Focus on Apple
Back to list
Re: Bill Gates on Mac OS X security
Feb 02 2007 08:36PM
Thor (Hammer of God) (thor hammerofgod com)
Regardless, it was a stupid thing to say. If Mr. Gates wants to come off as
an arrogant ass, then let him. But this type of statement is all that
groups will need to justify 0day publication of vulnerabilities now. MS
will call it "irresponsible disclosure" and blame the OP's for anything bad
that comes from it. But all they have to do is say "No, Bill Gates *dared*
me to do it." At the end of the day, it won't be Gates that will suffer,
but rather, it will be the customers of Microsoft.
His "dare" will make US targets. It was an arrogant and irresponsible thing
to say regardless of the improvements in Vista.
On 2/2/07 11:26 AM, "Chris Adams" <chris (at) improbable (dot) org [email concealed]> spoketh to all:
> On 2007-02-02, at 9:46 AM, Dave Schroeder wrote:
>> "Nowadays, security guys break the Mac every single day. Every
>> single day, they come out with a total exploit, your machine can be
>> taken over totally. I dare anybody to do that once a month on the
>> Windows machine."
> It's not quite as unreasonable as it seems at first glance -
> Microsoft is several years ahead of Apple on the painful publicity
> front and all those monopoly dollars have allowed them to pump
> resources into securing Windows. They still have a lot of legacy bad
> decisions to deal with but there really aren't things as simple as
> the equivalent of writable setuid binaries or trivial format string
> exploits on recent Windows systems - one of the reasons why people
> attacking Windows users have shifted to exploiting third party
> software is simply that there's lower-hanging fruit there.
> OS X obviously has had it a little easier - largely due to greater
> security experience when key decisions were made in the past (e.g.
> never having the "sure, toss anything you want in the system
> directory" mindset) and fewer exposed services in the default install
> but I suspect 2007 is going to be both the year that OS X comes under
> serious attack and [hopefully] the year the security group gets more
> funding and greater influence with other groups at Apple both to
> prevent code from shipping without security review and to make sure
> security is a first-class design criteria for everything.
[ reply ]
Copyright 2010, SecurityFocus