SELinux; you can also simplify things and run your web browser in the SELinux sandbox, which confines downloaded programs to the same sandbox, and by default deletes those programs when the sandbox is closed), FreeBSD (with TrustedBSD), TrustedSolaris (if anyone still cares about Solaris), AIX, etc...but I am not sure that this is something that is officially supported in Mac OS X. That being said, Mac OS X does have mandatory access control built into its kernel, and as far as I know that is what is used to implement "parental controls."
OS X's Mandatory Access Controls are a port of TrustedBSD. They are used to sandbox selected services in OS X to improve security, but not widely deployed yet for userspace software. You can configure them yourself using the CLI or using a third party application like "Sandbox".
The Mac scanner only scans for Trojans at this point (3 of them including MacDefender), not viruses. Apple has typically left virus scanning up to 3rd parties, while taking a more active role in alerting users about phishing and malware up front.
Ummm, what viruses would it be looking for? There aren't any real, in the wild Mac viruses unless you count Mac Guard, which barely qualifies and is only delivered via trojan that happens to spawn a separate app at run time.
So every virus for Macs will get killed in the next update? Very nice work for Apple if it happens that way.
Not really any different than Microsoft's monthly "Malicious Software Removal" update that's pushed for Windows.
Well, except that it is daily updates and not monthly, and it applies to downloads and first launch based on signature, rather than downloads, scanning, and every run time. It is, in fact, behind MS's offerings in several ways. It is probably more than sufficient to deal with the level of threat Mac users are facing.
Originally this malware asked for an admin password which means it could get access to admin privileges. This new variant installs under user permissions which means that the admin can more easily remove it.
While theoretically this could have been the case, it isn't. The original software just needed to be force quit and dragged to the trash.
Something like 97% of Windows malware infections these days are caused by users "deliberately" installing malware...
Citation please. When last I had access to real data, automated worms accounted for about 50% of infections. That was some time ago, but if you're making an assertion about this, a source is necessary.
More likely they'd want to create the "Mac FULL BLOWN APPLICATIONS Store" where they can extort a percentage of every software sale from every Mac publisher.
Right. So they create a single store that is a gateway to Mac app developers, then make money off of being the gatekeeper by extorting developers. So fewer people develop for the Mac, there are fewer applications, and Mac sales drop (or don't increase as rapidly) because some people can't find the applications they want and so don't buy Macs. Apple makes money on the service and loses money on hardware sales. That's the business plan you're proposing is their sneaky scheme? Why? Why would they break with their successful and very profitable business plan of using services and availability of applications to drive hardware sales?
And if they can convince their userbase the only way to be safe and secure is to purchase their software thru the Mac App Store, it wouldn't be a gold mine, it'd be the freaking mother lode for them!
How do you figure? Between the cost of running the service and supporting all the free software in the world (where Apple doesn't get a cut but still has to pay the costs) and the reduced incentive to developers that translates into fewer Mac sales (still a huge source of Apple's revenue) how do you figure Apple will be making more money? Do you even have some back of the napkin type figures or is it just a belief you thought was cool so you decided to buy into it?
4. Apple moving all software under the App Store banner is *precisely* what Apple wants to do because it makes them more money - it has *nothing* to do with anti-malware measures apart from giving them a good excuse to do it amongst the faithful. As that lockdown gets more and more, you will see a recurrence of exactly what has plagued Windows for many years - namely that not every fanboi has millionnaire parents and whilst some will buy every piece of software they use, most will get cracked copies which will be infected with all manner of malware because they won't or can't pay for the software.
This is an interesting assertion, but it isn't actually backed up with any facts. How lucrative is the Mac app store? Is it even profitable or are they running it at break even or at a loss in order to make Macs more appealing? My point isn't that you are incorrect, necessarily, just that you haven't provided any real reasons to support your hypothesis.
Personally, I think you're ascribing to Apple motives based upon a poor understanding of their business methods and based upon false assumptions about where profit in their model comes from and how they like to create business packages. Apple ran the iTunes Store at a loss for over a year and then at break even rates. They fought the RIAA when it came to policies that would have resulted in more duplicate sales of songs and higher profits on some sales. They didn't do this because they were being altruistic. They did this because profit from the iTunes store was never the purpose of that service. Apple made millions, possibly billions now selling iPods. They created the iTunes application and the iTunes store as a strategic loss designed to sell more of their devices by making those devices more appealing to consumers. That's a good strategy and a solid business model they've since repeated.
When Apple talks about bringing iPhone wins to the Mac platform, I see similar strategies in the background. Apple already develops OS X and all the included apps at a loss as a way to sell Macs. They sell upgrade licenses for some of that software, but not enough to cover the cost of ongoing development. But that's okay because sales of Macs more than make up the difference. So a Mac app store, it's primary purpose is almost certainly going to be to sell more Macs. Then, if it makes some money for Apple as well, great. The idea that they would do things to intentionally make the Mac experience worse, however, in order to gouge users for more money, well it doesn't seem likely to me. And, again, that's not because Apple is altruistic. It's because they have a good, profitable, working business model now and threatening the sales stream that still accounts for close to half of their profits in order to try to pull in some shares on some software sales, well that seems like a foolish business plan. Given the ratio of paid to unpaid software in the Mac store, especially if it is anything like the iTunes store, Apple isn't likely to be pulling in a lot of cash from that particular revenue stream.
Intel designed and developed the tech, and Apple just came to them and said "Hey, here's some ideas for the final implementation, and we'd like to put it in our devices soon." It is an Intel technology, and one in development for quite awhile.
Arstechnica: "According to a report from Engadget, Apple contacted Intel as early as 2007 to lay out the idea for a standard connector that could move massive amounts of data as well as replace the numerous different connectors currently in use—USB, FireWire, even DisplayPort—with just one standard connector." ...and... "It turns out that Apple may have been heavily involved in getting Intel to develop the protocol" ...and finally... "Conversations about how the connection standard would work are reported to have involved Apple CEO Steve Jobs and Intel CEO Paul Otellini, with Apple insisting that an optical interconnect was critical to its success."
You get the same "This program is going to delete all your data, send pictures of you with that asian hooker to your wife, list your house on eBay for $10, and kick your dog. Press OK to continue?" only multiplied by a hundred; and
You point out a horribly flawed user interface that causes serious security problems as evidence that the underlying technology (already used on the iPhone and in SELinux among other places) can't work? If you present a user with a "Press OK to continue?" dialog on Windows, ever, you have failed in creating a user interface that will actually get the user to read and make a conscious choice. There are whole books on this interface failure.
If the ignorant end user has the ability to allow a program access, they will.
Ignorant user is right. Currently a user is not informed what access an app wants, in plain English, what the ramifications of that are, and then are not given any good choices about what to do. Gee, "something wants something can it do everything forever?" Brilliant! How about, "The application MacDefendor is from an unknown source and wants access to modify your Web browser and have complete control of your computer from now on. We recommend not allowing it this access. [Close MacDefendor] [Run MacDefendor, but restrict it to normal application privileges] [Allow MacDefendor complete control of my computer from now on].
You cannot secure an unmanaged system.
You cannot secure any system, but you can do a better job than we do now for systems in general. Nor was I advocating, specifically, for an unmanaged system. Personally I feel we should be breaking the application trust verification and sandbox preferences away from the application repository to introduce some competition. Strangely I don't trust Canonical or Apple to be the one and only decider as to what apps are "good", but at the same time I do want to download and update and manage all my apps from the same interface in the OS. I like having experts decide what is and is not secure/malware, but I think they'd do a lot better job if there was more than one party I could choose (even if I had to pay an AV company a fee).
It is better than trusting packages from random sources.
Agreed.
Nothing is 100% secure, and I would daresay that if there are only three examples of crap getting through the repo system, those odds are really good.
There are two big problems with the current repo system: trojans getting in, enough software not being available in the repos that users are trained to download binaries. Frankly, I've never run a Linux desktop where I didn't both resort to both downloading binaries of apps I needed and hoping for the best and dropping to the CLI to work around usability problems with the GUI package manager software.
While nothing is ever 100% secure, we can sure as hell do a lot better than we are now. I would assert that, we need to start sandboxing all apps using ACLs. We need to decouple assessing the trust/security of apps from the act of making them available to the end user via package managers. Finally, we need to introduce competition into both of those aspects of the process. We need to make it easier to add a new repository and the software package a user wants from a Web page, than it is to download an installer binary from the same Web page and it needs to be easier for both users and software developers. Then we need to have software assessed for security by any and all comers and let end users decide who they trust and who they don't. Vendors can set good defaults, like don't trust apps not vetted by Apple or Microsoft or Google, and user can add free or commercial trust listings that encompass software those companies are not interested or diligent enough to have assessed. This might slow general time to market for software development a month or so, but it will also neatly crush the the trojan problem without sacrificing user choice.
Of course, i didn't say otherwise. If you don't trust, don't install.
This is a flawed and outdated security paradigm. Frankly a binary "trust" or "don't trust" is insufficient for the modern world. We need a lot more, "need to run, but don't trust any more than necessary". Frankly, all apps should be restricted by default from messing with the vast majority of the system. How many apps really, legitimately need to modify what pages your browser visits or needs to run background apps after the main app is closed? What is wrong with asking the user BEFORE allowing an app's sandbox to have these privileges?
I would argue that Linux, which gets updated VERY frequently would have significantly less open flaws which can allow drive-by-downloads. So that's one problem stopped.
Linux is a broad term, but a Linux desktop install like Ubuntu generally fairs about the same as OS X when drive by downloads are considered. Linux is less targeted by exploits to things like PDF readers. Exposed services are fairly locked down on both, maybe a little more on OS X as they have been applying sandboxing to exposed services like zeroconf and, thus, were not vulnerable to the exploits that hit that service on Linux a year or so ago.
Secondly, the Software Center/repositories/whatever mean that you can install stuff from there. Any updates will happen from the update manager which requires sudo. In fact, if you're a normal user - and its not the Software Center or the Update Manager which is asking for that password, you deny it. Simple. Something anyone can remember.
Again, this is fairly similar to OS X. Both Linux and OS X ask for your admin password to install apps and both have a repository for free and paid apps. On both platforms, these repositories are underused and users frequently bypass them to install apps not listed in the repository. Making these repositories more inclusive seems like an important step to improving security, especially against trojans like the one in this article.
Thirdly, I have this belief (which I have yet to prove) that Linux users are generally more 'nerdy' computer users than mac users who are drawn in by how 'fashionable' it is and by Apple's superior marketting skills.
In general, you're probably right. The percentage of Linux on the desktop users that are security conscious is probably higher than that for OS X users. One should not, however, discount that most security professions these days seem to be using OS X laptops (if security conferences are any indication) and the discovery of threats and malware on each platform is somewhat influenced by this specific user group.