Hudson's bootkit takes advantage of a vulnerability in how Apple computers deal with peripheral devices connected over Thunderbolt ports during a firmware update. In these cases, the flash is left unlocked, allowing an Option ROM, or peripheral firmware, to run during recovery mode boots. It then has to slip past Apple's RSA signature check. Apple stores its public key in the boot ROM and signs firmware updates with its private key. The Option ROM over Thunderbolt circumvents this process and writes its own RSA key so that future updates can only be signed by the attacker's key. The attack also disables the loading of further Option ROMs, closing that window of opportunity.
Researchers at Palo Alto Networks discovered and dubbed the threat WireLurker because it spreads from infected OS X computers to iOS once the mobile device is connected to a Mac via USB. The malware analyzes the connected iOS device looking for a number of popular applications in China, namely the Meitu photo app, the Taobao online auction app, or the AliPay payment application. If any of those are found on the iOS device, WireLurker extracts its and replaces it with a Trojanized version of the same app repackaged with malware.
Patient zero is a Chinese third-party app store called Maiyadi known for hosting pirated apps for both platforms. To date, Palo Alto researchers said, 467 infected OS X apps have been found on Maiyadi and those apps have been downloaded more than 350,000 times as of Oct. 16 by more than 100,000 users.
Microsoft's approach with Windows, and backward compatibility in general, is commendable. "Users can install new versions of this OS on old machines, sometimes built on a mishmash of components, and still have it work well. This is a remarkable feat of engineering. It also comes with limitations — as it forces Microsoft to operate in the past." But Apple doesn't share this focus on interoperability or legacy. "They restrict hardware options, so they can build around a smaller number of specs. Old hardware is often left behind (turn on a first-generation iPad, and witness the sluggishness). Meanwhile, dying conventions are proactively euthanized," says Karjaluoto. "When Macs no longer shipped with floppy drives, many felt baffled. This same experience occurred when a disk (CD/DVD) reader no longer came standard." In spite of the grumblings of many, Karjaluoto doesn't recall many such changes that we didn't later look upon as the right choice.
Siracusa also takes a look a Swift, Apple's new programming language: "Swift is an attempt to create a low-level language with high-level syntax and semantics. It tackles the myth of the Sufficiently Smart Compiler by signing up to create that compiler as part of the language design process." He concludes: "Viewed in isolation, Yosemite provides a graphical refresh accompanied by a few interesting features and several new technologies whose benefits are mostly speculative, depending heavily on how eagerly they're adopted by third-party developers. But Apple no longer views the Mac in isolation, and neither should you. OS X is finally a full-fledged peer to iOS; all aspects of sibling rivalry have been banished."