Overall, Windows 7 provides a more secure environment, but there is still room for improvement. When the first few versions of Windows XP came out, there were some much more serious issues than those seen with Windows 7—and many were fixed with Service Pack 2. Whether Windows 7's security will be properly completed with its first service pack remains to be seen.
Apple Macs
Soft but significant targets
Microsoft was not the only company to release a new OS in 2009. Apple's release of Mac OS X v10.6, or Snow Leopard, brought the tacit acknowledgement by Apple that malware does affect its platform when it introduced rudimentary anti-malware protection.98 99 Although Snow Leopard only prevents installation of a small selection of known Trojans via a limited set of vectors,100 it does show a slight thaw in Apple's attitudes toward malware.
However, with 69% of Mac users surveyed by Sophos in mid-2009 not using any anti-virus software to protect themselves, their systems and their data, the issue of Mac malware and phishing remains a serious one.
All of this malware relies heavily on social engineering and hammers home the message to Mac users that they cannot afford to depend on their operating system's reputation for safety. Anyone can be tricked by subtle scams, and running quality, up-to-date anti-malware software is by far the safest option.
With the release of Snow Leopard, the need for patching software and keeping up to date with the latest vulnerabilities emerged. The Snow Leopard build included a version of Adobe's Flash Player software that contained a known vulnerability, and one that had been previously patched by Adobe.112
Snow Leopard included a version of Adobe's Flash Player software that contained a known vulnerability
Because Adobe Flash vulnerabilities are widely targeted for exploit attacks from malicious or compromised websites, this could have opened up users to attack when they rightly believed they were protected. Mac users, like everyone else, need to stay on their toes and give their security the priority it deserves.
Timeline of Mac malware 2009 Malware targeting Macs discovered during 2009 included:
January The OSX/iWorkS family of Trojans, which posed as pirated copies of Apple's iWork 101 and Adobe's Photoshop CS4102
March OSX/RSPlug-F, again posing as hacked/cracked files103 using social engineering to get users to install it104
May OSX/Tored, an email worm claiming to be building the first Mac OS X Botnet105
June Trojans posing as ActiveX components required to view pornographic videos106
June Links sent via Twitter leading to a supposed sex tape featuring TV star Leighton Meester, actually Trojan OSX/Jahlav-C107
July OSX/Jahlav-C again, this time placed on sites created to take advantage of widespread rumors of a peephole video featuring ESPN TV reporter Erin Andrews108
August OSX/Jahlav-C returns, disguised as an installer for MacCinema software109
August OSX/Jahlav-C once more, this time hooking on Twilight movie star Ashley Greene and posing as QuickTime updates110
November OSX/LoseGame-A, a bizarre example of malware that posed as an old-fashioned Space Invaders game and openly deletes users' files (It is not exactly a Trojan as it is open about its intentions, but nevertheless is a hazard to the unwary user, or non-English speakers.)111
Mobile devices
Mobile devices achieved further market penetration in 2009, with the user base of Apple's iPhone particularly booming. Even without truly common or widespread malicious attacks, mobile device users are still vulnerable to social engineering attacks phishing their sensitive data:
- Touch screens and small displays can assist tricksters by limiting the information available to users, leading users to accept deceptive offers.
- Mobile devices are also commonly lost or stolen. If not properly secured and encrypted, hackers can access the data that's stored on them.
A survey conducted by Sophos in late 2009 asked respondents whether their smartphone was encrypted. Twenty-six percent of survey respondents replied that their data was encrypted, 50% said they were not protected in the event of theft or loss of the device, and 24% of respondents were not sure whether their smartphone was encrypted. These results show that further education on the security dangers of mobile devices is required.
BlackBerry malware
The leading mobile device brands at the moment remain the BlackBerry and the iPhone, and their user base remains largely divided between corporate and home users. The BlackBerry was designed with security much more at the fore and consequently remains the choice for most business purposes. Nevertheless, flaws have been found.
In 2009, a vulnerability in PDF processing was found that could allow code to run on servers hosting BlackBerry services if BlackBerry users attempted to open malicious PDFs.113 A similar problem emerged—and again had to be patched by BlackBerry developers Research In Motion (RIM)—just a few months later.114
In July, the danger of trusting code sent to phones by service providers was highlighted once again, when a firm in the United Arab Emirates planted spyware software on devices. RIM responded with patches to remove the offending software, but user confidence was heavily shaken.115 BlackBerry devices also have been found playing host to malware that can transfer to Windows systems when the device is connected for updates or charging.116
iPhone malware
There is still a need for user education as some iPhone users and members of the Mac community believe Apple's built-in security to be impenetrable, despite clear evidence to the contrary. Theoretical attacks on devices, generally focused on exploiting vulnerable software, have already been posited by researchers.117
Some iPhone users believe Apple's built-in security to be impenetrable, despite clear evidence to the contrary
Standard iPhones are sold with a locked-down operating system, allowing only approved software to be installed. However, not all users are content to limit themselves to the capabilities of these locked-down phones, and unlocking, known as jailbreaking, has become a fairly common practice. The dangers of this were brought to the fore in November with the Ikee worm that spread in the wild.
Subsequently, more malicious attacks on jailbroken iPhones highlighted the risks posed by unskilled users hacking their devices. Apple continues to notify users that jailbreaking violates the user agreement and engaging in this activity places the user at risk.
Google Android, Palm Pre and Nokia Maemo
The rival platforms challenging the big two are led by devices running Google's Android OS, the Palm Pre and Nokia's full-blown Linux variant Maemo. The degree to which hackers will focus on them will be determined by the growth of their user base. Only time will tell whether they will prove more or less secure than the current smartphone market leaders.