Saturday, March 29, 2008

Oh no, a MAC got hacked!

When I heard the Macbook Air had been hacked at CanSecWest (the security conference held in Vancouver, British Columbia.) I could also almost hear millions of devout PC users go “nya na na nya nya”.

For those concerned about security an Apple MAC is the platform of choice. I still use a PC and consider myself and Expert PC user. But even I'm note sure exactly how to be as safe as need be. So hearing someone hacked a Macintosh was scary! If the MAC is not impervious to attack what do we do? Were do we go for shelter?

But it's not at all that scary in reality. The hack was made through exploit code placed in a website which allowed Charlie Miller, Jake Honoroff, and Mark Daniel of Independent Security Evaluators to take over the Macbook Air and claim a prize. This hack would not have been possible if MAC users follow two two steps to protect themselves. Things that savvy PC users are already doing:

  1. Install Firefox and...

  2. Use it with the “no script” plugin which will stop malicious scripts from running without your knowledge.

Do those two things, and yes, (I'm sorry to burst the bubble of gloating PC users) the MAC is safe.

By now the security vulnerability will have been plugged.

Just to set the record straight (for both PC users and MAC users who aren't quite sure):

No. MACs do not need antivirus software.

I think anyone celebrating the MAC hack (other than the contest winners) should just get a life, you shouldn't wish ill of others for any reason, least of all because of the computer they use. That goes ditto for smug MAC owners. I personally wish no one had to worry about resource hogging security defenses not matter what type of device/operating system they have and look forward to the day when nobody wins the prize.

No comments: