Dueling Security Reports: Cisco vs. IntegoBy Rich
Today, within a few minutes of each other, I read the latest 2010 security reports from Cisco and Intego. The Cisco report is very broad, while the Intego report is Mac specific. They really highlight the reality vs. hyperbole problem we often see in threat reports.
While there’s some good information in the Cisco report, reading the APT section on page 22 and then my satircal post from yesterday should be good for some laughs. And when you hit the Android/Apple section? Umm… hard to say anything nice. There’s a ton of hyperbole in there about Apple and mobile devices being a major focus in 2011, without anything to back it up. The report seems to assume vulnerabilities correlate with exploits! As in: there are lots of Apple vulnerabilities, so we know there will be a ton of new attacks!
Maybe 2011 will be the year Macs get the snot kicked out of them, but it won’t be due to rising vulnerability rates. Macs have had plenty of easily exploited vulns for years now. Heck, if anything it’s harder to exploit the current OS X than just a couple years ago.
I can’t find any basis in the report for their conclusion. No data on rising attack rates. Just some point examples that fail to indicate a trend, plus a pretty graph of platform vulnerability rates. Wishful thinking, I guess. Oh, the best part is the title of the graph “Recent Spike in Exploits Targeting Apple Users”… with a graph of the vulns. Someone on the security team needs to have a word with the marketing team.
As a counter, take a read of the Intego report. Page one lists all the exploits they’ve seen over the past year… which, once you knock out variants, you can count on one hand.