The advertising world is a strange place. Ad campaigns touting certain features and advantages of one kind of product aren’t used for other products, even though you’d think they would be. For example, automobile manufacturers regularly crow that their vehicles are safer than the competition’s. They even show super-slo-mo video of body frames crumpling, the crash dummies “safe” in their air bag cocoons.
On the other hand, can you remember ever seeing a print or TV ad touting the safety record of a major airline? It’s as if airlines have the superstitious idea that as soon as they make an ad saying “We’re safer than they are” or even just “We’re safe”, their airplanes will start falling out of the sky. Surely that wouldn’t happen, but would you want to be the first airline (or ad agency) to try it?
So it goes with Apple, which never officially brags of the lack of malware (viruses, Trojans, worms, spyware, adware, and the like) on it’s computers running the UNIX-based Mac OS X operating system. However, Apple’s reluctance is not based on superstition. It’s based more on common sense, I think. Any bit of corporate gloating (or an ad campaign) would almost certainly be interpreted by hackers as a challenge to attack the Mac.
Mac OS X has been bereft of malware for the five years since its introduction, while reports of new nasties affecting Microsoft Windows appear almost daily. So, it should come as no surprise that, when the inevitable first bug affecting the Mac appeared, it would make a big splash - at least in the media, where one drop in a bucket can become a tsunami overnight.
Sure enough, this week not one, but three, “bugs” affecting Mac OS X became known. How did Mac users come to know about them? Did a teenager in Poughkeepsie open what he thought was an MP3 file, only to loose a nasty varmint that sent porn to all the people in Dad’s Outlook Express address book? No. Did a grandma in Sheboygan try to view what she thought was a photo of her grandchildren, only to invite a malicious mite to erase her hard drive? No again.
A couple of relatively obscure companies that make security software for the Mac (yes, there are a few, but they have been the “Maytag repairmen” of the business) issued press releases announcing that they had “discovered” areas of the Mac operating system that could potentially be exploited by hackers with nefarious motives. They all then announced that they were releasing software that could protect the Mac from these possible exploits (of course, for a nominal fee).
Without getting too technical, here’s what the three bugs do/did. The first, dubbed “Leap-A” or “Oomp-A”, is a worm that spreads via the iChat instant messaging program, in the form of a “zipped” (compressed) image, which is offered to you by someone on your buddy list (who’s been infected) during a chat. iChat gives you the option to receive the image. If you do, the worm starts offering itself to others on your buddy list.
The second, called “Inqtana.A” (you’d think the same people who name these things also come up with names for Windows-Media-based portable music players but, I digress), moves from one Mac to another via a Bluetooth wireless connection. Apple actually patched this hole last year, but somehow it got mentioned this week.
The third exploit has the most theoretical potential to possibly be harmful. It’s so ominous that, well, we’ll get to it next time. Have a safe week. And, if it says “brittanyspears” on it, don’t open it. Anything. Not even her CDs.
© 2006 Peter F. Zimowski