Mac botnet: Who's at fault?

Moderated by Jason Hiner | April 16, 2012 -- 07:00 GMT (00:00 PDT)

Summary: At least 600,000 Macs were infected by the Flashback Trojan. Did Apple fail to protect its users? Or were users defeated by their own misguided fantasies of invulnerability?

Ryan Naraine

Ryan Naraine

Apple's fault

or

Users' fault

Christopher Dawson

Christopher Dawson

Best Argument: Apple's fault

The moderator has delivered a final verdict.

Opening Statements

Unforgivable

Ryan Naraine: To really understand Apple’s negligence on security, we have to go back to 2006 and that famous “Mac vs PC” commercial http://www.youtube.com/watch?v=GQb_Q8WRL_g   where PC is sneezing from a virus infection and Mac passes him a tissue while smugly dismissing security as a legitimate threat to Mac OS X.

This perpetuates a false sense of security among the Mac faithful. Mac OS X users have the mindset that security is not important and this complacency leads to long delays in patching dangerous security flaws and responding to in-the-wild attacks.

This iBotnet (more than 685,000 infected Mac machines) is entirely Apple’s fault.  The Java patch (CVE-2012-0507)  was issued for Windows on February 14, 2012. This same vulnerability affected Mac OS  X but Apple didn't provide a fix until April 3, 2012.

Apple left its users exposed for 49 days, providing a large window of opportunity for malware writers to build a botnet.  Unforgivable.

Naive users

Christopher Dawson: It's easy to blame Apple for the widespread infection of Macs with the Flashback Trojan. Actually, most would argue that Apple should be more proactive in anti-malware development; to date, this has taken a backseat to user experience. However, that lack of focus on security is as much (or more) the fault of naive users who blithely go on buying shiny new Macs and iOS devices, smug in their apparent invulnerability to rogue software as it is Apple’s.

Why has Windows evolved into a remarkably secure environment? Because the market first demanded and paid for powerful third-party software and then demanded native anti-malware solutions, again speaking with their wallets, by purchasing (ironically) Macs or running Linux. How many Mac users run antivirus tools on their machines even if only to prevent spreading Windows infections? Not many (says the debater writing this on his Mac running both Avast and ClamXav).

Talkback

127 comments
Log in or register to join the discussion
  • Not mutually exclusive?

    "Did Apple fail to protect its users? Or were users defeated by their own misguided fantasies of invulnerability?"

    Probably a bit of both. Although I'd hold Apple more accountable.
    CobraA1
    Reply Vote I'm Undecided
    • Although . . .

      Although the real fault actually lies with the one who wrote the botnet to begin with. Let's not forget the real criminal in all this. Apple and users can take actions to protect themselves, but ultimately we really need to work on tracking these people down and shutting down their operations. Otherwise, they'll just keep coming back for more.
      CobraA1
      Reply Vote I'm Undecided
      • True ...

        As long as there is greed in the world, people will continue to look for ways to beat their neighbor out of that is rightfully theirs!
        M Wagner
        Reply Vote I'm for Apple's fault
      • 49 day delay is Apple's shame, but obviously only *twice* clueless people

        ... could get infected:
        1) they had to believe that Flash does not update itself -- even though it does, and does it quite visibly;
        2) they had to believe that Flash update should be on some weird non-Adobe site.

        Otherwise, getting this trojan would be impossible.
        DDERSSS
        Reply Vote I'm Undecided
      • DeRSSS still spreading dangerous misinformation

        Flashback would infect macs even if the user did not do something stupid. Regular sites were infected by the drive-by exploit which would infect any visiting macs.
        honeymonster
        Reply Vote I'm for Apple's fault
      • Honeymonster still spreading dangerous misinformation

        @honeymonster: no regular websites ever hosted this infection. This particular botnet software used Trojan tactics that would bait people into going to some link with "Flash update" (hence the name).

        You could never get infected visiting any regular site (ZDNet, CNN, et cetera).
        DDERSSS
        Reply Vote I'm Undecided
      • .nu services

        Most of the servers that flashback reports back to are .nu domains. The companies who host these web sites should police their services for terms of services violations. Go after the criminals, not the victims.
        BradMacPro
        Reply Vote I'm Undecided
      • You can blame cyber crims....

        ...but with Apple now encouraging (almost to the point of REQUIRING) users to log into icloud for everything across the whole range of Apple devices, I would be targeting Macs too as getting access to an Apple ID would gain me access to information on that person's iPhone, iPad, and all iOS devices without even hacking into any of those idevices.
        Apple has put ALL their user's data in one huge basket and that is a very dangerous trend.
        This is before you even argue about the merits of Apple's security measures in their OSes. Or the fact that Apple has sold their users a false sense of security thus the users lower their guard. Couple that to the fact Apple is the SLOWEST to offer security updates and you can bet that Apple users will be targeted by crims because Apple set up the ideal environment and infrastructure for hackers.
        Crims are opportunistic. You can blame crims but Apple is largely to blame for setting up the opportunity.
        No organisation, not even Apple's billions, has enough resources to shut down cyber crime significantly. The money is better spent in improving security and educating users.
        warboat
        Reply Vote I'm for Apple's fault
      • @warboat

        [i]"...but with Apple now encouraging (almost to the point of REQUIRING) users to log into icloud for everything across the whole range of Apple devices, I would be targeting Macs too as getting access to an Apple ID would gain me access to information on that person's iPhone, iPad, and all iOS devices without even hacking into any of those idevices.
        Apple has put ALL their user's data in one huge basket and that is a very dangerous trend."[/i]

        First, just because you use a Mac does not mean you have to use iCloud but of course I am sure you actually know that. Second, isn't Google putting all the customer information into one place in the same way that Apple is. Do you have an issue with Google doing this or is it like so many other statements you have against Apple, it's only an issue because it's Apple and not somebody else?
        non-biased
        Reply Vote I'm Undecided
    • Enough Blame to go Around. Twice!

      Count me as a vote for both Apple and users sharing the blame. Apple is a victim of its own success, plying the vision that Macintosh is easy to set up, easy to learn, easy to use, and easy to own. Well, with mechanical devices such as cars, furnaces, and especially computers, ownership includes an element of informed maintenance.

      The users who are drawn to Macintosh tend to be non-technical people, and a huge element of that attraction is the belief that you can use Macintosh and own it, problem free, without needing any technical smarts. And so, these people willingly and enthusiastically buy into the Macintosh Mystique.

      And so, you end up with a huge Macintosh user base that enshrines beliefs such as Macs don't get viruses (or other malware), and which have no understanding of file and directory fragmentation, the prospect of hardware failures (e.g., bad blocks on a disk), the high failure rate of today's SSDs, or even things such as a tested and proven data backup/recovery strategy.

      It could be said that in some ways, Apple and its users deserve each other: Those who so want you to believe in heaven, and those who are so willing to believe there is one.

      FWIW, I was a rabid MacZealot for over a decade. I still have several Mac, but my main computer by a wide margin is a Windows XP PC. I don't think Macs are crap. I believe Apple has created a solid niche for a certain type of computer user. But I also believe that even that kind of user is best served to have a moderate level of knowledge and understanding about the machine they operate, and how to maintain it properly.
      SteveMak
      Reply Vote I'm Undecided