Featured Article: Podcast - Mac Geek Gab #178: Batch Permission Changes, Encrypting Follow-up, Re-Enabling AirPort, and GigE speeds
TMO Reports - SANS Institute Report Highlights iTunes, Tiger Exploits
by , 2:45 PM EDT, July 26th, 2005
The SANS (SysAdmin, Audit, Network, Security) Institute has issued its latest quarterly report of the top vulnerabilities found in the computer world. The company documented more than 422 security issues total, up 11% from the first quarter and up almost 20% from the second quarter of 2004. In addition to problems reported with Microsoft's operating system and Web browser, as well as Real Network's RealPlayer and other popular applications, the top security issues included exploits against Apple's iTunes and Mac OS X v10.4 "Tiger" operating system.
Chief Research Officer Johannes Ullrich told The Mac Observer that while Apple issues security updates for its operating systems on a regular basis, the ones released in May and June were particularly troublesome and merited the SANS Institute's attention. While the holes in the OS were fixed, Mr. Ullrich said that he is seeing more exploits exposed in it, most likely because Apple's rising market share makes its computers more attractive targets to hackers. This wasn't a surprise, since he has also seen attacks against the Firefox Web browser rising as it increases in popularity.
iTunes runs on both Mac OS X and Windows, but Mr. Ullrich said that he did see exploits that only affected the Mac version. "They were isolated cases," he explained, "but I did see examples of situations where users were offered an iTunes playlist that then executed malicious code and allowed access to the system. There were a couple different versions of it."
While OS X has an advantage over Windows because it doesn't set up a user as an administrator by default, Mr. Ullrich noted that it still suffers from the same vulnerabilities as Windows and Linux. "Out of the box, OS X still has services enabled by default that shouldn't be," he said. As with users of other operating systems, Mr. Ullrich recommends that Mac OS X users turn on their firewalls and use anti-virus software. "They shouldn't be less diligent than Windows users," he commented.
Observer Comments
Tue Jul 26, 2005 2:55 pm Subject: Ummm....
Why would you accept an iTunes playlist from somebody you don't know? If you do, you run the risk of bad things happening (like it really being an applescript rather than a playlist).
Nothing can stop social engineering exploits. This is true for all operating systems, not just OSX or Windows.
Tue Jul 26, 2005 3:09 pm Subject: no firewall can protect you from your own stupidity
As Intruder says, "Why would you accept an iTunes playlist from somebody you don't know?" If someone is stupid enough to do this, then probably are smart enough to turn on firewall or keep their Anti spyware up to date regardless.
and i would dispute the market share theory, as Apple market shares has gone up .7% (as in POINT 7) i cant imagine that makes apple that much more of an attractive target to anyone. Even when macs enjoyed 5-10% market share, viruses weren't all that common.
You and the next couple of posters deride others as being "stupid enough" to accept playlists from someone than maybe they deserve what happens to them. Well, I am a pretty competent computer using professional who likes the fact that iTunes is included on my work computer ( aluminum Powerbook 15"); I see it as a nice value added feature to my working environment. As such I don't spend time worrying about how the program works.
I've been in several locations where others playlists/libraries show up in my iTunes window. Is this the potentially dangerous exploit being referred to here? If so how do I turn it off? I may be uninformed about the usage of iTunes but I fail to see how that connects to the "I deserve what I get" implications of your comments.
How about simply saying, "Yeah, the threat is real and many people don't know how to counter it. Here's what you do to prevent this from happening to you..." Well enough of my rant, I guess I'm now off to find out how to fix the problem instead of deriding others for not having known this ahead of time. A quick search in iTunes help using the terms "playlist sharing" brings up several results that may be the answer...
Wed Jul 27, 2005 12:07 pm Subject:
Go to Preferences>sharing... and turn off "Look for shared music."
I never said anything about being "stupid enough" to accept playlists. Nor did I say that people deserve what they get. What I said what that if one accepts a playlist from somebody you don't know (and that could come from several paths, not just through bonjour) then you are inherently running a risk. That is an undeniable fact. Please don't put words in my mouth.
As the author of the article was completely UNCLEAR about the actual exploits, I do not know if what you are seeing is actually the exploit vector. Since you can export playlists (file>export song list), it may be that it only happens with lists that are e-mailed. Since the author failed to tell us what the actual exploit is, we can only guess.
Social engineering exploits work on people's inherent curiosity (the "I wonder what this big red button does" scenario), which is why they are so hard to defeat. Best defense is to not click on or open any attachment (in the case of e-mail) from somebody you do not know. That is true for any level of user on any OS.
Recent Headlines - Updated Saturday, November 29th, 2008
- Sat., 9:00 PM
- Podcast - Apple Weekly Report #135: Apple Lawsuits, Banned iPhone Ad, Green MacBook Ad
- Fri., 12:45 PM
- Podcast - Mac Geek Gab #178: Batch Permission Changes, Encrypting Follow-up, Re-Enabling AirPort, and GigE speeds
- Thu., 1:30 PM
- iPO Review - Scosche kickBACK iPhone case
- 7:00 AM
- Happy Thanksgiving from TMO!
- Wed., 6:00 PM
- TMO Appearances - Nancy Gravley Joins MacJury Gift Guide
- 5:15 PM
- TMO Visits The Bay, a Premium Apple Reseller in New Zealand
- 3:25 PM
- iPO Oh the Games You'll Play - iPhone: The Wii of Handheld Gaming Devices?
- 2:15 PM
- Sonnet Releases Simply Fast FireWire 800 to 400 Adapter
- 1:10 PM
- Mac Gaming News - Disney Plans 1st Annual PotC Online Thanksgiving Event
- 12:05 PM
- iPodObserver - UK Shuts Down iPhone 3G Ad
- 11:15 AM
- TMO Appearances - Jeff Gamet on MacJury Gift Guide
- 10:30 AM
- TMO Contest - TMO Announces Macworld Expo Pass Winners
- 9:50 AM
- PhotoCopy 1.1 Adds iPhoto Event Support
- 9:15 AM
- Acclivity Buys MYOB US
- 8:30 AM
- Review - Bento 2 Holiday Pack
- 7:50 AM
- Microsoft Offers Black Friday Office Discount
- 7:30 AM
- iPO Quick Tip - iPhone: Google Street View
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
New iMac 800Mhz Memory 4GB $54. New MacBook & MacBook Pro DDR3 PC8500 4GB Kit $116. MacBook/MacBook Pro / MacMini / iMac Intel Core2 DUO DDR2 667Mhz 4GB Kit $58, 3GB Kit $44, 2GB Kit $30. Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: Mac Pro FB-DIMMs: 2Gig kit $95, 4Gig Kit $179, 8Gig Kit $355! MacBook 2Gig Kit $78, 4Gig Kit $149! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Marshmallow Popper Gun Shooter: $9.99 Delivered - Make the Yam Side Dish a Sporting Event 
OnSale's ThanksGiving Day/Black Friday Combo Sale - Turkey, Deals, and LeftOvers - The Holiday Trifecta! 
Fall Knuckle Deep into Dell Small Business's Black Friday Sale - Going on Now!!!!! 
File Your Nails Now - Overstock's Black Friday Sale is Coming! Get Great Gifts at Great Prices 
