Focus on Apple
Re: Bill Gates on Mac OS X security Feb 02 2007 08:36PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
Re: Bill Gates on Mac OS X security Feb 02 2007 11:35PM
David Maynor (dmaynor gmail com)
http://erratasec.blogspot.com/2007/02/bill-gates-fights-back-against-evi
l.html

My thoughts on this and I'll leave it at that.

On 2/2/07, Thor (Hammer of God) <thor (at) hammerofgod (dot) com [email concealed]> wrote:
> Regardless, it was a stupid thing to say. If Mr. Gates wants to come off as
> an arrogant ass, then let him. But this type of statement is all that
> groups will need to justify 0day publication of vulnerabilities now. MS
> will call it "irresponsible disclosure" and blame the OP's for anything bad
> that comes from it. But all they have to do is say "No, Bill Gates *dared*
> me to do it." At the end of the day, it won't be Gates that will suffer,
> but rather, it will be the customers of Microsoft.
>
> His "dare" will make US targets. It was an arrogant and irresponsible thing
> to say regardless of the improvements in Vista.
>
> t
>
>
> On 2/2/07 11:26 AM, "Chris Adams" <chris (at) improbable (dot) org [email concealed]> spoketh to all:
>
> >
> > On 2007-02-02, at 9:46 AM, Dave Schroeder wrote:
> >
> >> <http://www.msnbc.msn.com/id/16934083/site/newsweek/page/2/>
> >>
> >> "Nowadays, security guys break the Mac every single day. Every
> >> single day, they come out with a total exploit, your machine can be
> >> taken over totally. I dare anybody to do that once a month on the
> >> Windows machine."
> >
> > It's not quite as unreasonable as it seems at first glance -
> > Microsoft is several years ahead of Apple on the painful publicity
> > front and all those monopoly dollars have allowed them to pump
> > resources into securing Windows. They still have a lot of legacy bad
> > decisions to deal with but there really aren't things as simple as
> > the equivalent of writable setuid binaries or trivial format string
> > exploits on recent Windows systems - one of the reasons why people
> > attacking Windows users have shifted to exploiting third party
> > software is simply that there's lower-hanging fruit there.
> >
> > OS X obviously has had it a little easier - largely due to greater
> > security experience when key decisions were made in the past (e.g.
> > never having the "sure, toss anything you want in the system
> > directory" mindset) and fewer exposed services in the default install
> > but I suspect 2007 is going to be both the year that OS X comes under
> > serious attack and [hopefully] the year the security group gets more
> > funding and greater influence with other groups at Apple both to
> > prevent code from shipping without security review and to make sure
> > security is a first-class design criteria for everything.
> >
> > Chris
>
>
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus