Since the first Mac was produced in 1984, Apple has proudly asserted that, unlike its PC-based competitors, their technology was much more secure and immune to nearly all malware attacks. However, there is growing evidence that Apple’s operating system is more vulnerable to malware attacks and research presented at the RSA “Cybersecurity” Conference in San Francisco last week offered plenty of evidence that Mac computers have become remarkably insecure.
In a conference session delivered by Patrick Wardle, a former employee of the National Security Agency (NSA) and currently Director of Research for Synack (a security startup also founded by former NSA staff), a comprehensive analysis revealed that Apple’s built-in anti-malware system was “incredibly weak.” According to Wardle, recent patches, many of which were released over the past several weeks, have not closed security loopholes.
In response to growing customer concerns and reports of successful spyware and malware attacks on the Mac line of computers, Apple has introduced a number of new protective features in updated releases of its operating system – OS X. “We can bypass all of these security features,” Wardle declared.
This is going to be a concern for Apple as Mac sales continue to rise. In the company’s earnings report yesterday, it was disclosed that Apple now makes more money from selling Macs than from iPads. It stands to follow that hackers and other bad actors will target Macs more strongly because where there is a large user base, there’s also money to be made.
“Though we all love our Macs, they are fairly insecure,” said Wardle. “And as Macs become more common, we’re going to see more malware.”
The security researcher offered RSA attendees a detailed description of coding flaws he discovered in Apple’s protection tools such as Gatekeeper and XProtect. He also noted that because OS X allows unsigned applications to run in Safari, he could easily inject malicious code.
With Macs suddenly more vulnerable to attacks than ever before, a number of companies have rolled out new protection software for Apple’s line of computers designed to guard against infections. Amazingly, based on Wardle’s own findings, none of these successfully protect Macs either.
“The entire security industry on OS X is very inept,” said Wardle.
The Synack security researcher claims he tested 12 commercially available anti-malware tools (including Norton Anti-Virus and Bitdefender) against a relatively basic virus he designed and injected into a Mac computer. According to Wardle, all of them failed to protect his system and eliminate the infection.
“If I could defeat these tools, imagine what a nation state could do,” said Wardle.
In response, Wardle has developed two new free anti-virus tools for Mac users which he announced and released last week during the security conference. Both are available for download from the security expert’s website, Objective-see.com.
One is called KnockKnock UI and it’s designed to uncover persistently installed malware that executes every time a Mac is restarted. The other is BlockBlock, which is currently running in beta and, as Wardle describes it, “tells you who’s trying to move in.”
Wardle also has a piece of useful advice for anyone seeking to download anything from a website: “use only ones with the s.” This means avoiding any downloads from sites that still use the less secure “http” designation at the beginning of their web address and using only those with “https” instead. This is a browser extension that encrypts your communication with many websites and makes it more secure.
There is also anecdotal evidence from users contacted by this column that Apple’s support staff is “suggesting” that Mac users download a free tool called Adware Medic (which is issued by The Safe Mac), if their computers become infected with irritating adware.
Apple’s user base is known for being fiercely loyal to the company’s products and brand, which has transformed it into arguably the most powerful technology company in the world today. Now their loyalty will be tested as criminals may finally be breaking down the “hack proof” world Apple users enjoyed for so long.