Submitted by “In case you missed it, there’s a virus for the iPod. Yep, that’s right, your MP3 player is a veritable hotbed of virus activity – but only if you’re running the iPod Linux distribution, and only if you take great pains to make the virus function, since it doesn’t really work. We can argue about whether or not this code actually constitutes a virus, but that’s not the point I’m trying to make. The point here is that if it has a CPU, hackers will try to break it, and virus writers will try to write a virus for it. Given that there are probably only a few hundred – maybe a thousand – iPods running Linux out there, the fact that someone took the time to write this virus, or malicious code is an example of why Apple detractors clamoring that Macs aren’t a target due to the lower market share are all wet.”
Personally, this seems about as much a virus as “rm ~ -rf” is.
Plus – Apple have stated (in their WWDC06 talks – see iTunes ADC members), that they are being targetted. Apple computers and servers in companies contain just as much valuable information as their PC counterparts. There are hackers targetting Apple computers for monetry gain, which is why a pidling silly virus has never been made- who cares about a ‘Hello World’ virus when there’s money to be gained from breaking XServes?
This article has nothing to do with security issues with Apple’s software. Apple isn’t installing Linux on iPods and it’s clearly indicated in the authors link “However, this virus is able to replicate only on iPods that are running the iPod Linux operating system. It does not work on normal iPods that are running the default iPod operating system.” Anyway as a testimate to Linux security it was good to see the following comment by the test team “And it really is theoretical. After we got the sample, we installed iPod Linux on some iPods we had at hand, but we couldn’t get the malware to operate correctly no matter what we tried.”
And can you now tell us why you did not read the entire article? This article is *entirely* about Apple and security.
Actually. It has more to do with Microsoft and security than Apple and security. In fact the whole article is about how secure Apple and its Unix core is compared to MS and their legacy infested monstrosity. I’m paraphrasing.
Edited 2007-04-13 15:17
I would mod your post down if I could. It could come under two categories:
1) Yes, this comment includes personal attacks/offensive language. You’re implying the OP didn’t bother to read the original article, or that his comprehension skills are severely lacking (i.e. an idiot).
2) Yes, this comment is off-topic. If you had read the topic you linked to, you will see that the author rants about Microsoft and security a lot more than he does Apple.
But then it’s your right to run your site as you please.
No, most virus others are in it for profit (and they’re not doing it alone either). Consider botnets and the spam problem and the security problem in general, not many people do it ‘just for fun’ anymore. There even was an article on OSNews back in the day about that…
No, most virus deployers are in it for the profits.
The myth of Apples virginity …
http://blogs.zdnet.com/Ou/?p=451
Edited 2007-04-13 16:36
Apple computers are just as likely to be cracked if there is an idiot in the sys admin’s chair.
When I worked exclusively with McSoft Wind servers and clients I kept the `crackers` at bay.
The anxiety I had then was if they did gain access to a Wind server they would obliterate it. I feel much less anxiety with a *nix derivative since the model is more secure.
Most computer or server breeches are ID10T issues by the users or loose sys admins,
>Apple computers are just as likely to be cracked if there is an idiot in the sys admin’s chair.
Ever saw a real admin in front of an Apple? Just curious :o)
`Ever saw a real admin in front of an Apple? Just curious :o)`
I’m one. I’ve even had the training. I also multi-frame with Linux, *nix and McSoft Wind servers.
So I guess the definition for `real admin` depends on `real admin` work and not just the piece of paper from McSoft that says you’re one.
What a silly statement to make.
What would you define as a “real admin?” Someone who uses *nix just because he can or someone who uses the best tools for that particular job?
“Given that there are probably only a few hundred — maybe a thousand — iPods running Linux out there, the fact that someone took the time to write this virus, or malicious code is an example of why Apple detractors clamoring that Macs aren’t a target due to the lower market share are all wet.”
So because someone took the time to write a virus for ipodLINUX(emphasis on Linux), that means that Mac suddenly becomes more targetted by hackers? Am I the only one who fails to see the logic there?
“Given that most virus authors and hackers are in it for the ego, don’t you think that there would be a huge incentive to be the first one to write a widespread OS X, Linux, or FreeBSD virus?”
Suddenly he knows what most “virus authors and hackers” are like? I don’t know but if I were a hacker I’d write an exploit to..gee I don’t know..exploit something. Not for the ego, sure Linux/BSD viruses or exploits are nice but right now the cash crop is Windows due to the amount of businesses and homes using it.
“If an OS is built on shaky ground, everything layered on top will suffer. This is the position that Microsoft is in now.”
And what is this “shaky ground” he talks about? The NT kernel? Given that most of the XP exploits were buffer overflows in applications or components with XP I don’t see how this makes sense?
The OS was built when security was not as big a deal as it has become recently, albiet it was a stupid move and not an excuse; it’s hardly fair to write it off as a “shaky ground”. Especially since XP has been audited completely to prevent this kind of thing in future OSes.
This guy is just a fanatic with more emotion than fact frankly. I’m not going to deny that Macs are targetted, however to say that they are targetted even close to as much as Windows is plain wrong.
Have you read the article? Almost everything you wrote was aslo brought up by the author. I like how people immediately jump to conclusions without actually reading the articles. It seems to happen a lot on this site.
Hate to use clichés, but you must surely be new here! 😉
If the admins do it, can you expect more from the “regular” readers?
What I know is that over the years, Apple has released nearly as many Security Updates as Microsoft.
http://www.apple.com/downloads/macosx/apple/security_updates/
In 2005 there was an average of one per month. In 2006 they were less frequent, but were massive updates (IIRC, one fixed over 40 flaws and two others fixed over 20 each).
So the holes are there. Yet nobody bothers to exploit them. Maybe small marketshare isn’t the reason that nobody exploits them, but it’s certainly not that the system is unexploitable.
But I do maintain that low marketshare plays a role. Let’s take an “email virus” or “IM virus” as examples. And, let’s take my own Mac as a potential target. If someone writes a Mac-specific email or IM virus, and I receive it, and run it, then the virus will do whatever damage it will, and then email or IM itself to my contacts. But my contacts are all running Windows. So once the virus emails or IMs itself to my contacts, the propagation ceases because the virus, being a Mac-specific package, cannot run on my contacts’ machines. So it’s very hard to spread Mac malware around.
Now, if there were some community where everyone was running Macs, then Mac-specific virus could indeed spread like wildfire through that community (particularly since Mac users don’t run anti-malware software (I know that I don’t; something I’d never consider with my Windows machine). But it wouldn’t spread much outside of that community for the reasons stated above.
BTW, I remember seeing a site a few years ago that had code samples for AppleScript email viruses that used the Address Book’s AppleScript dictionary interface to obtain the contacts, and then used Mail.app’s AppleScript interface to mail copies of itself to those contacts, so it’s not like it’s impossible to make a Mac email virus.
Regarding the security of the unix core, that’s not the issue wrt OSX. Apple’s Security Updates mainly concern the goodies that Apple put on top of that unix core. You know, the stuff that makes a Mac a Mac as oppopsed to just one more *nix sytem. The security flaws are mainly in the Cocoa and Carbon layers (which are the layers that most Mac apps use; Mac users generally don’t run unix apps (i.e. apps written against unix api rather than Carbon/Cocoa api).
Or is this article showing that Apple’s iPods are only at risk of viruses if you replace their closed-source firmware with open-source firmware?
If this virus had to be delibertly installed then it hardly counts as one. An OS cant stop a user from screwing things up if thats their ultimate goal. 😉
On my box, SELinux is set so tight (especially the memory access policy) that it stops any poorly or suspeciously written application or shared library from executing in the first place, regardless of legitimacy.
I have to manually change the security context of these violating apps and libraries to “bypass” for them to run.
Nevertheless, even if this particular virus were to creep thru all the security and anti-virus scanning, most RedHat-derived distros have a security feature called ELF Data Hardening. ELFDH essentially protects the binary file structure from deceitful alteration– the whole deal behind this iPod virus, no?
This iPodLinux virus apparently does about as much as the 1986 Brain virus did. So is it a harbinger of doom? (or Doom, except iPodLinux already runs Doom) Maybe, probably not. If the point was that Macs are as vulnerable as PCs, why were they exhibiting iPodLinux?
The only point I see here is that any programmable system, given sufficient incentives and interest, will end up with a virus. Ok, great. That’s attacking a strawman argument. No, Macs are not immune or perfect, but they do have security systems.
What’s new here?
* Yes, “Stupid” might be a better name.
Edited 2007-04-14 03:36
I wonder how many actually read the article they talk about.The Author says MacOSX/Unix/Linux security isn’t about marketshare but proven layers on which it is build.
Security through years of (multi-user) experience.”Secure” by design.
I see this a lot, as does anyone who follows operating systems. “Mac is super secure, because it just is! and the low market share reason is fake!”
While I’m sure its true to a point, its not the whole story.
IMO windows is the most targeted because:
1)People hate Microsoft, and not just a little bit, but foaming at the mouth MS is evil yada yada. Spend any amount of time on osnews/digg/slashdot and you’ll see what I meen. People feel justified in attacks aginsed MS or anything that makes them look bad.
2)Windows is a stable target. Unlike linux/apple, MS prides itself on backwards compatibility, and a sad side effect of that is security problems end up in the realm of that. Its a heck of a lot easier to write an app, in this case a virus/mallware, that runs on all versions of the NT kernal then it is to make an app that runs on all version of linux.
Its a heck of a lot easier to write an app, in this case a virus/mallware, that runs on all versions of the NT kernal then it is to make an app that runs on all version of linux.
What about a virus or malware targeted at kernel 2.6.20 for example?A lot of distributions don’t have SELinux or AppArmor to name a few but share the same kernel.
1)People hate Microsoft, and not just a little bit, but foaming at the mouth MS is evil yada yada. Spend any amount of time on osnews/digg/slashdot and you’ll see what I meen. People feel justified in attacks aginsed MS or anything that makes them look bad.
Bunch of horse manure. People write Windows viruses because they CAN and Microsoft ALLOWS them to because in the Windows dominated world there is no financial upside to actually locking down the OS.
The biggest reason Virus writers can write and propagate their ware easily on Windows is that 99% of Windows users (at least the ones I know) run their PC as root (administrator). This state of affairs in the MS world is an unimaginable scandal that has thankfully bypassed *nix vendors
before 2 years ago I used to rebuild our family WinXP PC every 4 months because of all the crud that accumulates on it over time. Then I decided to create non-administrator accounts for others and keep all administration to myself. That PC is still running well 2 years later.
Even with that said Microsoft has encouraged a whole ecosystem of very unsafe practices in software engineering. Many off the shelf Windows programs do not work well unless you run them as admin. So independent software vendors enter into a vicious cycle where they write gaping, root enabled holes for windows because if they did otherwise their program will not work well with a non-root account.
All this talk of Windows being insecure because of market share is just a bunch of hooey and convenient cop outs. Unix based system are by design more secure because they they have followed close to 40 years of simple, common sense, open-standard software engineering practices that do not even require a university degree to follow.
MS has been trying to change this with Vista. Getting users to run as a normal user, instead of admin. The reaction to this has been negative, everything about complaints about UAC (see apples tv ads), to hardware and software vendors asking people to run vista as admin instead of fixing the software to run under a normal user.
I still say most (not all) of windows security problems are related to its own users laziness. For example the blaster worm. Not only was there a patch to fix the hole around a month before it hit, but having even the simple XP firewall on was enough to stop it. A lot of people didn’t even know XP came with a firewall despite it being a advertised feature, until sp1 when it started bugging you to death till you turned it on. Most spyware/mallware is installed by people who don’t bother to read what the installer is doing and simply hitting next as fast as they can.
MS really should of pushed users and developers to follow safer user/admin accounts when XP came out. I assume they didn’t do to not wanting what is happening with vista right now. MS probably also thought it was a good idea to let users decide how much security they needed, not realizing just how stupid most are.
“don’t you think that there would be a huge incentive to be the first one to write a widespread OS X, Linux, or FreeBSD virus?”
Not to rain on his clueless parade but…there has already been widespread viruses for Linux and FreeBSD.
Granted, not all that many but they do exist.
The Slapper worm, the Scalper worm and the Lion worm are a few examples.
“Microsoft OSes began with no security.”
This is equally true for Apple up until OSX.
“Apple had to rebuild their entire OS.”
“Microsoft didn’t.”
Actually they did. The NT base is completely different from the Win9x systems. Not saying it was entirely successful but it’s a complete redesign nonetheless.
Microsoft didn’t rebuild their entire OS as NT was around alongside Windows 3.x and 9x. Microsoft just switched from the DOS core of Win3 and 4 to the NT core of 2000/XP/Vista for desktops.
Rewriting a kernel is rewriting the operating system, at least technically.
I never said it wasn’t. I said that the NT base wasn’t programmed because 9x failed (which the earlier comment suggested). NT had been around before 9x but was never aimed at the desktop market like it is now.
ahhh, sorry bout that. I thought you were suggesting that they didnt rewrite the os, they rewrote the “core”, which I assumed meant you were unclear on the concept of what an OS is. again, sorry 🙂
“Microsoft just switched from the DOS core of Win3 and 4 to the NT core of 2000/XP/Vista for desktops.”
And Apple just grafted their UI ideas onto Mach/BSD. I fail to see how that is so much more of a redesign/rebuild than what MS did.
The fact that apple didn’t already have a BSD system out there they had to entirely rebuild MacOS (albeit with chunks from the Next camp).
where as Windows 2000 was never really intended for home desktops like XP was and XP isn’t a major redesign of 2000. so the jump from Windows ME to XP wasn’t really a revolutionary (for want a better term) step like OS9 to OSX was.
Edited 2007-04-16 11:14