Security expert at Black Hat: Whatever you do, keep Macs out of enterprise

Report describes clearly what malware attacks, what Macs defend and why networking is the weak link

By  

The latest version of Mac OSX Lion is the most secure operating system Apple has ever shipped – far more resistant to malware, with fewer operational flaws or other characteristics easily exploited by hackers than five years ago, according to a report presented at last week's Black Hat conference by Alex Stamos of San Francisco-based security consultancy iSEC Partners.

That would make OSX Lion much more secure than any Macintosh product available five or more years ago, when threats to Macs were so rare many users thought they could do without antivirus.

Within large organizations – especially those like some government agencies, that do substantial amounts of work that has to be kept confidential – Macintoshes shouldn't even make the short list of products that might have access to sensitive data, or even the Internet, the iSEC Partners report concluded (PDF).

The problem is that, while individual Macs have been hardened against attack, Mac OSX Server has not. Because of its relative chattiness and trust of the client machines connected to the server or each other, it is alarmingly easy for a single malware-infected Mac to attack and take over the server through brute-force attack, according to a presentation of the report given at Black Hat by iSEC's Alex Stamos.

Individual Macs can be secured as tightly as PCs, but both are vulnerable to phishing and spear phishing attacks, among others, that virtually guarantees at least on client machine within any networked group will be infected with some form of malware.

No matter how well built the OS, security risk assessment requires assuming at least one client machine has been compromised.


What exactly do you mean that Macs are 'more vulnerable?'

Among networked Macs, the protocols – especially DHX User Authentication – don't offer much protection to the server. Raising a user's Administrator privileges two levels to the point a client machine can control the server's root is "two steps beyond trivial."

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness