- Gain access to Address Book… easy.
- Send HTTP POST data… easy.
- Send email w/ attachment via PHP… easy.
- Spreading malicious Mac-ware… easy?
Please tell me I’m wrong!
The above don’t do anything “malicious” (except spread) but if someone did find a way to mess with the system and what I think is possible is, it really wouldn’t be very difficult to have it spreading as well as infecting. It could also easily work as a trojan, if someone includes a “feature” in their app that emails all of the user’s contacts.
(Or think about access to the Keychain! Scary.)
As Mac users, we’re so used to being malware-free that if we did encounter something malicious, we may not be as scared as we should…
If anyone wants to point out all the flaws in the above logic, please do. I might learn something.
9 Comments so far
Leave a commentWell, yes. As soon as you execute unknown code with your user priviledges, you’re open to all sorts of attacks. The big malware problem on Windows is the ease with which malware can be executed without your permission, under your credentials. That is the tough part on the Mac - doing it without the users permission or active involvement.
stated by Robert 'Groby' Blum on April 18, 2007 2:53 pm | Permalink
This is kind of like someone sitting at dinner cutting his steak with a sharp steak knife, and then freaking out a little because he realized for the first time that the knife could, theoretically, plunge between his ribs and into his heart and was in fact inherently risky.
The flaw is basically that it’s just software, and it can do stuff if you install it on your computer and run it. This is nothing new. Just don’t install it and don’t run it if you don’t trust it.
Even if it manages to send itself this way, it can’t make other machines run it, which is where the main problem comes in.
Would you prefer having to manually click “OK” every time something wants to send data to a website? I kinda doubt it.
That way lies madness and a crippled OS. We don’t want that, just like we don’t want to be limited to using much safer plastic knives.
stated by Jon H on April 18, 2007 3:25 pm | Permalink
Jon, I like your analogy. In fact I’m going to extend it a bit. I would never give a two year old a steak knife because he would not know the correct way to use it or the implications of its sharp edge. However, the vast majority of the computer using world are like two year olds with knifes. (I sincerely mean no insult here. I really love my two year old!)
The Mac and Linux communities have been fortunate in that their user base is primarily composed of people knowledgeable enough to know that there is an alternative and how it is better. That is inherently a filter that keeps the two year olds out.
However the Mac platform is at a turning point now. As more and more people make the “switch” malicious coders will find the Mac platform more tempting. And while Mac OS X may truly be more secure, these new users may not be. Conversely, it may be the case that Windows switchers are so jaded that they won’t trust a damn thing but somehow I’m not too optimistic about that. Maybe I’m just jaded too.
stated by Jorge Escala on April 19, 2007 12:24 am | Permalink
Robert has the right idea. A trojan like this would not have as many ways to hide itself, as it would on Windows.
We had a worm outbreak at work recently, on the Windows machines. They think it came in via AIM, and my desktop PC caught it even though I don’t have access to AIM at work. However the PC caught it, it doesn’t seem to have been from anything I did.
I don’t think that kind of invisible cross-network infection is possible right now on the Mac. On the Mac you’d still have a trojan app to run, which has always been possible, but hasn’t really been a problem. (Apple installers have caused more problems than trojans!)
I don’t really see a way to prevent this theorized attack from happening that doesn’t render a Mac unusable by requesting user approval for every attempt to connect to the network.
Far better to make it hard for malware to run in secret, and make sure it can’t make itself unremovable.
(Heck, a major reason it thrives on Windows is that Windows’ UI makes it so hard to find basic useful information about running processes - like the path of an executable that’s running, making it easy to make a process that impersonates a Microsoft thingy. )
declared by Jon H on April 21, 2007 12:22 pm | Permalink
Ankur, you make a strong point. It has come to the attention of CocoaDev before that one could make a malicious widget (it really wasn’t that nice, although it doesn’t sound impressive) and / or an inputmanager that sniffs up the password from any installer with an authorization dialogue. Apple looked at both cases and did some fixing quickly (being a tad less objective here; I don’t think we’ll see Microsoft doing their best over such things). The problem is that Mac computers, from the philosophy up, are made to be ‘just working’, ‘just simple’, etcetera. BSD is the world’s most secure OS. That’s possibly also because no ‘normal’ user uses it as a desktop OS. The compromise goes both ways; either give up user-friendlyness and simplicity, or crank up on security. As said on the blog Noodlings, people on the Mac are often stupid enough not to know what to do with disk images. I’d consider something like Little Snitch very disastrous to novice users as well. They’d just click “Disallow”, because god knows what they are getting themselves into. And after that, they’ll complain about the Mac’s ‘internet being broken’. I’ve seen it happen.
So really, what should we as developers do? I think we should look at a future where desktop applications should take advance notice of the ‘ground’ they have with other applications in common and the room for ‘movement’ within the OS, and consider that these are factors that will change as the security condition changes. I have an application that manages passwords, and it’s hard to keep them absolutely safe. At some point, those passwords will have to get decrypted and stored in memory. I can’t just take out the functionality so that it’s safer, but I can also not take out the whole encryption because it’s more convenient. I think, and hope, myself, that Apple makes this all easy for us.
We’ll see ;).
announced by Sebastiaan de With on April 21, 2007 7:28 pm | Permalink
Once an app has access to your keychain and it somehow fools you to enable “access for assistive devices” it can do anything it pleases.
I get really worried when i use those apps that dont come up in the dock or menu bar!…
EDIT: Whats most scary is that anyone (almost) could make the above with just some lines of applescript!!
divulged by Cal on April 25, 2007 5:28 pm | Permalink
I am scared… kinda
mentioned by Blactooth on April 28, 2007 5:56 am | Permalink
The fact that some large percentage, like the majority, of computer users are ignorant and lazy is their problem. Unlike two-year olds, they are expected to take responsibility for their own actions and the accompanying consequences.
One of the most irritating and self-destructive aspects of modern society is the freedom from responsibility which so-called adults expect as their birth-right.
My motto is: “Ignorance is expensive; possibly life threatening.” I, for one, support thinning the meme-pool by eliminating the lusers from participating. Let them get their viruses! Let them give out their passwords in exchange for candy bars! My job is not to nursemaid idiots, no matter how much money they offer me.
Don’t use tools if you are a) unwilling to learn their correct operation, and b) unwilling to accept the consequences for using them incorrectly. Grow the fsck up! If you happen to run a company which employees ignoramuses, limit their ability to do damage.
I have very little sympathy for people who stick their necks in the nearest noose and wait for someone to kick the stool out from under them. I’ll still put the stool-kicker in jail, however. I’m not advocating maliciousness. I’m advocating discipline and accountability and being well informed.
-h-
declared by Hubrist on May 5, 2007 11:09 pm | Permalink
Unfortunatelly I think it is possible to write any kind of malware for a mac. Hiding your “malware” once you are in the system is easy, just inject you code to any running application (e.g. the Dock). This is what DesktopManager or VirtueDesktop and other do for years for accessing the windows on you screen. And thanks to all those great libraries integrating all kind of data into you programs accessing adress books and co. won’t be that difficult. Or how about writing a keylogger using the same techniques like Text Expander to manipulate text fields?
A lot of haxies use techniques found from reverse engeneering some Mac parts and sometimes using methods normaly found in any kind of “malware” (I was really shocked after my switch how easy it is to inject your code into any program and the best is there are libraries outta there already doing the compilcated stuff for you).
The only remaining problem is how to spread you malware. Solution 1. make the user start it (there are alot of users out there not realy thinking about security when starting a new app…). Solution 2: find a bug and make it execute your own code. It is the same as with windows or any unix. If you’ve found a nice and usable bug (e.g. buffer overflow) you can inject any code you want and if it gets worse this bug is in a software component available over a network (happend from time to time for Windows ending in worms attacking randomly any PC around not sitting behind a hardware firewall). And when you already know what system you are attacking (x86 or ppc, windows or mac) than it won’t be really difficult to write “malware” (e.g. a worm) containing code for both architectures. Oh, and the problem with firewalls (exspecially those running on the PC you want to protect) is that they may contain any kind of bug too. When entering the great world wide web one should use a hardware firewall…
reported by anonymous on June 7, 2007 7:02 am | Permalink
Leave a comment