eXtensions


Doctor Smoke Interview: Part 2 (Insecurities)


By Graham K. Rogers




GKR: What concerns you most about posters (on forums)?

The Discussions are a global cross-section of humanity: some of the things that one finds irritating about posts are . . . things one finds irritating about people in the real world. Basically, rudeness or an attitude demanding or expecting help.

[edited]

While not irritating, per se, there is a clear spectrum of skills on any forum. Many who ask questions have no idea how to properly craft a post so that it gets an answer. This is understandable since it appears schools do not teach people how to ask a question: an important skill in any endeavor.

Posts frequently lack important details, such as the text of an error message, the version of software one is having problems with, and other facts that can help them get a quick resolution. I actually have a section creating good posts in the "Obtaining Help Online" chapter of my book.

[edited]

I also have some bones to pick with certain answers provided to those seeking help. Some answers are so terse or poorly crafted as to be useless to the person who asked the question. Other answers are attempts to show off one's prowess with Terminal when the person asking the question clearly does not have those kinds of skills.

For example, I'll never provide an answer that requires the . . . Terminal unless (a) there's no other way to solve the problem or (b) the question indicates . . . [skills] in Terminal and UNIX. Then there are the folks who want to answer questions but don't have the skills: they can send the [asker] down blind alleys with their well-intentioned attempts to help. One should stick to what one knows when answering questions.



GKR: Are there OSX viruses?

Not in the sense of the viruses which have plagued Windows, but I recommend a "never say never" approach. Apple is still publishing security updates for Mac OS X. The time between when an exploit is discovered and someone publishes a Web page describing a way to leverage it is getting rather short. I think it is only a matter of time before someone develops a nasty virus for Mac OS X, if only to say that they did it. Systems like Mac OS X, with UNIX underpinnings, are much more secure than Windows.

A greater threat lies in the arenas of malware and spyware. I classify viruses as a subset of the broader category of malware, software intended to do harm to your computer or other computers on your network. For example, Sony's recent DRM (Digital Rights Management) catastrophe affected both Mac OS X and Windows systems. There have also been both real and proof-of-concept malware demonstrated for Mac OS X. A famous one was a download masquerading as a Microsoft Office Trial: running the installer would erase your hard drive. Not a virus, but certainly malware.



GKR: What about the possible insecurity that could allow a process to access Root?

A more likely scenario is that some user will install something from an untrusted source, like the Office Trial (above) . . . that requests their Admin password, and then insinuates itself in their system. The Sony DRM case is, for all intents and purposes, an example of a root kit, which is a set of tools used by unethical hackers to control or access compromised systems on which the root kit has been installed.

There were extensive discussions in 2004 on sites like Slashdot surrounding Opener, a malicious Startup Item that, once installed, would be executed whenever you started up your Mac. To install this, you either had to provide your Admin password, which many users are accustomed to doing when installing commercial software and shareware, or you had to have physical access to the target Mac and start it up in either single-user mode or from a disc. This is a strong argument against using P2P (Peer-to-Peer) file sharing sites, since the sources in such cases are largely untrusted.

Mac OS X has gotten better and better at warning the user of potential malware, including checking the security settings of Startup Items, but if you ignore the warnings -- which many are likely to do since they often involve false-positives --Êyou run the risk of installing something you think will be harmless, but it carries a package that can be extremely harmful.

Social engineering -- getting people to do things unwittingly, like the Office trial -- is perhaps a bigger threat to security in Mac OS X than conventional viruses.


Link from here to the entire (unedited) interview.


Made on Mac

For further information, e-mail to Graham K. Rogers.

Back to eXtensions
To eXtensions: 2004-05
To eXtensions: Year Two
To eXtensions: Year One
To eXtensions: Book Reviews
Back to homepage