Macintoshes and Cable Modems

The Macintosh computer is,in my opinion, the best computer for everyday personal work and has been for fifteen years. It seems to have been designed from the ground up with security in mind. I feel comfortable mounting the hard drive in my office over the Internet because the password is two-way encrypted, a lot safer that when I have to send passwords in the clear to log onto UNIX and LINUX machines there.

I have 25,000 files on my Mac in 2500 folders. I can not imagine having to negotiate my way through them using any other desktop. When I was Director of GCATT, I had a staff of 10 people using networked applications. I put them all on Macintoshes because I was also the PC Support Person, and I could not spend hours a week on that job.

Most Viruses and Trojan Horses circulating around the 'net today do not affect Macintoshes. Particularly if you use a non-browser email program like Eudora and keep automatic macro execution shut off in Microsoft Office. The other major PC operating systems require monthly, if not weekly, software patches to fix holes that the cyber criminal community discovers. I have never seen a security patch for the Macintosh.

Coupled with a high-speed cable modem access to the Internet, the Macintosh opens up a world of information for people doing research. I would not have been able to write the program to verify the "Mac Attack" viability if I had not been able to access 15 year old documents from the Internet Engineering Task Force on calculating a TCP checksum using one's-compliment binary arithmetic.

The thing that makes me the most angry about this "Mac Attack" is that the cyber-criminals activity may hurt the development of two technological achievements that I greatly admire. If just the threat causes us to restrict use of something really useful, then the terrorists have won a minor victory.

I am happy the the OS software engineers at Apple responded so quickly (within 48-hours) to develop a patch to eliminate the unintended feature that mades exploitation of Macintoshes possible. A final version should be available from the Apple site soon.

How do we get 90% plus of Mac users to install the patch before New-Millennium Eve. That will require a publicity campaign, one that's positive for Apple but scares the users enough to get them to do it.

The problem is so technical that it's hard to explain it, even to people who are very up on PC's. Perhaps "It will keep Hackers out of your Mac" with an indication that there is reason to believe that a "Major attempt to exploit the Y2K public anxiety by attacking Macs" is being planned.

If my cable modem address has been UDP scanned five times, it probably means that the entire RoadRunner and @Home cable modem space has already been scanned a number of times. The existing Macintoshes available for exploitation on those networks are probably listed and ready to be used by the cyber-attackers. There are enough there to flood (jam) a large number of network connections.

The other half of the defense is for the network administrators and router vendors to configure there equipment to discard 1500-byte ICMP datagrams (from all the Macs that do not get the patch in time) within the networks (the organizational firewall is too late).

John Copeland