It has been been about a year or so since the latest java cross platform (operating system) attack hit the main news and yet I still know of people that refuse to run malware protection not only on Macs but Windows PCs. Not to run malware protection is the equivalent to me as running around naked only because things are still heating up in regard to cross platform Operating Systems (OSs) attacks now-a-days. These attacks can come due to a weakness in the operating systems themselves, or through an application that was installed into the operating system.
Apple, Linux, and others are all competing to be number 1 using different marketing styles. I always tell my students technology companies need to watch what they’re asking for such as Apple as they aim for the top.
For example, being the most popular Operating System (OS) on the block has its price to pay. W3schools rates Windows as having 82.3% of the operating system market according to the people that visited their site over 9 years (August, 2013). Mac only has 9.2% followed by Linux at 5%. Windows according to the w3schools website therefor is the most popular operating system. The fact is that anyone in security should know is Windows is also the most attacked, and most criticized operating system in this galaxy and I believe that is due to it’s overall popularity.
Students in my class may remember that I predicted the malware attacks on Macs rising a several years ago – in 2011 a few years later we had Mac Defender (really a lame implementation of malware… but others have come since then).
The fact of the matter is that I started to realize how much more students are apt to carry Mac computers just before I made the statement about malware for Macs increasing. A fact I attribute to security and the supply and demand of cyber attacks, as the popularity of particular systems rise (in this case Macs) then the probability of their attacks will increase as well.
I also predicted that attacks on the Mac will get increasingly worse after the first couple of attacks, as attackers (what the media calls hackers) are just testing the waters. I’m still saying it years later…
Let’s talk about the event that occured a year ago… the media filled the web with stuff about java exploits that are coming out and impacting the Apple community along with other things exploits with Microsoft Office for Mac. Apple wants their customers to think that they have a perfect system, however systems are like people and thus far from perfect. Perhaps because people make them, and we’re not gods after all (no matter what technology company leaders may think).
Just like our own biological systems that make up our bodies, no biological system is 100% immune to certain types of attacks. This carries over to computer systems as well, and thus no computer system is immune to attacks. For example, releasing gas on humans may have the same effect on their systems as a releasing malware on multiple computer systems that will destroy the computers.
I use all types of computers, basically supporting Windows for over 15 years and still continuing to do so. Some fellow Apple users impressed with their shiny Macs told me all through my Information Assurance training “Macs don’t get viruses”, well they’re right. It’s really a play on words. Even after the first rootkit appeared for Mac in early 2009, Mac users kept telling me we don’t get viruses (well they don’t… those are old news and the chances of Windows getting viruses have decreased as well).
In order to understand a rootkit (remember that thing that could infect Macs as of 2009?)- imagine your brain gets infected thus controlling your entire biological system through a zombie virus I just created. Like a zombie that infection is now controlling you and is able to lie to your immune system by telling it everything is working fine. In fact if you inject antibodies to try to fight the infection your body probably won’t do anything because my infection is part and controlling everything. In fact I may just program it to lie to the antibodies and say everything is all right. That’s what a rootkit does to an operating system… much worse than a virus. Please also note in my analogy to Zombies, rootkits are different than a Zombies infected system (we’ll save that for another article). In most cases antivirus may not detect the rootkit unless it’s scanned from a different machine or removable media like with a Kaspersky Rescue Disk (Linux based tool… used for cleaning Windows), or Microsoft Standalone Sweeper (again for Windows).
I always recommend people to backup their data and reload their system if they get a rootkit infection, because it leaves too much bad stuff behind and you never know if you got it all. There are other tools out there for detecting root kits embeded in Linux and Unix (Mac included with Unix) because even my other favorite operating system – Linux is susceptible to rootkits. Note… to detect root kits you usually have to boot to another system that isn’t infected to detect the infection on the system that is infected.
Even now Apple users would state that the security problems they have are not because of the Operating System, but the Applications from other vendors. So Mac friends, you don’t get viruses… but you can get much worse as a rootkit is a total compromise to the heart of the system and this could occur without any other software letting it in. In fact the easiest way to break into a computer is to simply trick the user, something attackers already know.
Now where were we… the attacks I was used to seeing during the mid 90s and up to 2006 started to migrate from the network level type attacks to application attacks on the Windows side. Really, at this point Windows and Mac are no different in the way they are both now being attacked. The playing field is beginning to level out and I’m seeing it more and more just like I did with Microsoft operating systems. My heart is sinking, because I too remember a time when on Windows I didn’t need antivirus! I’m not trying to say this to be a jerk to anyone… so please let me explain as I don’t take sides in Operating Systems, nor am I trying to spread Fear Uncertainty and Doubt (FUD).
We have to be prepared and that’s the point I’m trying to make with this blog entry.
I got involved in teaching Computer and Internet Security over at the college. That forced me to take on Unix and Linux… and I’m actually happy it did. I always wanted to but never could professionally learn the other operating systems due to time constraints, however I’m at a point now I’m fully comfortable with the main ones. I also want to be the best teacher and support professional I can be, and that’s why I never want to be product specific.
Having this insight only helps me understand more about the mixed Operating System environment we all live in, and truthfully I don’t understand why people take sides with Operating Systems.
Operating Systems really don’t matter so much anymore as most of the stuff we want to do is available on every OS… and it’s mostly web based. To extend it further there are services/programs in each these operating systems to make them compatible with some of the other operating systems. For example Linux has Wine (my favorite subject in another light) for supporting some Windows applications inside of Linux. Plus virtualization of hardware makes it possible for us to run a program that will emulate most operating systems legally on Linux, Mac (note Apple only lets you run virtual Mac OS X installations on their hardware), or Windows. Basically running virtual/fake computers inside of physical computers – like Running Windows inside of Mac or Linux.
This learning has turned into a passion that spans multiple technologies, and I feel enlighten because of it. With that said, I’m very humble… I have a long way to go, I’ll never know everything… and I don’t feel I’m that good.
I recently sold two Mac Pro 1.1 2006 towers to purchase a new Mac for my kids (my Linux and Windows friends make fun of me at this point)… so that’s the new computer in the house. Like most technology guru’s there’s more computers than humans in my house (some custom built, some laptops, lots virtual, and a some collecting dust in the basement). 🙂
I love Mac and Linux just as much as I love (yikes as my Linux and Mac friends would say) Windows. They have all matured to a point where I can appreciate them and use them interchangeably to a point (my limitations, but not for long!).
I even have fun teaching Network concepts across Linux and Windows… however the thing I loved most about Mac is the polished feel to the operating system opposed to Linux (but watch out… it’s very close… and you’ll pry my Linux system from my cold dead hands). Truth of the matter is all three systems have helped me while supporting each other. I can’t tell you how much data I’ve been able to recover using Mac and Linux (tons – that is if we could weigh binary).
It just frustrates me to see the other OSs suffer the attacks like the ones I’ve had to put up with for the last 20 something years… you know the malware (not viruses… but viruses are a small subcategory of malware). Even Windows doesn’t deserve the malware… no OS really does. Windows just got hurt due to the fact that they have the customer base, meaning more people and most importantly -businesses use it. Develop 1 attack and then whammy you got a maximized payout potential because you infected multiple machines when you attack the larger customer base.
A couple years ago I stated it was going to happen little by little for Mac, and now a couple years later here we are… Java and Microsoft Office exploits… etc. etc. In fact we even know of a cross platform downloader virus that checks operating systems it is trying to infect to decide which verson of software it can infect the target computer with.
If you take anything from this entry, be prepared my friends in Linux and Mac world, they’re coming for us too… Just remember that nothing is perfect, and be on guard for people trying to manipulate you to install something, steal you information, or try to extort money from you… even from a friends or family member’s hacked account that owns a Mac or Linux machine. The only way to beat this it to be on guard and continue training ourselves like solders train for battle.
You can always browse to the IA Education, Training and Awareness website right here and click on any of the number of topics to help you get a head start on for online training for free! Please do this for yourself and society. No strings attached, because I care for you and for every system out there (biological or technological). Together we can slow them down. We need to be harder, better, faster, stronger (to quote Daft Punk) then we currently are today. We also need to accept the fact that all operating systems including Macs are vulnerable like our own biological systems. It just makes sense.
Finally, we need to take that training one step further and put countermeasures in place. These countermeasures need to be implemented by the designers (first and foremost) of the operating systems and ourselves mentally, logically via the software (applications and operating systems) we control, and physically by securing ourselves along with our computers to ensure that all Operating Systems will continue to have a bright future.