Mac (insecurity): How to secure Macs in business

As Macs make their way into the enterprise, IT needs to address these six security flaws before disaster strikes

Security flaw No. 5: Complacency over malware

The recent appearance of a kit that lets malicious parties install Trojan horses in legitimate software to, in turn, obtain root access to a Mac seems to run counter to the widely held view that Macs are immune from many of the exploits that once plagued Windows (and that Vista has ameliorated).

But that Trojan horse doesn't meet the smell test: Like a few other "concept attacks," the exploit requires that someone download and install software, although no password is required for the malware to run. (The exploit relies on the escalated privileges available for the Apple Remote Desktop agent, or ARDAgent, even when it's turned off. An AppleScript command can be sent to the agent, which is handed off as a root-level shell command.) A survey of security experts and the buzz among the Mac enterprise management community shows that this threat is a nonstarter.

The fact is that the Mac has not been a malware target, and it is safer than Windows from such threats. And that's where the risk lies: The Mac is safer from malware today, and there's very little concern about the Mac being a gateway to infecting Windows users.

But that may not be true in the future, and there is some concern that IT won't be ready to protect Macs from malware when that day comes.

Today most of those who follow Mac security closely seem to abjure anti-virus software. "It's not unreasonable to use anti-virus in an enterprise, especially if compliance is an issue," says Mogull -- but "I wouldn't necessarily recommend that for a consumer," he adds, because today's anti-virus apps don't address Mac OS X's actual risk profile today. "Anti-virus is an industry failure," Ptacek says. Because of this, he can't recommend that companies install anti-virus software at all.

Dino Dai Zovi, an independent security researcher, is concerned about acceleration in this area. "Because there is still very little malware in the wild targeting Apple, it is still a safe platform, and it is in a lot of ways safer than the Windows equivalent. But I think that that time is rapidly changing," he says.

Mogull cautioned that the worst could be yet to come. "It isn't that the Mac is immune or even more resistant to these attacks, there just hasn't been very much interest in them," he says, a sentiment echoed by security experts and IT managers. With more Macs in the enterprise, it's likely that attacks designed to extract information or take over Macs to use them as zombies will hit the wild.

While the Mac OS itself is fairly safe, at least for now, from malware, the Mac OS X's default Safari browser is not. "We've long since moved into this place where it's about the browser and about JavaScript," Ptacek says.

Even security experts unconcerned over OS-level malware threats are worried about browser-based threats. The fears center on as-yet-undiscovered flaws in the Safari browser and on Apple's use of the Webkit, a browser engine that's both employed throughout OS X and available to third-party developers. The concerns are not theoretical: A flaw in Safari on the iPhone found in a TIFF library module lets an iPhone forfeit root control just by visiting a Web page. (This was briefly a popular way of jailbreaking iPhones to install third-party software.)

Solutions: Keep abreast of security updates and security news related to Macs. Make sure the same outgoing firewall monitoring tools cover Macs as other platforms to identify hallmarks of hijacked systems.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Glenn Fleishman

InfoWorld
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
Use WhistleOut's technology to compare:
Mobile phone plans & deals
Mobile phone models
Mobile phone carriers
Broadband plans & deals
Broadband providers
Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?