Posted by: David Harley | April 28, 2012

Python attacks, Kaspersky slams Apple, and the anti-AV crew get a boost

I’ve been out of office for most of the past week, including several days in London for an industry meeting and the Infosec Europe meeting. (Good to meet so many fellow researchers, bloggers and journos by the way, including several colleagues at Infosecurity Magazine.) But events in the Mac universe have been rolling on.

  • Sophos have reported that: “Python-based malware attack targets Macs. Windows PCs also under fire.”
  • Kaspersky supremo Eugene Kaspersky told CNET that Mac security is ’10 years behind Microsoft’. I can understand his frustration at Apple’s lingering “hear no evil” view of attacks on Apple users, but comparing Apple today to Microsoft at the time of the “Trustworthy Computing” initiative launch is really oversimplifying a complex situation. I was asked about that by the Inquirer at the end of Infosec, and hope to be able to point you towards a clearer explanation of why I think that on Monday.
  • And my friend and sometime-collaborator Rob Slade drew my attention to a cartoon summary of the Flashback incident that both amuses and infuriates me, because while it represents a side of the antivirus industry that I sometimes find hard to stomach – i.e. some of the marketing – it also misrepresents the way the AV research community thinks. No-one in this industry in their right mind is claiming that Macs are just as prone to malware attacks as Windows, or that every OS X user has always needed AV, or that AV would have prevented the Flashback epidemic. (However, its impact would have seriously reduced if more Mac users had been using up-to-date commercial-grade AV – or, of course, if Apple had patched a little more promptly.)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: