Why hackers are taking a bite of Apple
Through a decade of marriage, four children, three moves, and several job changes, my wife and I have only had one real disagreement: What computer to use.
I have chosen the path of enlightenment - I'm a PC guy all the way. My wife has chosen a darker, more sinister route - she's a Mac user. (Had she written this column, the descriptions of the paths would be reversed.)
In one area, however, she holds the superior position - security. More than once, I've caught her smirking as I go through the weekly security checks on my PC. Have I downloaded all the latest antivirus updates? What about my spyware protection? Is my firewall working properly?
But if recent news of Mac worms and vulnerabilities are any indication, my wife, and other Mac users, soon will be going through the same weekly security checks employed by PC users.
Several computer security experts are predicting that the security "honeymoon" enjoyed by Macs will end this year. They argue that the profile of the company that makes Macintosh computers, Apple, is on the rise, thanks to the iPod. And the more visible a computer is, the more attractive it becomes to hackers.
As computer columnist John Dvorak wrote Feb. 23 for MarketWatch.com: "I'm certain that widespread boasting about immunity from attack in the Mac community has finally awakened interest among the exploit coders, whose collective motto is either 'Oh yeah?' or 'Sez who?' So now the malware folks are having a look at the Macintosh platform to see where it's weak."
Apple also opened the door to hackers by using a well-known and widely available computer language called UNIX in its latest OS X operating system. The company had good reasons for this move. Instead of the proprietary systems of the past, UNIX would allow more people to help shape the OS X system and programs that run on OS X.
It also means, however, that more people can now create viruses and worms that can attack that system.
In the past week and a half, two worms and a security hole were reportedly found in the Safari Web browser used in the OS X system. While these problems have affected a relatively small number of Mac users, it's an indication that hackers have turned their attention to Mac computers in a way unknown in the past.
The two worms, known as Leap and Ingtana, first appeared around Feb. 16. Leap was spread via Apple's iChat instant messaging software and could prevent certain applications from opening. Ingtana came a few days later, and could pass between Macs running OS X Version 10.4 over Bluetooth wireless connections.
Perhaps the more serious concern was the vulnerability found in the Safari browser. By simply visiting a site set up by a hacker, malicious code could be downloaded into a Macintosh computer using the "Open safe file" command that is enabled by default on all Safari browsers.
Apple, of course, is not sitting around twiddling its thumbs (as has been all too often the case in the past with Windows' security issues). A company spokesman told the media that "Apple takes security seriously," and is working on a fix.
As of press time, no fix was publicly available. (Security experts are recommending that in the meantime Mac users turn off the "Open safe file" feature in their Safari browsers.)
So why is this important? After all, Mac computers only comprise about 5 to 7 percent of the market. Besides giving me the opportunity to tease my wife a bit, the answer becomes more obvious when you look at who uses Macs.
For years, Apple has had a strong grip on the educational market in North America. The publishing business also relies heavily on Apple computers.
More important, however, is the fact that several years ago, key branches of the military switched to Mac computers for security reasons - fewer people were trying to hack into those particular computers.
But there is a silver lining in this dark cloud for Mac users. As one security expert put it, these security problems are more like a shot across the bow. It's a warning that it's time to stop taking your computer's security for granted and take the steps now to protect your investment.
And the benefit for us PC users is the end of all those smug looks. For a while, at least.