|Home » Learning Curve » Red Hat Diaries
Proactive Mac Security
Apple might not care what happens to your computers but they will care what happens to their own.
Guerilla warfare: when the Oneistat brothers' iPod batteries wore out they were told by Apple to throw their old iPods away and buy new ones. So they started a poster campaign all over the Big Apple; finally Apple relented and offered a battery replacement programme.
AnalBook, Power Mac, and early MacBook adopters incurred myriad hardware failures - oozing green goo, thermal grease, mooing sounds, discoloured handrests, Bridget Riley lines ad nauseam - but they were told by Apple this was all 'in spec' and 'consumer grade' and a lot of them got nothing but hostility and grief.
When the author of Opener and countless others told Apple about the big root hole in Jaguar and Panther they were told by Apple 'behaves correctly'. From the time the Opener story hit the media in October 2003 until the release of the first fix Apple computer users had to wait one and one half years - for a wide open root hole to be patched.
Software author Charles Srstka complained about the ARDAgent hole for five years. Apple ignored him.
The people at MacShadows have attempted to pressure Apple to close the five year old system login items root hole - they've got no further than anyone else.
Apple evidently don't care what happens to their computer users. And security experts are continually in a quandary: for how far do you go to pressure Apple to fix security holes? A proof of concept usually isn't going to do it - not if the flaw is a design flaw and not a programming error. Apple's 'user experience engineers' don't like to be told they're full of it.
Yet releasing malware into the wild is self-defeating for the white hats: the situation forces them to perpetrate what they themselves are trying to protect people against.
And yet it seems nothing short of a cataclysmic outbreak will get anyone to react: not the media, not the users - and certainly not Apple.
But there might be a way around this - a way almost certain to work.
For today Apple have hundreds of sensitive exposed points strewn about the globe: their own computers in their own stores, computers standing and running there to help sell things to customers. These computers must not fail. So should Apple stores be continually forced to wipe and reinstall their insecure systems it's highly probable Apple will react and issue patches. And all that's lost in the stores is the time to reinstall - no one's sensitive data is stolen, no corporate networks are penetrated, no law firms are starting class actions against Apple for criminal negligence.
Apple can be forced to do the right thing they're too arrogant to do on their own. And in forcing Apple to do the right thing the 'guerillas' are actually bettering the Apple corporate bottom line - they're forcing Apple to make more money.
All that's needed are white hats who publish eminently accessible turnkey exploits and visitors to Apple stores who can quickly download and run them. The rest is up to Apple.
Learning Curve: A Suggestion
Industry Watch: You're Root, Dude!
Industry Watch: You're Toast, Dude?
Learning Curve: The First Real Malware?
Industry Watch: ARDAgent - Here to Stay?
Learning Curve: Apple Redefine 'Epic FAIL'?
Hotspots: SLIPOC – Root Exploit of Mac OS X
Learning Curve: ARDAgent on Snow Leopard
Industry Watch: It's Not New It Starts with 10.2
The Technological: Walking into an Apple Store
Apple Developer Connection: AppleScript Overview
Red Hat Diaries: Rooting Apple Can Be So Much Fun
Industry Watch: Huge, Crazy, Ridiculous OS X Security Hole
Apple Developer Connection: Apple Events Programming Guide
Developers Workshop: Hackers Handbook I
Developers Workshop: Hackers Handbook II
Developers Workshop: Hackers Handbook III
Developers Workshop: Hackers Handbook IV