Our take on the whole thing is that it’s a Macintosh security wake-up call but not yet an immediate, widespread threat. The two most disturbing aspects are that malware apparently has gotten onto a few Mac systems and that it’s pretty tricky stuff.
There’s a long-term concern that this could grow into a larger problem, if we’re not careful or if an ambitious “bad guy” finds a new security hole or works hard enough to target the Mac platform.
In the short term, we need to nail down the best possible security practices (which are coming out of this discussion), and we need to define a secure set of tools and procedures for identifying and eliminating this particular threat (e.g. creating a bootable DVD from
Apple installation discs in a clean environment that can’t be infected in the process).
We also need to identify the source of the few infections we’ve seen. Did the malware get in through open network ports, through peer-to-peer file-sharing downloads, via physical access to the computer, or through some other vector?
No clear word on how this bug is propagated, but there are some good tools coming out to protect systems from Opener. Could this be the beginning of the end of the smug satisfaction that Mac users have enjoyed for so long when it comes to security?
It makes me wonder anew the how’s and why’s behind viruses, worms, and trojans. I don’t recall reading much on the web or elsewhere about that, other than attributing the problem to a few malicious hackers trying to make a name for themselves. Other than that there seems to be little motivation for people to do it other than the perverted joy it might bring them to see millions of other people squirm.
But there can only be so much satisfaction in that, so I’ve got to wonder if there is money involved, and where it comes from. And that leads to the question of who benefits most from the proliferation of computer bugs… Follow the money, and it leads back to the publishers of anti-virus software, who benefit from unending subscriptions to their services and a growing dependency on those services. Think of a mob protection scam; pay your “insurance” and they make sure that nothing bad happens to you.
Maybe it’s just the Perry Noid in me, but you gotta wonder.