[url]http://www.smh.com.au/news/breaking/macs-becoming-virus-targets[/url]\n/2006/05/01/1146335624796.html\n\nMacs becoming virus targets\n\nApril 1, 2006\n\nBenjamin Daines was browsing the web when he clicked on a series of\nlinks that promised pictures of an unreleased update to his computer's\noperating system.\n\nInstead, a window opened on the screen and strange commands ran as if\nthe machine was under the control of someone - or something - else.\n\nDaines was the victim of a computer virus.\n\nSuch headaches are hardly unusual on PCs running Microsoft Corp.'s\nWindows operating system. Daines, however, was using a Mac - an Apple\nComputer machine often touted as being immune to such risks.\n\nHe and at least one other person who clicked on the links were infected\nby what security experts call the first-ever virus for Mac OS X, the\noperating system that has shipped with every Mac sold since 2001 and has\nsurvived virtually unscathed from the onslaught of malware unleashed on\nthe Internet in recent years.\n\n"It just shows people that no matter what kind of computer you use you\nare still open to some level of attack," said Daines, a 29-year-old\nBritish chemical engineer who once considered Macs invulnerable to such\nattacks.\n\nApple's iconic status, growing market share and adoption of same\nmicroprocessors used in machines running Windows are making Macs a\nbigger target, some experts warn.\n\nApple's most recent wake-up call came last week, as a Southern\nCalifornia researcher reported seven new vulnerabilities. Tom Ferris\nsaid malicious Web sites can exploit the holes without a user's\nknowledge, potentially allowing a criminal to execute code remotely and\ngain access to passwords and other sensitive information.\n\nFerris said he warned Apple of the vulnerabilities in January and\nFebruary and that the company has yet to patch the holes, prompting him\nto compare the Cupertino-based computer maker to Microsoft three years\nago, when the world's largest software company was criticised for being\nslow to respond to weaknesses in its products.\n\n"They didn't know how to deal with security, and I think Apple is in the\nsame situation now," said Ferris, himself a Mac user.\n\nApple officials point to the company's virtually unvarnished security\ntrack record and disputed claims that Mac OS X is more susceptible to\nattack now than in the past.\n\nApple plans to patch the holes reported by Ferris in the next automatic\nupdate of Mac OS X, and there have been no reports of them being\nexploited, spokeswoman Natalie Kerris said. She disagreed that the\nvulnerabilities make it possible for a criminal to run code on a\ntargeted machine.\n\nIn Daines' infection, a bug in the virus' code prevented it from doing\nmuch damage. Still, several of his operating system files were deleted,\nseveral new files were created and several applications, including a\nprogram for recording audio, were crippled.\n\nBehind the scenes, the virus also managed to hijack his instant\nmessaging program so the rogue file was blasted to 10 people on his\nbuddy list.\n\n"A lot of Mac users are in denial and have blinders on that say,\n'Nothing is ever going to get to us,'" said Neil Fryer, a computer\nsecurity consultant who works for an international financial institution\nin Britain. "I can't say I agree with them."\n\nFryer, also a Mac user, said he has begun taking additional precautions\nover the past year to make sure he doesn't fall victim to an attack. He\nspends more time than in the past scrutinizing his security logs for\nsigns of intruders, and he uses a firewall and additional security\napplications, just as he would with a Windows-based machine.\n\nAmong the other signs Macs are a growing target:\n\n- The SANS Institute, a computer-security organisation in Bethesda, Md,\nadded Mac OS X to its 2005 list of the top-20 Internet vulnerabilities.\nIt was the first time the Mac has been included since the experts\nstarted compiling the list in 2000.\n\n- This week, SANS updated the list to warn against flaws in Safari, the\nMac Web browser, which the group said criminals were able to attack\nbefore Apple could fix it.\n\n- The number of discovered Mac vulnerabilities has soared in recent\nyears, with 81 found last year, up from 46 in 2004 and 27 in 2003,\naccording to the Open Source Vulnerability Database, which is maintained\nby a nonprofit group that tracks security vulnerabilities on many\ndifferent hardware and software platforms.\n\nLess than a week after Daines was attacked in mid-February, a\n25-year-old computer security researcher released three benign Mac-based\nworms to prove a serious vulnerability in Mac OS X could be exploited.\nApple asked the man, Kevin Finisterre, to hold off publishing the code\nuntil it could patch the flaw.\n\nThe Mac's vulnerability could also increase as Apple transitions to a\nproduct line that uses microprocessors made by Intel, security experts said.\n\nWith new Macs running the same processor that powers Windows-based\nmachines, far more people will know how to exploit weaknesses in Apple\nmachines than in the past, when they ran on the PowerPC chips made by\nIBM and Motorola spinoff Freescale Semiconductor.\n\n"They have eliminated their genetic diversity," said independent\nsecurity consultant Rodney Thayer. "The fear is that we're going to run\ninto a new class of attacks."\n\nBud Tribble, Apple's senior vice president of software technology,\ndisagreed.\n\n"All the things we've been doing to make Mac OS X secure continue to be\nrelevant on Intel," he said.\n\nMac OS X, he said, is designed to be Internet safe out of the box,\nwithout the need for firewalls or additional security software. He\npraised Mac OS X for making it easy for users to automatically install\nsecurity patches.\n\nHe noted that the operating system was derived from FreeBSD, open source\nsoftware that was built from the ground up to provide security for\ncomputers networked together. Since its origins in the early 1990s, the\nUnix-based FreeBSD has continually been battle-tested by college\nstudents and computer security specialists.\n\n"The bottom line is we still feel more comfortable using a Mac than a\n(Windows) PC," said Alan Paller, director of research for SANS.\n\nBut as Daines can attest, there are no guarantees.\n\n"We're all sort of waiting with bated breath to see if any problem will\nhappen and the jury is still out," said Thayer, the independent security\nconsultant. "I don't think you'll find a consensus."