AV’s False Sense of Security (and a possible Mac hack?)
Oh F-Secure, how you amuse me.
In a post about the hack of Facebook, F-Secure claims it is likely Macs were targeted, and that this could be related to the recent Twitter hack:
And while everybody else is bashing Oracle, we have a more interesting question: what malware on what type of laptop?
Why? Because Macs are the type of laptop we almost aways see in Facebook’s employee photos.
Well, interestingly enough, last Friday evening, we received (via a mailing list) new Mac malware samples to analyze. Samples that were uploaded to VirusTotal on January 31st, one day before Twitter’s announcement.
Now look, I see where they are coming from, and I know Macs get infected by malware at times (especially when targeted), but the evidence is definitely too thin to speak in absolutes here. But then it gets worse:
There are hundreds of thousands if not millions of mobile apps in the world. How many of the apps’ developers do you think have visited a mobile developer website recently? With a Mac… and a very false sense of security?
Er… how about we go back to Facebook’s post on the hack (quoted by F-Secure themselves):
The laptops were fully-patched and running up-to-date anti-virus software.
In other words, Mac or Windows, whatever the platform, it was patched with AV installed. That seems like a safer conclusion to draw, without resorting to pictures of Macs on Facebook’s website.