Daniel Hanson, 2004-07-21
Apple's OS X is not safer or less susceptible to vulnerabilities and viruses than other OSes, and Apple's secretive culture is bad for the security world.
Colapse all |
Post comment
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (3 replies)
Anonymous (3 replies)
Article? Content? Point?
Another vague article about Mac OSX security. This article is like cotton candy; you bite into it and there is nothing there. All of this adds up to nothing, as did Lance Ulanoff's earlier article, as does Paul Thurott's constant natter on this subject, plus Secunia arti...
[ more ] [ reply ]
Another vague article about Mac OSX security. This article is like cotton candy; you bite into it and there is nothing there. All of this adds up to nothing, as did Lance Ulanoff's earlier article, as does Paul Thurott's constant natter on this subject, plus Secunia arti...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Your final statement was not accurate, the vulnerabilites listing and afforementioned changes from jaguar to panther are just one example of it.
There are a range of OS's which natively have not had more than a handful of holes in every version for more than 8 years.
A single code mistake can ...
[ more ] [ reply ]
There are a range of OS's which natively have not had more than a handful of holes in every version for more than 8 years.
A single code mistake can ...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
While it is true that OS X is not the most secure, it can be said for being tied as the most secure desktop operating system.
The reason for this is only partially due to its lower number of users as compared to Windows. The primary reason (as is true with Linux and BSD etc) is that no service ar...
[ more ] [ reply ]
The reason for this is only partially due to its lower number of users as compared to Windows. The primary reason (as is true with Linux and BSD etc) is that no service ar...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
Fact. OS X is not invulnerable to older Mac viruses, let alone the macro viruses that have been the main Mac virus problem for many years. And btw, many PC viruses aren't Windows viruses at all.
The issue is not whether it's "safer" to use Macs than PCs. It is, partly because the platform is rare...
[ more ] [ reply ]
The issue is not whether it's "safer" to use Macs than PCs. It is, partly because the platform is rare...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous (2 replies)
Anonymous (2 replies)
Really, it is a fact there are no mac os x virus? Here's at least one.
http://securityresponse.symantec.com/avcenter/venc/data/maco
s.mw2004.trojan.html...
[ more ] [ reply ]
http://securityresponse.symantec.com/avcenter/venc/data/maco
s.mw2004.trojan.html...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-25
Anonymous (1 replies)
Anonymous (1 replies)
The URL says it all...this is a trojan horse and not a virus. Please visit http://internet.about.com/cs/whatneedtoknow/a/aa_virus111203
.htm ....
[ more ] [ reply ]
.htm ....
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-29
Anonymous
Anonymous
I find it interesting when people say things like that. Generally, the reaction is a chorus of "Oh YEAH??" ( http://www.securityfocus.com/news/309 )
Keep saying that. It will make the OS more secure.
Once the dust settles and worms and trojans and viruses and patches have come.
Disclaimer...
[ more ] [ reply ]
Keep saying that. It will make the OS more secure.
Once the dust settles and worms and trojans and viruses and patches have come.
Disclaimer...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (2 replies)
Anonymous (2 replies)
Number of ports open by default:
Windows: 5
Mac OSX: 0
Once again, Microsoft offers 'features' that Apple doesn't....
[ more ] [ reply ]
Windows: 5
Mac OSX: 0
Once again, Microsoft offers 'features' that Apple doesn't....
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (3 replies)
Anonymous (3 replies)
>Number of ports open by default:
>
>Windows: 5
>Mac OSX: 0
>
>Once again, Microsoft offers 'features' that >Apple doesn't.
Number of Firewalls on by default (with RTM of sp2 in a week or two):
Windows: 1
Mac OS X: 0...
[ more ] [ reply ]
>
>Windows: 5
>Mac OSX: 0
>
>Once again, Microsoft offers 'features' that >Apple doesn't.
Number of Firewalls on by default (with RTM of sp2 in a week or two):
Windows: 1
Mac OS X: 0...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
With no ports open a firewall is pointless as there is nothing for it to block, and as soon as any port is opened the firewall is automatically activated. Unlike Windows the firewall is open source ipfw as used in FreeBSD. The core system is also open source and can be freely examined, as the author...
[ more ] [ reply ]
[ more ] [ reply ]
With no open ports, who needs a firewall?
2004-07-23
Anonymous (1 replies)
Anonymous (1 replies)
What's the point in filtering packets headed for ports that are closed anyway? The end result is the same. Windows relies too much on firewalls for security. No one has ever hacked a service that was not running. ;)
...
[ more ] [ reply ]
...
[ more ] [ reply ]
With no open ports, who needs a firewall?
2004-07-23
Anonymous
Anonymous
> What's the point in filtering packets headed for ports that are closed anyway?
Yes, but programs open ports all the time expecting to recieve data. A web browser receives data on a port every time it makes a connection, and programs like FTP (in "active" mode) and file sharing programs basical...
[ more ] [ reply ]
Yes, but programs open ports all the time expecting to recieve data. A web browser receives data on a port every time it makes a connection, and programs like FTP (in "active" mode) and file sharing programs basical...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Kev (1 replies)
Kev (1 replies)
1. Your article conveys a tone that blames Apple for being no better than any other OS provider, even though it has experienced way fewer vulnerabilities. An alternate approach would've been to ask Apple to become even better than any other OS provider. It would generate fewer flames (but possibly ...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (3 replies)
A1 - forget time here. with popularity and useability constraints in getting to the lower portions of the system are what is currently restricting many potential discoveries; while there may be few, its unlikely there are none. Man hours wise, MS software probably recieves more than a billion time...
[ more ] [ reply ]
Anonymous (3 replies)
A1 - forget time here. with popularity and useability constraints in getting to the lower portions of the system are what is currently restricting many potential discoveries; while there may be few, its unlikely there are none. Man hours wise, MS software probably recieves more than a billion time...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
"Most other OS's recieve security information from both the user and developer sides of the community. It has become clear from the BSD platforms that Open Source software can be better than closed source software in the security world, as with more developers reading the code, more errors are spott...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Kev (1 replies)
Kev (1 replies)
The statement doesn't contradict itself.
Apple's experience to date with viruses and vulnerabilities has been significantly better than other OSes. That doesn't mean its perfect in the past or will be in the future, its just been better to date.
Based on that experience, Apple need not expend ...
[ more ] [ reply ]
Apple's experience to date with viruses and vulnerabilities has been significantly better than other OSes. That doesn't mean its perfect in the past or will be in the future, its just been better to date.
Based on that experience, Apple need not expend ...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-28
Anonymous
Anonymous
I just read this article and in no way do i see it bashing or condemning apple in any way. Kev, relax. Computers are tools. Whether the hammer is red or blue doesn't mean that it won't drive a nail into wood. This article is merely addressing observed and not observed characteristics of Apple as see...
[ more ] [ reply ]
[ more ] [ reply ]
Windows cracks Vs Mac, Re: Mac OS X ? Unix? Secure?
2004-08-01
Anonymous
Anonymous
Why you windows guys waste your breath trying to pop Mac guys' balloons on security is beyond me. If you like Wintel go wallow in the sty.
Safari is based on an open source kernel (KHtml) and Mac OS X is based on an open source Unix kernel (Mach and BSD). If all these things are "open," ...
[ more ] [ reply ]
Safari is based on an open source kernel (KHtml) and Mac OS X is based on an open source Unix kernel (Mach and BSD). If all these things are "open," ...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Interesting security article, you brought up some good points. I am not a programmer, nor a security expert, just curious. How do MS Windows cracking techniques apply to Apple's Mach kernel, Apple's Darwin / Mac OS X, and the PPC Architecture? Do the same buffer overflow issues, heap issues, etc. af...
[ more ] [ reply ]
[ more ] [ reply ]
Buffer overflows can happen on all platforms
2004-07-26
[GTB] Matt Man
[GTB] Matt Man
While the details are different (and the devil is in the details), the same techniques are used to discover and exploit buffer overflows on all hardware architectures and operating systems. _The Shellcoder's Handbook_ by Koziol et al goes into detail about how to discover and write exploits on mult...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Eric Aitala
Eric Aitala
As of this date, I know of no viruses that affect Mac OS X, in any form, and only one possible remote web related exploit (now patched) that exist in the wild. There have been a few 'lab level' vulnerabilites demonstrated and subsequently patched.
I believe that there are differences in the OS X...
[ more ] [ reply ]
I believe that there are differences in the OS X...
[ more ] [ reply ]
Mac OS X ? Unix? Secure? Pretty much.
2004-07-22
DougT
DougT
The truth about Mac OS X is that there is not a single known virus or worm in the wild that affects it after three years and ~10 million users.
Mac users face _none_ of the virus, worm, or spyware hassles.
Most, including myself, run _no_ antivirus, anti-spyware, or Internet security softwar...
[ more ] [ reply ]
Mac users face _none_ of the virus, worm, or spyware hassles.
Most, including myself, run _no_ antivirus, anti-spyware, or Internet security softwar...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Mr Hanson writes " In the absence of what I consider hard evidence, I have a number of concerns..."
Which pretty much sums up the article - much of the evidence is readily available, but either Mr Hanson didn't look for it or having found it, preferred to ignore it, since it didn't fit with his p...
[ more ] [ reply ]
Which pretty much sums up the article - much of the evidence is readily available, but either Mr Hanson didn't look for it or having found it, preferred to ignore it, since it didn't fit with his p...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Daniel Hanson
Daniel Hanson
Hi you misinterpreted my comments regarding buffer overflow protection. I wasn't implying that Apple leaves vulnerabilities open, nor was I implying that there are more of them than other operating systems. What I was saying is that kernel level, or hardware level stack and heap protection is within...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Scrutiny
Scrutiny
Oh dear.
While the author raises some important questions, the amount of ignorance he shows (or is it a deliberate desire to mislead?) brings to mind a word that rhymes with merchant banker.
He confesses that he really hasn't any experience or deep knowledge, raises areas of concern where he s...
[ more ] [ reply ]
While the author raises some important questions, the amount of ignorance he shows (or is it a deliberate desire to mislead?) brings to mind a word that rhymes with merchant banker.
He confesses that he really hasn't any experience or deep knowledge, raises areas of concern where he s...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Peter (1 replies)
Peter (1 replies)
Let's see. Ports closed. Built-in firewall. No VBS. It may not be vulnerability free, but out of the box, an OS X machine is many orders of magnitude more secure than an XP machine. Even behind our corporate firewall, new PC's end up getting wormed in hours if IT doesn't spend a couple of hours...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Two points:
I hardly would categorize Mac OSX as being something that crashes a lot, as is implied. In 9 or so months my iBook G4 has experienced no OS crash and only two application crashes, neither required a reboot. If your going to bring up that old canard, at least use OS X before you bash it...
[ more ] [ reply ]
I hardly would categorize Mac OSX as being something that crashes a lot, as is implied. In 9 or so months my iBook G4 has experienced no OS crash and only two application crashes, neither required a reboot. If your going to bring up that old canard, at least use OS X before you bash it...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-26
Anonymous
Anonymous
In fact... those vulnerabilities *have* affected machines in the wild... it just hasn't been made public. In fact, there is exploit code for the AFP buffer overflow vulnerability in limited usage with limited success... limited to a large degree by the Automatic Software Update feature that is turn...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
While I agree with you that the Mac OS isn't "the promised land" I want to point out a few things why this OS IS more secure than Windows. First, the Mac OS has most of the vulnerable TCP ports turned off by default, Microsoft defaults theirs to on when you turn it on. Second, Windows has more vu...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
This article lacks any sort of solid information and it is very easy to see that the author did not do any serious research on the subject. Why does the author neglect a discussion of root/administrative priviledge levels/access in OS X if priviledge escalation is a concern? How about some mention...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
For a summary of the story:
Yeah, I've never used a mac, but I got on Apple's website and read some things. I've also looked at the box that panther came in. It's a nice box, but not as good as the Windows XP box.
Oh, and my brother's cousin has a mac and it's always crashing. I think it's a p...
[ more ] [ reply ]
Yeah, I've never used a mac, but I got on Apple's website and read some things. I've also looked at the box that panther came in. It's a nice box, but not as good as the Windows XP box.
Oh, and my brother's cousin has a mac and it's always crashing. I think it's a p...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Chris (1 replies)
Chris (1 replies)
Wow.
Already over a dozen anonymous comments to bash on the author and his article. I had no idea there were do many Mac users on Earth. Or is it the same guy who posted repeated bashes ?...
[ more ] [ reply ]
Already over a dozen anonymous comments to bash on the author and his article. I had no idea there were do many Mac users on Earth. Or is it the same guy who posted repeated bashes ?...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (2 replies)
Anonymous (2 replies)
Chris
not the same people - just a lot of incredulous IT folks reading something that is blatantly unresearched and foolish - deserves bashing for wasting our time and simply being stupid...
[ more ] [ reply ]
not the same people - just a lot of incredulous IT folks reading something that is blatantly unresearched and foolish - deserves bashing for wasting our time and simply being stupid...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (3 replies)
Anonymous (3 replies)
So you say there is absolutely no validity to the article? The fact is that the enterprise presence of the Macintosh is usually for those folks in graphic design and audio post production. So in turn security community does not perform the rigorous auditing that most mainstream products enjoy is com...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
PecosBill
PecosBill
quoting the uninformed: The fact is that the enterprise presence of the Macintosh is usually for those folks in graphic design and audio post production.
You can thank M$ & IT FUD for that misconception despite that it runs many other businesses today. (Apple also does exceedingly well with vide...
[ more ] [ reply ]
You can thank M$ & IT FUD for that misconception despite that it runs many other businesses today. (Apple also does exceedingly well with vide...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Chris (3 replies)
Chris (3 replies)
Yes IT people are incredulous. Actually, IT people had no idea that MacOS X could even connect to the Internet and read that column in the first place.
Nobody puts a gun to anyone's head to read that column. It's ok to not agree with an opinion, but don't blame the author that "he wasted your tim...
[ more ] [ reply ]
Nobody puts a gun to anyone's head to read that column. It's ok to not agree with an opinion, but don't blame the author that "he wasted your tim...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
"The sensitivity of Mac users when anything bad is said about their platform of choice is part of the Apple culture the author wrote about."
I'm very sensitive to ignorant people (like you), not people that bash the Mac. When a knowledgeable Mac user tells the author he is wrong and proceeds to s...
[ more ] [ reply ]
I'm very sensitive to ignorant people (like you), not people that bash the Mac. When a knowledgeable Mac user tells the author he is wrong and proceeds to s...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Phillip J. (MacPhilly)
Phillip J. (MacPhilly)
Oh, what utter nonsense...
"The sensitivity of Mac users when anything bad is said about their platform of choice is part of the Apple culture the author wrote about. "
No, most of us are mature adults that realize that no system is a panacea, Mac OSX included. However, it is a far sight bett...
[ more ] [ reply ]
"The sensitivity of Mac users when anything bad is said about their platform of choice is part of the Apple culture the author wrote about. "
No, most of us are mature adults that realize that no system is a panacea, Mac OSX included. However, it is a far sight bett...
[ more ] [ reply ]
Mac OS X ? Unix? Secure? - Author Follow-up
2004-07-22
Daniel Hanson
Daniel Hanson
Hi all, thanks for all the feedback and comments, in my mail and here. I have responded to some individuals directly, but here is a general followup.
In response to the reaction that my column has received, I thought I would address some of the most common comments.
1. I don't hate Mac's, I d...
[ more ] [ reply ]
In response to the reaction that my column has received, I thought I would address some of the most common comments.
1. I don't hate Mac's, I d...
[ more ] [ reply ]
*Yawn*
2004-07-22
Steve (2 replies)
Steve (2 replies)
Great, we're getting security advice from an author that seems to know little or nothing about the enivironment of which he speaks.
Daniel, the facts are this:
1) Windows viruses are in range of approx. ~85,000. Mac OS X virus are currently still zero. (Let's not even talk about spyware, etc...
[ more ] [ reply ]
Daniel, the facts are this:
1) Windows viruses are in range of approx. ~85,000. Mac OS X virus are currently still zero. (Let's not even talk about spyware, etc...
[ more ] [ reply ]
*Yawn* at *Yawn*
2004-07-22
Chris (1 replies)
Chris (1 replies)
"Windows viruses are in range of approx. ~85,000" : I did not check any statistics, so I'll admit this fact is accurate
"Mac OS X virus are currently still zero" : Again, let's admit that no MacOS X on Earth has ever been impacted by malicious code.
"Result: Mac is more secure." : This conclu...
[ more ] [ reply ]
"Mac OS X virus are currently still zero" : Again, let's admit that no MacOS X on Earth has ever been impacted by malicious code.
"Result: Mac is more secure." : This conclu...
[ more ] [ reply ]
*Yawn*
2004-07-23
Anonymous (1 replies)
Anonymous (1 replies)
The 80,000 viruses is an extremely misleading statistic. I believe that it is actually more like 60,000, but regardless over 59,000 of those viruses are considered zoo viruses. Zoo viruses are viruses that pose virtually no threat to anyone due to either never ever being released "in the wild" or ...
[ more ] [ reply ]
[ more ] [ reply ]
*Yawn*
2004-07-23
Anonymous (2 replies)
Anonymous (2 replies)
That's interesting, because last time I checked, 700 is still more than zero. Hey wait, I know. You take your Windows PC and I'll take my Mac, we'll both remove any firewalls, virus protection and spyware stoppers, put them on the internet and start going to sites and getting email. Then we'll see h...
[ more ] [ reply ]
[ more ] [ reply ]
*Yawn*
2004-07-24
Anonymous
Anonymous
What's interesting is that some have no problem with complete distortion of the facts. Yes, 700 is more than 0. Obviously a significant number more. However, there are a handful of viruses for other (less popular) OS's.
Regardless it is a far, far cry from the 80,000 that was initially and ...
[ more ] [ reply ]
Regardless it is a far, far cry from the 80,000 that was initially and ...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Dan P (1 replies)
Dan P (1 replies)
I made it to here : "It's one of the reasons that the people who love them were willing to put up with the myriad of problems related to hardware cost and availability, mysterious sad Apple crashes, and other annoyances that have kept yours truly from paying the premium associated with the wonderfu...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Phillip J. (MacPhilly) (1 replies)
Phillip J. (MacPhilly) (1 replies)
Ok, you can consider me a newbie to OSX (only having had a TiBook for 1 1/2 years now) but regarding crashes, let me say this...
There is NO system that crashes once in what - 3 years? - since it's inception.
Granted, I'm a heavy user and I'll have Photoshop, Word, Entourage, iChat, iTunes, Sa...
[ more ] [ reply ]
There is NO system that crashes once in what - 3 years? - since it's inception.
Granted, I'm a heavy user and I'll have Photoshop, Word, Entourage, iChat, iTunes, Sa...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Thank you, Daniel, for following up in the discussion area. Now please do the honorable thing and amend your article, as it is what is being cross-linked at places like MacSurfer and getting casual press interest. If SecurityFocus cares to maintain its reputation, your article should contain the f...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
Ok so a Mac user does not need to harden the Macintosh or buy antivirus software due to the lack of threats? Doesn't that sound the slightest bit naive or arrogant? It just does not make sound secure computing sense to me.
This is why Windows users are getting raped because they do not harden the...
[ more ] [ reply ]
This is why Windows users are getting raped because they do not harden the...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
PecosBill
PecosBill
quoting:
>>>Ok so a Mac user does not need to harden the Macintosh or buy antivirus software due to the lack of threats? Doesn't that sound the slightest bit naive or arrogant? It just does not make sound secure computing sense to me.
The primary function that anti-virus software does is scan f...
[ more ] [ reply ]
>>>Ok so a Mac user does not need to harden the Macintosh or buy antivirus software due to the lack of threats? Doesn't that sound the slightest bit naive or arrogant? It just does not make sound secure computing sense to me.
The primary function that anti-virus software does is scan f...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
chris holland
chris holland
A default installation of Mac OS X has *zero* network services enabled by default. You can buy a new Mac or install a fresh Mac OS X on an existing one, from another machine on the same network, run nmap against it, and you'll get zero hits. Not a single port opened. That's the first no-brainer, mos...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (2 replies)
Anonymous (2 replies)
I'm a long-time Mac user, and when I read this article, I admit I bristled a bit - part of that 'Apple culture', I guess. But I still have to chalk this article up to FUD - for the most part.
It's clear the author hasn't done his homework on Mac OS X, but that doesn't mean he's not raising some ...
[ more ] [ reply ]
It's clear the author hasn't done his homework on Mac OS X, but that doesn't mean he's not raising some ...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Daniel Hanson (9 replies)
Daniel Hanson (9 replies)
I would be interested as to which technological points you feel that I didn't adequately research in my article. The bulk of my article was wondering about the state of some large question marks in the Apple world.
I stated that I didn't believe the claim that Macintosh users were inherently not...
[ more ] [ reply ]
I stated that I didn't believe the claim that Macintosh users were inherently not...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
>>>
http://www.securityfocus.com/bid/10356
http://www.securityfocus.com/bid/10401
Both appear to allow code execution with a small amount of human intervention.
>>
As yet, no public exploits, but I wouldn't call Mac users safe because they use a Mac.
>>
How about a file that appears t...
[ more ] [ reply ]
http://www.securityfocus.com/bid/10356
http://www.securityfocus.com/bid/10401
Both appear to allow code execution with a small amount of human intervention.
>>
As yet, no public exploits, but I wouldn't call Mac users safe because they use a Mac.
>>
How about a file that appears t...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Chris Holland
Chris Holland
in your article and in most of your replies you seem to be confusing two key issues:
- there are NO security issues on macs
- there are LESS security issues on macs
Nobody in their right mind, and NO mac user i know (especially not I) has ever argued that you "are safe" by using a Mac.
NO,...
[ more ] [ reply ]
- there are NO security issues on macs
- there are LESS security issues on macs
Nobody in their right mind, and NO mac user i know (especially not I) has ever argued that you "are safe" by using a Mac.
NO,...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
chris holland
chris holland
Of those two specific holes you mentioned, the mp3 one was patched within days of its discovery, the other one was patched within a couple of weeks, as it required Apple to slightly tweak its UI within its cross-application protocol handling.
So OKAY, Apple didn't come out with a bunch of press r...
[ more ] [ reply ]
So OKAY, Apple didn't come out with a bunch of press r...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous (1 replies)
Anonymous (1 replies)
I agree - you are correct that a virus is quite possible on the Mac. It is interesting that there aren't any, however - in the classic Mac days we had a few floating around. Did everyone just decide to target only Windows? Or is there something about the design of OS X that lends itself toward be...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-26
Anonymous
Anonymous
I think all the Mac virus writers thought the new OS X GUI was so cool they decided to quit writing viruses and start using their Macs as Windows attack boxes. In fact, Mac OS X systems are used very frequently as attack boxes by blackhats, because of their inherent security and FreeBSD foundation....
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
Well, I can state that there is at least one reason that social engineering mass-mailing exploits won't work well on the Mac:
A fairly popular email client on the Mac, Entourage (produced by the excellent Mac Business Unit of Microsoft and part of Mac Office) will pop up a warning dialog box before...
[ more ] [ reply ]
A fairly popular email client on the Mac, Entourage (produced by the excellent Mac Business Unit of Microsoft and part of Mac Office) will pop up a warning dialog box before...
[ more ] [ reply ]
Tech. Points Not Researched?
2004-07-23
Doug T.
Doug T.
You wrote, "I would be interested as to which technological points you feel that I didn't adequately research in my article."
Quotes from your article:
"This is a completely arbitrary feeling, but I do not believe that Apple "gets it" in the security world."
Arbitrary . . . research? Or w...
[ more ] [ reply ]
Quotes from your article:
"This is a completely arbitrary feeling, but I do not believe that Apple "gets it" in the security world."
Arbitrary . . . research? Or w...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
Daniel, did you bother clicking on the "Solution" link at the first of those exploits?
Apple supplied a security update to address the potential risk!
Isn't that exactly what you're looking for?????
Let's watch some verbs here:
Malware might be written to attack Mac OS X.
Apple has addr...
[ more ] [ reply ]
Apple supplied a security update to address the potential risk!
Isn't that exactly what you're looking for?????
Let's watch some verbs here:
Malware might be written to attack Mac OS X.
Apple has addr...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Jeff Brown
Jeff Brown
Regarding the question: "How about a file that appears to be an MP3 file but runs code?"
This is a valid concern that was addressed in a June 2004 Mac OS X update:
http://docs.info.apple.com/article.html?artnum=25785
The Macintosh now asks the user's permission before implicitly running any...
[ more ] [ reply ]
This is a valid concern that was addressed in a June 2004 Mac OS X update:
http://docs.info.apple.com/article.html?artnum=25785
The Macintosh now asks the user's permission before implicitly running any...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
I stated it before, but I'll repeat it: This article talks of theoretical
possibilities, not actual security problems that have occured.
The "file that appears to be an MP3 file but runs code" is a laboratory
example; nothing like this has ever occured "in the wild".
As for "viruses th...
[ more ] [ reply ]
possibilities, not actual security problems that have occured.
The "file that appears to be an MP3 file but runs code" is a laboratory
example; nothing like this has ever occured "in the wild".
As for "viruses th...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous (1 replies)
Anonymous (1 replies)
"I do not believe that Apple "gets it" in the security world"
Right, so Apple releases an OS with all ports closed, and Microsoft one with all ports open. Care to rethink that statement?
I'm so glad you approve of the Mac now it has a 'proper' OS. That OS I've been using for the past 15 years,...
[ more ] [ reply ]
Right, so Apple releases an OS with all ports closed, and Microsoft one with all ports open. Care to rethink that statement?
I'm so glad you approve of the Mac now it has a 'proper' OS. That OS I've been using for the past 15 years,...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-22
Anonymous
Anonymous
quoting:
>>>I'm so glad you approve of the Mac now it has a 'proper' OS. That OS I've been using for the past 15 years, and making a lot of money from was just a toy was it?
Sadly, many geeks don't feel an OS is proper unless it has a command line lurking somewhere. I DO think it's a wonderful a...
[ more ] [ reply ]
>>>I'm so glad you approve of the Mac now it has a 'proper' OS. That OS I've been using for the past 15 years, and making a lot of money from was just a toy was it?
Sadly, many geeks don't feel an OS is proper unless it has a command line lurking somewhere. I DO think it's a wonderful a...
[ more ] [ reply ]
Mac OS X ? Unix? Secure? So do something about it!
2004-07-23
Jon Coleman (1 replies)
Jon Coleman (1 replies)
I am a power user of mac and I too am very concerned that we will sooner than later be hit with the sercurity and virii problems that have defaced Windows. This is an inevitable eventuality as Mac OS X gains more exposure and popularity. I have no delusions about Mac not being a target because it ha...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure? So do something about it!
2004-07-24
Anonymous (1 replies)
Anonymous (1 replies)
to say the mac will succumb to a similar torrent of viruses based on popularity is ignorant of how osx is constructed and maintained. if the numbers were switched and osx had 95% of the installed base, 99% of the viruses would still only be on windows. osx is not designed by committe, but about 100 ...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure? So do something about it!
2004-07-26
Anonymous
Anonymous
Saying OS X is so brilliantly contracted that it'll never circum to the security issues faced by more popular operating systems is pure ignorance. I would never fully trust ANY vendor when it comes to the security of their code considering the coding practices of most programmers. We will never trul...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-23
Anonymous
Anonymous
Sounds like a frustrated Microsofti, it is not that UNIX ismoe secure than XP this is not the message is that UNIX users are better at the internals. I agree that Apple needs to have better communications, and they are trying, but give credit where it is due. The product is superior to XP and I run ...
[ more ] [ reply ]
[ more ] [ reply ]
On Apple Culture
2004-07-23
Steve (1 replies)
Steve (1 replies)
I take issue with Hanson's "belief" that Apple's thoughtful culture is somehow a detriment to security. Apple actually THINKS before it acts which is a major contrast to Microsoft AND the headless process that harms Linux. The cleanroom based vulnerabilities reported in recent months are just that. ...
[ more ] [ reply ]
[ more ] [ reply ]
Research?
2004-07-24
jammer-b
jammer-b
This article from the beginning shows signs of heavy bias? Why even write it? I use both PCs and MACs and own both. I have Windows XP, but I hate using it, especially when dealing with sensitive data, because it really is not a secure system. When I want security I would trust my Linux system, or...
[ more ] [ reply ]
[ more ] [ reply ]
This is a sloppy, sloppy, sloppy article
2004-07-26
Andy J.
Andy J.
1. The article's abstract uses the present tense to described OS X's perceived lack of security ("is not safer or less susceptible"), and presents this assertion as fact. Thereafter, not a *single* piece of empirical evidence is marshalled to demonstrate how customers are at risk. Potential issues a...
[ more ] [ reply ]
[ more ] [ reply ]
Mac OS X ? Unix? Secure- Yes
2004-07-27
John G (1 replies)
John G (1 replies)
"journalism" - I think not - Simply some personal feelings purporting to be information. As a supporter of Dos/Win and Mac since 1988, hardware and software, I have actual empirical evidence - my daily call sheets for 15 years - and a database of repair purchases and calls. I was first IBM traine...
[ more ] [ reply ]
[ more ] [ reply ]
What can we learn from the comments?
2004-07-27
Anonymous (1 replies)
Anonymous (1 replies)
Now I am not trying to paint all Mac users with the ignorance brush but we can see the lack of security understanding that some Macintosh users have with comments along the lines of:
1) I run no network services therefore I need no firewall.
2) There are no viruses for OS X (yet) therefore I d...
[ more ] [ reply ]
1) I run no network services therefore I need no firewall.
2) There are no viruses for OS X (yet) therefore I d...
[ more ] [ reply ]
What can we learn from the comments?
2004-07-30
Shirkdog
Shirkdog
I just posted a general message about some of the good things about Apple and OS X. One thing I see as a terrible problem down the line is the muching around with kernel extensions. These are the modules that can be programed to interact with the kernel. With each major release of OS X, there has be...
[ more ] [ reply ]
[ more ] [ reply ]
Some comments...
2004-07-28
Aaron
Aaron
Hello,
It's funny how this article made no mention of Windows, never even compares OS X to Windows, and yet 80% of these comments whine "Windows is worse!".
Duh!
That's not the point of the article. The author raises some interesting points about OS X. I personally disagree.
Regardless o...
[ more ] [ reply ]
It's funny how this article made no mention of Windows, never even compares OS X to Windows, and yet 80% of these comments whine "Windows is worse!".
Duh!
That's not the point of the article. The author raises some interesting points about OS X. I personally disagree.
Regardless o...
[ more ] [ reply ]
Mac OS X ? Unix? Secure?
2004-07-30
Shirkdog
Shirkdog
OS X has one advantage as a CORPORATE operating system over windows, most of its code base is open source and available from the Darwin project.
This enables at least of portion of their code to be available to audit. Also, Apple has embraced the open source community. Therefore, even if a vulner...
[ more ] [ reply ]
This enables at least of portion of their code to be available to audit. Also, Apple has embraced the open source community. Therefore, even if a vulner...
[ more ] [ reply ]
Comments
2004-07-31
Anonymous (1 replies)
Anonymous (1 replies)
I've read most of the comments in regards to this article, and all I seem to see is comparison to Windows. Now, in the article I beleive Daniel was also comparing OSX to Linux, UNIX, and Novell. We all know of the drawbacks of Windows; but why have none of the Mac user responses made any sort of c...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Comments
2006-05-16
Not so anonymous
Not so anonymous
Mac OS X is somewhat more secure than your standard Linux or Unix build because it comes secure out of the box. Ports are turned off by default and so is Root User access (not that its difficult to turn on). The problem with most Linux and Unix flavors are that you really need to know what you are...
[ more ] [ reply ]
[ more ] [ reply ]
[ more ] [ reply ]