A recent upturn in Apple's sales of its Mac computers has added
fuel to concerns the Mac community's days of claiming a secure upper-hand may be
Last week, it was revealed that Apple's shipments of its Mac
machines had shown double digit growth, year-on-year, with analysts suggesting
the growth is set to continue with more PC switchers in the pipeline.
And while that is great news for Apple and its marketing prowess,
it has coincided with the question of Mac security rearing its head once more,
with three large security vendors issuing words of warning for the Mac faithful
while Apple remains tight-lipped about the security of its machines.
Mark Sunner, CTO of MessageLabs, said: "Now, as Macs become more
popular, we're seeing an increase in attacks targeting OS X."
Greg Day, senior antivirus researcher at McAfee, said his
company's recent Global Threat Report found evidence to support that claim.
Day told silicon.com: "Microsoft has the biggest bull's-eye on it
but there's a lot of interest in Apple right now. There have been more
vulnerabilities discovered in OS X than in XP over the past two years."
Day said 95 vulnerabilities have been discovered in XP during that
time compared to 238 in OS X.
Jay Heiser, research VP at Gartner, said he would expect to see
the risks from owning a Mac increase with popularity and a greater market share.
"The relative 'safety' of the Mac environment is not so much an issue of
obscurity, as it is a lack of hack-leverage and perhaps biological diversity,"
said Heiser. "From the attacker's point of view, the bigger the set of logically
identical targets, the bigger the payoff in creating 'crimeware'.
"Clearly, as the number of Macs increase, it becomes more
appealing to target them."
Heiser added: "The most important consideration is the amount of
code. The level of vulnerability is a function of the size of the code-base and
it is inevitable that the Mac OS contains a significant number of unrecognised
Last week Russian antivirus vendor Kaspersky Labs also waded in to
the Mac security debate, with its own findings reporting a similar hike in the
number of vulnerabilities found in OS X.
And while vulnerabilities and actual proven exploits are very
different things, Kaspersky Labs echoed the concerns of others, saying 60
vulnerabilities discovered in the first half of 2006 suggests if growing
popularity were to invite more attacks this could soon become a problem.
McAfee's Day also criticized Apple for being slow to address these
vulnerabilities--adding that Microsoft, albeit due to an unflattering history
of vulnerabilities, is at least largely on top of the situation.
He said: "I think Apple has not been as organized as Microsoft has
had to be through necessity at dealing with vulnerabilities."
At the time of writing Apple had failed to comment.
Will Sturgeon of silicon.com reported from London.