By Matthew Broersma, Techworld.com MacCentral
Symantec: Mac users deluding themselves over security
Mac users are "operating under a false sense of security", according
to Symantec, and Firefox users will have to recognize that the
open-source browser is currently a greater security risk than Internet
Explorer.
Symantec's latest Internet Security Threat Report, published Monday,
found evidence that attackers are beginning to organize for attacks on
the Mac operating system. Researchers also found that over the past
six months, nearly twice as many vulnerabilities surfaced in Mozilla
browsers as in Explorer.
"It is now clear that the Mac OS is increasingly becoming a target for
the malicious activity, contrary to popular belief that the Mac OS is
immune to traditional security concerns," the report said.
Symantec said OS X -- based on BSD Unix -- now shares many of the
security concerns affecting Unix users. "As Mac OS X users demand more
features and implement more ports of popular UNIX applications,
vulnerabilities and exploits targeting this operating system and its
underlying code base are likely to increase," Symantec said in the
report.
The number of security bugs confirmed by Apple has remained about the
same over the past two six-month reporting periods, with no widespread
exploits, Symantec said. But an analysis of a rootkit called Mac OS
X/Weapox -- based on the AdoreBSD rootkit -- indicates the situation
might not last much longer. "While there have been no reports of
widespread infection to date, this Trojan serves to demonstrate that
as Mac OS X increases in popularity so too will the scrutiny it
receives from potential attackers," the report said. "Mac users are be
operating under a false sense of security, and deluding themselves."
Twenty-five vulnerabilities were disclosed for Mozilla browsers,
including Firefox, in the first half of the year, compared with 13 for
Explorer, Symantec said. Eighteen of the Mozilla flaws were classified
as high severity, compared with eight high-severity Explorer flaws.
Symantec warned of other emerging threats, notably to increasingly
popular IP telephony systems, wireless networks and mobile
devices. Meanwhile, attack code is becoming more sophisticated, with
attackers deploying modular code that can avoid detection systems,
Symantec said.
Copyright 2005 Mac Central.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily.
*** FAIR USE NOTICE. This message contains copyrighted material the
use of which has not been specifically authorized by the copyright
owner. This Internet discussion group is making it available without
profit to group members who have expressed a prior interest in
receiving the included information in their efforts to advance the
understanding of literary, educational, political, and economic
issues, for non-profit research and educational purposes only. I
believe that this constitutes a 'fair use' of the copyrighted material
as provided for in section 107 of the U.S. Copyright Law. If you wish
to use this copyrighted material for purposes of your own that go
beyond 'fair use,' you must obtain permission from the copyright
owner, in this instance, MacCentral and TechWorld.com
For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
Matthew Broersma (techworld@telecom-digest.org)