six colors

by Jason Snell & Dan Moren

This week's sponsor

Photos: A Take Control Crash Course - Jason's ebook about Photos, now updated for High Sierra & iOS 11.

Linked by Dan Moren

Don’t worry about WireLurker malware

Nick Arnott on iMore:

There are once again some needlessly scary security articles going around, this time concerning malware dubbed “WireLurker”. WireLurker hides inside pirated apps and tries to get people to install it on the Mac so it can transfer data to and from the iPhone or iPad over USB. it’s important to point out almost no one reading this is in any danger from WireLurker, and anyone who is can easily avoid it. [emphasis his]

I actually heard about this when I turned on the radio this morning—always good when an Apple security story makes it to the mainstream media. Upon searching Google for “WireLurker” the first hit I got was to a story from The Register, with the headline: “Apple Macs, iThings don’t get malware? NOT ANY MORE. Panic, fanbois!”

Of course, if you click through, you get the much more mild “WireLurker-hit boxen infect ALL the iThings: Myth of malware-less Mac MURDERED.”

I realize it’s not worth it to let yourself get riled up by The Register, which has a history of taking potshots at Apple and its users, but really it’s the schadenfreude that gets me—the delight that these guys seem to take in what would be an exploit that could hit ordinary, non-tech savvy folks.

But that glee is made all the more ridiculous by the fact that, as Nick points out above, this exploit isn’t likely to hit anybody who a) isn’t downloading pirated software and b) lives outside of China. (Apple’s also already revoked the enterprise certificate the hackers were using to install apps on non-jailbroken iOS devices.)

Long story short: Apple security stories have proven, time and time again, to be overblown. While there’s a good argument that Cupertino could be better about security policy, it’s pretty hard to argue against its track record in security execution.