Black Hat: 'Macs in the enterprise; steer clear'

Macs are more vulnerable to a specific flaw than Windows machines, and "enterprise customers should steer clear", according to one security firm.

Catch 5: As per the previous article, Mac OS X in the corporate or academic environment could leave organisations open to state-sponsored attacks.

Security researchers at the Black Hat conference are cautioning enterprise clients away from adopting Mac OS X machines on large, secure networks.

While Lion may be Apple's most secure operating system to date, researchers from iSec Partners warn that Macs en masse are more vulnerable than Windows to advanced persistent threats (APTs) -- often the weapon of choice for state-sponsored hackers.

(Image via Flickr)

As per The Register's report, iSec bases this on the assumption that a small percentage of users in any business, organisation or government department could be duped into installing malware -- regardless of the operating system they use.

Macs running Apple's flagship operating system, however, are more vulnerable due to Mac OS X Server that port updates to its machines. Authentication used by the server is "inherently insecure", making the infection rate far more likely.

While Mac OS X Server uses Kerberos authentication, it uses a backup authentication method -- which is easy to override. While Macs alone are good at defending themselves, "once you install OS X Server you're toast".

Remember Google and China?

Two years ago, while Windows machines were taken over by an exploitation unpatched at the time, in a massive hacking attack with an alleged China to be behind it, Macs may not have been a better defence.

The proof of concept run was able to collect and copy all the authentication credentials, which then contacts other Macs on the network pretending to be the stolen administrator account, to further collect valuable corporate or governmental data.

Now, granted this could be used against governments and major technology organisations, defence contractors and specialists working in their field.

But universities encompass all of the above -- with academics working with government on policy, defence issues and sensitive matters of state.

Having said that, even I doubt a state-sponsored hacker would attack a mere university. Nevertheless, it is entirely possible.

Mac users are generally well insulated against malware and hacking attacks. Whether the platform of the Black Hat conference has merely highlighted this as simply an issue, or whether this will cause mass controversy with burning cars and hackers burnt at the stake -- I highly doubt.

But it is something universities need to be aware of -- just as government departments and major organisations should take into great consideration.