The Apple Macintosh is becoming more and more popular. However, recent reports on Mac security have caused extensive discussion among security professionals. Those who have expressed concern about the increasing number of vulnerabilities detected in Mac OS X have been accused of overreacting. The other side of the coin is that those who do not take this viewpoint are accused of being lacking in common sense. This article examines several aspects of the recent evolution of threats for Max OS X in order to help readers understand the ongoing debate, how secure Macs really are and how secure they will remain.
I believe that out-of-the box machines running under Mac OS X are more secure than those running under other platforms. The Mac OS X *nix-like security model is, by default, configured to protect the system against threats common to other platforms where this kind of security and configuration is not standard. It could well be said that from the start, Mac OS X was designed with security in mind. However, although this approach seems to leave far less security flaws that can be exploited, assuming that there are no security issues at all is quite dangerous. Like any other platform, Mac OS X has software flaws. Such flaws inevitably draw the attention of malicious users, especially if users don’t think they need to take action to protect against possible threats.
One interesting aspect of the vulnerabilities identified is the components in which they are present. The number of vulnerabilities identified in components where remote attacks are possible increased in comparison to the same period last year. This clearly demonstrates that possible attack vectors are receiving more and more attention.
Figure 1: A comparison for the number of vulnerabilities in MacOS X and related products for the first half (January – May) of 2005, first half of 2006
For instance, the number of vulnerabilities identified in the operating system kernel and related components is less than in 2005. However, the number of vulnerabilities affecting Safari and the Mail application - which can be used to conduct an attack via the Internet - has increased. The same is true for QuickTime, which was a popular subject for security researchers during the first half of 2006.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.