June 15, 2012
Apple’s Admission Of Weakness
Michael Harper for redOrbit.com
Tim Cook and Crew had plenty to say during this year´s WWDC Keynote. In addition to announcing updates to some of their existing hardware, such as their MacBook Air and MacBook Pros, they also released a brand new slab of aluminum in their MacBook Pro with Retina Display.
It´s a bit of internet trickery not uncommon to Apple. Some eagle-eyed fans are able to pick up on these changes: whereas there was once a piece of information displayed proudly on Apple´s website, in the blink of an eye, it´s gone without any explanation.
In the same way the iPad was changed from Wi-Fi + 4G to Wi-F i+ Cellular, Apple has this week made another, more telling change to their website. Instead of praising their own hardware for being nearly imperceptible to viruses and other malicious software, they´ve quietly changed their tune to say something along the lines of, “It´s ok, we´re still really safe.” With all of the news of malware and other dangerous viruses to hit the Mac line so far this year, Apple must´ve felt this a necessary change. And now that they´ve got a larger percent of the market and many more Macs in the wild than ever before, they´ve got good reason to be worried.
Earlier this year, Mac users everywhere were shaken from their peaceful dreaming as news broke about an incredibly large botnet which was found running not only on Macs from all over the world, but even on Macs located in Apple´s own headquarters.
How could this happen? After all, whether the claim carried any amount of accuracy or not, the common refrain till this point was “Macs can´t catch viruses.” While they´ve had a very rocky past, Windows machines are now more secure than they´ve ever been. However, maintaining this locked-tight security is a bit of a chore. Security updates and patches are sent to users all the time, often when a user first powers on their machines or tries to install any kind of new software. Even more frustrating, Windows machines are frequently asking for permission to do any sort of mundane task, forcing the user to click a series of buttons before the machine will do whatever it has been asked it to do. And when said user only wants to email pictures of their kid´s first steps to Grandma, these dialog boxes, which are meant to ensure security, are only one more tedious hurdle standing in the way and will soon be ignored.
Apple has a different solution to this problem. Sure, they often ship updates to their machines, but not with the same frequency. Rather than asking to update your machines every day (or even a couple times a week), Macs only ask you to update once or twice a month. And when security updates are needed, they ask you politely, rather than forcing you to click “Deny” or “Allow” before moving on to what you really want to do.
It was easy to offer this kind of solution, Windows machines have dominated the landscape. Though they were growing, it wasn´t worth a cyber-criminal´s time to enlist these Apple machines into their botnets and other gangs of internet wrong-doings. Remember, until the last 7 years or so, Macs were mostly used by some very computer savvy people. This isn´t to say PC users didn´t know what they were doing, of course. But, when you wanted to grab a machine to send to your parents or do some basic spreadsheet work and run the occasional piece of business-oriented software, the easiest choice was to run to Best Buy and pick up the laptop or tower that best suited your needs. As such, there were plenty of largely forgotten PCs which could be taken control of, and the users would never know the difference.
Some people blame the insurgence of Mac machines on the iPod or the iPhone. Maybe all of Apple´s marketing prowess finally kicked in. For whatever reason, more regular, every day users began buying Macs, and these new buyers had probably been burned more than once before by the kind of malware and viruses that are so synonymous with PCs. Cyber-criminals have taken note of this trend and, as a result, the same kind of attacks once familiar to the PC world are now becoming common in Apple´s pristine ecosystem.
Apple has never been a company to be quick to admit their faults. In fact, they're not normally known to be a fast company in general. So, whenever an outbreak such as we saw in April affects their customers, they are keen to take their time and figure out just the right response. Less than a week after news broke about this year´s Flashback malware, they not only acknowledged the problem, but they promised to nip it in the bud, cutting the malware off at the source.
After this year´s WWDC, they´ve even gone one step further, changing an all but forgotten section of their website to subtly acknowledge their new vulnerability to malware and other viruses.
If you´ve spent any time on Apple.com, you´ve no doubt seen their “Why You´ll Love a Mac” section. Whereas once it proudly proclaimed “It doesn´t get viruses,” now it reads, “It´s built to be safe.”
In fact, just after Monday´s Keynote, Apple began preaching the good word of Mountain Lion´s Gatekeeper to their developers, urging them to get on board with their latest safeguard against all malicious software.
Their newest operating system, Mountain Lion will ship in July. In it, Apple has baked in some rigorous safeguards to protect users from Internet ne´er-do-wells. One of these features is Gatekeeper, which provides an extra layer of security around the OS. In Mountain Lion, users will have three different options when it comes to using their machines: Locked-Down, Safe, but with some caveats, and Free-will. In “Locked-Down” mode (these aren´t the technical terms, mind you), users will only be able download and run apps from the Mac App store. In “safe” mode, users can download apps from anywhere, but will be reminded when they are doing something that may potentially harm their system. Finally, in “free will” mode, users can do whatever they want, consequences be dammed. With Gatekeeper, certified Apple developers can digitally sign their apps as an act of good faith to both Apple and the user. It´s a way of saying, “Yes, I wrote this app using every standard Apple issued to me, and I promise it will not do unspeakable things to your computer.”
Without this admission of peace and goodwill, Mountain Lion will either block the app from running or send you a fair warning about the app.
In Apple´s perfect world of Mountain Lion, every app will play by these rules and, as such, users can only inflict harm on their machine if they run off with “free will” mode and start downloading things willy-nilly.
So, is Apple right to change the verbiage on their site from “We don´t get viruses,” to “It´s cool, we´re still really safe!”?
To be honest, picking on Windows is a smaller man´s game. These kind of stunts were easier to pull off when no one cared to write viruses for the Mac. After all, it´s easier to claim to be the best player on the field when you´re the only player there. Now that the Mac is being used extensively by a number of users in a number of demographics, Apple has to change their attitude from the scrappy little hardware company that could to the mature been-there-and-done-that adult.
No matter how they spell it, any computer (especially when connected to the Internet) is vulnerable to malicious software. Computer users should be careful when surfing the internet and always refrain from clicking questionable sites or approving any action they didn´t specifically ask the computer to perform.
After all, safeguards such as Gatekeeper can only do so much if the users are rolling out the red carpet to Internet thieves.