Ex-NSA Guy Points to Mac Security Flaws

Whereas Apple develops its iOS with security a part of the process, with OS X development security seems to be more of an afterthought. ‘Bug bounty’ programs are one direction suggested for Apple, but until there is a change in the current approach, the vulnerabilities remain open to any would-be hackers.

At the recent RSA Conference in San Francisco, Wardle gave a presentation titled “Writing Bad@ss OS X Malware,” in which he challenges Apple’s OS X developers to change their way of thinking – especially considering that the majority of the malware getting into Macs (now measuring hundreds of thousands) is “amateur, even basic,” according to Wardle.

More advanced Mac attacks, such as the ‘Rootpipe’ backdoor, have been difficult for Apple to patch, and failed ‘fixes’ have been covered by thehackernews.com, computerworld.com, securityweek.com, forbes.com, and others in the first half of 2015.

AV-Test, a leading independent computer security testing firm, recently tested 10 different Mac OS X security software packages (you can read the full report here), writing that:

“The legend that Mac OS X is supposedly invincible is not borne out by the facts. In the aftermath of major attacks by Flashback, the police Trojan Browlock or Shellshock, the number of assaults on Mac OS X continues to increase.”

In AV-Test’s analysis, Avira Free Antivirus for Mac earned a 100% detection score against 160 new Mac-specific viruses and malware. If you’re taking chances with no security on your Mac, do yourself a favor and take care of it right now – FREE DOWNLOAD.

This post is also available in: German

Marketing/Branding guy, copywriter (Industrial Poet), M.Ed., editor, singer-songwriter/guitarist, reader, writer, and daddy to two amazing girls.Prior to joining Avira in summer of 2014, Mashak helped another European IT security company grow from obscurity into a globally recognized industry leader (and household name).From 2008 to 2010, he worked with an IT market research firm as report editor for the CEMA region.Before that, he was a freelance marketing consultant, a high school English teacher, the owner of a property management company, served five years on sales and client-retention teams for the world's largest perimeter security firm, and dabbled with various small business ventures of his own.