Friday, May 29, 2009

Microsoft Senior Security Architect Said WHAT?!

Someone needs a good spanking and a time out for bad behavior. He's considered to be a professional computer security expert, (so it's not me!).

This afternoon I was checking out the Intego Mac Security Blog and read about interviews ZDNet Australia had done with security specialists regarding the question "Do Mac Users Need Antivirus Software?" (They got the software category wrong as usual. It's anti-malware, not 'anti-virus'. I'll go down in history as the curmudgeon who chanted this fact to the grave, and nobody cared. Poor me). So I clicked over to ZDNet OZ, read their article and watched the video, found HERE.

In the video, note the fellow in the white shirt with a British accent. That's Greg Singh from RSA. As Intego point out, Singh is incorrect to say Mac users will have to get used to the degradation in performance caused by anti-malware applications. He could be talking specifically about Symantec's Norton Antivirus for Mac, in which case no one could argue with him. He also insinuates that Apple have said Mac OS X is not susceptible to 'viruses'. Oops, I think he got his Apples mixed up. He must have meant Apple Corps, the folks who make Beatles CDs. Yeah, I'd agree that Beatles recordings are not susceptible to viruses. **snicker**

Then there's the guy in the black t-shirt and hat reading 'ULTIMATE-DEFENCE". That's Rocky Heckman from Microsoft. He has the title of "Microsoft Senior Security Architect". I was freaked at what was coming out of his mouth. First he thinks BSD is something new to Mac OS X Tiger. He was born yesterday. Then he says that because BSD is part of Mac OS X, hackers are now realizing they can write 'viruses' for it, "and there have been a couple out there." He's from the Bizarro World. There are no viruses for Mac OS X. There are only Trojans, and he knows the difference. I wrote a ripping comment about Mr. Heckman over at the ZDNet OZ site. See below.

Then there's an Australian fellow in a white striped shirt with a big pad and marker hanging around his neck. I don't know his name, sorry. His odd statement, if you listen carefully, is that anti-malware products for Mac OS X are 'immature'. Based on what information? Based on ignorance. Very strange.

OK, so where were all these incorrect people when they were interviewed? The AusCERT 2009 IT Security Conference. The mind boggles.

Here is the concerned comment I wrote to ZDNet Australia regarding the statements of Mr. Heckman from Microsoft:
Microsoft Senior Security Architect Said WHAT?!

"Microsoft senior security architect Rocky Heckman said AV became necessary when Apple in 2001 decided to underpin OS X Tiger with the BSD operating system because it made Macs an easier platform to write malicious code for."

Why did anyone ask Mr. Heckman his opinion? We certainly have no reason to care. Windows is the single LEAST secure operating system, commercial or Open Source, available on the planet.

Why Heckman's opinion is lunatic:

1) Apple didn't decide to underpin Tiger with BSD. NeXT decided to underpin NeXTStep with BSD decades ago! Mac OS X inherited it when Apple decided to make NeXTStep/OpenStep the foundation for Rhapsody, which was then developed into Mac OS X.

2) The three most secure operating systems on the planet have been repeatedly proven to be:
A) OpenBSD
B) FreeBSD
C) Mac OS X
Mac OS X incorporates elements of both OpenBSD and FreeBSD into it's core OS called Darwin OS. So what Mr. Heckman it talking about is incomprehensible. He is either a blithering idiot or is pulling a FUD manoeuvre by telling the opposite of the truth in order to fool the public that black is white, war is peace, hate is love, the usual doublespeak routine from the book '1984'. Shame on Mr. Heckman.

This has to be one of the most dishonest statements from a Microsoft executive of all time. It's running neck-and-neck with Bill Gates' moronic statement that Mac OS X is exploited everyday, when it fact it is HIS operating system that is exploited every day.

Or maybe there's lead in the water over at Redmond. (o_0)


  1. Just a heads up, the "new" trojan (OSX/Jahlav-C) being reported by Sophos is nothing new, it's just the RSPlug trojan (a.k.a. DNSChanger trojan), but a new variant. Sophos is being just as bad as Symantec trying to scare people into buying their software by issuing press releases for non-news. I tried the free DNSChanger Removal Tool and it worked fine for removing the trojan. I tried posting this as a comment on the Sophos blog but of course they don't accept comments and didn't reply to my e-mail, I hope you can get the word out so Mac users know the truth! Keep up the great work here, I greatly appreciate your insight and the fact that you're not afraid to spread the truth and not FUD!

  2. Thanks Mac! I'm really pleased that you and Steve are helping out. The more interaction among us all the better.

    I'll try to sort out what the 'official' name of this variant should be. I suspect it is Trojan.OSX.RSPlug.H. Then again there has been some debate about what RSPlug.G really is. Once the shock wears off of how disorganized the anti-malware community is, it becomes kind of amusing. Laughing is much more enjoyable than complaining.