March 25, 2005 10:00 AM PST

Week in review: Hacking away at Apple

Apple Computer has traditionally been regarded as partially immune to the exploits of hackers and virus writers, thanks to its low market share--but those days may be over.

This week, Apple closed a security hole that had allowed an underground program to tap into its iTunes Music Store and purchase songs stripped of antipiracy protections. The PyMusique software, created by a trio of independent programmers, emerged last week. One of its creators was Jon Johansen, the Norwegian programmer responsible for releasing DVD-copying software in 1999.

After Apple closed the hole on Monday, the group posted new code that it said will reopen the backdoor for Linux users.

The programmers' work has been one of the most persistent projects targeting Apple, whose iPod and iTunes store have drawn consistent attacks and experiments by people eager to extend the capability of the products or simply disarm copy protection.

Meanwhile, Apple's Mac OS X operating system may become a target for hackers and authors of malicious software, a security software company warns. In a new report, Symantec said that in the past year, security researchers had discovered at least 37 serious vulnerabilities in Mac OS X. The company also said that as Apple increases its market share with new low-cost products such as the Mac Mini, its user base is likely to come under increasing attack.

The Symantec report also said there's been evidence of growth in vulnerability research on the OS X platform.

That report came as Apple released nearly a dozen fixes for flaws in the Mac OS, including a script for preventing phishers from fooling users of its Safari browser. The loophole could allow an attacker to use certain characters from different languages to create legitimate-looking Web addresses that actually send victims to malicious Web sites.

The newly released patches take care of flaws in the Apple Filing Protocol server and the Samba filing-sharing server, as well as multiple issues with the Cyrus authentication software, the Cyrus mail software, Mailman and SquirrelMail.

The big game
Sony's new PlayStation Portable arrived in North America this week with a bang.

Hundreds of dedicated consumers camped Wednesday outside the Metreon in San Francisco--one of a handful of locations to stay open past midnight to begin selling PSPs the minute that Thursday's North American retail date arrived. And these PSP enthusiasts were convinced it was worth whatever discomfort they had to endure to snag one of the gadgets.

The PSP could be one of the first limited-scale victories for "convergence," the oft-touted notion of combining numerous media functions into a single device. While convergence in the home is still an idea looking for a market, the concept has a better chance with portable gadgets, where a multifunction approach can save valuable pocket space.

The PSP takes a new path in the quest for an all-in-one gadget. It's being sold primarily as a portable game machine, a market where it can capitalize on the huge PlayStation brand, yet it can also play movies and music, display digital photos and potentially perform a host of Internet tasks through

CONTINUED:
Page 1 | 2 | 3

21 comments

Join the conversation!
Add your comment
Seems even David Coursey weighs in on this...
<a class="jive-link-external" href="http://www.eweek.com/article2/0,1759,1778753,00.asp?" target="_newWindow">http://www.eweek.com/article2/0,1759,1778753,00.asp?</a>
kc=ewnws032505dtx1k0000599

I kind of agree. It seems like Symantec is doing this to stir up
business....
Posted by volfreak (5 comments )
Reply Link Flag
Reply
One shouldn't believe everything they read from any source. Symantec may be trying to drum business by inflating the threat or they may not be. One has to be careful it's very easy to dismiss warning from a for profit company like Symantec as an attempt to drum up business.
Posted by unknown unknown (1951 comments )
Link Flag
FUD
The iTunes music store hack is just that...a hack to get into the
store. It has nothing to do with Apple software.
The symantic story has already been dismissed as FUD. The
vulnerabilities have been patched already... Apple releases
patches fairly frequently... that is a good thing. Better to see a
hole and patch it before it gets exploited...unlike other
companies.
There are still no wild viruses or worms for OS X....this is despite
the fact that it based on open source (Microsoft says open
source is less secure) and it would be a huge prize for a virus
writer to create the fist real virus for OS X.
Posted by 198775425444042216790779840523 (102 comments )
Reply Link Flag
a huge prize???
a huge prize to write a virus/worm for a 2% niche of the market? it can be done, anything can be. software written by people can be exploited by people, because neither is perfect... one has only to find motivation.
Posted by mortis9 (370 comments )
Link Flag
These are not OS X hacks...
What hack?

Hacking the DRM out of any product is a GOD SEND for end
users. Love it and got to have more of it! Not exactly MALWARE.
More like RIGHTWAREs for iTunes.

Safari flaw? As I recall that flaw also affects a few other open
source browsers. Not exaclty an OS X (only) flaw, since the
technology for Sarfari is based on open source.

C-Net writes these lame articles becuase they know they can get
a reaction from a large number of readers, which in turn fuels
AD revenue, becuase they can show high traffic to their
websites! It's that simple.

Is it me or has anyone else noticed that any non-mircosoft
technologies have come under increasing attack from so-called
journalists and news sites? Not just the Mac OS (OS X), but also
Linux and other non-microsoft technologies like FireFox and
Mozilla.

Witness another article published by C-Net today titled "Linux
riskier than Windows?". The entire article is based on a
"microsoft" funded study. The study is basis from the get-go
and everyone knows it, but C-Net publishes it "like" its news
becuase it will get a reaction and drive more AD revenues. See
what I mean?

<a class="jive-link-external" href="http://news.zdnet.com/2100-1009_22-5630822.html?" target="_newWindow">http://news.zdnet.com/2100-1009_22-5630822.html?</a>
tag=nl.e589

The bottom line is that Windows is architecturally flawed. Sure
other OSs have flaws, as we all know, but not the kind &#38; number
of CRITICAL flaws Windows has. The keyword here is "CRITICAL",
becuase when Windows fails, it's fatal, unlike Linux or OS X, that
suffer mostly from minor flaws.

Many claim that Windows comes under attack more often
because of market-share and that has "some" truth to it. But
criminals aren't stupid. Why attack a well defended OS like OS X
or Linux, when you can so easily take Windows users for a ride
all the way to the bank? Criminals must love the fact that
Windows users will bet their security on an OS that has proven
itself to fail, CRITICALLY, over and over again.

Sure, no one is immune from attack, but using Windows is like
driving through Baghdad in an un-armored Humvee.
Posted by studentx (3 comments )
Reply Link Flag
C/Net Lies about Apple as USUAL! ie "Apple closed a security hole"
Just another pack of lies about Apple.

When C/Net reports on Apple they make even Microsoft look
honest by comparison. I guess being in the Wintel side of this
industry, where worship of liars is the accepted norm, you are
going to become the consummate liar. Congratulation you have
succeeded miraculously, no need to continue outdoing yourself.

One certainty is if Apple is mentioned in the title scum-bags
who write for c/net pull out all the stops to distort, spin the
truth or simply make it up. This story is no different. No doubt
they simply aren't intelligent enough to find the facts, even if
their complete lack of integrity would allow for truth telling.

There really is a difference between the PC side of the industry
and the Apple side. Liars in the Mac community are quickly
dispensed with and loose their audience. On the PC side where
lying is the norm everyone accepts that 95% of what they're told
is Bull ****! An interesting anomaly is that when the same liars
write about Apple the average PC drone swallows the lies whole.
This is why the Mac community becomes so outraged because,
forever after something is written, Mac users hear add infinitum
these lies.

If companies like c/net were dependent on the Mac community
to stay alive, they would long since be dead, simply because
pathologic liars aren't accepted in Mac and. Prolific lying is an
asset when your integral to the spin cycle of the PC / Microsoft
world and so they flourish.

I won't address this articles individual lies because it just gives
credibility to the article. I have followed all articles that reference
Apple for twelve years and find that between 92% and 96% of all
articles written are either factually wrong, have simply made up
their own facts or have spun the subject in order to deceive the
reader. This is an abysmal stat and no other journalism suffers
from such a pack of liars like the drones submerged in the
ignorance that typifies the Wintel side of the computing
industry.
Posted by Clues (84 comments )
Reply Link Flag
intel apples
Now that the Macintsoh is on Intel, is its till realy a Macintosh or is
it Macintell running an OS known simply as DarwinX? Ohh ya thats
ROSETTA on intel based systems...

I know this is an old topic but I'm still pissed. I think that despite
Apples best efforts this choice in Chips will forever Comprimise our
Systems, regardless of gains.
Posted by chumeia (2 comments )
Link Flag
Lets look at the Statitstics
I'm afraid the section of Symantec's widely reported document
that deals with Mac OS X becomes misleading and somewhat
self-serving marketing fodder. One could almost theorise
Symantec is campaigning to develop new revenue streams (from
Mac users) in light of Microsoft's competitive entry into the
Windows AV market.

However the chorus of inflammatory headlines based on this
report inflate the issues to panicky extremes:
"Hackers Unleash Worms on Apple",
"Mac Attack/Attention: smug Mac users. You're not safe
anymore."
"Mac OS X a hacker target"

Let's look at the statistics:

Microsoft Windows:
Viruses and Worms = 17,500 (symantec.com)
Spyware and Adware programs = 78,000 (www.pestpatrol.com)
Burrowers = 40 (www.pestpatrol.com)
80% of PCs infected with spyware (webroot.com)
Last year (2004) alone:
500 new Trojans (www.pestpatrol.com)
500 new keyloggers (www.pestpatrol.com)
1,287 new adware apps (www.pestpatrol.com)
7,360 new viruses and worms (symantec.com)
1,403 new vulnerabilities (symantec.com)

Mac OS X:
Viruses and Worms = 0
Spyware programs = 0
Adware = 0
Keyloggers = 0
Burrowers = 0
Trojans = 3
Last year (2004):
1 Rootkit (symantec.com)
37 new vulnerabilities (symantec.com)

When the evidence is considered, there are still actually no
worms, viruses, spyware or adware recorded targeting Mac OS X.
It becomes readily apparent that Mac OS X remains the safest,
pest-free OS by a more than considerable margin.
<a class="jive-link-external" href="http://www.mi2g.com/cgi/mi2g/frameset.php?" target="_newWindow">http://www.mi2g.com/cgi/mi2g/frameset.php?</a>
pageid=http%3A//www.mi2g.com/cgi/mi2g/press/
190204_2.php

Note that Trojans can't spread by themselves - they are bits of
code that pretend to be something innocuous and need to be
downloaded and opened by an authorised user. In the case of
the three targeting Mac OS X, two are harmless while the third
deletes a user's home directory if run by that user.

Note also the Rootkit discovered on a couple of OS X machines is
a set of scripts that requires root access to be turned on (turned
off by default on all Macs). The hacker also needs to know the
root password and the malware has no mechanism of spreading
and infecting other computers by itself.

Symantec's espousal of the theory of "Security through
Obscurity" fails to explain the fact that the number 1 web server,
Apache with around 69% marketshare has far fewer attacks
(including viruses and worms) than Microsoft's IIS which has
captured only 21% of the market (Netcraft.com). This theory also
does not explain why the many flavours of Linux suffer from so
many instances of malware themselves despite having as small a
marketshare as OS X.

37 vulnerabilities (mostly in open source components of Mac OS
X) which were promptly patched by Apple does not constitute
"increased attacks on OS X" as no attacks using any of these now
closed vulnerabilities have been recorded.

John Gruber has a useful article on why Windows suffers so
much malware:
<a class="jive-link-external" href="http://daringfireball.net/2004/06/broken_windows" target="_newWindow">http://daringfireball.net/2004/06/broken_windows</a>

However, no software can be perfect and it would be foolish to
say there won't eventually appear some malware targeting the
10 million+ OS X users out there - however, today is not that
day. Mac OS X has been sitting untouched for 4 years now
pretty much without blemish which speaks to a very impressive
security story even if/when some effective malware appears.
This is the quite amazing and constructive issue everyone
should be writing about.

-Mart
IMS
Curtin University of Technology
Posted by (2 comments )
Reply Link Flag
Glory of hacking OS X
Every time I read an article about Mac OS X's security, the tagline
"but its small marketshare helps prevent most attacks," is used.
This is certainly an important factor, but every day that goes by I
have to wonder more and more whether this is the most
important reason. At this point, I feel there would be quite a bit
of glory to the first person to hack OS X, simply to prove to all
the "pompous, fanatical" Mac users that their OS is vulnerable
and silence them once and for all. So why has no one
successfully hacked into the world's second-most used
operating system? It's seemingly not its small marketshare (look
at Linux: already hacked many times). Apple's done something
to make its OS incredibly secure.

Maybe as Apple's marketshare grows (which data shows is
occurring now), someone will find a significant flaw to take
advantage of, but don't believe for a second that there isn't
something about OS X that's preventing these attacks. To date,
Mac OS X remains the world's most secure operating system.
Symantec can use scare tactics all it wants, but at least for me,
1047 does not equal 37.
Posted by iKenny (98 comments )
Reply Link Flag
Oops mistake
Sorry, 1403, not 1047 (see Martin's post above)
Posted by iKenny (98 comments )
Link Flag
Poor writing
How can a system be 'partially immune' to hacking.
This is comparable to saying that one is 'partially pregnant'.
One is or is not immune.
I wish the quality of writing and editing at cNET was above the level of high school journalism.
Posted by (3 comments )
Reply Link Flag
Junior High English
You state, "I wish the quality of writing and editing at cNET was
above the level of high school journalism."

Don't you mean, "I wish the quality of writing and editing at
cNET WERE above the level of high school journalism."

It's 7th grade English where I went to school way back when.
Unfortunately most people were not awake or paying attention
when subjunctive was taught.
Posted by shadowself (202 comments )
Link Flag
Thank goodness - its about time!
Re: Apple Computer has traditionally been regarded as partially
immune to the exploits of hackers and virus writers, thanks to
its low market share  but those days may be over.

Having just read the by-line of your story, well, all I can say
thank goodness - its about time.

Not having read the story, I presume you go on to say that based
on the strength of its product lines, Apple can expect to
continue its renaissance and grow market share accordingly.

I then presume that you went on the say that with this
commensurate growth in market share  and despite no OS
being perfect  Mac OS X will nevertheless continue to
demonstrate the fact that unlike Windows, it is inherently more
secure.

No doubt you mentioned the numerous studies (e.g.: Mi2g) all of
which consistently demonstrate that as a percentage of installed
base, OS X is one of the safest OSs in use today? You would no
doubt have compared the number **and nature** of exploits
that **actually exist** for Windows versus OS X, and followed up
with the number of new vulnerabilities discovered per day. You
probably also referred to the humorous fact that hacking
competitions score a breach of a Windows system at the lowest
possible score and OS X with the highest possible score.

And so on...

So, at last, people must realise that Apple isnt partially immune
to the exploits of hackers and virus writers thanks to a lower
market share, but instead its because of an inherently safer OS
X versus an inherently unsafe Windows.

Next you will have to spread the word that Apple cant take the
credit for this, except in the fact that they chose a much better
foundation for their cutting edge OS. As such, its the efforts of
many man-years of effort by the brightest computer
programmers who all contributed to make BSD  the foundation
of OS X  the inherently safer product it is.

Keep up the good work!

Jill
Posted by Jill_Gates (17 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.