| ||Thread Tools|
|11th April 2012, 08:43||#1|
Join Date: May 2010
Apple shows it hasn't a clue about security
While Apple users suffer from a serious malware outbreak, Jobs' Mob's answer to the problem is to try to shut down the server of the security company that warned the world of the attack.
More than half a million Macs are infected with Flashback malware, caused by the fact that Jobs' Mob could not be bothered updating some Java software and relied on peoples' faith in Steve Jobs to protect them.
However, the problem reveals just how useless Apple is when it comes to working with the real world.
Apple's first action was not to update the Java software, but to order the server of the Russian based security company which alerted the world to the problem, offline.
Boris Sharov, chief executive of the Moscow-based security Dr. Web says he learned Monday from the Russian Web registrar Reggi.ru that Apple had requested the registrar shut down one of its domains.
Apple somewhat stupidly thought that the website was being used as a "command and control" server. It did not look at who owned the website and did not realise that the domain was one of three that Dr. Web has been using as a spoofed command and control server which acts as a "sinkhole."
If it had a little more experience in dealing with the real world outside its reality distortion field it would have twigged.
Sharov said that Apple just had no idea how to work as a team player in tackling security. It just thought that it could wade in and order servers switched off and that would resolve its problems.
Sharov said that Apple told the registrar this [domain] is involved in a malicious scheme. However Dr Web was not controlling the sink-hole and it was not harming users. Apple just did not consider its work as a help, it was just annoying Jobs' Mob, he said.
Apple's attempt to shut down Dr Web's monitoring server was an honest mistake, but was the downside of Jobs' Mob's secrecy.
When Dr. Web first contacted Apple to share its findings about the Mac-based botnet, it never replied. Dr Web gave them all the data it had and the only response was Apple's demand that the monitoring server be shut down.
Locating and shutting down command and control servers is a typical practice for a company trying to cripple a botnet. Sharov said Dr Web has worked with Microsoft on those efforts.
But Apple will not even tell anyone about its antivirus group. It may not even have one. After all Apple insists that its software is so perfect that it can't get Malware. The Flashback botnet has proven that the only reason that has not happened is because no one could be bothered writing code to hack into a Mac and steal a users's Coldplay collection and photographs of themselves.
Sharov slammed Apple for its delay in issuing a patch for a security vulnerability in Java that allowed the Flashback malware to exist.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Apple: 1080p Apple TV uses a Single-Core A5 SoC||Stefan Mileschin||WebNews||0||8th March 2012 10:32|
|Apple TV Next and The New iPad Tech Specs Pages Post - Single Core A5 in Apple TV||Stefan Mileschin||WebNews||0||8th March 2012 10:28|
|Apple Brings 1080p High Definition to New Apple TV||Stefan Mileschin||WebNews||0||8th March 2012 10:23|
|Apple update twofer: Apple TV hits 4.4.4 (9A406a), iOS 5.0.1 bump comes to iPhone||Stefan Mileschin||WebNews||0||16th December 2011 06:56|
|Apple Kicks Developer That Found iOS Security Flaw||Stefan Mileschin||WebNews||0||8th November 2011 07:21|
|New clue to Alzheimer's found||Shogun||WebNews||0||23rd June 2008 23:04|
|Microsoft Security Patch Can Cause Security Issues to Internet Explorer||jmke||WebNews||0||18th August 2006 10:09|