Alastair’s Place

Software development, Cocoa, Objective-C, life. Stuff like that.

Eureka! Macs Are Not Invulnerable

Lance Ulanoff has written a gloating article about a security hole in Mac OS X. The particulars of the hole in question were that a user able to run a DHCP server on a network containing Mac OS X systems could take control of Macs connected to that network when they next reboot, basically because they were accepting config. information via DHCP.

Whilst this is certainly a hole you could drive a bus through, it's certainly nothing new, and it's also certainly nothing we haven't already seen on the PC platform; there are literally thousands of techniques that can be used to compromise Windows-based systems if you have direct access to the network they are sitting on, and many more even if you don't.

The author argues that OS X would be just as insecure as Windows if as many people were running it… however, this argument is flawed, in several respects:

  1. Mac users do not normally run with root privileges. By contrast, the vast majority of people running Windows have local Administrator rights (the Windows equivalent). This makes it a lot easier to compromise the system, whether by convincing the user to execute a program or script, or by convincing the software they are running to do it on their behalf.

  2. Much of the software running on OS X systems originates in the UN*X world, and a large part of that software has been used in some of the harshest computing environments (places like university computer labs) for the best part of 30 years. Windows server and system software is significantly newer; Windows itself has been around for about 20 years, but the versions we run today are based not on that original effort, but on the NT derivative first released in 1993, only 10 years ago. Since then, Microsoft have added large amounts of new code in virtually every release, much of which is (and has proved to be) a potential source of new security holes.

  3. OS X is designed to require explicit authentication whenever unsafe actions are necessary, even if admin users are logged-in. This makes it harder to write viruses and other malware because much of it would require an administrator to explicitly authorise it to execute! By contrast, on Windows, anything the administrator executes runs with full Administrator privileges and does not require additional authorisation.

  4. Mac OS X uses largely Open-Source components; on the minus side, this means that any security hole in Mac OS X may also be a security hole in other UN*X or BSD-based systems (and vice-versa). On the plus side, however, it is much easier to fix the security holes than it is on Windows (on Windows, you can only really fix them if you are inside Microsoft), and there is a higher probability of any holes being spotted and fixed by white-hats before the black-hats successfully exploit them.

  5. Mac OS X does not use the ridiculously insecure NetBIOS protocol (which was originally designed for use on corporate LANs, and it shows). Microsoft still makes extensive use of NetBIOS-over-TCP, which is still the core protocol for many of their server products. Steve Gibson's site, Gibson Research Corporation, contains a great deal of information about why NetBIOS is bad; indeed, many of the current security holes plaguing Windows users (like the annoying popup-message spam) are a direct result of poor security in NetBIOS.


    I do agree that the smaller number of people running OS X contributes to the security of the system (because hackers are less likely to bother with it), although it is still the case that hackers do attack UN*X systems of one sort or another, and some of those exploits will work on Mac OS X just as well as they would work on (say) Linux. The cost of Apple hardware is also undoubtedly a factor; it's hard to break-in to a system that you don't have set-up for yourself, not least because many of the more advanced techniques involved in compromising a machine will simply cause crashes unless you get them just right.

    Nobody in their right mind would claim that Mac OS X is virus-proof or hacker-proof. It isn't. But it is an undeniable fact that it (a) has fewer security holes than Windows and (b) has additional security measures that make compromise more difficult.