“Attackers have been focused on the [Intel] x86 for over a decade,” Oliver Friedrichs, a senior manager at Symantec Corp. Security Response, told the reporter. “Macintosh will have a lot more exposure than when it was on PowerPC.” Mr. Friedrichs pointed out that hackers “have access to hundreds of documents and examples of how to exploit common vulnerabilities on x86.”
“I think you have a variety of malicious folks who know the Intel chip set and instruction set. Now that Mac OS X runs on that, people can port their malware and other things over to OS X quickly and easily,” added David Mackey, director of security intelligence at IBM.
In addition, pointed out analysts contacted by Mr. Roberts, there are more tools available for hacking x86 processors than for compromising PowerPC chips. And with those tools, software vulnerability researcher Lurene Grenier said, development of exploit code for Mac OS X will happen faster.
Mr. Roberts did point out, however, that “OS X is generally a stable operating system.” Mark Grimes, an OS X security expert who runs Stateful Labs, told the journalist that Apple is investing in security talent, “and also pushing for stringent Common Criteria certification of OS X so that the operating system can be adopted by government agencies.”
Mr. Grimes added, though, that Mac OS X “haxies” that enable users to make small changes to the interface or to applications “are evidence that OS X could be used to spread malicious code, though maybe not self propagating viruses and worms.”
To make its operating system more secure, Mr. Friedrichs recommended to Apple: “Technologies that protect against stack based overflows are readily available, and itis not difficult to leverage those and incorporate them into the OS.”
Apple declined Mr. Robertsi requests for interviews, saying only that Mac OS X on Intel processors is just as secure as it was on PowerPC chips.