Software // Enterprise Applications
News
7/19/2007
03:13 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Claims of a Mac Worm Incite Blogging Brawl

After an anonymous blogger claimed to have created exploit code for a Mac OS X bug, the online bickering has nearly overshadowed the original claim.

Researchers, Apple lovers, and Apple doubters are caught up in an online verbal free-for-all that's akin to a cyber version of the Hatfields and McCoys.

The online hubbub is all over an anonymous blogger claiming to have built proof-of-concept code for a vulnerability in Apple's Mac OS X. Security researchers and Apple fans have been closely following blog entries on the Infosecsellout blog by an anonymous poster. The blogger, who claims he's a researcher, says he's being paid to create a Mac worm using the vulnerability, but he has no plans to release the code into the wild. He doesn't say who is paying for his research.

The bug he's working to exploit is the MDNSResponder vulnerability, which was patched in Apple's last security update.

As of mid-afternoon on Thursday, there were 64 blog comments about the claim. The back-and-forth quickly turned into verbal attacks, with posters sparring over the validity of the blogger's claims to have created a Mac worm and over whether or not a worm can even be created for the Mac.

A comment from someone only identified as Stephen wrote, "I know that no OS is secure. But I'm tire of hearing how vulnerable Mac OS X is to various exploits. Where are these exploits? And don't give me that market share stuff. It's either a legitimate target or its not."

And Szlevi wrote, "Since this tool could be badly abused it's obvious he won't post it, rightfully so - he'll pass it to Apple, that's the perfect way to deal with it, Jobs & Co can take care of their security holes. Rest of the story is nothing but clueless Apple fans are living in denial: you have to drag them kicking and screaming to the conclusion that OS X is nowhere better than any other OS..."

Another commenter logged on as 'anonymous' and said, "if it was true... You wouldnt hide... This supossed to be huge... You can be famous!... but of course is false info... so You are and always be a looser!"

It's gotten to the point that the arguments have started to overshadow the original blog posting about the potential Mac worm.

"Some of the commentary is more interesting than the possibility of the exploit code for Apple," said Dave Marcus, a security research manager for McAfee Avert Labs, in an interview. "There are people on extreme sides of the house... Lots of people use Apple and are very, very devoted and say it's more secure than Windows and nothing bad could ever happen to it. At this point and time, nobody has really written a bad worm for it, so they think no one ever can, and that's just not the case. When somebody comes out and says I've got proof of concept, people are going to challenge it, and say I want to see it, you're lying."

Researchers at SecurityFocus call the flaw being exploited a boundary condition error, and say proof-of-concept code has been created. They also noted that exploiting the bug enables remote attackers to execute arbitrary machine code with super-user privileges.

Marcus said it's obviously a plus that Apple already released a patch for the bug. The problem is that it sometimes takes weeks or months for individual users and companies to bring their software up to date

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.