• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page
  • Namecheap.com





  • Mac Malware Revisited — Again!

    January 16th, 2018

    It is curious that the infamous CPU bug was identified by some members of the media as an Apple problem. Even though it impacted most CPU chips produced in the past 21 years — perhaps even the PowerPC — somehow it was strictly about iOS and Mac users facing danger when browsing in Safari, or potentially suffering from a serious performance slowdown after installing Apple’s patches.

    To its credit Apple did get out fixes that reportedly “mitigated” the Meltdown and Spectre bugs, at least for recent OS versions. Microsoft was also quick on the draw, but with less success. Some older PCs with AMD processors were essentially bricked, being unable to boot past the startup screen. While recent PCs didn’t reveal much of a slowdown in posted benchmarks, some cloud services appear to suffer.

    Our Linux web server uses a pair of Intel Xeon processors and was updated last week, apparently, but I’m not at all certain if there’s much of a change in CPU usage. Traffic tends to be high on Sundays and Mondays, although system load dos appear to be somewhat higher than usual. I’ll have a better indication of the impact in a day or so.

    Update: After a few days, CPU use, overall server load, remained way above the usual level. But after installing yet another update that required a restart, server load seemed back to normal.

    As you might expect, Apple is already facing a class-action lawsuit asserting that the company has failed to properly deal with the problem. That doesn’t appear to be the case, but if the legal firms specializing in actions of this sort expect a payday, facts may not matter. Several dozen actions have already been filed on the iPhone battery slowdown (Throttlegate) issue.

    What this goes to show, however, is that no computing product can ever be totally free of potential security leaks. The best companies can do is to address the problems in timely fashion as they are discovered and find ways to make their products more secure. Despite the problems with the Microsoft patches, I have no doubt the company had good intentions and just goofed. It’s not as if Apple hasn’t confronted some boneheaded bugs and fixes.

    In a published report, a new strain of Mac malware named MaMi, has been discovered. It reportedly hijacks DNS, which can, I gather, send you to the wrong site and thus become susceptible to an online infection. It’s supposedly based on a strain of Windows malware from 2015, dubbed DNSUnlocker.

    When such reports emerge, some misinformed online pundits claim that Macs were supposed to be immune to malware, and thus this represents a serious problem for Apple. But the company has never claimed freedom from malware, never.

    Indeed, Mac malware has existed from the early days of the platform. My very first Mac was infected by a virus within just a few weeks after I set it up. It was caused by a tainted floppy disk for an app I had purchased from a legitimate local vendor, a computer software store. They used to have those things.

    I had to basically restore the computer. Fortunately, I hadn’t created too many documents, and they were all backed up on floppies. We did that then, too. It never happened to me again, because I installed a shareware app to protect the computer.

    Once Mac OS X arrived, I never considered security software. Over the years, I’ve tried a few apps, but the ones that perform background scanning almost always reduce performance somewhat, even though I had some pretty powerful Macs over the years. Apple didn’t help matters by not always being prompt about posting security updates when security flaws were discovered. But in recent years, it has been more proactive. Even silly glitches, such as the ability to access root privileges without a password, were addressed in pretty short order.

    Over the years, it was asserted that Macs were safer through obscurity. With Windows garnering over 90% of the personal computing market, it was almost always the target, even after Microsoft became more proactive about protecting its customers.

    These days, malware is often installed through social engineering. You receive a notice, for example, from a financial institution you may or may not deal with claiming you need to click a link to login and fix your password, or perform some other online action. Even if the correct URL is shown, hovering your Mac’s cursor over it may reveal a totally different destination — or perhaps not. But just to be sure, it doesn’t hurt to login directly to that company’s site and check the status of the account.

    Or just contact customer service if need be.

    It’s also possible to infect your device when visiting a site that appears to be safe. You see a message that the macOS or iOS must be updated, so you must click on a link. Or maybe Adobe Flash, a common source of security vulnerabilities, must be updated, and there’s a handy link for that too. But you can go direct to Adobe to be sure you even need an update. At least there is no Flash for iOS or any other mobile platform.

    So is security software necessary on Macs? If you regularly interact with Windows users, maybe. Some Mac antivirus software will eradicate Windows viruses so you don’t accidentally infect someone. Otherwise, probably not right now, at least so long as Apple continues to fix problems as they occur. Remember, too, that security software cannot protect you against malware that hasn’t been discovered and addressed in a “signature” update.

    In the meantime, you can be sure that the fear-mongering will continue whenever some new security flaw appears on the Mac. Remember, too, that Apple also releases security updates for iOS, but it remains a much more secure platform simply because Apple curates all the software you’ll download. Well, at least if you don’t jailbreak your device, in which case you’re on your own.



    Share
    | Print This Article Print This Article

    Tech Night Owl Comments

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.