Is Intel a safe bet for Apple security?
Macs have largely been immune to the viruses that plague Windows PCs. Experts pitch in on whether the Intel chip switch will change that.
Yes, Macs will have the same hardware at their core as Windows PCs, but it is the operating system, not the hardware, that has made those Microsoft-based computers vulnerable to attacks, analysts and security researchers said.
"Mac OS has generally a better track record and reputation than Windows for security. I don't think taking Mac OS to Intel silicon would change the robustness of the operating system," said Dana Gardner, a senior analyst at research firm the Yankee Group.
The Mac OS enjoys a reputation as a secure operating system, with far fewer flaws than Windows. So far, it has largely been immune to the worms and viruses that have hit Microsoft-based systems. That is unlikely to change with the shift announced Monday from niche Power PC processors to mainstream Intel hardware.
Theoretically, though, it is possible that security flaws in lower-level system software could be used to attack both Windows and Mac computers, several security experts said. However, such attacks, for example on the system BIOS, are rare. Furthermore, it is not known if Apple will use the same low-level software common in Windows PCs, the experts said.
Another unknown is to what level Intel will customize its chip products for Apple.
"The fact that Macs are running the same processors as Windows PCs may mean that some code can be executed on both platforms," said Russ Cooper, a senior scientist at security provider Cybertrust of Herndon, Va. "But I don't think that virus writers are writing at that level, so it is probably not going to have any security implications."
Soft target
Most attacks target operating system, application and networking vulnerabilities, said Chris Christiansen, an analyst at IDC. "Threats are not written to the silicon, because it is too hard," he said.
BIOS-level exploits exist, but those are rare and well-defended against, Christiansen said. BIOS, or basic input/output system, is software that links the hardware to the operating system.
BIOS attacks are one example of possible security problems. Intel chips could also expose Macs to such issues as the hyperthreading flaw. This recently reported vulnerability in the Intel processor technology could allow a local hacker to steal sensitive information held on servers configured to allow multiple users to log in simultaneously, according to the security researcher who discovered the flaw.
"Theoretically, it is possible," said IDC's Christiansen. "But I think it is an awfully skinny theory."
Still, the move to Intel could make it easier for hackers to develop an exploit to target both systems, said Gerhard Eschelbeck, chief technology officer at Qualys, a Redwood Shores, Calif.-based vulnerability management company.
Ken Dunham, director of malicious code at iDefense, a security intelligence company in Reston, Va., disagreed. "Because of a chip change, there does not appear to be any significant malicious code implications for the operating system," he said.
While the hardware shift itself may not lead to major security issues, its side effects raise some concerns. Apple's products on Intel may become cheaper and more popular, which would make the Mac OS a bigger target, experts said.
Also, Mac applications have to be rewritten to run on the new hardware. Software makers will have to watch out for sloppy coding, said Charles Kolodgy, an analyst at IDC.
"With many developers making changes to their programs en masse, there is much more opportunity for vulnerabilities to be created--not intentionally, but accidentally," he said.
On the other hand, the switch to Intel could also enhance Mac security, if Apple decides to support hardware security features typically found in Windows PCs, Kolodgy said. Intel hardware offers security such as no-execute protection to prevent buffer overflow attacks.
In addition, a secondary, security-oriented chip, known as a trusted platform module, is becoming common in Windows PCs as a means for securing encryption keys. Apple has yet to incorporate such a chip into the Mac.
"It could improve Apple security," Kolodgy said. "Previously, Apple hasn't been interested in hardware security."