Friday, January 27, 2006

Intel Macintosh Fanfare and FUD

First, the challenge gets a nominal financial incentive: Make Windows XP and OS X dual-boot on an Intel-based Mac. Why, to win fame across the whole internet, and get some cash, to boot (ba-dum-dun)... The contest site unfortunately links to the completely uninformed Nakfull Propoganda blog posting, wherein the author thought he had accomplished something profound but hadn't really done much of diddly-squat (unless telling the EFI bootloader to load the vanilla sample EFI applications that Intel makes available -- instead of the actual OS kernel bootstrapping routine -- is somehow useful). At least NetCraft lends credence to the "powered by OS X" logos that are prominently displayed on the blog site. The only good content on this page is all from the guy that writes the Apple Intel FAQ, who is WAAAAAAAAAYYY more patient with the ignorati than I.

Second, the FUD-mongering: This eWeek article is so chock full of FUD, it makes a cynic smile...
"Attackers have been focused on the [Intel] x86 for over a decade. Macintosh will have a lot more exposure than when it was on PowerPC," said Oliver Friedrichs, a senior manager at Symantec Corp. Security Response... There are many more malicious hackers who understand the x86 architecture in-depth... And attackers have access to hundreds of documents and examples of how to exploit common vulnerabilities on x86, whereas exploits for PowerPC are far fewer, Friedrichs said.
Norton Antivirus for Macintosh version 10.1 (*NEW* *IMPROVED* *Now with Intel-based Mac support*) was released on 25 Jan 2006. The eWeek article with the above choice quotes was published on 26 Jan 2006. Coincidence? Or, should the first page of the article simply state the following: Symantec manager believes that he can increase revenue by scaring folks into NAV/Mac software licenses and subscriptions with every new Intel-based iMac or MacBookPro that is sold. The article tries to recover and/or regain credibility by quoting a couple of "security researchers," including one that is critical of some OS X coding practices. I am not a virus writer (IANAVW?), but it seems to me that the underlying hardware architecture has almost diddly-squat to do with most of the types of exploits that are seen in the wild today. Heck, most of the payloads manipulate files in the file system -- not exactly the type of thing that requires digging out some rainbow-covered books on Intel processor/chipset internals or your trusty old-school 1980s Intel 8086 assembly programming manual. In fact, I'd bet that you probably don't even need to read this Cross Intel Architecture Development Tool write-up.