, SecurityFocus 2005-11-29
When the SANS Institute, a computer-security training organization, released its Top-20 vulnerabilities last week, the rankings continued an annual ritual aimed at highlighting the worst flaws for network administrators. This year, the list had something different, however: The group flagged the collective vulnerabilities in Apple Computer's Mac OS X operating system as a major threat.
Expand all |
Post comment
Mac OS X security under scrutiny
2005-11-29
Anonymous (1 replies)
Anonymous (1 replies)
Mac OS X security under scrutiny
2005-11-29
Anonymous (1 replies)
Anonymous (1 replies)
Re: Mac OS X security under scrutiny
2005-11-29
Anonymous (1 replies)
Anonymous (1 replies)
Mac OS X security under scrutiny
2005-11-29
Anonymous (1 replies)
Anonymous (1 replies)
Mac OS X security under scrutiny
2005-11-29
Anonymous (3 replies)
Anonymous (3 replies)
Re: Mac OS X security under scrutiny
2005-11-30
Matthew Murphy (1 replies)
Matthew Murphy (1 replies)
Re: Re: Mac OS X security under scrutiny
2005-12-01
Anonymous (1 replies)
Anonymous (1 replies)
Mac OS X security under scrutiny
2005-11-29
Anonymous (1 replies)
Anonymous (1 replies)
Mac OS X security under scrutiny
2005-11-30
Jeffsters (1 replies)
Jeffsters (1 replies)
It is true that OS X system passwords can be cracked with standard UNIX cracking utilities but that requires access to the machine to the point that you can spend quite a bit of processor time running a cracking routine against a password hash. This is not a big deal because, once you have that level of access, there are a lot of other things you could do anyway.
Here at my workplace, we require all machines including Windows, Mac and Linux to have things like antivirus, antispyware, a local firewall and autoupdates. There is actually some debate among Mac users about whether these things are more trouble than they're worth given the lack of threat against OS X. Mac users are lucky to be able to make that complaint.
Now, getting to your point... I think that Apple has made good choices in the situations where you don't need to compromise useability to have security. There are many other situations where you have to make a choice between making things easy and secure. The fact that you can take an OS X install disk and use it to reset the root password of any Mac you have physical access to is one such choice. If you check out the MacFixIt web site for any length of time, you will see that antivirus software and system updates can cause problems. For now, Mac users can skip most of these things without too much worry. Windows users have much more of a problem.
I have situations here where a software vendor with a customized Windows based product is requiring that we get their approval (part of their service contract) every time we want to install a Windows patch, even critical security patches. They need to test the patch to know that it won't break their software and sometimes it does. This is a real headache for a sysadmin. You have to handle a machine that can't be patched. It's a real policy problem. Then again, last I checked the Secunia web site, there were 26 security vulnerabilities in Windows XP Professional which have no patch available anyway. For comparison, OS X has no outstanding vulnerabilities which can't be patched.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11359/32822#32822