Apple's Mac, iPad dodge an ugly new NSA hacker bomb targeting majority of Windows PCs glob...
A series of previously unknown Windows hacking tools used by the U.S. National Security Agency has been leaked, enabling "zero day" exploits to be used against millions of Windows PCs to deface websites, lock up systems to demand a ransom payment or to steal emails and other data.

As noted in a report by Lorenzo Franceschi-Bicchierai for Motherboard, the NSA tools were leaked by hacker group known as the "Shadow Brokers."
The package of exploits includes "Fuzzbunch," and easy-to-use hacking tool with basic instructions that even non-technical users could follow to gain control of PCs running multiple versions of Microsoft's Windows prior to the latest Windows 10, specifically Windows XP, Vista, 7 and 8 as well as server versions including NT, 2000, 2003, 2008 and 2012.
The report cited a former employee of the U.S. Department of Defense as saying "it's not safe to run an internet facing Windows box right now," and that the payload of exploits is "the worst thing since Snowden."
Motherboard previously cited comments from security architect Kevin Beaumont, who noted that "all of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
There are many Windows PCs that are connected to the Internet but do not generate web traffic--particularly back end servers and other utilitarian machines. A worm or virus could easily launch broad exploits at Windows users and find plenty of vulnerable machines to steal data from or recruit into global botnets of exploited PCs.
Microsoft has worked aggressively to upgrade users to Windows 10, but the vast majority of PCs worldwide remain stuck on older versions with known problems. The new cache of hacker tools makes it that much easier to exploit those users.
A spokesperson for Microsoft said that it is "reviewing the report and will take the necessary actions to protect our customers."
In part, Apple's limited exposure to malware and exploits comes from its divergence from the monoculture of Windows (or Android) software, a sort of "security by obscurity," where the easiest to use hacking tools simply don't work because the platform isn't as easy to target as Windows PCs and Android devices are.
Apple's installed base of computer users has grown rapidly however. Horace Dediu of Asymco recently noted that there are about 100-150 million Macs in active use and an installed base of over 300 million iPads. That's about the same as the 400 million PCs in the installed base of Windows 10 that Microsoft cited at its Ignite conference last fall.
The difference is that there is at least another 400-600 million PCs that are running vulnerable versions of Windows. Apple also has an even larger installed base of iPhones, but most of those are updated.
So the larger reason why Macs and iOS devices are protected from the routine efforts to hack into Android and Windows is due to Apple's far faster ability to distribute new OS updates, which it does without cost. Apple's system update efforts have resulted in the majority of iOS users rapidly adopting the latest version and regular new patches between major updates.
As of February 20th, Apple reports that 79 percent of iOS users are on the latest iOS 10, while another 16 percent are on iOS 9, both of which are at least as recent as Microsoft's Windows 10.
Apple does not appear to report macOS version adoption figures, but Go Squared reports that 44 percent of Macs are using the latest macOS Sierra while another 21 percent are on macOS El Capitan, both of which (65 percent total) are as new as Windows 10. The same site reports adoption of Windows 10 at 49 percent, with a nearly equal number still on Windows 7.
The same site reports that 89 percent of iOS users are on the newest iOS 10, as of April.
Google notes that as of April, only 4.9 percent of devices actively accessing Google Play are using the latest Android 7 Nougat, and only another 31 percent are on 2015's Android 5 Marshmallow, released alongside iOS 9. The majority of its active users are on versions of Android older than that, most of which will never be updated. Users in other regions, particularly China, are much less likely to use Google Play and even less likely to be updated to recent versions of the OS.

As noted in a report by Lorenzo Franceschi-Bicchierai for Motherboard, the NSA tools were leaked by hacker group known as the "Shadow Brokers."
The package of exploits includes "Fuzzbunch," and easy-to-use hacking tool with basic instructions that even non-technical users could follow to gain control of PCs running multiple versions of Microsoft's Windows prior to the latest Windows 10, specifically Windows XP, Vista, 7 and 8 as well as server versions including NT, 2000, 2003, 2008 and 2012.
The report cited a former employee of the U.S. Department of Defense as saying "it's not safe to run an internet facing Windows box right now," and that the payload of exploits is "the worst thing since Snowden."
Motherboard previously cited comments from security architect Kevin Beaumont, who noted that "all of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
More Windows PCs are vulnerable vs. those on on modern software
According to web browser stats from NetMarketshare, only 25 percent of web users are using Microsoft's latest Windows 10 (which was released in the summer of 2015), while over 66 percent of active web users are using older versions of Windows that are vulnerable to the attacks launched by the released tools.There are many Windows PCs that are connected to the Internet but do not generate web traffic--particularly back end servers and other utilitarian machines. A worm or virus could easily launch broad exploits at Windows users and find plenty of vulnerable machines to steal data from or recruit into global botnets of exploited PCs.
Microsoft has worked aggressively to upgrade users to Windows 10, but the vast majority of PCs worldwide remain stuck on older versions with known problems. The new cache of hacker tools makes it that much easier to exploit those users.
A spokesperson for Microsoft said that it is "reviewing the report and will take the necessary actions to protect our customers."
Apple's security through obscurity (and update superiority)
Apple's installed base of Macs and iPad users are not affected by exploits found in Windows (apart from Macs intentionally booted up into an old version of Windows by the owner). That's a feature Apple has long advertised for Macs, and has recently noted in its ads for iPad Pro.In part, Apple's limited exposure to malware and exploits comes from its divergence from the monoculture of Windows (or Android) software, a sort of "security by obscurity," where the easiest to use hacking tools simply don't work because the platform isn't as easy to target as Windows PCs and Android devices are.
Apple's installed base of computer users has grown rapidly however. Horace Dediu of Asymco recently noted that there are about 100-150 million Macs in active use and an installed base of over 300 million iPads. That's about the same as the 400 million PCs in the installed base of Windows 10 that Microsoft cited at its Ignite conference last fall.
The difference is that there is at least another 400-600 million PCs that are running vulnerable versions of Windows. Apple also has an even larger installed base of iPhones, but most of those are updated.
So the larger reason why Macs and iOS devices are protected from the routine efforts to hack into Android and Windows is due to Apple's far faster ability to distribute new OS updates, which it does without cost. Apple's system update efforts have resulted in the majority of iOS users rapidly adopting the latest version and regular new patches between major updates.
Macs and iOS devices are protected from the routine efforts to hack into Android and Windows due to Apple's far faster ability to distribute new OS updates
As of February 20th, Apple reports that 79 percent of iOS users are on the latest iOS 10, while another 16 percent are on iOS 9, both of which are at least as recent as Microsoft's Windows 10.
Apple does not appear to report macOS version adoption figures, but Go Squared reports that 44 percent of Macs are using the latest macOS Sierra while another 21 percent are on macOS El Capitan, both of which (65 percent total) are as new as Windows 10. The same site reports adoption of Windows 10 at 49 percent, with a nearly equal number still on Windows 7.
The same site reports that 89 percent of iOS users are on the newest iOS 10, as of April.
Google notes that as of April, only 4.9 percent of devices actively accessing Google Play are using the latest Android 7 Nougat, and only another 31 percent are on 2015's Android 5 Marshmallow, released alongside iOS 9. The majority of its active users are on versions of Android older than that, most of which will never be updated. Users in other regions, particularly China, are much less likely to use Google Play and even less likely to be updated to recent versions of the OS.
Comments
From the customers prospective there are nothing wrong with these old devices... they still work fine. But, they're going to become a major headache as Apple discontinues support (OS updates/security patches). It will never be as bad as Android (under the current system) but it's going to become hundreds of millions of devices very fast.
I hope Apple promotes trade ins aggressively or we're going to see a huge influx of malicious hackers targeting IOS which would be bad for everyone.
With Microsoft it's a love hate relationship. Supposedly Win10 is much better with regards to security, but I have trust issues with regards to tracking. Everyone seems to want your data these days, and at the same time the "pro business" agenda of the govt is weakening consumer protections. I do like Microsoft's Server products... Microsoft's licensing for desktop/laptop products is asinine. Everyone should be running the "Enterprise" version of their product. Do they think corporations are the only ones that need things like full disk encryption?
With IOS, Apple is no longer a member of the "obscurity" crowd. OS X still has a bit of an advantage over Windows, in that regard. But relying on "Security through Obscurity" is a false sense of security.
well--"Prepare to put mustard on those words, for you will soon be consuming them along with this slice of humble pie that comes direct from the oven of shame, set at gas mark egg on your face."
From Microsoft themselves.
"A spokesperson for Microsoft said that it is "reviewing the report and will take the necessary actions to protect our customers." yet they had a blog post up YESTERDAY already.
So, just as the human body has multiple layers of protection (starting with the skin), so does an effective security system. If one of those layers is "obscurity" or perhaps even a physical layer, an intelligent "expert" will say "Great!" -- while somebody trying to sell you something may tell you: "That's worthless. Here! Buy MY product!"
https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/
2) It's a myth anyway, there is no security from obscurity, and relying on it will result in failure. Instead it must be technically difficult. OS X and iOS show this in action -- they now have large install bases, yet still no viruses, because they're much harder to exploit. That's real security, not this obscurity jumbo jumbo.
1) Security by Obscurity can mean whatever it means within the context. Having a small target base is ONE meaning -- but hardly the ONLY meaning. It can also mean, for instance, that if a potential hacker does not know that you have something he may want, that he will probably direct his attack elsewhere...
... A good analogy is putting your Christmas presents in the trunk rather than lay them out on your front seat when you park your car... Which is more likely to result in having them stolen?
2) You assume that a target environment can have only one type and one layer of security... If so, no matter how strong that layer may be, it is more vulnerable than a system with multiple layers...
... Very simply, you can add as many layers of security as you feel necessary to keep your private information private.
A wise security advisor once told me: "If a thief wants to get in... he will. The trick is to make it hard enough for him that he goes elsewhere."
... That's sort of the reasoning behind putting a security sign or "beware of dog" sign in your front yard even though you have neither a security system nor a dog: direct the thieves to your neighbors.
Like I said, OS X has no viruses and fewer attacks because it's harder to defeat, not because there's too little of it in the marketplace. Those who claimed OS X didn't have viruses because the hackers weren't interested in the install base were using the "security by obscurity" myth.
I said no such thing about layers of security -- that's a straw man you made up and attributed to me. I did say that OS security by obscurity is a myth, and that good systems are those built with security in mind and try to make exploits as difficult as possible. It's why iOS hasn't had near the security woes as earlier versions of Windows at comparable install base sizes. iOS is harder to compromise.
Don't quit your day job and leave software to the pros. It's not like putting presents in the trunk, I assure you.
This is my day job and I am a pro and it's pretty obvious that you've never gone through a security audit before (we use fortify).
Minimizing the attack surface and obscuring what's left is very much part of software security. As noted by GeorgeBMac obscurity is one layer of OS security.
For example the UNIX STIG includes disabling Core dumps since it might include sensitive information or provide insight in attacking a particular app. It obscures the internal workings of an app to make finding exploitable vulnerabilities harder.
And, I learned long ago not to fall into the trap that you have fallen into. Namely, thinking in binary terms: that you either rely on "security by obscurity" or nothing...
But, you are correct that you failed to account for layers of security and instead fell into either/or thinking