TMCnet News
Hackers take a bite out of Apple's reputation for computer security(Beaver County Times (PA) (KRT) Via Thomson Dialog NewsEdge) Mar. 1--The sense of security felt by Apple Macintosh users was shattered last week, when computer security firms reported not one, not two, but three security breaches for Apple's OS X operating system. That noise you hear is Windows users shrugging their shoulders -- for them, three security problems in a week qualifies as a typical week. But for Apple users, three security breaches is a bad year, said Charles Firth, owner of Firth Consulting, a Pittsburgh-based networking firm that specializes in Macintoshes. "We're not used to this kind of thing, and it's causing something of an uproar," Firth said. "Windows users deal with this stuff all the time, and they're used to constantly updating anti-virus software and downloading patches from Microsoft, but for Apple users, this is a huge thing, relatively speaking. "My phone has been ringing off the hook," Firth said. "People with Apple networks are definitely concerned." The three breaches, reported on consecutive days last week: -- The "Oompa-Loompa Trojan," a worm that spreads itself via the addresses in a user's iChat application. Firth said the worm disguises itself as a set of screen shots of an upcoming version of OS X. "It requires the user to download it and open it," he said. "The big red flag is that it also forces your computer to ask you for your user ID and your password, which only happens when you're making a substantial change." Firth said Oompa-Loompa is potentially the most harmful of the three breaches: "It can attach itself to files and applications and do some serious damage." -- The Inqtana.A, a worm that spreads itself through Bluetooth wireless devices to the host computer. Firth said Inqtana.A was designed to exploit a security hole that Apple released a patch for last year. It won't do any damage, but a subsequent version could -- if users aren't up-to-date on Apple-released security updates. "If you've been updating, your computer is protected," he said. "And even if you're not up-to-date, Bluetooth wireless networks are so limited in range that it's pretty likely you're not going to have a problem." -- A hole in Safari, Apple's OS X Web browser. This isn't an actual virus or worm; rather, it's a problem with the browser's design that could automatically open downloaded files that are usually considered safe to open -- pictures, movies, text documents and other common files. The problem would come up if a hacker disguises a virus as one of those common files. If the user downloads the file and it opens automatically, that user has no chance to head off the potential damage. Firth said the fix for the Safari hole is simple -- users should uncheck the "Open 'safe' files after downloading" preference setting, listed under General Preferences. So why aren't Apple users as vigilant in protecting their computers as Windows users? Firth said the sheer volume of malicious hacks that target the Windows operating system is largely a product of the sheer number of Windows users -- the Microsoft operating system runs about 90 percent of the world's computers. Apple's market share? Just under 3 percent. "If you're writing malicious code and you want to make a splash, you target Windows," Firth said. "There are tons of Apple computers out there, but in relative terms, the market share is tiny." And that, Firth said, has bred a false sense of security among Apple owners. "As I said, we don't have to address these questions very often," he said. "It may be time that we start paying attention." |