9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
Malware has been a persistent threat since the first virus appeared in 1982 as a prank on Apple II computers. And malware is here to stay, but not because cybercriminals and nation-states are clever (they are), but because it’s mathematically impossible to stop it.
In computer science, Rice’s Theorem proves that it is theoretically impossible to create a program that can perfectly determine if another program is malicious. Why? Being “malicious” is a behavioral trait that depends on what the program does, but predicting its behavior is impossible. It’s almost like predicting if a recipe will make a yummy dish without cooking it. There are a lot of variables that will impact its output. Programs are similar. They can behave differently depending on how it’s coded, environments, inputs, etc.
Even if we could define malicious behavior outright, which is a huge challenge in itself, antivirus programs can’t analyze every execution path, run for infinite time, or simulate every environment it could sneak into.
Malware is constantly using clever techniques to avoid detection, too. Polymorphic and metamorphic malware that can use encryption and even rewrite its code to evade detection adds another layer of complication. So, a behavior considered suspicious today could be legit tomorrow.
Today, modern antivirus software does a really good job at signature detection (matching known malware patterns), behavioral monitoring (watching for sketchy actions), and using sandboxes (trapping code in a safe space to test it). They catch most threats, but according to Rice’s Theorem, they can never guarantee 100%. Even if a theoretical superintelligence existed, it still couldn’t beat it.
Maybe undetectable malware will be used to stop an out-of-control AGI in the future.
Reminds me of a movie…