Jump to content
Please pay attention NOT TO DOUBLE POST!

Apple Doesn’t Care about Security


Guest Black-Widow
 Share

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Recommended Posts

Guest Black-Widow

While thousands of Apple customers suffer from a serious malware outbreak, the company answers to the problem by trying to close down the security company which warned of the attack.

Posted Image

Over 500,000 Macs are already infected with Flashback malware because Apple failed to update some Java software. Nevertheless, the situation has revealed just how useless the company is when it comes to such problems. Surprisingly enough, the first action of Apple was not to update the Java software, but to take down the server of the Russian security company that revealed the problem to the world.

Boris Sharov, CEO of the Russian-based security company called Dr. Web, confirmed that this week the Russian Web registrar Reggi.ru was demanded by Apple to shut down one of its domains. For some reason, Apple believed that the site in question was being used as a “command and control” server, without bothering to take a look at the site owner. Therefore, Apple still hasn’t realized that the domain was one of those which Dr. Web has been using as a spoofed command and control server working as a “sinkhole”.

It seems that Apple didn’t have much experience in dealing with the real world outside. According to Boris Sharov, Apple simply had no idea how to work in a team when tackling security, but rather believed that it could order servers switched off and its problems would fade away.

Dr. Web explained that Apple claimed to the registrar that its domain was involved in a malicious scheme, though the security company wasn’t controlling the sink-hole or harming users. When the security outfit first contacted Apple to let the company know about the Mac-based botnet, Apple never replied. The security outfit has provided the giant with all the data it had, but was responded with a demand that its monitoring server be taken offline.

Meanwhile, locating and closing down command and control servers is a common practice for the outfits trying to cripple a botnet. Dr. Web confirmed it has worked with Microsoft on those efforts. However, Apple won’t even tell anyone about its antivirus group, if it has one at all. And it still insists that its software can’t be infected! Dr. Web slammed the company for its delay in issuing a patch for security vulnerability in Java which allowed the malware to exist.

Link to comment
Share on other sites

The last post in this topic was made more than 14 days ago. Only post in this topic if you have something valuable to add. Irrelevant posts are not allowed and you will be warned/banned for spamming old topics.

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.