For the student, the cubicle-bound desk worker, and the grocery store clerk alike, computers have become an integral part of everyday life. We live in an age where being connected to the internet is no longer a luxury, but a necessity for most people; and an age in which the danger of the internet has never loomed so large. It is all too easy to click on an enticing link and find yourself the victim of a ransomware attack. At least for Windows users. Mac users are safe, right?

对于学生,隔间的上班族以及杂货店的店员而言,计算机已成为日常生活不可或缺的一部分。 我们生活在一个时代,上网不再是奢侈品,而是大多数人的必需品。 在一个互联网的危险从未隐约可见的时代。 单击诱人的链接并发现自己是勒索软件攻击的受害者,这太容易了。 至少对于Windows用户。 Mac用户很安全,对吗?

“ Mac无法感染病毒” (“Macs can’t get viruses”)

Almost every known cyber-exploit gets an entry in the MITRE CVE Database. CVE stands for “Common Vulnerabilities and Exposures,” and the details on these common vulnerabilities are kept in public registers like the MITRE database to help security professionals across the world know how to protect themselves against exploits out in the wild. On July 7, 2019, CVE-2019–13449 was added to the MITRE database¹. Hundreds of exploits are added to this database every week, but this one was particularly egregious. It was an easily exploitable way to cause a “denial of service” attack on macOS computers through manipulating the cloud-conferencing software “Zoom.”

几乎每个已知的网络漏洞都会在MITER CVE数据库中获得一个条目。 CVE代表“常见漏洞和披露”,而这些常见漏洞的详细信息被保存在MITER数据库等公共注册表中,以帮助全球的安全专业人员了解如何保护自己免受野蛮攻击。 在2019年7月7日, CVE-2019–13449已添加到MITER数据库¹中 。 每周都会有数百个漏洞利用被添加到该数据库中,但是这一漏洞特别严重。 通过操纵云会议软件“ Zoom”,这是一种容易利用的方法,可在macOS计算机上造成“拒绝服务”攻击。

A denial of service attack causes the machine that is being attacked to become unusable, and in the case of this vulnerability, attackers could continually cause a remote computer to focus on a particular browser window, preventing the user from doing anything else with their computer. This vulnerability was first discovered by security researcher Jonathan Leitschuh on March 8, 2019. He immediately tweeted Zoom asking to talk to their security team and received no response. He emailed Zoom. No response. A full month later a security engineer finally responded. Then in June, they contacted the researcher again to discuss a patch for the vulnerability. Finally, on July 8 (a day after the CVE was released), the fix was rolled out².

拒绝服务攻击会导致被攻击的计算机无法使用,在这种漏洞的情况下,攻击者可能会继续使远程计算机专注于特定的浏览器窗口,从而阻止用户对计算机进行其他操作。 此漏洞最早由安全研究员Jonathan Leitschuh于2019年3月8日发现。他立即在Twitter中发布了Zoom,要求与他们的安全团队进行交谈,但未得到任何回应。 他通过电子邮件发送给Zoom。 没有React。 一个月后,安全工程师终于做出了回应。 然后在六月,他们再次联系研究人员,讨论该漏洞的补丁程序。 最终,在7月8日(发布CVE的第二天),修复程序推出了² 。

The frightening part about this attack vector was not that it existed, but that Zoom handled the situation so poorly and dragged their feet for months before even responding to the researcher who discovered the vulnerability. Often, as was the case with this Zoom vulnerability, there isn’t a patch available at the time that the CVE is released; and this is just one of the thousands of CVEs that apply to macOS users.

关于这种攻击媒介的最可怕的部分不是它的存在,而是Zoom如此糟糕地处理了这种情况,并拖延了几个月的脚步,甚至还没有回应发现漏洞的研究人员。 通常,与此Zoom漏洞一样,发布CVE时没有可用的补丁程序。 这只是适用于macOS用户的数千种CVE之一。

The MacBook is ubiquitous on college campuses across the United States. It’s desktop cousin, the iMac is in the offices of professionals and creators everywhere. Apple has, by default, been taking over the personal computing market for the past 10 years³. This is no surprise, given that the younger generation gravitates toward Apple products. According to a study done by Jamf, an Apple product management company, students see the Mac platform “as more intuitive, longer-lasting, more secure and more encouraging of productivity” as opposed to a Windows alternative. The “more secure” statistic is particularly interesting: 43% of Mac users agree that Apple’s platform is more secure than Windows⁴. This raises the obvious question: if there are thousands of known exploits on the macOS platform, why do almost half of the MacBook wielding students who took part in this survey think it is a more secure platform?

MacBook在美国的大学校园中无处不在。 iMac是台式机的堂兄,在世界各地的专业人员和创作者办公室中。 苹果,默认情况下,被接管的个人电脑市场在过去10年³ 。 鉴于年轻一代倾向于使用Apple产品,这不足为奇。 根据苹果产品管理公司Jamf所做的一项研究,与Windows替代品相比,学生们认为Mac平台“更直观,更持久,更安全,更鼓励生产力”。 “更安全”的统计数据尤其令人感兴趣:43%的Mac用户同意Apple的平台比Windows⁴更安全。 这就提出了一个明显的问题:如果macOS平台上存在成千上万的已知漏洞,为什么参与调查的MacBook学员中几乎有一半认为这是一个更安全的平台?

“ Windows更具针对性,对吗?” (“Windows is more targeted, right?”)

The reasons for this myth are largely historical. In January of 2009, 93% of the desktop and laptop computers in the United States ran on Windows³. From a hacker’s perspective in the year 2009, it would have only made sense to target a platform that the vast majority of the world ran on rather than a niche platform designed for content creators. The medical industry ran on Windows, the banks ran on Windows, the government ran on Windows. Most importantly, regular people ran Windows on their personal computers. It would have been foolish from a return-on-investment perspective to target a platform other than Windows⁵.

这个神话的原因在很大程度上是历史性的。 2009年1月,在美国的台式机和笔记本电脑的93%,在Windows上运行³ 。 从2009年的黑客的角度来看,将目标锁定在全世界绝大多数运行的平台上,而不是为内容创作者设计的小众平台上,这才是有意义的。 医疗行业在Windows上运行,银行在Windows上运行,政府在Windows上运行。 最重要的是,普通人在其个人计算机上运行Windows。 从投资回报率的角度出发,以Windows⁵以外的平台为目标是愚蠢的。

Windows was so large a target for malware and viruses a decade ago that security was one of the main focuses of Apple’s famous “Get a Mac” ad campaign⁶. There were ads about how Macs didn’t get viruses and Windows did, ads about how Windows had annoying security policies because of the prevalence of viruses and malware, and ads about how Windows Vista was just generally insecure.

窗户是如此之大的目标的恶意软件和病毒十年前的安全是苹果著名的“拥有一台Mac”广告活动的重点之一⁶ 。 有关于Mac如何没有病毒而Windows没有Windows的广告,关于Windows由于病毒和恶意软件的普遍使用而具有令人讨厌的安全策略的广告,以及关于Windows Vista一般不安全的广告。

Between 2006 and 2009 when Apple ran this campaign, macOS was not a target and Windows was, and there are remnants of the horrible security policies Microsoft implemented to prevent certain severe attacks to this day. But a lot has changed since the year 2009. Today in the US, 25% of desktop and laptop computers now run on macOS, and only 65% run on Windows³. Not only is there a difference in market share, the types of people who are running macOS are very different than they were back in 2009. A large part of the “Get a Mac” campaign was focused on getting the attention of creators, but Apple has shifted away from that platform. Mac is no longer a “creative” tool that only musicians and artists gravitate toward. The Apple logo is a status symbol.

在2006年至2009年苹果公司开展这项活动期间,macOS并不是目标,Windows是Windows的目标,并且微软保留了可怕的安全策略来阻止至今的某些严重攻击。 但很多已经在美国,因为今年改变了2009年今天的台式机和笔记本电脑的25%,现在在MacOS上运行,只有65%的Windows运行³ 。 不仅市场份额存在差异,而且运行macOS的人的类型与2009年大不相同。“获取Mac”活动的很大一部分着眼于吸引创作者的注意,而苹果已经从该平台转移了。 Mac不再是只有音乐家和艺术家喜欢的“创意”工具。 Apple徽标是状态符号。

In 2018, researchers Marianne Bertrand and Emir Kamenica set out to discover if they could determine economic and cultural differences between people based on their consumer habits. They found that in the year 2016, the defining purchase that separated someone on the top of the economic ladder from someone on the bottom was an Apple iPhone and/or iPad⁷. Owning Apple products has become a sign of (relative) wealth, and consequently, a reason to be targeted by cybercriminals. Everything in the insane everyday war that happens over wires between hackers and cybersecurity experts boils down to either national security or money. By becoming a product owned by well-off people, the MacBook has declared itself a target of this war.

2018年,研究人员Marianne Bertrand和Emir Kamenica着手发现是否可以根据消费习惯确定人与人之间的经济和文化差异。 他们发现,在2016年,将经济阶梯顶端的人与经济阶梯顶端的人区分开的定义性购买是Apple iPhone和/或iPad⁷ 。 拥有苹果产品已经成为(相对)财富的标志,因此成为网络犯罪分子针对的原因。 疯狂的日常战争中,发生在黑客与网络安全专家之间的一切事情都归结为国家安全或金钱。 通过成为富裕人士拥有的产品,MacBook已经宣布自己是这场战争的目标。

“不用担心。 我的防病毒软件可以保护我。” (“Don’t worry. My antivirus will protect me.”)

Anyone who has ever used a Windows PC has probably installed (or been told to install) some sort of antivirus or antimalware software. Although Windows Defender has existed on Windows since 2006, it wasn’t a truly complete security suite until Windows 8, and even now its main purpose is to be antivirus software, not antimalware software. A virus is intended to replicate itself and be chaotically malicious (like adware that jumps from machine to machine), while malware is often more of a targeted attack (like ransomware). Even now that Windows Defender is a relatively good security package, security experts still recommend using Windows Defender in conjunction with a third-party antimalware package to fill in gaps⁸.

曾经使用Windows PC的任何人都可能已经安装(或被告知要安装)某种防病毒或反恶意软件。 尽管Windows Defender自2006年以来就已在Windows上存在,但直到Windows 8才真正成为一个完整的安全套件,甚至现在它的主要目的是成为防病毒软件,而不是反恶意软件。 病毒旨在自我复制并具有混乱的恶意能力(例如从机器跳到另一机器的广告软件),而恶意软件通常更像是有针对性的攻击(例如勒索软件)。 即使现在Windows Defender是一个相对不错的安全软件包,安全专家仍建议将Windows Defender与第三方反恶意软件软件包结合使用以填补空白⁸ 。

On the other side of the aisle, macOS has long had a leg up on Windows in this realm. macOS has had a more fully featured anti-malware for a much longer time, and Apple has been purposeful about making security one of its main selling points. Moreover, macOS is built out of the Unix operating system. Unix has an inherently secure design because it was designed for multiple people to work on the same system at the same time. Everything in Unix is a file or a directory (a folder), and every file and directory has a set of permissions attached to it to tell the operating system who is and is not allowed to interact with it in certain ways. Windows was not designed like this, and thus it is (in theory) a lot easier for malicious programs to interact with the computer in ways that the user might not intend.

在过道的另一端,macOS在这一领域早已在Windows上站稳了脚跟。 macOS拥有功能更齐全的反恶意软件已有很长时间了,Apple一直致力于将安全性作为其主要卖点之一。 而且,macOS是在Unix操作系统之外构建的。 Unix具有固有的安全性设计,因为它是为多个人同时在同一系统上工作而设计的。 Unix中的所有内容都是文件或目录(文件夹),并且每个文件和目录都具有一组权限附加到该权限,以告诉操作系统谁以某种方式与之交互。 Windows并不是这样设计的,因此(理论上),恶意程序以用户可能不希望的方式与计算机进行交互要容易得多。

This is not to say that Unix systems are completely secure. In fact, searching any common CVE database will reveal that there are only a few hundred less known exploits for the Unix operating system than there are for Windows 10. This is because most security vulnerabilities aren’t often found in the operating system itself (and when they are, it’s a huge deal). More often, vulnerabilities are found in software that runs above the operating system, like the Zoom vulnerability discussed earlier. The Zoom exploit was only possible on macOS, but only because the software was implemented differently on macOS than on other operating systems, not because of macOS itself.

这并不是说Unix系统是完全安全的。 实际上,搜索任何通用的CVE数据库都将发现,与Windows 10相比,Unix操作系统的漏洞利用几百种。这是因为大多数安全漏洞并不经常在操作系统本身中发现(并且当它们存在时,这是一笔不小的数目)。 在操作系统之上运行的软件中经常发现漏洞,例如前面讨论的Zoom漏洞。 仅在macOS上才可以使用Zoom漏洞,但这仅是因为该软件在macOS上实现的方式与在其他操作系统上不同,而不是因为macOS本身。

“有什么安全的吗?” (“Is anything safe?”)

Windows may have a bad track record when it comes to security, but as we’ve seen, macOS is vulnerable to attacks too. So, which is safer? According to a study released by a popular antimalware company Malwarebytes, in 2019, the average MacBook was attacked by viruses or malware 11 times. In stark contrast, the average Windows machine was attacked 5.8 times⁹. This is an unprecedented number given that in every preceding year these statistics have been flipped on their heads. Attacks on macOS saw a massive 400% increase from 2018, and as more and more of the market is given to Apple, it is only to be expected that the number of attacks per endpoint will rise even higher.

Windows在安全性方面的记录可能不佳,但是正如我们所见,macOS也容易受到攻击。 那么,哪个更安全? 根据流行的反恶意软件公司Malw​​arebytes发布的一项研究,在2019年,普通MacBook受到病毒或恶意软件攻击的平均次数为11次。 与之形成鲜明对比,一般的Windows机器被攻击的5.8倍⁹ 。 鉴于这些统计数字在过去的一年中被抛在脑后,所以这是一个空前的数字。 自2018年以来,针对macOS的攻击大幅增加了400%,并且随着越来越多的市场被苹果所占有,人们只能预料每个端点的攻击次数将进一步增加。

From a purely numbers-oriented perspective, Windows surprisingly seems to be the safer option in the present day. That is, until the types of attacks (the kinds of malicious software) are examined. The report from Malwarebytes states that “Macs differ drastically from Windows in terms of the types of threats seen.” The top ten types of malware consist largely of PUPs (Potentially Unwanted Programs) and Adware. These, while annoying, are largely harmless to the user. On the Windows end of things, the threat landscape is alarmingly full of trojans, spyware, and backdoor exploits allowing hackers to gain control of consumer’s computers.

从纯粹面向数字的角度来看,Windows似乎是当今更为安全的选择。 也就是说,直到检查了攻击类型(恶意软件的类型)。 Malwarebytes的报告指出:“ Mac所面临的威胁类型与Windows截然不同。” 十大恶意软件类型主要由PUP(潜在有害程序)和广告软件组成。 这些虽然烦人,但对使用者基本上无害。 从Windows的角度来看,威胁形势令人震惊地充满了木马,间谍软件和后门漏洞,使黑客能够控制消费者的计算机。

This means that in the present day, while MacBooks are more likely to be attacked, Windows computers still bear the brunt of the most dangerous attacks. Perhaps the reason for the rise in attacks on Macs is in connection with what BBC tech writer Bill Thompson warned us about all the way back in 2006: “Mac users demonstrate an indefensible smugness when it comes to the dangers of having their systems compromised by malicious software and opened up to exploitation by others.”¹⁰ So many Mac users refuse to believe that they could be they could be the target of an attack that they don’t do anything to protect themselves. This is incredibly dangerous.

这意味着,在今天,虽然更容易遭受MacBook的攻击,但Windows计算机仍然是最危险的攻击首当其冲。 BBC技术作家比尔·汤普森(Bill Thompson)在2006年就一直警告我们有关Mac的攻击增加的原因:软件,并开放给他人使用。” ¹⁰许多Mac用户拒绝相信他们可能成为攻击的目标,因此他们没有采取任何措施来保护自己。 这是非常危险的。

While many of the attacks on Mac devices are merely annoying and not damaging, there are plenty of dangerous attacks that exist outside of the top-ten list on Malwarebytes’ study. The further we progress into this strange quarantined spring, the more exploits surrounding the Zoom platform are discovered. Because it has recently become such an important piece of software, security analysts have been scrutinizing it and have found no end of issues on all platforms the software serves¹¹.

尽管对Mac设备的许多攻击只是令人讨厌且没有破坏性,但在Malwarebytes研究的前十名中,还有许多危险的攻击。 我们越深入这个奇怪的隔离春天,就会发现围绕Zoom平台的更多攻击。 由于它最近已成为如此重要的软件,因此安全分析人员一直在对其进行详细审查,并且发现该软件所服务的所有平台上的问题无穷无尽 。

The short answer is: nothing is 100% secure. As long as humans are programming computers and trying to break into them, there will always be backdoors. This is not to say that we cannot prevent bad things from happening. Software updates are often security patches, and therefore keeping everything updated is a relatively simple way to stay protected. Having a general understanding of the cybersecurity landscape never hurt anybody either. And most importantly, common sense is a consumer’s greatest weapon. Use it.

简短的答案是:没有什么是100%安全的。 只要人们对计算机编程并试图闯入计算机,就会总有后门。 这并不是说我们不能阻止坏事的发生。 软件更新通常是安全补丁,因此保持所有更新都是保持保护的相对简单的方法。 全面了解网络安全领域也不会伤害任何人。 最重要的是,常识是消费者的最大武器。 用它。

资料来源 (Sources)

翻译自: https://medium/@mpope316/macs-are-more-secure-and-other-jokes-you-can-tell-yourself-b112ab21256c

