Wednesday, 01 June 2011 13:28

Apple Plagued By Viruses As The Reality Of Being On Top Soaks In & The Marketing Department Is Of No Assistance!

A few months ago, I had a discussion on BoomBustBlog regarding security and Apple products. Basically it was my attempting to illustrate to acolytes that ANY system can be compromised and the sole reason for Windows disproportionate virus/malware attacks is due to the high profile of Windows machines. Microsoft is, despite being unfavored in the press, still the predominant technology provider to the consumer and corporate desktop, and arguably to the enterprise server as well. If one wants to make as big a splash as possible in terms of disruption, whom do you target - Microsoft, Ubuntu - Linux, or Apple?

Well, now that Apple is moving into the big time in terms of users and mindshare, it is also moving into the sight's of virus/malware developers. One of the Apple Corporation's marketing department's biggest sticking points is its lack of malware of viruses. Of course, the less technically inclined, or the more marketing department susceptible (depending on how you look at it) are inclined to believe that line over the explanation that I gave above - despite the fact that I hacked my iPad in under 10 seconds by surfing to a web page and clicking a graphic.

Then we have the recent (and still ongoing) month-long Mac Defender/Mac Guard malware attack which targeted Apple desktops and notebooks. It took a considerable amount of time for Apple to respond with a solution. Once they did, they apparently tried to do so comprehensively by delivering as excerpted from ZDNet:

"Security Update 2011-003 includes changes to the File Quarantine feature, which beginning with Snow Leopard also includes antimalware checkssoftware. This update includes definitions for Mac Defender and its known variants, as well as an automated removal tool. It works only with the most recent version of Snow Leopard, 10.6.7. Earlier versions of OS X are apparently not included.

...The two videos below show how Mac Guard (the current release of this malware) behaves before and after this security update.

Here’s a start-to-finish, unedited “before” video that shows how the Mac Guard fake AV program goes from a seemingly innocent Google search result to a full install in just three clicks, with no password required. This demo uses the latest version of OS X 10.6 and the default browser, Safari, with its default settings.

Update: As I noted above, the May 31 release of Mdinstall.pkg is not detected by the 2011-003 update and signature files.

And here’s the “after” video. Notice how the File Quarantine feature identifies the downloaded file as malware and prompts the user to move it to the trash.

So, what in the world does this have to do with investing, you ask? Well, it's quite simple actually. Apple's marketing department is unrivaled, bar none. It is very good, alas it still cannot churn out superior products, magically expand margins, mysteriously make world class competition just disappear, or apparently write competent anti-virus software.

Within 8 hours of the release of this malware fix by Apple:

Update June 1, 6:00AM PDT: The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.

The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released. On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required. As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.

No, Apple machines are not more secure than Windows machines or any other major platform, they are just less popular. As their popularity increases, so does their appeal to the type of people who wish to take them down. Remember this lesson the next time you have a discussion about Apple being able to out-innovate 400 other competing companies with similar or greater resources for an indefinite period of time. Remember, margin compression is coming and that Apple marketing team may be no more effective at managing that than they were in managing Mac Defender/Mdinstall.pkg. Apple, like many other C corporations, is after all...just a company.

See also:

For subscribers... File Icon Apple - Competition and Cost Structure

For all readers...

Last modified on Thursday, 09 June 2011 08:20

10 comments

Login to post comments