Not A Blog™

For years, Apple users have boasted about the superior security inherent in the Linux based Macintosh operating system, OSX. While all versions of Microsoft’s Windows operating system were hounded from every angle with security attacks and exploitations, Macintosh users remained relatively untouched from these viruses and worms. It has been an unofficial selling point of the Macintosh for years. But the seemingly invincible Macintosh has been knocked from its smug plateau.

On Halloween, the first Macintosh targeted virus was discovered on the internet. The Apple community was devastated by the news—blindsided by this vicious attack for which they were completely unprepared. Huge numbers of Apple users found themselves slammed with a massive infiltration which threatens Apple Computer’s entire product line and the very foundations of computing itself.

To help evaluate this dire threat, Obsolescence Monthly contacted computer security expert Dr. Robert Tillman. Dr. Tillman has been doing information technology research for 22 years, with specific focus in Apple software. The following is a transcript from his interview.

Obsolescence Monthly: Thank you for joining us, Doctor.

Dr. Tillman: A pleasure.

OM: With the introduction of this virus, huge numbers of Mac users have found their computers compromised and millions more are at risk, tell us—

Dr.T: Wait, I don’t think ‘huge numbers’ is correct.

OM: But the threat is real and present. How many would you estimate?

Dr.T: To our knowledge, no one was actually infected.

OM: Ah. But what about those who discovered the virus? They must have been infected to know what was happening.

Dr.T: Not necessarily. They were aware of the mechanics of a Trojan attack, and recognized the event for what it was. Later they reverse engineered what was purported to be a video codec and discovered that it was, in fact, a virus, at which point this information was released to the internet.

OM: This video codec you mention—it could, potentially, be used for any piece of online video that’s out there?

Dr.T: It’s not a real one. It’s a virus that purports to be one.

OM: But any site with video could potentially prompt the download, correct?

Dr.T: Well, no. It needs to be set up that way on the server’s side—something that can’t be done without the website owners knowing. In this case, it was a porn site that appeared to require this codec to play their videos.

OM: Though we may not like to admit it, porn is fairly lucrative on the internet. So anyone could stumble on this site and down the codec.

Dr.T: Sure. But it was a very obscure site. From what I’ve heard, most people stick with a few mainstream sites which offer free porn with cross-platform compatible videos. It doesn’t sound like the site with the virus was getting a lot of traffic.

OM: You say, “From what I’ve heard?” Does that mean you don’t—

Dr.T: No.

OM: Okay. But let’s say for the sake of argument that someone does visit this site. Once there, the malicious code immediately downloads itself without the user’s knowledge and infects the computer automatically, as Windows exploits do?

Dr.T: No. You have to click on a video.

OM: Okay, but then it downloads automatically and infects the computer?

Dr.T: No, no. It opens a dialog box telling you to download a codec.

OM: So you click “okay”, at which point—bam—virus downloads and installs.

Dr.T: Um, no. It downloads the virus installer to your desktop or downloads folder like any other file.

OM: So you run it from your desktop, and now you’re infected!

Dr.T: Well, you have to unzip it first.

OM: Right, you do that. Run, infect.

Dr.T: Uh, no. Not quite. You still have to type in your password to give the trojan root privileges. It can’t gain that on its own. But of course you should only be using that password to install software from trusted vendors. If you’re just typing it in for any old bit of code that downloads—even from a seedy porn site—you have bigger problems than the occasional trojan.

OM: Okay, you type in your password, the program runs, and now you’re infected?

Dr.T: Right.

OM: Wow. I can’t believe how insecure OSX is. It’s almost too easy. So now that you’re infected, what happens?

Dr.T: The trojan highjacks the computer’s DNS table. So when you type a web address into your browser, instead of looking up the actual DNS for that website, it redirects you a look-alike website, which could steal your personal information.

OM: So this trojan redirects logins for eBay, Amazon, Google, Yahoo, and all those big sites, potentially compromising dozens of passwords and personal data?

Dr.T: No, not really. This trojan actually only has a redirect for one site: the same one where you downloaded the trojan.

OM: Huh. That doesn’t sound very useful.

Dr.T: No, it’s not.

OM: Hm.

Dr.T: Yeah.

OM: But now we know that the potential exists for this sort of attack, so it will probably become more common.

Dr.T: It could cause more of a problem in the future. But this sort of attack can only be launched from certain sites. Most mainstream Mac users probably won’t ever run into something like this.

OM: Those who don’t look at porn, you mean.

Dr.T: Or just stay to the well-known, trusted porn sites and you should be fine.

OM: Okay, great. Well thank you for joining us and applying your expertise to the subject. It is, of course, very valuable.

Dr.T: Thank you for having me on.

And there you have it! Macs running OSX are clearly no more secure than PC’s running Windows. Simply by visiting an obscure pornography website, selecting a video, choosing to download the “codec”, opening it, running it, and providing it with your root password that you are only supposed to use when installing trustworthy software—it can take over your computer!

Apple’s charade of secure, user-friendly operating systems has been shattered! No more can it consider itself superior to the venerable Windows platform. Apple is in the crosshairs, and this tidal wave of malicious code will only continue to grow! If Apple ever had any real advantage, this facade has been decimated in the wake of one crippling trojan.

The next two years will be a struggle for Apple Computer, the likes of which the IT industry has never seen before!

« Previous Page — Next Page »