ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Black Hat: 'OS X networks are significantly more vulnerable'

By | August 9, 2011, 4:36am PDT

Summary: Think that OS X is more secure than Windows? Think again!

Microsoft’s Windows 7 operating system is more secure than Apple’s Mac OS X, claims security researchers at Black Hat.

According to Alex Stamos of iSec Partners, OS X has a greater number of vulnerabilities compared to Windows 7, and when it comes to network security, ’OS X networks are significantly more vulnerable to network privilege escalation,’ and that ‘almost every OSX server service offers weak or broken authentication mechanisms.’

Stamos also goes on to dispel the myth that Mac OS X isn’t attracting attention from hackers. To support this he points out that over the past three years 1,151 major vulnerabilities have affected Apple products, only slightly less than the 1,325 affecting Windows.

Things are looking up for Mac OS X though, as 10.7 ‘Lion’ adds application sandboxing to keep malware contained. Whether this will be enough to make Lion more secure than its predecessors remains to be seen.

But what about mobile devices? Independent security researcher Dino Dai Zovi claims that Apple is doing a good job with iOS because applications run in a sandbox and the operating system makes use of a dynamic application signing feature where apps are verified before running.

When it comes to Android, Zovi claims that this mobile OS is less secure than iOS and actually about as secure as a jailbroken iOS device. Blackberry has better data security than iOS but doesn’t have the sandbox feature for applications.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Black Hat, Network, Apple OS, Apple Mac OS, Apple Mac OS X, Operating Systems, Mobile Operating Systems, Software, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

41
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Black Hat: 'OS X networks are significantly more vulnerable'
belli_bettens@... 23rd Aug
@comp_indiana my god! did you left your objectiveness at home?
View in thread
0 Votes
+ -
I can't imagine there being many OSX Servers out there
Dietrich T. Schmitz, Your Linux Advocate! Updated - 9th Aug
Granted it appears to have weak authentication issues, but I would suspect the majority of the OSX user base is not attaching to an OSX server, yes?
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
bmonsterman 9th Aug
@Dietrich T. Schmitz, Your Linux Advocate!
I agree. Maybe Apple can revisit that if and when OSX Server starts becoming more prevelant on corporate networks. I think that is unlikely as long as you have to run OSX on Apple hardware and you can't run it in a virtual environment.
0 Votes
+ -
It's a self-fulfilling prophecy
facebook@... 9th Aug
@Dietrich T. Schmitz, Your Linux Advocate!

Apple killed the Xserver platform because they focus on consumer products and the Xserver had a very low adoption rate in enterprises.

DHX is essentially, abandonware. Apple does not fix their software bug because Apple does not target this market. Versions of this exploit go back many years.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
shellcodes_coder 9th Aug
That's one thing but UNIX is more secure than NT. Well at least we don't have to worry about viruses and worms
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Zc456 9th Aug
@shellcodes_coder
Vulnerabilities lead to viruses and warms. Even though *nix platforms have better fail safes then Microsoft's NT, it will never be 100% secure.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
shellcodes_coder 9th Aug
@Zc456
Microsoft should fix Windows to get rid of viruses and worms and guess what? that will never happen. UNIX based systems are virtually virus free regardless of the vulnerabilities found and patched
0 Votes
+ -
*nix platforms have better fail safes then Microsoft's NT
honeymonster 9th Aug
@Zc456

Even though *nix platforms have better fail safes then Microsoft's NT

Citation needed. What is the secret sauce? Or is it some magical, elusive, unmentionable ingredient?

What is it?
0 Votes
+ -
Since you asked...
Zc456 9th Aug
@shellcodes_coder
You completely missed my point.

@honeymonster
Root and User with most root commands requiring some kinda authentication. Software for Debian and RPM-based systems uses GPG verification. No Registry (thank god) - one mess up of that and your system is toast.

Just to name a few. You can Google the rest.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
toadlife 9th Aug
@Zc456

Root and User with most root commands requiring some kinda authentication.

So? NT has had a finer grained permission system than UNIX for 20 years.

Software for Debian and RPM-based systems uses GPG verification.

Software for Windows is verifiable via signing if that is desired.

No Registry (thank god) - one mess up of that and your system is toast.

The registry is a transactional database, which is 100x more reliable than a bunch of text files scattered around the filesystem.

You should learn a thing or two about Windows and UNIX before you run your mouth.
0 Votes
+ -
Registry 100x More Reliable Than Configuration Files?
CFWhitman Updated - 9th Aug
@toadlife
The registry in Windows is 100x more reliable than configuration files? Experience tells us otherwise. As far as I've seen, the registry has every problem configuration files have as well as a number of additional ones. A registry corruption is many times more likely to create an unbootable system, and is harder to repair if that happens.

Of course most of the weaknesses in NT when it actually comes to security are not inherent in its basic structure, but leftover issues from putting the already existing Windows API on top of it.

NT does have a lot of permission features. However, it's weakness when it comes to permissions is that it relies primarily on file extensions rather than permissions to determine if a file is executable. Of course, permissions are not really directly related to the original point.

The original point was about the fact that most people run Windows with administrative rights active at all times because the legacy of always active administrative rights from older versions of Windows makes trying to move away from this inconvenient. The real defense Microsoft has for this issue is the addition of UAC, which asks you to confirm administrative rights for many actions even when you are logged on as an administrator. That may not be the most elegant solution, but it does help with the issue.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
jgm@... 9th Aug
@Zc456 As a Linux user, let me apologize in advance for all the nonsense that's going to come out now about Linux being secure just because it is, without anyone able to explain why it's more secure. Of course it's not 100% secure. It's quite possibly not even close, and I wish BlackHat and other security entities would intensely target it to help dispel the mythology before the real bad guys do.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
toadlife 9th Aug
@CFWhitman

In 12 years I count on one hand the number of corrupted registries and every single case has been a desktop machine with bad memory or a had hard disk. It's never happened on a server - and that goes back to NT4 servers we had when I started. Restoring a backup of the registry is extremely easy, especially with Windows 7. YMMV I guess.

As for file extensions and 'executability' (is that a word?), NT ACLs control whether or not a file can be executed. It is very easy to configure a Windows user profile so that files are not executable by default. The main difference between Unix and NT in this regard is default settings.

Besides, default file permissions mean nothing to shellcode.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
snoop0x7b 9th Aug
@shellcodes_coder ... That's not true. Unix has a better track record, but it isn't invulnerable to viri, worms, exploits, remote code execution, etc. If that were true there'd be no such thing as a rooted server, and Sony wouldn't be having the issues they're currently having.

If you believe what you said, I have news for you, YOU ARE NOT A UNIX PROFESSIONAL!
0 Votes
+ -
Face it Shellcodes your platform of choice is insecure
adacosta38 9th Aug
@shellcodes_coder Stop trying to suck up to Steve Jobs with your Apple love fest, the guy doesn't want to know or care about it. So your lip-service to the company is all in vain. You just hate Microsoft because its Microsoft. People like you can't seriously have a job, because you would be fired for insubordination and your attitude wouldn't get you an interview either. Admit that you are wrong and always been wrong and will always be wrong.

I seriously suspect you are one of those 90's Guy Kawasaki evangelist who are set in your ways and will always hate for no reason. Sorry, your type has been irrelevant for a long time now, 1.2 billion Windows users have moved on.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
andycastillo01@... 9th Aug
What good is having a system that is virus and worm 'free' if your accounts and data get hacked through vulnerabilities? Isnt this essentially just as bad?
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Nate_K 9th Aug
@andycastillo01@...
Worse. It means that the machine MIGHT be secure if it wasn't for network services that are just as vulnerable. not to mention the ability to physically crack a Mac's authentication within 3 minutes with 0 software and 0 tools.
0 Votes
+ -
Errr...
Gisabun 10th Aug
@andycastillo01@... : Since you are talking networks, we can most likely assume that the Windows network is a domain. If it is a domain and properly managed, most users will not have the rights to install anything. Since they can't install, most [all?] malware can't get into the system.
Similarly, as we are talking about networks, we can assume that they are behind a decent firewall - which should reduce security issues on all networks.
0 Votes
+ -
Where are the exploits?
jscott418 9th Aug
Even though OS X is claimed to be more un secured. One wonders why malware has not taken advantage of it? Not that I am discounting the potential. I just question the fact that being more unsafe has to include the amount of interest in exploiting these weaknesses. bviously Windows might be more safe, but I think their is more Malware targeted at it. Which too me makes it more un safe.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
BillDem 9th Aug
@jscott418
"One wonders why malware has not taken advantage of it?"

Because it is a small installed base of systems compared to Windows. This means three things. First, hackers are more likely to be using Windows, themselves. Second, they won't get as much attention attacking a salmon as when they attack a whale. They do it for the attention. Third, they look at the number of infected systems as a score. Even if they infect every OS X system, they won't have a score as high as infecting 10% of the installed base of Windows systems. So, despite OS X being less secure, there is less malware because the hackers can infect more systems by attacking Windows.

So, I guess OS X users should count their blessings and stop praying that their installed base grows. Just enjoy the anonymity of being a small target.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Nate_K 9th Aug
@BillDem
Just to put that in laymans terms for them... He mean's why hack something that makes no difference when you can attack something with a massive world reaching impact. It's like thinking about robbing a bank for $20 when you get have more success with the federal gold reserve.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
comp_indiana 9th Aug
@BillDem

That's bogus and you know it. Mac OS X is the big shiny target they just can't hit.

To argue at this point that Mac is 'obscure' (notice you left that part of the old saw out!) is, at this point, sheer LUNACY.

Apple is the biggest company on the planet (for a few minutes today, apparently).

Make up some new FUD.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
sackbut 9th Aug
@comp_indiana ---- There's no arguing Apple's financial success. However if you think that it's financial prowess has anything to do with it's OS as a security target, then you are living in some type of la-la land.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Str0b0 9th Aug
@comp_indiana and what color is the sky in your world? Hacking and malware these days is about making money, plain and simple. The market numbers are there and while Apple might be dominating the gadget market as far as computers and OS's go they are still small players in a Windows dominated world. Malware is basically a shotgun approach. You fire off a lot of programs at the biggest target you can find and hope that one of them scores a fatal hit. Mac OS X is simply not that big a target.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
comp_indiana 10th Aug
You people are delusional. Mac users (many many millions of them) are consistently shown to have more money on average than Windows users. Mostly, you have people who have tried Windows and given up on it for a much better system. One with better security.

Your FUD is outdated. Mac marketshare is GROWING, windows is in DECLINE.

There are PLENTY of Mac users. And iPhone users, and now iPad users. But Apple has made security decisions which are admirable. They haven't left the door open to hackers (and aren't in cahoots with the 'security' companies like Microsoft is with Symantec, etc...

Wake up. Seriously, work on some NEW FUD. You got a LOT of mileage out of this myth, but it's just idiotic at this point.

Malware is also about chest thumping. But, the clowns that do this are 100% died-in-the-wool Windows users, so naturally, they can barely even USE OS X without getting nauseous. Good thing. You all can have them in Windoze-land, where they are comfortable, and thriving.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Gisabun Updated - 10th Aug
@comp_indiana : Jeez. I guess you'vce been brainwashed. Everything you said is totally wrong. "...Just can't hit." Hello? What happened to MacGuard and the other malware? If the MAC OS is so secure, why do Apple release security updates? iTunes/QuickTime and Safari and constantly in the top 10 most vulnerable software.

"made security decisions which are admirable" - Yup like the default password related to the batteries or saying [initially] that they wouldn't do anything about the MacGuard [and related] malware.

You're dreaming.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Gisabun 10th Aug
@jscott418 : Agree with BillDem. Malware writers go after the larger OS because that is where most of the victims will be. Interesting though as since Macs generally are pricier than any other OS, expect more malware aimed at Macs because the malware writers know that a) Mac users aren't use to malware and b) Mac users are probably richer [ask for more money].
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
The great Sugdini 9th Aug
I say go for it apple, get the same kind of installation base as Microshaft and then watch the Black Hat community go to town. I mean really it takes actual effort to create this stuff, why bother for just a handful of available targets. The only reason the *nix platforms are relatively malware free is the lack of consistency. Which is also the reason they have not taken more market share. The moral of the story? To be more secure be more obscure.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
comp_indiana 11th Aug
@The great Sugdini

That's rationalization. Sure Mac is 'obscure' and sold by the most valuable company on the planet. Why, no one has heard of Apple. Hard to imagine they are making so much money and yet are so 'obscure'.

LOL. Here is the reality. The malware is created by losers using kits. Only a very few can create the kits to create malware.

Finally, it's losers who are doing this. Somehow, they prefer to use Windows. Wonders never cease.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
belli_bettens@... 23rd Aug
@comp_indiana yes, macs are obscure. I respect your (weirdly obsessive) love for apple and it products but if less than 10% of all computers are Macs, you can call it a 'rare system'. That's called statistics and you must be really dumb to fight maths :-p

Simple analogy: while Ferrari makes much more money out of selling cars than Citroen, I still see more Citroens driving down the street. Although Ferarri (the company) has a much higher market value. (probably a stupid example but it proves my point)
Noticed the glitch in your argument?

So give a little kiss to your mac, hope he didn't read along and (as far as i'm concerned) marry it. I don't care, just interpret the facts right.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
stevejg61 9th Aug
remember that OSX stuff costs more - the people who buy it probably have more money - that is the hackers target. plus remember the embarrassment factor - i fyou claim something and then it screws up, you're not goin gto tell the world are you?
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
comp_indiana 11th Aug
@stevejg61

Riiiiight. All the Mac users are infected, but they are too vain to report it.

It's really fun to watch you guys justifying your platform when it's crumbling out from under you.

But, hey, you still have, what, 80%? Mac won't reach parity with Windows for a few more years, so no worries!

LOL
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
belli_bettens@... 23rd Aug
@comp_indiana my god! did you left your objectiveness at home?
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
JanetOR 9th Aug
Few different hacking teams were handing out zero day for breaking out of the sandboxes - some amazing talks this year by Travis Goodspeed (@travisgoodspeed) and Mike Ridpath (@ridpath) that I imagine made OS X networks more vulnerable immediately following their talks @Blackhat.
0 Votes
+ -
Unix BIND
mswift@... 9th Aug
BIND has a long and colorful history of vulnerabilities. Here are some from the not too distant past.
https://www.auscert.org.au/render.html?it=13710
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
benched42 9th Aug
I say it's kind of "funny" that BlackHat's sustaining sponsors (according to its website link in the article) include Microsoft and IBM but do NOT include Apple. Hmmmmmm.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Gisabun 10th Aug
@benched42 : I think because Apple feals the BlackHat meetings are useless.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
kpbpsw 9th Aug
The report and your article confuse a number of issues. You seem to use interchangeably (and they are not):
OSX and OSX Server
Vulnerabilities and Security Threats "attracting attention from hackers"

Just to be clear these guys are talking about potential threats due to vulnerabilities that should and probably will be patched.

In terms of security OSX does not currently have any known exploits in the wild that do not require physical access to the system. The same can not be said for Windows 7!
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
MrElectrifyer 9th Aug
BS! Mac OS X is more secure silly Well that's what papa Jobs had his Mactards believe.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
Str0b0 9th Aug
It's about time someone brought this to a more public light. For those of us with a but more tech savvy the vulnerabilities of *nix systems are well known, mostly because they have been around for so long that most hackers worth their salt know their way around a *nix system like most people know their way around their neighborhood. It should also go without saying that , exploits aside, most security problems are not inherent to the system but to the user and their habits. A properly configured Windows system is just as secure as a *nix system. The problem is most Windows systems make you jump through several hoops to really lock down your system, something that most end users and even some small enterprise operations don't do.
0 Votes
+ -
All this is rather silly.
UrbanBard 9th Aug
This article was prejudicial, because it spoke about the Mac?s past insecurities without any understanding of what Mac OSX Lion can do. Why don?t we wait a year and see who has the persistent malware: Windows, Linux and the Mac.

By that time, the Mac user base should be almost twice as large. Why? Because Microsoft is pulling the plug on Windows XP and XP comprises over 50% of PCs in existence. This will force people to choose a new computer. A substantial portion of them have been choosing Apple. This is why Apple?s user base has been growing at over 30% annually for 10 years. It?s even larger than that when you consider iPhones and iPad as PC?s because they use a modified version of Mac OSX.

All software has vulnerabilities. The question is what OS has the most exploits. It isn?t Linux or Apple. We can disagree on why these two are not being exploited, but it hardly matters. Only a fool would choose an OS which has a reputation for being the easiest to hack: Windows.

Why would anyone want to tarnish the reputation of any OS which has fewer exploits than Windows? Mac OSX Lion is not perfect, but there are many people who would like take down Apple if they could. Let them try. Trojan Horses don?t count, because that fools the user into giving away his security.
0 Votes
+ -
RE: Black Hat: 'OS X networks are significantly more vulnerable'
jragosta 10th Aug
As usual, Kingsley-Hughes does an Apple hit piece without checking his facts.

Let's start with this one:
http://blackhat.com/html/bh-us-11/bh-us-11-sponsors.html
Who's a major sponsor for Black Hat conferences? Microsoft.

Let's stop with the sensationalistic garbage from biased reporters, OK? The bottom line is that malware on Windows costs BILLIONS of dollars a year while there has NEVER been a virus reported in the wild for OS X (oh, and to forestall your FUD, look up the difference between a trojan and a virus).

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix