Black Hat: 'OS X networks are significantly more vulnerable'

Black Hat: 'OS X networks are significantly more vulnerable'

Summary: Think that OS X is more secure than Windows? Think again!

SHARE:

Microsoft's Windows 7 operating system is more secure than Apple's Mac OS X, claims security researchers at Black Hat.

According to Alex Stamos of iSec Partners, OS X has a greater number of vulnerabilities compared to Windows 7, and when it comes to network security, 'OS X networks are significantly more vulnerable to network privilege escalation,' and that 'almost every OSX server service offers weak or broken authentication mechanisms.'

Stamos also goes on to dispel the myth that Mac OS X isn't attracting attention from hackers. To support this he points out that over the past three years 1,151 major vulnerabilities have affected Apple products, only slightly less than the 1,325 affecting Windows.

Things are looking up for Mac OS X though, as 10.7 'Lion' adds application sandboxing to keep malware contained. Whether this will be enough to make Lion more secure than its predecessors remains to be seen.

But what about mobile devices? Independent security researcher Dino Dai Zovi claims that Apple is doing a good job with iOS because applications run in a sandbox and the operating system makes use of a dynamic application signing feature where apps are verified before running.

When it comes to Android, Zovi claims that this mobile OS is less secure than iOS and actually about as secure as a jailbroken iOS device. Blackberry has better data security than iOS but doesn't have the sandbox feature for applications.

Topics: Software, Apple, Mobile OS, Networking, Operating Systems

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

41 comments
Log in or register to join the discussion
  • I can't imagine there being many OSX Servers out there

    Granted it appears to have weak authentication issues, but I would suspect the majority of the OSX user base is not attaching to an OSX server, yes?
    Dietrich T. Schmitz, Your Linux Advocate!
    • RE: Black Hat: 'OS X networks are significantly more vulnerable'

      @Dietrich T. Schmitz, Your Linux Advocate!
      I agree. Maybe Apple can revisit that if and when OSX Server starts becoming more prevelant on corporate networks. I think that is unlikely as long as you have to run OSX on Apple hardware and you can't run it in a virtual environment.
      bmonsterman
    • It's a self-fulfilling prophecy

      @Dietrich T. Schmitz, Your Linux Advocate!

      Apple killed the Xserver platform because they focus on consumer products and the Xserver had a very low adoption rate in enterprises.

      DHX is essentially, abandonware. Apple does not fix their software bug because Apple does not target this market. Versions of this exploit go back many years.
      Your Non Advocate
  • RE: Black Hat: 'OS X networks are significantly more vulnerable'

    That's one thing but UNIX is more secure than NT. Well at least we don't have to worry about viruses and worms
    shellcodes_coder
    • RE: Black Hat: 'OS X networks are significantly more vulnerable'

      @shellcodes_coder
      Vulnerabilities lead to viruses and warms. Even though *nix platforms have better fail safes then Microsoft's NT, it will never be 100% secure.
      ZackCDLVI
      • RE: Black Hat: 'OS X networks are significantly more vulnerable'

        @Zc456
        Microsoft should fix Windows to get rid of viruses and worms and guess what? that will never happen. UNIX based systems are virtually virus free regardless of the vulnerabilities found and patched
        shellcodes_coder
      • *nix platforms have better fail safes then Microsoft's NT

        @Zc456

        <i>Even though *nix platforms have better fail safes then Microsoft's NT</i>

        Citation needed. What is the secret sauce? Or is it some magical, elusive, unmentionable ingredient?

        What is it?
        honeymonster
      • Since you asked...

        @shellcodes_coder
        You completely missed my point.

        @honeymonster
        Root and User with most root commands requiring some kinda authentication. Software for Debian and RPM-based systems uses GPG verification. No Registry (thank god) - one mess up of that and your system is toast.

        Just to name a few. You can Google the rest.
        ZackCDLVI
      • RE: Black Hat: 'OS X networks are significantly more vulnerable'

        @Zc456

        <i>Root and User with most root commands requiring some kinda authentication. </i>

        So? NT has had a finer grained permission system than UNIX for 20 years.

        <i>Software for Debian and RPM-based systems uses GPG verification.</i>

        Software for Windows is verifiable via signing if that is desired.

        <i>No Registry (thank god) - one mess up of that and your system is toast.</i>

        The registry is a transactional database, which is 100x more reliable than a bunch of text files scattered around the filesystem.

        You should learn a thing or two about Windows and UNIX before you run your mouth.
        toadlife
      • Registry 100x More Reliable Than Configuration Files?

        @toadlife<br>The registry in Windows is 100x more reliable than configuration files? Experience tells us otherwise. As far as I've seen, the registry has every problem configuration files have as well as a number of additional ones. A registry corruption is many times more likely to create an unbootable system, and is harder to repair if that happens.<br><br>Of course most of the weaknesses in NT when it actually comes to <i>security</i> are not inherent in its basic structure, but leftover issues from putting the already existing Windows API on top of it.<br><br>NT does have a lot of permission features. However, it's weakness when it comes to permissions is that it relies primarily on file extensions rather than permissions to determine if a file is executable. Of course, permissions are not really directly related to the original point. <br><br>The original point was about the fact that most people run Windows with administrative rights active at all times because the legacy of always active administrative rights from older versions of Windows makes trying to move away from this inconvenient. The real defense Microsoft has for this issue is the addition of UAC, which asks you to confirm administrative rights for many actions even when you are logged on as an administrator. That may not be the most elegant solution, but it does help with the issue.
        CFWhitman
      • RE: Black Hat: 'OS X networks are significantly more vulnerable'

        @Zc456 As a Linux user, let me apologize in advance for all the nonsense that's going to come out now about Linux being secure just because it is, without anyone able to explain why it's more secure. Of course it's not 100% secure. It's quite possibly not even close, and I wish BlackHat and other security entities would intensely target it to help dispel the mythology before the real bad guys do.
        jgm@...
      • RE: Black Hat: 'OS X networks are significantly more vulnerable'

        @CFWhitman

        In 12 years I count on one hand the number of corrupted registries and every single case has been a desktop machine with bad memory or a had hard disk. It's never happened on a server - and that goes back to NT4 servers we had when I started. Restoring a backup of the registry is extremely easy, especially with Windows 7. YMMV I guess.

        As for file extensions and 'executability' (is that a word?), NT ACLs control whether or not a file can be executed. It is very easy to configure a Windows user profile so that files are not executable by default. The main difference between Unix and NT in this regard is default settings.

        Besides, default file permissions mean nothing to shellcode.
        toadlife
    • RE: Black Hat: 'OS X networks are significantly more vulnerable'

      @shellcodes_coder ... That's not true. Unix has a better track record, but it isn't invulnerable to viri, worms, exploits, remote code execution, etc. If that were true there'd be no such thing as a rooted server, and Sony wouldn't be having the issues they're currently having.

      If you believe what you said, I have news for you, YOU ARE NOT A UNIX PROFESSIONAL!
      snoop0x7b
    • Face it Shellcodes your platform of choice is insecure

      @shellcodes_coder Stop trying to suck up to Steve Jobs with your Apple love fest, the guy doesn't want to know or care about it. So your lip-service to the company is all in vain. You just hate Microsoft because its Microsoft. People like you can't seriously have a job, because you would be fired for insubordination and your attitude wouldn't get you an interview either. Admit that you are wrong and always been wrong and will always be wrong.

      I seriously suspect you are one of those 90's Guy Kawasaki evangelist who are set in your ways and will always hate for no reason. Sorry, your type has been irrelevant for a long time now, 1.2 billion Windows users have moved on.
      adacosta38
  • RE: Black Hat: 'OS X networks are significantly more vulnerable'

    What good is having a system that is virus and worm 'free' if your accounts and data get hacked through vulnerabilities? Isnt this essentially just as bad?
    andycastillo01@...
    • RE: Black Hat: 'OS X networks are significantly more vulnerable'

      @andycastillo01@...
      Worse. It means that the machine MIGHT be secure if it wasn't for network services that are just as vulnerable. not to mention the ability to physically crack a Mac's authentication within 3 minutes with 0 software and 0 tools.
      Nate_K
    • Errr...

      @andycastillo01@... : Since you are talking networks, we can most likely assume that the Windows network is a domain. If it is a domain and properly managed, most users will not have the rights to install anything. Since they can't install, most [all?] malware can't get into the system.
      Similarly, as we are talking about networks, we can assume that they are behind a decent firewall - which should reduce security issues on all networks.
      Gisabun
  • Where are the exploits?

    Even though OS X is claimed to be more un secured. One wonders why malware has not taken advantage of it? Not that I am discounting the potential. I just question the fact that being more unsafe has to include the amount of interest in exploiting these weaknesses. bviously Windows might be more safe, but I think their is more Malware targeted at it. Which too me makes it more un safe.
    jscott418-22447200638980614791982928182376
    • RE: Black Hat: 'OS X networks are significantly more vulnerable'

      @jscott418
      "One wonders why malware has not taken advantage of it?"

      Because it is a small installed base of systems compared to Windows. This means three things. First, hackers are more likely to be using Windows, themselves. Second, they won't get as much attention attacking a salmon as when they attack a whale. They do it for the attention. Third, they look at the number of infected systems as a score. Even if they infect every OS X system, they won't have a score as high as infecting 10% of the installed base of Windows systems. So, despite OS X being less secure, there is less malware because the hackers can infect more systems by attacking Windows.

      So, I guess OS X users should count their blessings and stop praying that their installed base grows. Just enjoy the anonymity of being a small target.
      BillDem
      • RE: Black Hat: 'OS X networks are significantly more vulnerable'

        @BillDem
        Just to put that in laymans terms for them... He mean's why hack something that makes no difference when you can attack something with a massive world reaching impact. It's like thinking about robbing a bank for $20 when you get have more success with the federal gold reserve.
        Nate_K