May 03, 2006
The Gigantic "Bull's Eye" on Apple's Forehead
You know that sweet little icon that Apple (the company) paints on their products? You know the one I mean; it's a (usually glowing) picture of a stylized apple (the fruit) with a tiny bite taken out of it. Well, what if I told you that Apple (the company) was going to replace that icon on all it's products with a gigantic friggin bulls-eye that says "hack me, pencil-neck" right in the center of it? Ok, they're not really doing this; at least not literally. What they *are* doing, however, that's likely to generate almost as much attention from the malware community is proclaiming themselves to be completely virus free. Oh, I'm quite serious - check out the advertisement; it's a scraggly looking "I'm a Mac" guy in jeans wiping the nose of the "I'm a PC" guy in a suit. The "I'm a Mac" guy goes on to say how there are so many viruses for the PC, but none on the mac.
Now, I don't know about you but I haven't seen this kind of hubris since Oracle's "unbreakable" campaign. Remember that? I do. I remember that at one point in time, most researchers ignored Oracle and pretty much left it alone... Then Oracle stepped up on the soapbox shouting "we're unbreakable", only to find themselves getting the kind of scrutiny from hackers usually reserved for new flavors of Mountain Dew.
The Mac press has apparently "bought in" to the hubristic message and has decided to run with it. For example, The Mac Observer (in the article "Cutting Through the OS X Security Rhetoric") whitewashes Apple's recent security problems (or, in Mac Observer parlance, the "misinformation being spread by the media") by attempting to "debunk" the recent press that has painted Apple unfavorably. Now, I love my Mac as much as the next guy, but I'm not going to accept a statement like "...it's obvious that Mac OS X is currently a more secure and stable operating system than Windows XP..." without questioning why it's obvious. What data is being used to back up that assertion, because it's not obvious to me?
And, as we know, much of the user community has already bought in in absence of evidence. Check out the comments from the Mac Observer article:
Apple I think responds far more quickly than Microsoft especially if they find something that is dangerous. But they're not going to drop everything for the knit picking that Sans and others say may be or could be type scenarios. .. [For the record, Apple responds consistantly slower than Microsoft, even if the issue is more dangerous. Plus, most of us in the security community tend to view 0-day remotely exploitable bugs with a certain amount of gravity (i.e. not "knit-picking")].
A good reason for Apple's "slow" response time is because of how insignificant the threats are. You can't really expect them to pile in a million technician hours to fix a flaw that is basically theoretical or has only been seen in action once in the wild. [it's true, 0-day remote code execution is hardly worth a developer's time]