Kaspersky Lab was not asked by Apple to advise on OS X security [u]

Posted:
in macOS edited January 2014
In the wake of the biggest malware presence in Mac history, Kaspersky Lab claimed it was asked by Apple to consult on potential OS X security issues, but later said the company's CTO was misquoted [updated].

Kaspersky has begun analyzing the OS X platform at Apple's request, the company's chief technology officer, Nikolai Grebennikov, originally said in an interview with Computing. The Kaspersky executive has publicly called Apple out for not taking security seriously enough.

"Mac OS is really vulnerable, and Apple recently invited us to improve its security," Grebennikov said. We've begun an analysis of its vulnerabilities, and the malware targeting it."

Update: But in a later comment provided to Engadget, Kaspersky Lab said the quote from Grebennikov was "taken out of context by the magazine." It has asked that the original article be updated to reflect this.

"Apple did not invite or solicit Kaspersky Lab's assistance in analyzing the Mac OS X platform," the statement reads, going on to say that the analysis of OS X was "conducted independently of Apple."

In the original article, Grebennikov highlighted one specific security issue with OS X, in which Apple blocked Oracle from directly updating Java on the Mac. Instead, Apple handles the updates, and they typically arrive months after Oracle issues its own patches.

Mac-centric Java development is set to move to Oracle following the latest runtime updates built in-house at Apple. Apple dropped Java from the default installation of OS X 10.7 Lion after the company announced its plans to deprecate the software's release from the Mac platform.

In April, Oracle released its first Java Development Kit and JavaFX Software Development Kit for Mac users. They arrived one and a half years after Apple announced the depreciation of its own edition of Java for Mac.

Kaspersky


Kaspersky's newfound partnership with Apple comes on the heels of the Flashback malware botnet, which was believed to have infected hundreds of thousands of Macs at its peak. The presence of Flashback was greatly diminished after Apple released a series of software updates to squash the malware, including a Java update and a separate removal tool.

Grebennikov cited the Flashback malware as "a huge sign that Apple's security model isn't perfect." He also predicted that the first malware targeting Apple's iOS mobile operating system, which powers the iPhone and iPad, will arrive in the next "year or so."
«13

Comments

  • Reply 1 of 41








    I always have a suspicious feeling that there AV companies themselves plant viruses to help their cause!



    again I know apple will grow bigger into the consumer and business market and will become MORE of a target... but again I have my suspicions.



    I switched to mac back in 05 and never looked back - so its been a great 7 years of NO AV software and i want it to continue this way.



    can't even trust these AV companions anyway thanks to Norton and Sonys root kit if memory serves me correctly.

  • Reply 2 of 41
    drblankdrblank Posts: 3,383member
    Wait a minute. Kaspersky first says that Mac OS X is vulnerable and then they just STARTED analyzing the OS for vulnerabilities, Heck, if I were them, I should have had a number of valid ways to substantiate their initial statement. I remember the media mentioned that Kaspersky's tool didn't fix the Flashback problem, so what makes these guys the best at identifying problems and how to fix them? I would hire those that were successful in compromising the system that were actually going to prove that a problem exists.
  • Reply 3 of 41
    markbyrnmarkbyrn Posts: 646member


    Kaspersky Exec to Apple: We'd like to offer you our consulting services to provide security vulnerability analysis of OS X.


     


    Apple PR to Kaspersky: We aren't soliciting for consulting services at this time but we're happy to accept advice from all recognized security professionals.


     


    Kaspersky to Tech Media Pundit: Apple asked us to advise them

  • Reply 4 of 41
    charlitunacharlituna Posts: 7,217member
    They say, they say, they say.

    Of course they have no reason to lie about this partnership, the threat etc? Or even just the fact that Flasback was caused by a faulty version of Java , not an actual Mac OS flaw
  • Reply 5 of 41
    jragostajragosta Posts: 10,473member
    markbyrn wrote: »
    Kaspersky Exec to Apple: We'd like to offer you our consulting services to provide security vulnerability analysis of OS X.

    Apple PR to Kaspersky: We aren't soliciting for consulting services at this time but we're happy to accept advice from all recognized security professionals.

    Kaspersky to Tech Media Pundit: Apple asked us to advise them

    More likely:

    Apple execs in conference: "We're getting really tired of these 'security experts' coming up with bogus threats and then attempting to make us look bad. If we give them a contract, do you think they might stop?"

    The entire Flashback fiasco is pretty strong evidence that these people are making things up. The alleged number of infected computers dropped by 2/3 a few days BEFORE Apple released the fix.
  • Reply 6 of 41


    at least its kaspersky and not symantec...

  • Reply 7 of 41
    tallest skiltallest skil Posts: 43,399member


    "You're not safe. So buy our software so you will be safe. But you still won't be safe. So buy our software every year."

  • Reply 8 of 41
    mstonemstone Posts: 11,510member


    Pretty much the the biggest security vulnerability on OS X is user error.


     


    None of the usual suspects, Flash, Java, or Javascript, running in a browser, can write or read files on the client's hard drive, that is, without the user giving permission. Provided that Java, and Flash have been updated, but you never know when the next exploit will surface, since we are up to version 10 or 11 and there always seems to be one more loophole that they overlooked.


     


    As they say: Any computer connected to the Internet is vulnerable.

  • Reply 9 of 41


    Kaspersky has a nice little "protection" business going on... "Now, youse don't want no trouble now, would you? It's be a shame if youse was to have a fire or somethin'."

  • Reply 10 of 41
    msimpsonmsimpson Posts: 452member


    Mac security brought to you by the Russian Mafia.

  • Reply 11 of 41


    That's like asking the cigarette companies if smoking is good for you.

  • Reply 12 of 41
    bigmac2bigmac2 Posts: 639member


    Too bad for M. Kaspersky none of his software will be running on Mac once Apple will deploy his new Gatekeeper with Snow Lion.  Beside this news is boggus, if Apple was really desperated to seek security advise, they will start by searching on their own homeland first before going to the land of piracy and computer far west.


     


    The Java issue is totally fallacious, Apple has never block Oracle update. The true is Oracle never release an OS X version of Java because Apple was maintaining Java.  Now Apple is giving back all the trouble of maintain Java to his owner. Kaspersky need to do way better to gain credibility. 


     


    On all OS (Windows, OSX, Linux) security issue rely much more on their runtime API than its core, more you use runtime API like Java, Flash an other, more the OS is at risk to be hijack by a wise developer. The best solution from a users perspective is to avoid to all cost those third-party runtime, those are mean to be developer's shortcuts and produce bad quality apps. 

  • Reply 13 of 41
    sevenfeetsevenfeet Posts: 435member

    Quote:

    Originally Posted by markbyrn View Post


    Kaspersky Exec to Apple: We'd like to offer you our consulting services to provide security vulnerability analysis of OS X.


     


    Apple PR to Kaspersky: We aren't soliciting for consulting services at this time but we're happy to accept advice from all recognized security professionals.


     


    Kaspersky to Tech Media Pundit: Apple asked us to advise them



     


    And this just in...that's pretty much exactly what happened.  Kaspersky just had to walk back the whole working with Apple thing.

  • Reply 14 of 41
    lostkiwilostkiwi Posts: 633member
    <vc><strong>In the wake of the biggest malware presence in Mac history, Kaspersky Lab claimed it was asked by Apple to consult on potential OS X security issues, but later said the company's CTO was misquoted [updated].</strong>

    Grebennikov cited the Flashback malware as "a huge sign that Apple's security model isn't perfect." He also predicted that the first malware targeting Apple's iOS mobile operating system, which powers the iPhone and iPad, will arrive in the next "year or so."

    In other words, "we haven't finished writing the malware yet..but it's looking good for next year on iOS."
  • Reply 15 of 41
    relicrelic Posts: 4,735member
    holmstockd wrote: »
    <table border="0" cellpadding="6" cellspacing="0" class="tborder" id="user_post14861936" style="margin-left:auto;margin-right:auto;background-color:rgb(187,187,187);color:rgb(0,0,0);border-top-width:1px;border-right-width:1px;border-bottom-width:1px;border-left-width:1px;border-top-style:solid;border-right-style:solid;border-bottom-style:solid;border-left-style:solid;border-top-color:rgb(102,102,102);border-right-color:rgb(102,102,102);border-bottom-color:rgb(102,102,102);border-left-color:rgb(102,102,102);" width="100%"><tbody>[TR]
    <td class="alt1" id="user_td_post_14861936" style="font:normal normal normal 10pt/normal verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;background-color:rgb(250,250,250);color:rgb(0,0,0);border-right-width:1px;border-right-style:solid;border-right-color:rgb(187,187,187);">
    <div id="user_post_message_14861936">I always have a suspicious feeling that there AV companies themselves plant viruses to help their cause!


    again I know apple will grow bigger into the consumer and business market and will become MORE of a target... but again I have my suspicions.


    I switched to mac back in 05 and never looked back - so its been a great 7 years of NO AV software and i want it to continue this way.


    can't even trust these AV companions anyway thanks to Norton and Sonys root kit if memory serves me correctly.</div>
    </td>

    [/TR]
    </tbody></table>

    I don't think you have much to worry about if you watch what you are downloading and the sites you are viewing. However the more popular Apple becomes more and more crackers will focus their energy on the platform. Just be carefull, I have never had a virus on any of my systems, even Windows because I invest in good hardware protection at home and use backups just in case. Though the secret of running a good Windows system is in a virtual enviroment.
  • Reply 16 of 41
    ankleskaterankleskater Posts: 1,287member

    Quote:

    Originally Posted by bdkennedy View Post


    That's like asking the cigarette companies if smoking is good for you.



     


    Sorry, but I fail to see the validity of your analogy.

  • Reply 17 of 41

    Quote:

    Originally Posted by holmstockd View Post









    I always have a suspicious feeling that there AV companies themselves plant viruses to help their cause!



    again I know apple will grow bigger into the consumer and business market and will become MORE of a target... but again I have my suspicions.



    I switched to mac back in 05 and never looked back - so its been a great 7 years of NO AV software and i want it to continue this way.



    can't even trust these AV companions anyway thanks to Norton and Sonys root kit if memory serves me correctly.



     


     


    I absolutely agree with this -- Apple and LINUX have a permissions model that Microsoft has only recently emulated. However -- the dearth of attacks on both *NIX platforms is probably NOT due only to "obscurity" -- it's most probably due to NO ECONOMIC MODEL to create them in the first place.


     


    What is an AV company going to recommend but that people "install AV software and update every day."


     


    100's of thousands of Macs were infected by a trojan horse? Heavens, with the millions of macs out there, we might be approaching 1% at the current rate. That's compared to 50% of PCs with various OS's on them.


     


    Not to be cavalier about the issue -- but it's a Trojan horse -- until Apple and the rest of these companies create systemic software that LOOKS AT WHAT APPS ARE TRYING TO DO -- rather than this weak-kneed "virus signature" nonsense -- nobody has real security.


     


     


    >> That's the thing -- it would have been fairly EASY for someone creating a Virus to make it "change it's signature." The operating code can stay the same, but it can seed itself with random data and use compression on the file itself with ONLY the need to find some process to hijack to decompress itself -- randomizing even the process call used. Such Poly-morphic Viruses would DEFEAT all dedicated AV software that scans for "patterns".


     


    The ONLY explanation I can find that we haven't seen Polymorphic Viruses is because it doesn't make money -- and it doesn't make money because the independent "developers" who happen to get money from AV companies by "finding viruses" are likely the same people creating the viruses. Other than a few groups out there who want to use Zombie and DNS attacks to either shut someone down or steal information -- the vast majority of these viruses are just nuisances.


     


    Sure, back when it was a Visual Basic script in the email -- it was script kiddies -- but now, it likely takes a bit more dedication than a hobbyist.


     


     


    >> The WORST THING APPLE CAN DO, is to create a 3rd-party economic incentive to sell AV software. I've been saying this for 10 years -- and I know that as soon as they make it institutionalized, Viruses will be a way of life.


     


    Just like Homeland Security needs terrorists and the FBI is going to help find them, if they have to train a meth addict and get him the wardrobe -- dang it, they'll find them some terrorists.

  • Reply 18 of 41
    ankleskaterankleskater Posts: 1,287member


    Is it me or is it trendier than ever to claim fake dalliances with Apple?

  • Reply 19 of 41
    tallest skiltallest skil Posts: 43,399member

    Quote:

    Originally Posted by ankleskater View Post

    Sorry, but I fail to see the validity of your analogy.


     


    Really? You don't think a company that sells anti-malware software, a company that is completely useless to Mac users, might just have a conflict of interests in doing the reporting on malware on the Mac?

  • Reply 20 of 41

    Quote:

    Originally Posted by ankleskater View Post


     


    Sorry, but I fail to see the validity of your analogy.



     


     


    The analogy is that a Cigarette company SELLS cigarette's, and they will FIND that the Cigs are healthy and part of a full balanced diet.


     


    An independent agency that had no future profits from Cigarettes, would of course recommend smoking Pot -- as it's good for arthritis, cancer and nobody has yet witnessed someone dying from natural cannibus -- we've seen people dead from Sugar for crying out loud -- but not pot.


     


    So a security expert who wasn't steeped in the religion and making a buck off the future of viruses, will tell you that having an independent company create Anti Virus software will guarantee you will ALWAYS have to deal with viruses.


     


    It's much better to have both an INSTALL PERMISSION, like the current model -- and something that looks at new applications and sand-boxes them, alerting the user to any un-authorized activity or "phoning out". A graphics application for instance, wanting to scan preference files or modify your email would be "running against pattern."


     


    Apple is also using the App store to create a market for CERTIFIED software -- which will require future hackers to first infiltrate and piggy back on a developer's submission.


     


    >> Anyway, 3rd party for profit AV companies are the WORST WAY YET CONCEIVED to make a platform secure. Some security companies are probably doing something useful, because there are issues -- but Capitalism always allows the unethical to benefit if the economic model doesn't penalize cheaters.

Sign In or Register to comment.