Welcome to WebmasterWorld Guest from 54.161.118.57

Forum Moderators: travelin cat

Message Too Old, No Replies

The First Firmware Worm That Attacks Macs

     
4:10 pm on Aug 3, 2015 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 28, 2004
posts: 3289
votes: 17


The world’s first firmware worm that’s vicious enough to break through Apple’s legendary security:

[wired.com...]
8:32 pm on Aug 3, 2015 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15149
votes: 170


Say goodbye to the idea that Macs are more secure than PCs... This one looks nasty. It spreads without the devices without needing them to be networked.
2:19 pm on Aug 4, 2015 (gmt 0)

Senior Member

WebmasterWorld Senior Member editorialguy is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:June 28, 2013
posts:3438
votes: 749


As the article points out, Apple's security is anything but legendary.
3:21 am on Aug 5, 2015 (gmt 0)

New User

5+ Year Member

joined:Nov 9, 2010
posts:24
votes: 4


Is it a "vicious worm that atticks macs" or is it

"designed a proof-of-concept worm"

and
“It turns out almost all of the attacks we found on PCs are also applicable to Macs,” says Kovah."

(because?)

"because hardware makers tend to all use some of the same firmware code."

and

"They notified Apple of the vulnerabilities, and the company has already fully patched one and partially patched another. But three of the vulnerabilities remain unpatched."

so.
nothing much to see. A curiosity at a security conference. Luckily, Apple can push a button and offer an update to all recent OSX versions. This is something Microsoft will soon be able to do too, but only with Windows 10.

Now stagefright. Now. thats a thing.
4:58 am on Aug 5, 2015 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15149
votes: 170


Luckily, Apple can push a button and offer an update to all recent OSX versions.
Well, only if you have recent enough hardware that can even support a recent OS... ;-) I have some older Mac towers in my office that haven't seen an update in years. Those machines are still quite functional, but they will continue to be vulnerable to this.
This is something Microsoft will soon be able to do too, but only with Windows 10.
Microsoft has had automatic updates as the recommended setting for quite a while now (since XP ~2001). Not everyone took advantage of that though. Regardless, I can still get Microsoft updates for OSs dating back to Vista regardless of the hardware.

Will the lack of Apple's support for older hardware be an issue here? Could be.
7:04 am on Aug 6, 2015 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2950
votes: 192


I have some older Mac towers in my office that haven't seen an update in years.


You should really not be using an OS that does not get updates. It will be insecure ever without attacks like this. Your hardware can support a recent OS - just not recent MacOS.... if you need to use MacOS, reuse the hardware for a different purpose or give it away.

Luckily, Apple can push a button and offer an update to all recent OSX versions. This is something Microsoft will soon be able to do too, but only with Windows 10.


Apple were not even the first with that, not by a few years! MS really took their time to copy....
12:41 am on Aug 7, 2015 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15149
votes: 170


You should really not be using an OS that does not get updates. It will be insecure ever without attacks like this. Your hardware can support a recent OS - just not recent MacOS.... if you need to use MacOS, reuse the hardware for a different purpose or give it away.

These are unnetworked machines that run old versions of Adobe software and are only used for editing video and graphic files. If they were needed for anything more I might try to get new machines, but they work just fine and replacing them would be prohibitively expensive. They were pretty high end back in the day...a few years back.
12:56 pm on Aug 8, 2015 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2950
votes: 192


@bill, are they sufficiently well isolated to be safe from this? In that case your (unusual - not networked is rare) circumstances it is reasonable.

@EditorialGuy, of course Apple's security is legendary. It is also literally fantastic.
1:09 pm on Aug 9, 2015 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15149
votes: 170


It seems like the transmission vector for this works even on non-networked machines. However, given that they aren't used for mail or browsing I hope they will be safe. They aren't new enough to use the Thunderbolt Ethernet adapter mentioned in the article. Files are usually sneaker-netted into the machines via DVDs and CD-Rs.
4:59 pm on Aug 10, 2015 (gmt 0)

Senior Member

WebmasterWorld Senior Member ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 25, 2002
posts:8637
votes: 283


They keep saying "non-networked machines" but then the example they keep giving is the ethernet adapter. I think they mean machines that are connected to peripherals through ethernet but not to the web. So if you have one web-connected machine and several others that connect to the same printer you could be at risk.

They don't say anything about USB or what have you.