Published in News

Ex-NSA bloke mocks Apple's security

by on07 May 2015


Jobs' Mob's security is easy like Sunday morning

A former US spook found himself at the centre of another religious war when he dared to say that Apple Mac security was trivial.

For decades, Apple fanboys have chanted a mantra which stated that Apple was the most secure operating system out there and only Windows was hackable.

Lately the mantra was changed as Microsoft was less of a threat and Android became the real enemy, however the concept is still the same. Apple OS X is the most secure code out there.

A former NSA staffer Patrick Wardle who runs a crowd-sourced security intelligence firm Synack, said that Apple's defensive Gatekeeper technology can be bypassed allowing unsigned code.

Gatekeeper is pre-installed in Mac OS X PCs and checks code to see if has accepted Steve Jobs into its life.

However Wardle said that Gatekeeper, XProtect anti-malware, sandboxing and kernel code-signing requirements - are "easy to get around" and "trivially exploitable."
The problem is that Apple had yet to embrace a culture where "comprehensive security was baked into their OS X systems" from the onset.

Apple does not even have a bug bounty – something which Google, Microsoft have found beneficial.

Wardle told the Register  that the thing that saves Apple is that OS X malware is amateur and basic.
"It relies on trivially detectable persistence mechanisms and generally relies on infecting users via social engineering tricks such as offering 'free but infected copies of PhotoShop'."

Such malware can be easily found by scanners – but if a serious bit of malware was developed, Apple machines would drop its pants and reveal its assets faster than a Hamburg whore.

 

Rate this item
(11 votes)

Read more about: