OS X :: how secure art thou?
- Thread starter gerbick
- Start date
Krevinek
Evil PPC Tweaker
pds said:
The funny thing is that first quote... If I make a Windows-compatible OS, I am bound to be vulnerable to Windows-compatible exploits. It is just the nature of the business. However, I would like to note the Unix-based exploits require access to at least a user account, and some sort of weakness in one of the software applications with it set so it automatically runs a root when launched. Apple has been changing these applications that do this... so we should be able to see near-zero penetration of these exploits in the next few years.
RacerX
Old Rhapsody User
Quote from Article:
Well, if Windows is, then Mac OS X surely is... and in fact Mac OS X would be a better choice even with the few flaws it has now.
So if that question was the basis of the article, all one would have to do is look at any data on security. According to MI2G both Mac OS X and FreeBSD seem more secure than Windows or Linux. Funny that that study (which was released last month) didn't make it into this article.
Must be poor research skills on the author's part.
Is OS X safe enough to be a viable contender for running public Web sites and general enterprise applications?
Well, if Windows is, then Mac OS X surely is... and in fact Mac OS X would be a better choice even with the few flaws it has now.
So if that question was the basis of the article, all one would have to do is look at any data on security. According to MI2G both Mac OS X and FreeBSD seem more secure than Windows or Linux. Funny that that study (which was released last month) didn't make it into this article.
Must be poor research skills on the author's part.
well, from a more objective standpoint... let's be honest. the over-confidence of the Mac OS X is basically due to security via obscurity.
2% ya'll. keep it real.
being based on the BSD kernel means that it's likely that OS X is just as susceptible as most other *nix OS's via the BIND exploits.
there were some rights elevation issues prior to 10.2.8, a recent and yet to be fixed Quicktime exploit, and from I keep reading, people are now making strides in writing spyware for the mac now.
But... hey. this article, brings not much to light; but it does make people think. Even the complacent ones.
but we all know that Windows is most targeted because it's the most popular, right class?
2% ya'll. keep it real.
being based on the BSD kernel means that it's likely that OS X is just as susceptible as most other *nix OS's via the BIND exploits.
there were some rights elevation issues prior to 10.2.8, a recent and yet to be fixed Quicktime exploit, and from I keep reading, people are now making strides in writing spyware for the mac now.
But... hey. this article, brings not much to light; but it does make people think. Even the complacent ones.
but we all know that Windows is most targeted because it's the most popular, right class?
RacerX
Old Rhapsody User
gerbick said:
-RacerX raises his hand-
But Mr. Gerbick, isn't Linux the most popular? Isn't the server market the one IT space where Windows isn't the monster power it is in other places?
Very real... because Apple had security as a priority when Mac OS X was being made, so there is less to fix, and fewer things were over looked.
Windows of today is built on legacy code from Windows NT. Microsoft grossly under estimated what it would take to be a server and enterprise solutions provider.
Few people know that HotMail was bought by Microsoft to highlight the abilities of Windows NT 4.0 Server. It was up for about a week with Windows before they had to take it down and ended up replacing it with FreeBSD until Windows 2000 Server came out and was able to handle the traffic.
Apple waited until Mac OS X Server 1.2 before they started serving there own sites. Now both Apple and iTunes are served off Mac OS X Server 10.x.
And we shouldn't forget that Apple (with NeXT before them) had more enterprise experience with WebObjects and Enterprise Objects long before Microsoft got around to their .Net idea.
No one is being complacent that I know of... except Microsoft. And even they are starting to feel the heat of their past carelessness.
Like you said, keep it real here. There are always problems every where. Ya wanta place a bet where the most problems lie?
The "security by obscurity" excuse for Windows's various and sundry vulnerabilities is an assertion made without supporting evidence. Virtually every Windows exploit can be explained in terms of recognizeable design flaws or choices of default services rather than its popularity. By all evidence available to me, Windows XP is the most vulnerable release of the M$ OS yet. Despite assertions to the contrary, it is not the most popular version of Windows. That [dis]honor belongs to Windows 98. However, Windows 98 is immune to many of the worst Windows viruses.gerbick said:
soulseek
It's set to groove
gerbick said:
im bored of ppl like u...
these kinda discussions have been around for years ...
go play somewere else. the fact is that there arent that many security holes in os x
and there arent any viruses. if it was 50% market share for apple.. things would not be that diff.\either accept it and live with it.... or beat it
RacerX said:
Apache and Linux Web Servers were the most defaced last year. However, Linux isn't the most popular attacked via virii and trojans. But you did state server market, so you're 100% correct. I can't argue with you on your points at all.
RacerX said:
Dude, I so agree with you here. I'll never forget how Microsoft took the month of February out last year to "focus on security"... uh-huh. A month.
RacerX said:
Agreed again. But are they feeling heat, or is it slowly becoming an accepted travesty that "you might get hacked, infected, exploited if you use Windows" (?) or is it more like roulette now with tons of lemmings lining up for the next version?
RacerX said:Like you said, keep it real here. There are always problems every where. Ya wanta place a bet where the most problems lie?
I bet you can read my mind on this one
And I love you too, darling ::love::soulseek said:im bored of ppl like u...
these kinda discussions have been around for years ...
go play somewere else. the fact is that there arent that many security holes in os x
either accept it and live with it.... or beat it
accepting status quo has never been my style. especially from unsupported opinions from overt xenophobic conformist. toodles.
I won't say how it's done, but there is one easy way to totally screw over a system. (I don't want any of you hackers to get an idea!). Granted it's not on a large scale such as the viruses that have hit Windows, but nonetheless it can be done.
A HINT: it has something to do with a certain kyeboard combo at startup.
A HINT: it has something to do with a certain kyeboard combo at startup.
soulseek
It's set to groove
for some1 like u, i guess this article will please u !!!
http://www.pcmag.com/article2/0,1759,1408917,00.asp
of course i did laugh @ this article... because the guy is funny..
and im sure u wont really like this next article :
http://www.theregister.com/content/archive/34554.html
anywayz. the article is long!!! read it all ! its interesting !! i think it speaks for itself . no need for me to say anythin else!!!
http://www.pcmag.com/article2/0,1759,1408917,00.asp
of course i did laugh @ this article... because the guy is funny..
and im sure u wont really like this next article :
http://www.theregister.com/content/archive/34554.html
anywayz. the article is long!!! read it all ! its interesting !! i think it speaks for itself . no need for me to say anythin else!!!
dude, cool article. seriously soulseek. even though I use MS products at the office, I'm a (mostly) mac person at the house because I know how inherently secure they are. I love my mac because I can check my e-mail without a lot of fear.
can't say the same about any of my contracts - I handle security for quite a few companies, and can say that I actually earned my MCSD.
Windows... it's atrocious! Microsoft has no concept of security, and as Racer X stated above; Apple took the time to build in security from the beginning. And it shows.
That PC Mag article... I don't agree with much of it, honestly. Glad to see it rebuked honestly.
Sidenote: how can you be tired of me... I've been here longer than you. Even paid the money to keep the site going. Or were you speaking figuratively? Either way, only via questioning the status quo, will things be done... and in this case, I just hope that Apple doesn't' get complacent. And Microsoft (?)... there's no hope for them.
can't say the same about any of my contracts - I handle security for quite a few companies, and can say that I actually earned my MCSD.
Windows... it's atrocious! Microsoft has no concept of security, and as Racer X stated above; Apple took the time to build in security from the beginning. And it shows.
That PC Mag article... I don't agree with much of it, honestly. Glad to see it rebuked honestly.
Sidenote: how can you be tired of me... I've been here longer than you. Even paid the money to keep the site going. Or were you speaking figuratively? Either way, only via questioning the status quo, will things be done... and in this case, I just hope that Apple doesn't' get complacent. And Microsoft (?)... there's no hope for them.
Mmmh... I just want to say that while I appreciate the security of Mac OS X Server, it's plain wrong to feel perfectly secure using it as a server. Basically, Apple is using other people's products for serving DNS, Mail and Web services. And the BIND vulnerabilities of 2002 have shown that these products _do_ have issues just like anybody else's products. And Mac OS X Server inherits those issues, of course. The question is always how fast an exploit is found and how fast Apple issues a security update. Still: Better to start with a good platform. Just never forget to update, patch and stay awake as a server admin.
soulseek
It's set to groove
i wasnt referring to u personally.. im just bored of discussions sayin... apples marketshare is what makes it safe. and its not like that!
questioning the status quo is the only way to go forward...
but its a one thing to question..and a completely diff. thing to judge without knowing !!!
questioning the status quo is the only way to go forward...
but its a one thing to question..and a completely diff. thing to judge without knowing !!!
soulseek
It's set to groove
RacerX said:A HINT: it has something to do with a big hammer.
HAHAHAHHA.. what exactly do u mean ? cant think of anything!!!
the thing with os X is that if u wanna mess up the system u need to have access as an administrator.. more specifically to the root.
and even if u boot through another system, u cant do anythin with the system because u have to deal with permissions...
Krevinek
Evil PPC Tweaker
fryke said:
This is the key... keep your platform up-to-date. Look at the number of large worms over the past year for Windows. How long was a patch available to fix the vulnerability before the worm hit?
1-3 months on average.
Those are some LAZY admins. I would say that MacOS X is as vulnerable as Windows if: 1) You don't keep up with security patches, and 2) You use vulnerable services. I would also say that Windows could be as secure as MacOS X if: 1) You keep up with security patches, and 2) You either disable or find alternatives for vulnerable services. The real problem comes from the lack of keeping up with IT problems.
RacerX
Old Rhapsody User
soulseek said:the thing with os X is that if u wanna mess up the system u need to have access as an administrator.. more specifically to the root.
and even if u boot through another system, u cant do anythin with the system because u have to deal with permissions...
It is a good thing that hackers (the type who sneak in to your home when you aren't looking) don't have access to Mac OS X install CDs.
Lets face it, if someone has physical access, there is no end to what they can do.
Keeping people away from your system has always been important... even back with Mac OS 7/8/9. And forget screwing up or braking into a system, at that point you should worry more about them just taking the whole thing!
Lets all remember that we are talking about remote attacks here. Everything else can be fixed with a good watch dog or a locked door.