Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Let the right one in: Apple uses two doors to manage malware

Glenn Fleishman | Nov. 14, 2014
Two recent security incidents, WireLurker and Masque Attack, highlight both the ease and difficulty of slipping malware onto iOS. But they also show the way in which Apple may have infantilized its audience into not knowing the right choice to make when presented with a genuine security flaw.

Two recent security incidents, WireLurker and Masque Attack, highlight both the ease and difficulty of slipping malware onto iOS. But they also show the way in which Apple may have infantilized its audience into not knowing the right choice to make when presented with a genuine security flaw.

WireLurker used malware inserted into Mac OS X programs made available at a Chinese-focused third-party app store to install apps to iOS devices over USB. It added apps in jailbroken and regular devices. Masque Attack in its most powerful methodology pushes apps (from websites, email, and elsewhere) that, if installed, overwrite common popular apps and extract cached data for that app, such as Gmail. WireLurker has been effectively defanged; Apple has more work to do to remove any threat from Masque Attack.

But beyond their specific flaws, they show the different paths taken with iOS and Mac OS X for app security. Apple has a split personality, partly rooted in history.

Two approaches

Apple didn't initially plan to allow third-party apps in iOS, and when it opened the marketplace, it wanted to avoid a flood of malware, as well as keep out poorly made software that would crash the OS or burn cellular data. It also wanted a platform that let it control the flow of money changing hands for apps and digital goods. It retains that despite years of complaints, and both Apple and its defenders often cite security as a major reason for keeping that tight control.

By contrast, OS X had its origins 30 years ago and through processor, architecture, and kernel changes, matured with the notion that anyone could write software that would run without outside permission. When the Mac App Store first appeared, there was a reasonable fear that Apple would transition from it being an option to being the only distribution method. That hasn't happened so far, in part because, by dollar value, the vast majority of software used on the Mac is from software outside the App Store.

Yet despite the open nature of OS X and the wide availability of non-App Store software, there has been no virally distributed or widely exploited method of hijacking a Mac or any of its software, despite many serious flaws and some malware found in the wild. System design isn't the sole answer: Apple has made good, but not always great decisions. Market share and a lack of mechanisms to trigger mass emails and automatically execute email attachments may have had more to do with it.

The nonintuitive Gatekeeper

Apple seemingly trusts its Mac users, who may be no more sophisticated than the average iOS user, to launch any software with a tiered approach it added in Mountain Lion with Gatekeeper (part of the Security preference pane's General tab). Gatekeeper allows a user, or someone setting up the system for a user, to select among three options that control which sorts of apps can launch in OS X: only from the Mac App Store, from the App Store plus identified developers (those who sign their apps using Apple Developer credentials), and "anywhere." iOS lacks a direct analogue to this.

 

1  2  3  Next Page 

Sign up for Computerworld eNewsletters.