Kaspersky CEO says Mac security is 10 years behind Microsoft

[Shawn Knight]

Eugene Kaspersky of Kaspersky Lab security firm has said that in terms of computer security, Apple’s Mac is at least 10 years behind Microsoft. The CEO feels that Cupertino could learn a lot from Microsoft and will have to revise the way they approach security updates following a string of recent malware attacks.

Speaking exclusively to CBR at Info Security 2012 in London, Kaspersky said that the recent Flashback malware attacks are likely just the start of a new wave of attacks aimed at Macs as the platform becomes more popular. He has been saying for years that from a security point, there is no difference between Mac and Windows.

He goes on to say that his company has been seeing more and more Mac malware and with the recent outbreaks, it’s just a matter of time and market share. Cyber criminals have learned from the outbreak and will use that knowledge in future attacks. The bad guys will still primarily target PCs since they outsell Macs by a large margin but the days of not having to worry about a security threat on the Apple OS are numbered.

"They will understand very soon that they have the same problems Microsoft had 10 or 12 years ago," Kaspersky said. "They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software."

If you haven’t been keeping up, a Mac malware known as Flashback infected more than 600,000 machines worldwide earlier this month with 56 percent of the infections in the US. Apple was criticized by many for not releasing a fix and removal tool fast enough as several security firms, Kaspersky included, released fixes ahead of Apple’s official patch.

Permalink to story.

https://www.techspot.com/news/48359-kaspersky-ceo-says-mac-security-is-10-years-behind-microsoft.html

 

[SNGX1275]

Of course they want to say that, so they can sell you their antivirus software.

I really doubt Macs are going to "have the same problems Microsoft had 10 or 12 years ago," 10 years ago XP was only a year old and IE was huge and full of security holes. The OS is fundamentally more secure than XP is (and especially compared to XP 10 years ago).

Now, I'm not saying that Macs aren't going to see more malware, but people have been saying that for years. I'm sure Macs will be attacked more, but this guy has an agenda, and that agenda is to sell Mac users his company's AV.

 

[TadMSTR]

Yes he may be a bit biased when it comes to computer security but he has a point. Apple is fairly slow when it comes to addressing security issues. As for his agenda, he is a security professional and commenting on security issues in an OS kind of makes sense. If he sells his product because of it good for him. I use their Internet Security suite on several systems and its really quite good. Lately I've seen promos on Newegg to get a free copy after rebates.

 

[Guest]

Is anyone actually surprised? Macintosh security is absolutely pathetic.

 

[Guest]

This agenda also seems to be Techspot's

Kaspersky is simply wrong to compare Apple's current OS X to Microsoft XP of 10 years ago in terms of security. With the locked down AppStore becoming the primary provider for applications and numerous other security features in OS X that XP simply does not have it really does make it sound like FUD to sell to the Mac crowd.

I'm sure Kaspersky is anxious to capitalize on the rising star of Apple and especially while MSE and other free versions on Windows are starting to eat away at their profit$.

 

[Guest]

Someone commented that mac security is pathetic. I play your game. That is why Windows micro **** soft automatically comes with 65535 open ports. It also comes with an open access file system. Where osx comes with all ports stealth or closed and a file system that has the folowing security. No access to files. Three sets of access rights to each file and directory. System read, write, execute flag. admin read, write, execute flag, and everyone read write execute flag. But we are still 10 years behind. Behind what. You having no access so holes are irrelevant? for you need access rights to even sneeze. Nice. I love how anyone can hack a mac if they are physically sitting by it. Good luck with borrowing my lap top. By the way i close my lap top and you need a password to re enter my os. Good luck with hacking after you stole it. You got about one hour before i remotely wipe it. Also the password to hack will take you a couple of hundred years since it is a phrase in random order. You need to jump into a black hole to make time last you longer. Or shell I say to buy your self time.

 

[insect]

Perhaps be meant 10-years behind in experience, not technology or practices. MS has been dealing with constant attacks since Windows 98 and even more so with XP. Now it seems that the holes are filled during the normal 1-week patch cycle or less (if severe enough).

I'm not sure Mac could do that if they wanted to. It will take them time to figure out the best way to implement such practices, again, assuming they want to.

 

[SNGX1275]

Insect - thats a good point. I didn't get that impression from the tone of the article, but I suppose when you really look at the facts like the Guest above you said (compared with how XP was 10 years ago) your take on it makes more sense.

I fear Apple doesn't want to put in the task force behind a big malware division because they think they can evolve their way out of it (sandboxing in 10.8). Even if sandboxing does evolve Apple out of the need for a malware division, that won't fix 10.7 or 10.6 or earlier.

 

[lawfer]

Got to love TechSpot's now constant, though "unintentional" paraphrasing of titles.

 

[Guest]

i love it when an article comes out like this and all the mac people jump to defend their crappy outdated junk using any means possible. those of us in the real world of security who run into this everyday eventually just get tired of arguing with you *****s and let you say whatever you want. welcome to the real world.

 

[Lionvibez]

Someone commented that mac security is pathetic. I play your game. That is why Windows micro **** soft automatically comes with 65535 open ports. It also comes with an open access file system. Where osx comes with all ports stealth or closed and a file system that has the folowing security. No access to files. Three sets of access rights to each file and directory. System read, write, execute flag. admin read, write, execute flag, and everyone read write execute flag. But we are still 10 years behind. Behind what. You having no access so holes are irrelevant? for you need access rights to even sneeze. Nice. I love how anyone can hack a mac if they are physically sitting by it. Good luck with borrowing my lap top. By the way i close my lap top and you need a password to re enter my os. Good luck with hacking after you stole it. You got about one hour before i remotely wipe it. Also the password to hack will take you a couple of hundred years since it is a phrase in random order. You need to jump into a black hole to make time last you longer. Or shell I say to buy your self time.

Hey boss news flash

A router will stealth all those ports and I rarely see anyone that has a computer connected directly to a modem without a router.

And while you have some good points. They are correct Apple is slow with updates, and having a user base that lives in a fantasy land that believe they will never get infected is just a disaster waiting to happen.

 

[Guest]

yeah when it comes to mac security who should I trust? The Kaspersky guy or just your average Apple fanboy? Yeah I'll go with the Apple fanboy - at least he is not biased towards Apple product right?

 

[Guest]

You may find that out of the box Mac's do not have the firewall enabled by default and also Stealth mode enabled... I have 2 Macbooks and a Mac-Mini. I also run the FREE Sophos anti virus soft. from day one.

 

[gwailo247]

With the locked down AppStore becoming the primary provider for applications and numerous other security features in OS X that XP simply does not have it really does make it sound like FUD to sell to the Mac crowd.

In your zeal to defend your bearded idol, you must have neglected to read the last paragraph of the article. The part which said that 600,000 machines were infected with a recent malware attack. So its not really FUD to address the apparent lack of security, and the definite lack of response from Apple, when one of the biggest Apple infections to date (from what I know) has just occurred.

Apple still has not moved away from the Justin Long "Macs don't', CAN'T, get viruses" era, so when any kind of malware or virus appears, they wait two weeks before they acknowledge there is problem.

Their mindset, if nothing else, is what Kaspersky is talking about. MS knows they get viruses, and they patch out problems on a weekly basis. Apple knows that its marketing strategy depends on the public's PERCEPTION that Apple computers cannot get any kind of virus, and so their strategy is like that of the government. Deny any problem until the evidence is so incontrovertible that you have to do something...two weeks late, after the damage has already been done.

 

[Guest]

Ignorance I say!

 

[Zen]

Apple knows that its marketing strategy depends on the public's PERCEPTION that Apple computers cannot get any kind of virus.

Wow, I really never looked at this whole people's perception thing in regards to Apple computers. I guess it does make pretty much close to perfect sense for Apple to want the public to think in these terms. And I could see if the public joined the census that Apple had created, that it would go good for Apple computer sale's. Well, this perception thing is something that I might have to integrate into my thinking, especially when dealing with clients, who might want to turn into Apple "fanboy's" and 'fangirl's" all on the notion that Apple systems can't get virus's and are 100% virus free.

Side Note - Didn't this whole perception thing have some pretty bad conclusions about 100 years ago? Today most are saying Apple products can't get virus's or come under attack or will always be 100% virus free, basically saying that if the Apple O.S. was a ocean liner, that ocean liner would be virtually unsinkable!

Can we say "R.M.S. Titanic"!

 

[DanUK]

HAAAAA no surprises here. Need to post this to some of my arty "mac is invincible" friends. I've been saying this for a while now but they refuse to believe -___-

 

[Guest]

Anyone saying a system is 100% safe live in Lala land. The only system I would say is safe would be a computer with no power supply in my closet, and even then I would not bet my life on it
So with all of the fanboys out there saying Mac is full proof, I guess Apple is in Lala land.

 

[Rick]

Got to love TechSpot's now constant, though "unintentional" paraphrasing of titles.

I won't dig *too* deeply into what you said, but the reality is there is *one* "news" item here: some suit at Kaspersky says Macs are 10 years behind in terms of security.

Shawn's title lets you know exactly what the article is about.

In a vacuum, most people would come up with some variation of that very same title. If you want to effectively summarize the content of an article and make it fit with a limited number of letters, certain words *will* be used. CEO, Kaspersky, Apple/Mac, Microsoft/Windows, Security and 10 years. Titles can be only so creative and unique.

Source title: Apple '10 years' behind Microsoft on security: Kaspersky
Cnet title: Kaspersky: Mac security is '10 years behind Microsoft'
TS title: Kaspersky CEO says Mac security is 10 years behind Microsoft

I'd like to point out, out of all those three, the one from TS actually goes through the trouble of mentioning CEO. If anything, Shawn did a good job with the title. It's provocative, completely true and specific enough you don't even have to read the article to know what the primary issue is.

 

[Marnomancer]

Obviously a marketing strategy.

 

[Rick]

Obviously a marketing strategy.

Yes, I totally believe so. What the CEO said is pretty incendiary and Kaspersky is getting a lot of eyeballs because of it.

 

[Guest]

Mr. Eugene Kaspersky should have a look at this https://help.ubuntu.com/community/Antivirus#Market_Share_Myth

 

[mario]

If you haven?t been keeping up, a Mac malware known as Flashback infected more than 600,000 machines worldwide earlier this month with 56 percent of the infections in the US. Apple was criticized by many for not releasing a fix and removal tool fast enough as several security firms, Kaspersky included, released fixes ahead of Apple?s official patch.

Yep sure Apple didn't release a fix for it fast enough and they didn't get number of infected machines to less than 30k in a week, I didn't see that covered Shawn!

 

[Guest]

The only malware I know is Windows, and my Mac doesn't have it.

 

[Guest]

Lol what you have done Kaspersky. You hurt Mac Fanboises feelings.
Shame on you! hehehe