Back from vacation
Back from summer vacation, we’ve noted only two significant Mac Internet security events from the past couple weeks, one of which isn’t even really a security event at all. The non-event was that users discovered that Mac OS 10.4.7 will clandestinely “phone home” to Apple every few hours. This is more a privacy than a security event. The other, more significant event is that security firm Sophos recommended that home users consider switching from Windows to Macs for security reasons, with a press release headline of “Malware statistics suggest it is time for home users to switch to Macs.”
First the non-event: Apple shipped a 10.4.7 update two weeks ago. One feature of that update, documented by Apple, was “You can now verify whether or not a Dashboard widget you downloaded is the same version as a widget featured on ( before installing it.” This feature, in theory, provides added security that prevents a malicious Web site from providing a fake widget that could do something bad. Unfortunately, for reasons still unknown, Apple chose to implement this type of security by having Mac OS 10.4.7 periodically (every 8 hours or so) connect to an Apple Web site and ask about widget information. This method is very inefficient, but, more significantly, raises issues of privacy, since Apple could, in theory, send whatever information about your machine it wanted to in such a connection.
Thus the 10.4.7 widget security implementation was clearly bad, both functionally and from a PR point of view. Worse, Apple didn’t mention any of these details, and has yet to provide an easy way to turn off this “feature” for those who are really paranoid about privacy. It should be kept in mind, however, that Software Update (by which, for instance, most people learn about and install things like the 10.4.7 update) does exactly the same thing, although in this case there’s an easy way to turn the process off if you want (via System Preferences).
Now on to something more significant.  On July 5, the major Internet security firm Sophos issued an excellent, concise report entitled “The Sophos Security Threat Management Report.” Accompanying the report, the company, through a spokesman, said:
  1. “...hackers seem happy to primarily target Windows users and not spread their wings to other platforms. It seems likely that Macs will continue to be the safer place for computer users for some time to come - something that home users may wish to consider if they're deliberating about the next computer they should purchase.”
Duh! But it’s good to see what we know to be true verified by such a major security player. Relative to Mac OS X, the report also states:
  1. Although the first malware for Mac OS X was seen in February 2006, it  has not spread in the wild and not heralded an avalanche of new malicious code for Apple’s operating system.  Hackers remain happy to primarily target Microsoft Windows users and not spread their wings to other platforms. It seems likely that Macintosh will continue to be a safer place for computer users to be for some time to come.
More on this most excellent report to follow!
Wednesday, July 12, 2006