Stop the Noiz

Apple's Control Helps Maintain a Secure Computing Platform

Frank Fox - 2011.07.13 - Tip Jar

Apple has been slowly breaking the rules that provided malware protection to its computers (see The Secret of Mac Security Revealed and Mac Security a Result of Diversity and Smart Planning).

  1. Security Through Obscurity. You can't break into a computer that no one knows anything about. The Mac's increased popularity has put more security experts on Apple's trail.
  2. Security Through Scarcity. You don't bother writing scamming Trojans or viruses if the market is too small to reap a reward. Again, popularity has changed this for Apple. More Trojans have started to appear that trick users into loading and running bad software.
  3. Community Support. This means that the users help police the situation. They can act to stop abuse. This also fails once there are more users who don't care.
  4. Security Through Diversity. The more related the software, the easier it is for a hole in one program to affect other programs. The more widespread the software, the more devices it can affect. Connected software over multiple devices is the worst combination.
  5. Security Through Good Maintenance. You have to keep your products up to date to fight off the latest discovered flaws and remove old flaws from service.

These rules reflect the whole problem with Windows. It was everywhere, many people were experts on its flaws, there was an active community to attack instead of defend security, and Microsoft had worked to integrate all of its products. Microsoft broke every rule - and later tried to fix the problems that it had caused.

Unfortunately, the horse was already out of the barn, and it takes a lot more work to get it back in.

Apple ≠ Microsoft

It is easy for the media to focus on the popularity of Apple as a match for Microsoft's earlier mistakes. Increased popularity does impact the situation for rules 1, 2, and 3. The knowledge, opportunity, and rewards are definitely changing for malware on Apple products.

Rules 4 and 5 are also being challenged.

Apple's control of the whole widget has always been its business, but it has added additional software beyond the widget that seeks to end diversity. Apple has QuickTime, iTunes, and Safari that are on not just Macs, but on Windows PCs, iPhones, and iPads. Apple software is becoming ubiquitous. That is creating a vector for a virus to infect a lot of devices.

This leaves security through good maintenance as the last defense. It is a weak position. It puts Apple in a constant cat-and-mouse game with malware developers (for instance, the people behind MAC Defender). They find a hole, Apple fixes the hole, and then they find another hole.

You can also see this game played out between the iPhone jailbreak crowd and Apple. Each time they find another hole to exploit.

Controlling the Platform

Apple has chosen two solutions. The first is to dump software support that it doesn't need to provide for its business plan. Apple did this when it stopped supporting Java. Now any flaws or holes aren't Apple's fault, but yours for using bad software.

The second solution comes through the App Stores: Control over all software on the device and include a kill switch for anything that sneaks past. This works so well on the iPhone that it was just a matter of time before it came to Macs.

Apple gets to refuse apps that aren't only malware; it can limit software over any arbitrary set of rules. Apple can prevent software that allows you to avoid DUI checkpoints or incites violence - or simply because they don't like it. This evaluation is done in secret, so there is no policing of Apple's choices or the rules it follows.

All the same controls apply to the Mac App Store. The added benefit is the auto-update feature, which gives Apple the opportunity to increase compliance with the latest version. Why wait for customers to update their bug-ridden software when all you need is their permission to send automatic updates whenever you want?

The App Stores take users out of the equation. Apple no longer has to worry about you clicking Okay to install a Trojan on your computer. It can simply reject that software from the App Store. Now the malware writer has to try to sneak things past Apple. This is possible, but it is certainly harder to fool Apple than millions of trusting customers.

And if you think switching to Android, Chrome, or Windows 7 is going to be any better, you are fooling yourself.

The Future of Computing

The change created by Apple's App Stores is a business dream. Everyone else's app store is going to operate the same way eventually. The limited openness on Google's Android Market is a failure. The slow tightening of rules there will eventually match or exceed Apple's.

Welcome to the brave new world of corporate oversight of permitted software. You probably are safer using the restricted software on sale at the App Store. All it cost you was a little personal freedom. LEM

Join us on Facebook, follow us on Twitter or Google+, or subscribe to our RSS news feed

Today's Links

Recent Content

About LEM Support Usage Privacy Contact

Custom Search

Follow Low End Mac on Twitter
Join Low End Mac on Facebook

Favorite Sites

MacSurfer
Cult of Mac
Shrine of Apple
MacInTouch
MyAppleMenu
InfoMac
The Mac Observer
Accelerate Your Mac
RetroMacCast
The Vintage Mac Museum
Deal Brothers
DealMac
Mac2Sell
Mac Driver Museum
JAG's House
System 6 Heaven
System 7 Today
the pickle's Low-End Mac FAQ

Affiliates

Amazon.com
The iTunes Store
PC Connection Express
Macgo Blu-ray Player
Parallels Desktop for Mac
eBay

Low End Mac's Amazon.com store

Advertise

Open Link