From The Sip Trunking Experts

[March 01, 2006]

Hackers take a bite out of Apple's reputation for computer security

(Beaver County Times (PA) (KRT) Via Thomson Dialog NewsEdge) Mar. 1--The sense of security felt by Apple Macintosh users was shattered last week, when computer security firms reported not one, not two, but three security breaches for Apple's OS X operating system.

That noise you hear is Windows users shrugging their shoulders -- for them, three security problems in a week qualifies as a typical week. But for Apple users, three security breaches is a bad year, said Charles Firth, owner of Firth Consulting, a Pittsburgh-based networking firm that specializes in Macintoshes.

"We're not used to this kind of thing, and it's causing something of an uproar," Firth said. "Windows users deal with this stuff all the time, and they're used to constantly updating anti-virus software and downloading patches from Microsoft, but for Apple users, this is a huge thing, relatively speaking.

"My phone has been ringing off the hook," Firth said. "People with Apple networks are definitely concerned."

The three breaches, reported on consecutive days last week:

-- The "Oompa-Loompa Trojan," a worm that spreads itself via the addresses in a user's iChat application. Firth said the worm disguises itself as a set of screen shots of an upcoming version of OS X. "It requires the user to download it and open it," he said. "The big red flag is that it also forces your computer to ask you for your user ID and your password, which only happens when you're making a substantial change."

Firth said Oompa-Loompa is potentially the most harmful of the three breaches: "It can attach itself to files and applications and do some serious damage."

-- The Inqtana.A, a worm that spreads itself through Bluetooth wireless devices to the host computer. Firth said Inqtana.A was designed to exploit a security hole that Apple released a patch for last year. It won't do any damage, but a subsequent version could -- if users aren't up-to-date on Apple-released security updates.

"If you've been updating, your computer is protected," he said. "And even if you're not up-to-date, Bluetooth wireless networks are so limited in range that it's pretty likely you're not going to have a problem."

-- A hole in Safari, Apple's OS X Web browser. This isn't an actual virus or worm; rather, it's a problem with the browser's design that could automatically open downloaded files that are usually considered safe to open -- pictures, movies, text documents and other common files. The problem would come up if a hacker disguises a virus as one of those common files. If the user downloads the file and it opens automatically, that user has no chance to head off the potential damage. Firth said the fix for the Safari hole is simple -- users should uncheck the "Open 'safe' files after downloading" preference setting, listed under General Preferences.

So why aren't Apple users as vigilant in protecting their computers as Windows users? Firth said the sheer volume of malicious hacks that target the Windows operating system is largely a product of the sheer number of Windows users -- the Microsoft operating system runs about 90 percent of the world's computers.

Apple's market share? Just under 3 percent. "If you're writing malicious code and you want to make a splash, you target Windows," Firth said. "There are tons of Apple computers out there, but in relative terms, the market share is tiny." And that, Firth said, has bred a false sense of security among Apple owners.

"As I said, we don't have to address these questions very often," he said. "It may be time that we start paying attention."

[ Back To SIP Trunking Home's Homepage ]

Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner

Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Making A Broadband Purchase Decision
Businesses today have many options for broadband connectivity. Clarifying your particular business needs prior to selecting a broadband provider will ensure an optimal match of broadband service to your requirements.

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Case Studies

Business Telecom Expenses Reduced 50%
A small to medium sized company in the midwest was interested in migrating to IP Communications, but in today's economy, they were hesitant to upgrade their communication system due to their perception that the cost would outweigh the benefits.

Multi-State Company Cuts Telecom Costs 50%
A multi-site, multi-state company with extensive monthly long distance fees and toll-free charges did not have adequate broadband for Broadvox SIP Trunking requirements, nor did they have a SIP enabled telephone system.

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?ces all over the country, the company spent a great deal of money every month just on internal phone calls.

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

Broadvox VAR Testimonial VAR 1:
Part 1 of the VAR (Value Added Reseller) Partner Program Testimonials for Broadvox...

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

Partner Program Overview:
Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%...

SIP Trunk UC Summit

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.