Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

The Year of the OS X Exploit

UPDATE: A problem with the original title and the resulting URL for this posting caused some problems, so I reposted with a better title and a clean URL. Sorry!

The security advantages—real or perceived—of Mac OS X have been tossed around by many, including some so-called security experts. Some say that Mac OS X is only more secure because it is less common and therefore less tempting to a cracker. Others say that Mac OS X’s underlying Unix architecture makes it inherently more secure, regardless of popularity. This SecurityFocus article on a hacked Apple PowerBook seems to give credence to the former instead of the latter.

According to reports, a security researcher’s “hardened” Apple PowerBook was compromised at a recent hacking conference. It is believed that an unknown exploit allowed the compromise to take place. However, forensic analysis conducted afterward could not show any trace of a compromise or intrusion. Fact, or fiction? It’s anybody’s guess at this point, but the rumors are flying that this is “the year of the OS X exploit.”

I’m not so sure I believe that, but I also don’t believe that it’s impossible, either. I do believe that as Mac OS X gains in popularity, crackers will begin to target the platform more heavily than they are right now. At the same time, I also believe that Mac OS X is inherently more secure than Windows, due in large part to two factors:

  • Mac OS X’s underlying Unix architecture
  • Lack of driving need for “backward compatibility”

The Mac’s greatest vulnerability is, strangely enough, its ease of use. Many users, unaware of the dangers of untrusted binaries and lured into complacency by the slick user interface, won’t think twice about authenticating with administrative credentials when prompted to do so. But who’s to know what’s really going on under the hood? And from a consumer’s perspective, who cares what’s going on under the hood? (When’s the last time you looked under the hood of your car?)

It’s almost certain that Mac OS X will come under greater scrutiny in the coming months. It’s not quite so certain that a widely-exploitable flaw will be uncovered, nor is it certain that built-in Mac OS X security features won’t be able to quickly mitigate such a flaw. As with all aspects governing security, the best approach is to remain vigilant.

(Meanwhile, don’t even get me started about how Mac OS X on x86 will be less secure than Mac OS X on PowerPC.)

Be social and share this post!