A giant Mac-eating worm is in the loose! Run for your lives!
The worm's creator, an anonymous security researcher, posted a statement Sunday night that he had made a worm for the Mac OS X operating system that exploits a vulnerability in its Bonjour code. Bonjour is Apple's name for a technology that allows devices on a network to "discover" each other automatically, with no effort on the user's part. The anonymous researcher told Computerworld that his worm is "a fully weaponised exploit and fully automated." He also says he will notify Apple of the code vulnerability "eventually."
Over the past few days the usual accusations and denials have been tossed about on various tech Web sites. Those gloating are saying this proves the Mac is just as insecure as Windows (a serious accusation, considering the tens of thousands viruses and worms that can infect a Windows PC), Mac users are too smug about their invulnerability, Apple is terrible at patching holes in its code. The Mac defenders think the anonymous hacker is full of baloney, pointing out that no OS X malware has ever spread in the wild to infect home users.
We've seen this happen every time some hacker announces a Mac OS X vulnerability. Despite all the heated rhetoric, some truth dwells in what both sides say.
• Every OS has holes -- Because of the complexity of modern operating systems and all the services they must provide, such as networking and multimedia capabilities, exploitable holes in code are unavoidable. Mac OS X has them, too.
• Mac users are exploit-free -- This is true, but the debate has always focused on why. Some argue the Mac OS is more secure than Windows because its default settings are more secure – ports that are closed, user passwords required for software installations (although Vista is better in this regard than XP was). Some say OS X has had no significant malware attacks because of its relatively small market share – still only about 5 percent. Some claim OS X is more resistant to attack because of its Unix code base, which has been fine-tuned over decades of use. Over the years, I've come to think the Mac's excellent safety record is combination of all three.
• Apple does patch holes -- It may not always act as quickly as it should, but Apple does issue periodic security fixes that users can download automatically via OS X's Software Update feature. In situations like the current one, Apple always reiterates its commitment to security. However, I've read a lot of posts in tech forums that strongly disagree. I'm not geeky enough to analyze code vulnerabilities so I can't confirm who's right, but as a Mac user it appears that Apple makes a good faith effort to protect its customers.
Though Mac OS X has remained virus-free since it was introduced in March 2001 – that's six years, my friends –a widespread exploit is not impossible. The Mac's market share has been growing for the past year or so, particularly among home users. If the Mac achieves penetration of the home user market in the 10 to 15 percent range (some claim it already has), it will weaken the "security through obscurity" leg of protection. That means OS X's Unix foundation and Apple's built-in security will need to stand up to more direct attacks as the Mac grows in popularity.
Apple's adoption of Intel chips could also make Macs more vulnerable to malware (there are some chip-specific exploits), but the greater danger will come from users running Windows (via Bootcamp) on their Intel-based Macs. Windows on a Mac is just as insecure as Windows on a regular PC.
At some point Mac OS X could require virus protection software as does Windows, but we'll need to see a tangible threat or threats (Macs getting infected in large numbers by a worm or virus) before that happens.