Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
April 6, 2006
3 Min Read
Users installing Windows XP on Intel-based Macs face some special security issues, a security expert said Thursday.
By applying Apple Computer's just-released Boot Camp, Mac owners can now create a dual-boot system that runs either Mac OS X or Windows XP. It's the latter that worries Ken Dunham, the director of the rapid response team at security intelligence firm iDefense.
"When a Mac is booted into Windows, it can be attacked by the same [exploits] that threaten any Windows PC," said Dunham. "If you're running an unpatched version of Windows XP on any box, it'll be hacked pretty quickly."
Of the two operating systems, "naturally with Windows you're more at risk," said Dunham. Neither Mac OS X or Windows are invulnerable to attack -- the former was the subject earlier this year of its first zero-day bug -- but the latter is, by far, the one that draws most attacker attention.
But it's not the vulnerability of Windows that concerns Dunham; it's the fact that the Mac will have multiple operating systems on its hard drive.
"It's the best of both worlds [having Mac OS X and Windows] on one machine, but the user also has to manage two OSes."
Typically, argued Dunham, people are less diligent about updating their secondary system, whether that's an at-home machine (when the primary is at the office) or a second computer used by children. The same applies here.
"This dual-boot may create another set of Windows installs that are secondary systems, ones that might not be patched as often as they should be," Dunham said.
On the bright side, an attack on the Windows XP part of the Mac probably wouldn't have an effect on the Mac OS X partition. "It actually appears to be a pretty good design," said Dunham, who noted that while the Mac OS can read (and depending on the formatting of the Windows partition, also write to) the Windows volume, the opposite's not true.
But could hackers create malicious code that infiltrates via the Mac OS X and then attack Windows?
"'Crossover' is over-inflated," said Dunham. "Mac and Windows each have their own vulnerabilities, and though I think we'll see a [Mac OS-to-Windows] crossover proof-of-concept before the end of this year, there's just not a lot of value in it for an attacker."
What Dunham's saying is that there are plenty of targets, both Macs and Windows PCs, to hijack more easily. And with the pool of dual-boot Macs likely to remain small, criminals have little motivation to bother building and distributing crossover malware.
"It's such a small population," Dunham said. "Other assets are available to attack."
Nor could a Windows-based attack harm the Mac hardware. "There's no such thing as [malicious] software melting hard drives," said Dunham. At worst, an attack might cripple the Windows disk volume. But then, that could happen whether Windows was deployed on a PC from Dell or on a dual-booting iMac.
In fact, Dunham sounded confident that the majority of users who turn their Mac into a dual-booting machine will be safe and sound. "The very people who would be the least likely to keep [their operating systems] updated are also the least likely to use Boot Camp. And those most likely to use dual-boot are the technically-advanced users who update their systems regularly, have a firewall, and use anti-virus software."
"The concern should be, 'is my OS secure?'" concluded Dunham, not the hardware that OS is on.
You May Also Like