It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
Apple shows it hasn't a clue about security Apple shows it hasn't a clue about security
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Apple shows it hasn't a clue about security
Thread Tools
Old 11th April 2012, 09:43   #1
[M] Reviewer
Stefan Mileschin's Avatar
Join Date: May 2010
Location: Romania
Posts: 111,090
Stefan Mileschin Freshly Registered
Default Apple shows it hasn't a clue about security

While Apple users suffer from a serious malware outbreak, Jobs' Mob's answer to the problem is to try to shut down the server of the security company that warned the world of the attack.

More than half a million Macs are infected with Flashback malware, caused by the fact that Jobs' Mob could not be bothered updating some Java software and relied on peoples' faith in Steve Jobs to protect them.

However, the problem reveals just how useless Apple is when it comes to working with the real world.

Apple's first action was not to update the Java software, but to order the server of the Russian based security company which alerted the world to the problem, offline.

Boris Sharov, chief executive of the Moscow-based security Dr. Web says he learned Monday from the Russian Web registrar that Apple had requested the registrar shut down one of its domains.

Apple somewhat stupidly thought that the website was being used as a "command and control" server. It did not look at who owned the website and did not realise that the domain was one of three that Dr. Web has been using as a spoofed command and control server which acts as a "sinkhole."

If it had a little more experience in dealing with the real world outside its reality distortion field it would have twigged.

Sharov said that Apple just had no idea how to work as a team player in tackling security. It just thought that it could wade in and order servers switched off and that would resolve its problems.

Sharov said that Apple told the registrar this [domain] is involved in a malicious scheme. However Dr Web was not controlling the sink-hole and it was not harming users. Apple just did not consider its work as a help, it was just annoying Jobs' Mob, he said.

Apple's attempt to shut down Dr Web's monitoring server was an honest mistake, but was the downside of Jobs' Mob's secrecy.

When Dr. Web first contacted Apple to share its findings about the Mac-based botnet, it never replied. Dr Web gave them all the data it had and the only response was Apple's demand that the monitoring server be shut down.

Locating and shutting down command and control servers is a typical practice for a company trying to cripple a botnet. Sharov said Dr Web has worked with Microsoft on those efforts.

But Apple will not even tell anyone about its antivirus group. It may not even have one. After all Apple insists that its software is so perfect that it can't get Malware. The Flashback botnet has proven that the only reason that has not happened is because no one could be bothered writing code to hack into a Mac and steal a users's Coldplay collection and photographs of themselves.

Sharov slammed Apple for its delay in issuing a patch for a security vulnerability in Java that allowed the Flashback malware to exist.
Stefan Mileschin is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apple: 1080p Apple TV uses a Single-Core A5 SoC Stefan Mileschin WebNews 0 8th March 2012 11:32
Apple TV Next and The New iPad Tech Specs Pages Post - Single Core A5 in Apple TV Stefan Mileschin WebNews 0 8th March 2012 11:28
Apple Brings 1080p High Definition to New Apple TV Stefan Mileschin WebNews 0 8th March 2012 11:23
Apple update twofer: Apple TV hits 4.4.4 (9A406a), iOS 5.0.1 bump comes to iPhone Stefan Mileschin WebNews 0 16th December 2011 07:56
Apple Kicks Developer That Found iOS Security Flaw Stefan Mileschin WebNews 0 8th November 2011 08:21
New clue to Alzheimer's found Shogun WebNews 0 24th June 2008 00:04
Microsoft Security Patch Can Cause Security Issues to Internet Explorer jmke WebNews 0 18th August 2006 11:09

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT +1. The time now is 22:45.

Powered by vBulletin® - Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO