WALLED GARDEN (Rixstep) — A good friend recently saw Patrick Wardle at a security conference and was duly impressed. Wardle was to have shown how to crack (but leave standing) cryptographic seals on application bundles.
The foils for the talk were to have appeared online, but they don't seem to have made it. Browsing through Wardle's previous talks, we found this one.
BTW, the tagline for this microsite - 'because you're stupid' - doesn't apply to Wardle in this case. Perhaps the rank and file programmers at Apple that he highlights so often. An opinion that mostly concurs with things Steve Wozniak has said in the past.
What's interesting is to see, about 15 minutes into the presentation, how silly sloppy careless amateurish efforts can lead to potentially major disasters.
This talk is from the end of 2018, but it's still current. Yet what happens after this point is something that needs commenting.
Wardle is adamant that not only he but most of his security colleagues agree that the Mac is easier to hack than Windows.
This is something we've seen all along, going at least as far back as the Month of Apple Bugs with LMH and Kevin Finisterre. And actually even further, when we first received our complimentary copy of Hacking Exposed. For that classic book surely makes the case that even Unix systems can be hacked. And Charlie Miller has made that point time and again.
And as Apple continue to wantonly increase the complexity of their system, they naturally leave themselves open to probes and attacks that would otherwise be unthinkable. One need only remember Opener and Oompa Loompa, neither of which would work on a standard Unix system.
And in fact one shouldn't be comparing Windows with the Mac anyway. One should be comparing Windows with Unix. Certainly some flavours of Unix are more bulletproof than others, such as OpenBSD which has a staff of bug hunters proactively ferreting out potential vulnerabilities before they appear.
But Unix is Unix, and there's no way a Windows system can be more secure. Precisely what Wardle and the others are missing isn't totally understood, but they're in error. Unix has a security model, Windows does not. Unix has security built into the architecture, Windows does not. And even Charlie Miller had to concede that you can't add security as an afterthought as Microsoft did with Windows. It. Just. Doesn't. Work.
That being said, Wardle does have choice words about Apple, all of which are not flattering, some of which echo sentiments others have expressed for some time.
The Windows AV cottage industry is much more advanced, according to Wardle, today being able to proactively detect threats without relying on signature lists, and so forth.
That's all good, of course, but not Apple and not any other Unix has yet, in the twenty years that have gone by since ILOVEYOU hit, been the victim of a worldwide epidemic. And no, it's not about user base. It's about security models.
Unix has one, and it's a good one. Microsoft Windows has none. End of.
About Rixstep
Stockholm/London-based Rixstep are a constellation of programmers and support staff from Radsoft Laboratories who tired of Windows vulnerabilities, Linux driver issues, and cursing x86 hardware all day long. Rixstep have many years of experience behind their efforts, with teaching and consulting credentials from the likes of British Aerospace, General Electric, Lockheed Martin, Lloyds TSB, SAAB Defence Systems, British Broadcasting Corporation, Barclays Bank, IBM, Microsoft, and Sony/Ericsson.
Rixstep and Radsoft products are or have been in use by Sweden's Royal Mail, Sony/Ericsson, the US Department of Defense, the offices of the US Supreme Court, the Government of Western Australia, the German Federal Police, Verizon Wireless, Los Alamos National Laboratory, Microsoft Corporation, the New York Times, Apple Inc, Oxford University, and hundreds of research institutes around the globe. See here.