toggle

AAPL Stock: 502.21 ( + 4.54 )

Intel doesn't make Mac more vulnerable

updated 05:25 pm EST, Mon January 30, 2006

Intel Mac vulnerability


Answering concerns over Apple's switch to Intel-based processors, one analyst assures that Macs are still relatively safe. Larry Seltzer of eWeek says that although non-Mac (traditionally Intel-based) computers are typically more prone to attack than Macs, "rarely, if ever, are the existence of vulnerabilities related to the specifics of one processor architecture versus another." Seltzer maintains that familiarity with Windows on an Intel platform does not equate to familiarity with Mac OS X on an Intel platform. "If Apple's market-share shoots up and attackers suddenly have a better shot of finding Macs to attack, then more malware will be written to the Mac. But it won't be any easier to exploit for being on x86."


by MacNN Staff

print
email
(17)

TAGS :

 Apple

Related Articles

Recent Articles

toggle

Comments

  1. fds

    Fresh-Faced Recruit

    Joined: Sep 2004

    0
    01/30, 06:07pm | report spam | Reply |

    Not so fast

    They will be proved wrong in the long run as more people will have access to Intel Macs - or a hacked Mac OS X to run on any generic PC. There are exponentially more people familiar with x86 assembly than there are with PowerPC.

    The more exotic a platform is and the less familiar people are with its innards, the less vulnerable it is. We won't be suddenly seeing the appearance of regular viruses, trojans, or emailing worms of course, as those really don't have anything to do with the CPU architecture. What is likely to appear are exploits for vulnerabilities in standard Unix software, same as is the case with exploits for Linux running on x86. Not a big liability, but less secure than a PowerPC-based Mac nevertheless.

  1. one

    Forum Regular

    Joined: Feb 2001

    0
    01/30, 06:36pm | report spam | Reply |

    chips aren't vulnerable

    OSs are vulnerable, and mostly to relatively high-level attacks (a la the infamous "skript kidz") - in 30 years, I've *never* even HEARD of a machine-code hack attack.

    methinks you watch too many bad movies....

  1. beeble

    Fresh-Faced Recruit

    Joined: Mar 2004

    0
    01/30, 06:39pm | report spam | Reply |

    re: not so fast

    I have a PowerPC based Mac running the Unix based MacOS X. Since any exploits that would effect OS X on an Intel Mac would also effect OS X on a PowerPC Mac, that would seem to suggest that the article is right. Security exploits are the domain of software, not the processor.

    Or perhaps you are referring to Classic. In which case all I have to say is that I, together with millions of Mac users around the world, invite you into the 21st Century.

  1. Mr. Strat

    Fresh-Faced Recruit

    Joined: Jan 2002

    0
    01/30, 06:47pm | report spam | Reply |

    It Ain't Market Share

    Market share has nothing to do with whether you're susceptible to viruses or not. It has to do with whether your operating system sucks (Windows) or not (OS X).

  1. WiseWeasel

    Fresh-Faced Recruit

    Joined: Apr 1999

    0
    01/30, 07:27pm | report spam | Reply |

    Bad Article

    Actually, this article is completely wrong. While the vulnerabilities might not be CPU-specific, the actual exploit code they use once through the vulnerability is CPU-specific, and written in binary code. What this means is that once a vulnerability is discovered in OS X for x86, there's a huge library of nasty exploit code ready to run. This wasn't the case on PPC MacOS X, which did a great deal to limit the damage when vulnerabilities were discovered. I think we'll definitely see the first working OS X exploit now that we're using x86 CPUs.

  1. resuna

    Fresh-Faced Recruit

    Joined: Jan 2005

    0
    01/30, 08:00pm | report spam | Reply |

    two misconceptions

    (1) " They will be proved wrong in the long run as more people will have access to Intel Macs - or a hacked Mac OS X to run on any generic PC."

    The main approach to initial infection on Windows is through Internet Explorer and other applications that use the Microsoft HTML control, and through Windows Networking. Mac OS X has no component similar to the HTML control (Webkit serves the same purpose in many areas, but without installation of components BY THE CALLING APPLICATION it has no equivalent to Microsoft's wide open "Active Content".

    (2) "What this means is that once a vulnerability is discovered in OS X for x86, there's a huge library of nasty exploit code ready to run."

    A huge library of nasty exploit code that calls Windows DLLs and system calls. Just because it's CPU-specific doesn't mean it's not OS-specific as well.

  1. Rincewind

    Fresh-Faced Recruit

    Joined: May 2000

    0
    01/30, 08:07pm | report spam | Reply |

    re: bad article

    Almost all vulnerabilities, cpu specific or not, rely on knowledge of the running operating system to work. All of those "x86 exploits" you speak of are really Windows exploits. Without Windows running underneath, the code is worthless. The code may run, but it will more than likely crash itself than do anything useful, useless, or exploitable.

  1. WiseWeasel

    Fresh-Faced Recruit

    Joined: Apr 1999

    0
    01/30, 09:48pm | report spam | Reply |

    Clarification

    It is true that the most common exploit code is mostly OS-specific, but you forget that there are exploits targeted at linux x86, which implements mostly the same API as the BSD layer in OS X. I suspect it would take very little effort to add support for OS X86 with these. My main point, though, is that the techniques used to exploit buffer overruns on x86 are all of a sudden very applicable for writing OS X exploits, and with the lack of "No Execute" support (that I know of) in the Core Duo processor, this really leaves MacOS X quite vulnerable to (future) exploits.

  1. abrody

    Junior Member

    Joined: Mar 1999

    0
    01/30, 10:18pm | report spam | Reply |

    Intel not more vulnerable

    Mac OS X has several features which make it more secure than most other operating systems:

    1. Root is disabled by default. 2. All network ports are closed or in stealth mode by default. 3. If an Open firmware password is set, you need physical access to the machine to crack it. 4. If File Vault is set, no matter how hard you try, that which is encrypted by File Vault can only be accessed by the person who knows the password. A good password would make File Vault practically impenetrable.

    These strengths exist on Intel Macs as much as PowerPC Macs. Hence as long as it is Mac OS X, you are no more vulnerable now that Intel is out. It has been 5 years of Mac OS X, and 12 years of NeXT, and still not a single exploit in the wild. The only thing you have to worry about is social engineering taking us over. Not security risks.

  1. itguy05

    Forum Regular

    Joined: Apr 2005

    0
    01/30, 11:13pm | report spam | Reply |

    Hmm.

    There is some truth to the fact that Macs may be less secure from a chip level.

    You see, the common way to get a Win box to run code is a buffer overflow.....

    The PPC architecture is such that when a Buffer Overflow happens, it's hard, if not impossible to run code (IIRC it clears the stack on a buffer overflow).

    On x86, it's very easy to move a few pointers and watch code run. IIRC, the stack is not cleared on a buffer overflow.

    AMD was the first to introduce some limited protection for this in the x86 instructions. I think Intel has something similar now. However, the OS has to enable it. I hope OSX does or it could mean Macs will be less secure.

    If nothing else, they could get a B.O. to run some native x86 binary code that, at a low level will target the platform. After all, now that Apple is on reference Intel hardware with Intel chipsets and such, crafting low level stuff would be pretty easy...

Show More Comments

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

10 Most Read

Recent Reviews

Powerbag Business Class Bag

Many companies currently offer battery packs and various accessories to keep smartphones and other gadgets charged when away from an o ...

Logitech Cube

The world of mice could often be described charitably as stagnant: it's an endless sea of ergonomic shapes that assume you're sitting ...

NewerTech and Targus USB Hubs For Gifts

A useful holiday present to resolve an ongoing frustration is a multi-port hub. Whether as a stocking stuffer, Chanukah present, or an ...

toggle

Most Commented

10 Most Discussed

 

Popular News