AAPL Stock: 118.03 ( -0.85 )

Printed from

Intel doesn\'t make Mac more vulnerable

updated 05:25 pm EST, Mon January 30, 2006

Intel Mac vulnerability

Answering concerns over Apple's switch to Intel-based processors, one analyst assures that Macs are still relatively safe. Larry Seltzer of eWeek says that although non-Mac (traditionally Intel-based) computers are typically more prone to attack than Macs, "rarely, if ever, are the existence of vulnerabilities related to the specifics of one processor architecture versus another." Seltzer maintains that familiarity with Windows on an Intel platform does not equate to familiarity with Mac OS X on an Intel platform. "If Apple's market-share shoots up and attackers suddenly have a better shot of finding Macs to attack, then more malware will be written to the Mac. But it won't be any easier to exploit for being on x86."

by MacNN Staff




  1. fds

    Joined: Dec 1969


    Not so fast

    They will be proved wrong in the long run as more people will have access to Intel Macs - or a hacked Mac OS X to run on any generic PC. There are exponentially more people familiar with x86 assembly than there are with PowerPC.

    The more exotic a platform is and the less familiar people are with its innards, the less vulnerable it is. We won't be suddenly seeing the appearance of regular viruses, trojans, or emailing worms of course, as those really don't have anything to do with the CPU architecture. What is likely to appear are exploits for vulnerabilities in standard Unix software, same as is the case with exploits for Linux running on x86. Not a big liability, but less secure than a PowerPC-based Mac nevertheless.

  1. one

    Joined: Dec 1969


    chips aren't vulnerable

    OSs are vulnerable, and mostly to relatively high-level attacks (a la the infamous "skript kidz") - in 30 years, I've *never* even HEARD of a machine-code hack attack.

    methinks you watch too many bad movies....

  1. beeble

    Joined: Dec 1969


    re: not so fast

    I have a PowerPC based Mac running the Unix based MacOS X. Since any exploits that would effect OS X on an Intel Mac would also effect OS X on a PowerPC Mac, that would seem to suggest that the article is right. Security exploits are the domain of software, not the processor.

    Or perhaps you are referring to Classic. In which case all I have to say is that I, together with millions of Mac users around the world, invite you into the 21st Century.

  1. Mr. Strat

    Joined: Dec 1969


    It Ain't Market Share

    Market share has nothing to do with whether you're susceptible to viruses or not. It has to do with whether your operating system sucks (Windows) or not (OS X).

  1. WiseWeasel

    Joined: Dec 1969


    Bad Article

    Actually, this article is completely wrong. While the vulnerabilities might not be CPU-specific, the actual exploit code they use once through the vulnerability is CPU-specific, and written in binary code. What this means is that once a vulnerability is discovered in OS X for x86, there's a huge library of nasty exploit code ready to run. This wasn't the case on PPC MacOS X, which did a great deal to limit the damage when vulnerabilities were discovered. I think we'll definitely see the first working OS X exploit now that we're using x86 CPUs.

  1. resuna

    Joined: Dec 1969


    two misconceptions

    (1) " They will be proved wrong in the long run as more people will have access to Intel Macs - or a hacked Mac OS X to run on any generic PC."

    The main approach to initial infection on Windows is through Internet Explorer and other applications that use the Microsoft HTML control, and through Windows Networking. Mac OS X has no component similar to the HTML control (Webkit serves the same purpose in many areas, but without installation of components BY THE CALLING APPLICATION it has no equivalent to Microsoft's wide open "Active Content".

    (2) "What this means is that once a vulnerability is discovered in OS X for x86, there's a huge library of nasty exploit code ready to run."

    A huge library of nasty exploit code that calls Windows DLLs and system calls. Just because it's CPU-specific doesn't mean it's not OS-specific as well.

  1. Rincewind

    Joined: Dec 1969


    re: bad article

    Almost all vulnerabilities, cpu specific or not, rely on knowledge of the running operating system to work. All of those "x86 exploits" you speak of are really Windows exploits. Without Windows running underneath, the code is worthless. The code may run, but it will more than likely crash itself than do anything useful, useless, or exploitable.

  1. WiseWeasel

    Joined: Dec 1969



    It is true that the most common exploit code is mostly OS-specific, but you forget that there are exploits targeted at linux x86, which implements mostly the same API as the BSD layer in OS X. I suspect it would take very little effort to add support for OS X86 with these. My main point, though, is that the techniques used to exploit buffer overruns on x86 are all of a sudden very applicable for writing OS X exploits, and with the lack of "No Execute" support (that I know of) in the Core Duo processor, this really leaves MacOS X quite vulnerable to (future) exploits.

  1. abrody

    Joined: Dec 1969


    Intel not more vulnerable

    Mac OS X has several features which make it more secure than most other operating systems:

    1. Root is disabled by default. 2. All network ports are closed or in stealth mode by default. 3. If an Open firmware password is set, you need physical access to the machine to crack it. 4. If File Vault is set, no matter how hard you try, that which is encrypted by File Vault can only be accessed by the person who knows the password. A good password would make File Vault practically impenetrable.

    These strengths exist on Intel Macs as much as PowerPC Macs. Hence as long as it is Mac OS X, you are no more vulnerable now that Intel is out. It has been 5 years of Mac OS X, and 12 years of NeXT, and still not a single exploit in the wild. The only thing you have to worry about is social engineering taking us over. Not security risks.

  1. itguy05

    Joined: Dec 1969



    There is some truth to the fact that Macs may be less secure from a chip level.

    You see, the common way to get a Win box to run code is a buffer overflow.....

    The PPC architecture is such that when a Buffer Overflow happens, it's hard, if not impossible to run code (IIRC it clears the stack on a buffer overflow).

    On x86, it's very easy to move a few pointers and watch code run. IIRC, the stack is not cleared on a buffer overflow.

    AMD was the first to introduce some limited protection for this in the x86 instructions. I think Intel has something similar now. However, the OS has to enable it. I hope OSX does or it could mean Macs will be less secure.

    If nothing else, they could get a B.O. to run some native x86 binary code that, at a low level will target the platform. After all, now that Apple is on reference Intel hardware with Intel chipsets and such, crafting low level stuff would be pretty easy...

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented