The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification. Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What’s more, Mac users don’t need to install firewalls and anti-virus software.
Mac OS X users take time out from bashing Windows to cry foul when their OS’ character is impuned!
More flamebait at 11:00!
And in more pressing news….
Windows Vista Late again, anyone surprised?
More flamebait at 11:10. LOL!
Please, Lord, not again. Can we stop with this already?
Analysts: OMG MAC VIRUSES!1`1!!
Security Pros: Yeah but the risk is still low.
[… a few days later …]
Different Security Pros: OMFG I GOT INFECTED, MACS ARE NOT IMMUNE!!11!
Analysts: Indeed, Macs are not immune, but still hard to infect.
Honestly now … what the F*CK does it matter that Macs are not immune to viruses? Who ever thought they were? Why do the two camps feel the urge to constantly rehash the same old points?
I *know* that OS X is not a cure-all for computer security issues. Big deal — I still like it, and it’s still a whole lot safer than Windows. Just *try* to make me use Windows or Linux on the desktop, but please … for the love of God, shut up already.
Easy tiger.
Yeah, about 80% of the “news” these days are about Vista slipping dates or dropping support and that OS X is susceptible to viruses.
No, the real news is here…
http://finance.yahoo.com/q?d=t&s=msft
why is the Microsoft share price falling through the floor ?
They’re going to be spending more money than analyst thought they would…
So why is it that companies are penalized for the fact that a few analysts somewhere blew a prediction?
/why is the Microsoft share price falling through the floor ?//
Methinks thou has LOADS to learn about finance, the economy, and multi-billion dollar companies, junior.
why would that be ?
I think you on the other hand have been brainwashed by Microsoft for so long, you think something bad is actually good.
the share price is falling, and it is plain from anyone to see… yet you think I need to learn finances ?
Oy.
The share price rises and falls. It’s fallen before. It’s risen before. It will fall again. It will rise again.
Any company with US $40 billion in cash need not worry much about a falling stock price.
I won’t even go into the myriad factors that go into wether a F100 companies’ stock rises or falls in any given day/week/month/year/quarter.
(and fwiw, I own 0 shares of MSFT, unless it’s within one of several mutual funds.)
I think it’s quite telling about your character and logical reasoning capabilities that the moment someone challenges your knowledge about something you don’t know much about, you insult their intelligence and tell them that they’ve been brainwashed by Microsoft.
You don’t run Linux, by any chance, do you?
I guess its because some/many Mac users have claimed for many years (wrongly of course) that Macs were immune. This probably annoyed alot of people and they feel like saying “Haha! The bastards deserve it”. But these news bits do remind me a bit about the story of the boy who cried wolf. There is still no real threat of virus infection to the Mac users.
I *know* that OS X is not a cure-all for computer security issues. Big deal — I still like it, and it’s still a whole lot safer than Windows.
I agree. There seems to be a push lately (but who’s it really coming from?) to give the impression that OS X is “just as insecure and vulnerable as Windows.” Based on what?
Just because a couple theoretical vulnerabilities are found and a couple proof-of-concept trojans have been created doesn’t mean squat. OS X would have a long, long way to go before it could ever even hope to catch up to the current Windows level of insecurity.
All cars are susceptible to crashing, yet some models are still much safer to drive than others. Go figure.
… as it shows principles of getting infected in popular language. I like it as I can use it in persuadng others to try ***X machines. I’ll translate it and put it in my website.
for a Anti-virus vendor?
“What’s more, Mac users don’t need to install firewalls and anti-virus software.”
WHAT??!? They might not need too, but I’d still recommend it. At the very least, every computer in the world should be running a firewall. That’s just common sense in this day and age. I run Windows, OS X, and Linux. All of them have a firewall up and running.
Just out of curiosity, if all the ports are closed per default, what is the gain in having a firewall? Wouldn’t the benefits be marginal?
It all depends on how anal you are and what you’re going to be using your machine for…if you wanted to monitor traffic (incoming or outgoing)on a per-port basis, or if you wanted to do some NAT for…say…an FTP server or mail server, etc. Not everyone will stick with the defaults.
Plus it’s also a matter of who has physical access to the machine. There’s more than one way to get into a computer.
> Just out of curiosity, if all the ports are closed per default, what is the gain in having a firewall? Wouldn’t the benefits be marginal?
My thoughts exactly. A firewall on a desktop computer is a very ugly patch to the real problem – let the user manage the services he’s running, in a user friendly way.
If you want a port closed you’d better not start the service at all – no one has ever hacked trough a non-runnig service (while compromizing firewalls and NATs is the norm).
It prevents bad things happening in case the user accedently opens up port, or some program he installs opens up a port for him.
“Wouldn’t the benefits be marginal?”
pretty much. in fact, some might argue that they can be the opposite of benefitial:
http://web.mit.edu/kerberos/firewalls.html
Is there even any anti-virus software for OS X (that doesn’t just deal with Windows viruses?)
Also, if you have a firewall between you and your internet connection, there’s no need for EVERY computer to have one.
There is, but they’re not nearly as “vast” as the Windows ones.
You’re right. I should have been more clear. Every computer should be behind one.
Not many homes have a network, though, which is why I worded it the way I had, but thanks for pointing that out.
Not many homes have a network, though, which is why I worded it the way I had, but thanks for pointing that out.
You’re welcome, and that’s true enough. I guess I’m just too used to using routers to avoid USB ADSL modems!
Edited 2006-05-03 20:53
You’re not the only one, I work at a call center for a major ISP, and even the people who call in and have no clue about the internet have routers. I’d say at least 80% say they have a router. Its just more convenient than having a direct connection (except for things like forwarding ports, ugh).
Also, if you have a firewall between you and your internet connection, there’s no need for EVERY computer to have one.
Well, I’m sorry but I don’t agree because if you don’t use a firewall per host then you’ll someday have troubles on your LAN…
A so-called admin in the company I work for told me exactly the same thing and it wasn’t hard to prove him wrong. Consider the fact that we have laptop users who work from their home or wherever they want, once they get a virus/trojan/spyware/you name it and that the laptop is plugged on the LAN again, then the firewall at the “entrance” of the LAN won’t protect ANY of the other hosts on the LAN. Firewall is a must have for EVERY host that’s connected onto a network, it’s that simple ! Do you think it’s by coicidence that EVERY major OSes provide a firewall?
>> “What’s more, Mac users don’t need to install firewalls and anti-virus software.”
> WHAT??!? They might not need too, but I’d still recommend it.
You do not need to install a firewall, because (besides all ports being closed by default) the OS come bundled with one as decent as a firewall can get.
Not installing does not mean not running one, if you already have one installed wether you want it or not.
And regarding virus… I’ll install one as soon as there is one single identified one, really. But in the meantime I’ll dedicate those clock cycles to something that actually has some purpose.
“You do not need to install a firewall, because (besides all ports being closed by default) the OS come bundled with one as decent as a firewall can get.”
Yes, I know that. I didn’t say to necessarily install one, just to make sure one is running. ;P
I agree about anti-virus on *nix or OS X, which is why I skipped that part. People running Windows, however, should have anti-virus installed and running.
Hold on, let me log into one of our Mac servers remotely.
Holy Hosts Batman, MacOSX has TCP Wrappers!
I can allow and deny connections.
Look’ee there too. I can disable ports or redirect them.
Maybe some people should read the `fine` manuals before they post crazy stuff from the Arkham asylum for the mentally `gifted`.
Indeed. It really boils down to one simple fact: no computer is 100% secure. Some may be less secure than others, but that doesn’t mean people shouldn’t exercise a little caution. All this media hype is beyond ridiculous.
Of course Mac OS has Viruses and bugs. But at the same time these problems are (hopefully) fixed in the updates. I have yet to receive a Mac/Linux/BSD virus. But there was a time where I had 70 emails a day with attached Windows executables.
To put things into context…
Mac OS, Linux and BSD do not suffer from the same scale of Viruses as Windows. And its because every time a “bad” program runs the user has to use the admin/root password (if the user has not been really daft).
`All cars are susceptible to crashing, yet some models are still much safer to drive than others. Go figure.`
Agreed. Here is a point using the above metaphor. I can purchase an automobile. It can be models: W,M,L,U, or B.
Even if I drive the safer models of U,M,B, or L. I still have to watch out for model W. Why? Just becuase it `is` the dominant model of automobile with 90 percent of them on the road. No. That’s not the problem. Maybe it’s a driver `PEBCAK` issue. Who knows.
Aside from the fact many W drivers are constantly patching leaks (some of which they are notified of by the manufacuter and get automatic recalls on), changing their oil from one grade to another, allow car-crakers into their vehicles without knowing, and have trouble with their engines freezing up or restarting in the middle of the interchange … this does not scare me.
It’s those that drive model W. They swear they have no problems with their vehicles and drive like maniacs. There are the same types that head right into the red-light and trojan side of town. Heck some people just roll down their windows and get infected while driving by.
I, as a long-time systems mechanic, prefer to work on models U, M, L, and B. They are just great cars to work on and have a superior design and safety record. I’m sure some mechanic or technician can actually build and test a ‘flaw’ in the design but I haven’t really seen those work outside the garage.
Edited 2006-05-03 17:57
er … that was kinda H,A,R, and D to follow. But I think there was a good point in it. Somewhere.
Yeah, you may be right. Maybe I need to dumb it down a little. Just tired of Microscrap users calling who lost their tool bar and want to how we’re going to help them get it back.
I have a few ideas but that might be physically impossible. Maybe I’ll just threaten to install Linux if they don’t try to think a little.
Just tell them to boot to a DOS prompt and type in format C: 🙂
I tried doing that and here is what the output was:
C:Documents and SettingsXXXXXXXXX>format C:
The type of the file system is NTFS.
WARNING, ALL DATA ON NON-REMOVABLE DISK
DRIVE C: WILL BE LOST!
Proceed with Format (Y/N)? y
Verifying 38154M
Format cannot run because the volume is in use by another process. Format may run if this volume is dismounted first.
ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID.
Would you like to force a dismount on this volume? (Y/N) y
Cannot lock the drive. The volume is still in use.
Edited 2006-05-04 03:00
Doesn’t this make you want to be a tech writer? Easiest money a writer will ever make, you just can’t afford to take much pride in it. But maybe those vacations to Maui and Mazatlan will make up for that empty hole.
I used to have windows xp home on my laptop; and my main user which is also has administration rights has a very long and strong password. I felt safe because I always updating my system and don’t click on suspecious attachments or phishy websites.
But, after two years, I discovered that the root user (administartor) actually has no password. WTF is that;
“But, after two years, I discovered that the root user (administartor) actually has no password. WTF is that;”
That’s because when you set up the system you did not enter an administrator password. Not Windows fault you just clicked through without reading the screens.
Seems to me I remember being forced to enter a PW when I set up my Mac. The fact that Windows does not do so just demonstrates what happens when your OS is insecure by design.
If your house has windows in it, how safe is it?
I will start to worry the day when using my Mac or Linux machine means that I could get hijacked by happenstance.
The day I pick up the paper and read that a worm has devastated the Mac community. Then I will run out and get that virus scan that Mcafee has been trying to sell me.
As a matter of fact lets just take a simple glance at Mcafees website.
Hummmmm, almost all the vulnerabilities in Windows are rated medium, high and critical (Mostly high) while for Linux and Mac, although the amount is growing, the threat level is almost always low and medium. Why is that?
Here goes a link to the Mcafee threat center: http://www.mcafee.com/us/threat_center/default.asp
You get there and the first thing you see is:
BREAKING ADVISORY
April 24, 2006. There are no patches available for the Mac OS X vulnerabilities disclosed last week. As proof-of-concept code is available, Mac OS X users should be careful opening media files from unknown origin and visiting un-trusted websites. Learn More.
They then give you a link to this site: http://www.security-protocols.com/modules.php?name=News&file=articl…
(Strange that Mcafee doesn’t have it’s own research but is linked to a site that looks like a 15 year old put it together)
So I look through what they have listed on the above site and I see a bunch of Medium problems? And one listed as high that when you read through it should prob not be listed as high???
My point is that most of the bad facts out there about the Mac OS seem to be put out by people who want to sideline the Mac OS. None of this was running around till Mac went to Intel?? Hummmm, I wonder why! Anyway, call me when the mass outbreak happens and then I will worry. Till then lets continue to wonder when Vista will be out. I hear they are taking bets on Golden Palace.com to see if Vista comes out before or after Jan 1 2007. Place your bets now!
Anyway It’s just a fact that the current versions of Windows are not that secure as the Mac OS or Linux. And when there is a hole (Why there are still so many holes in a 5 year old OS confounds me!) There are mush bigger effects to the machine if someone takes advantage of the hole.
Edited 2006-05-03 18:31
… to get my document corrupted by a virus ? or even having a zombie running while I work with my comp.
hey why not asking a hacker to run a bot on my desktop.
More seriously security alert even if they seem insignificant should never been taken lightly. As much as backups are importants.
Linux / BSD sofware are “more” secure because of the auditing tools available for these systems (audit of source code and audit of setup). Plus these systems are not for the adverage user ( or if they do use them they are severly limited in the use of such system ).
We agree that there is not such thing as an impenetrable system when it offers networked services.
? “Plus these systems are not for the adverage user ( or if they do use them they are severly limited in the use of such system ).”
Hummm, my mother, brother, sister and grandmother all use Linspire on Desktops and Laptops. Granted Linspire is not great, but I don’t worry about viruses, and I don’t worry about them not doing the things they want to do, like Webcams, DVD’s, Music, games, documents.
I don’t know what you mean by limited. The only limits I see are the fact that some Windows apps are not written for Linux, but that is not a reflection of the OS it’s self.
My brother didn’t like it at first, but when he started to see his friends that use Windows dropping off like flies he was HAPPY to have his Linspire machine!
//and I don’t worry about them not doing the things they want to do, like //
… using 99% of the software the see at Best Buy or CompUSA.
//My brother didn’t like it at first, but when he started to see his friends that use Windows dropping off like flies //
No offense, but your brother must have some very ignorant friends. I’ve used Windows OS’s since 1995, and I’ve had maybe a half-dozen virii on the 15 or so computers I’ve used … and both were immediately detected and deleted by my AV program.
Oh, the agony of using Windows. Yes, I see it clearly, now.
Wow, so I guess all users are ignorant but you? LOL!
Hummmmm, so I wonder why major companies also fell victim to the blaster worm, a bunch of government agencies etc. Wow, I guess everyone is dumb.
The funny thing is that my brothers friends are just as ignorant as they were when they were using windows but now most of them use Linux or have Macs and yet don’t have the same problems (And they don’t have virus scan software at all on those machines) I wonder what changed?
Oh yea now they don’t have to worry about the 100,000 plus Windows viruses, thousands of worms and thousands upon thousands of spyware apps running lose.
Also you miss spoke or I can’t read, you said “I’ve had maybe a half-dozen virii on the 15 or so computers I’ve used” then you said “and both were immediately detected and deleted by my AV program.” Half dozen =6 so you missed like 4. LOL!
Anyway I have been using Linux since like 1995 or so and never had a virus period. And that is on servers (I do web hosting on Linux, I run my phone system on Linux, I run my firewall and gateway on Linux and I run 50 plus users on Linux on the desktop in my office) On desktops, firewalls, routers etc. Hummmmmm.
Oh and please name one important piece of software at comp usa or best buy that you would really need that I can’t get. Cause if I need photo shop or something like that bad I can run crossover office for now and it’s all good. But most of that crap is what messes up your Windows machine anyway, people just install any ole thing!
The truth is in reality you can’t compare Windows security to Linux or Mac os, the facts on that speak for themselves. Remember that even though most PC’s run on Windows the Internet runs on Linux, BSD and Unix. And the internet hums along just fine!
Edited 2006-05-03 20:45
//Wow, so I guess all users are ignorant but you? LOL! //
Umm … do you even know what ignorant means?
In regards to the rest of your diatribe … the point stands that you can (and many have) get a stable and virus-free Windows system, with minimal effort. *If* you follow some basic rules, it’s pretty damn hard to get a properly-configured XP install hosed by virii/spyware/whatever. If you (or your brother’s friends) can’t be bothered with it, then that’s your choice, and that’s fine.
And … of course, other OS’s can be more secure, and other OS’s are likely better candidates for some server work. But no OS is an universal answer for all IT problems. If you think that’s true, then you really *are* ignorant.
There is no universal answer for any IT problem. But some answers are better then others.
The problem is that I have to “GET” a stable and virus-free Windows system! Which means as I have been saying that it’s not even close to that out the box, not only do you have to do work to get it that way, but I have to spend extra money on extra software and pay a never ending license fee (For Mcafee or Symantec)to get even close. On top of that I have to get spyware software, I have to STAY on top of patches and install them like crazy! (Yes I must install patches on my Macs and my Linux machine, but I don’t have to freak out when I do, and it’s very seldom that I have to cry cause I didn’t test the patches and my machines get jacked up.)
Yet it’s not so hard to get the same thing for less work, less hassle and less maintainence for free.??? Now that is a sad shame.
I work in an office of 300 users, 250 on Windows 50 on Linux. The security team just runs passive scans on our Linux machines to check ports etc, since most problems on Linux are normally related to server software like PHP and Apache our desktops never make a peep! On the Windows side they have to run what they call a deep reflex scan, go all into the registry, looking for hidden spyware. We had to pay almost 200,000 to get the plugin to Mcafee enterprise that handles spyware removing.
Guess how much we paid for our Linux machines? $0 (Not including the hardware) And what did we do to make the machines secure, ummmmm, install latest patches, turn on firewall, done. Took all of 10 minutes. LOL!
So please when you compare secure to SECURE your best bet is to compare Windows to other Windows versions, not to real multi user operating systems.
On a final note Linux is as old as windows. Came out the same year if I am not mistaken. Yet Dos had as many virus issues as Linux has now. LOL! (And most dos machines were not even networked! LOL!) Shows you MS’s history!
Edited 2006-05-03 21:49
I agree with you in saying “out of the box” a desktop Linux system is more secure than XP … goes without saying, for various reasons.
But, in regards to:
// but I have to spend extra money on extra software and pay a never ending license fee (For Mcafee or Symantec)to get even close. On top of that I have to get spyware software, I have to STAY on top of patches and install them like crazy! //
Extra money? I paid $0 for AVG AntiVirus, SpyBot, AdAware, and Kerio Firewall (and firewall software shouldn’t be necessary in an office of 300 computers …I’m sure you’ve got a Cisco PIX or other firewall already setup).
So … zero dollars for antivirus/spyware checker/firewall.
And installing updates … come now … “set it and forget it” and reboot a few times a month? Not that big a deal, really.
First off set and forget patching is crazy in Windows. For instance we just had to back off the April patches for Windows XP because like 200 users could not copy and paste or cut and paste in office XP without the dang machines locking up!
As for Anti Virus in an enterprise no one is going to use the Free version of AVG when it has no enterprise track record, people will buy Mcafee or Symantic.
And maybe I am not seeing it but the home version of AVG looks to be cheap but not free. (Unless you bootlegging it)
Spybot and Adaware are ok but they don’t work 100% or even 90% and on top of that the free versions don’t work in real time. So you can still get spyware and then you will spend a hell of a time trying to get the crap off (Which is why after testing we went with the Mcafee software for realtime spyware scanning.)
Wait, wait, wait why am I even going through all this, so what you can get all that crap for free? Why should I have to worry about that crap in the first place, I don’t have to think about it on my Mac or on my Linux boxes?? But I have to spend extra time worring about it on Windows! That sucks.
And you are right, I don’t need a firewall on the PC’s (Even though on my Linux machines I have them turned on) But we actually have offices all over the world including China and Russia, which means it’s possible (And has happened) that attacks could come from inside the network so extra protection doesn’t hurt.
Edited 2006-05-04 14:55
“No offense, but your brother must have some very ignorant friends. I’ve used Windows OS’s since 1995, and I’ve had maybe a half-dozen virii on the 15 or so computers I’ve used … and both were immediately detected and deleted by my AV program.”
Ahh, a newcomer to windows. 🙂 Actually, in times past when I used to run Windows and test for Symantec I kept several hundred thousand virii contained on my system. The number these days is much larger. Given that you would be hard pressed to round up more than a handful for Mac/UNIX/Linix, what more needs to be said?
OSNews should also post this bit about an OpenBSD virus.
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0153….
TechniCookie wrote:
“I guess its because some/many Mac users have claimed for many years (wrongly of course) that Macs were immune. This probably annoyed alot of people and they feel like saying “Haha! The bastards deserve it”. But these news bits do remind me a bit about the story of the boy who cried wolf. There is still no real threat of virus infection to the Mac users.”
There were Mac viruses for Classic back in the day. But even then Mac OS 9 viruses weren’t as destructive as the ones in Windows of that time.
The Classic Mac OS has never been cracked. It was very secure because it has no telnet built into it and it didn’t came with its ports open.
Of course that was in those times, if you want to crack Classic today with the new tools of today, that’s a different story.
Of course that was in those times, if you want to crack Classic today with the new tools of today, that’s a different story.
Cracking OS9 and down (Classic) is pointless. It will crack itself.
Thom_Holwerda wrote:
“Cracking OS9 and down (Classic) is pointless. It will crack itself.”
You’re right! Just like Windows 9.x crack itself even more today than it always did back then.
Just like Windows 9.x crack itself even more today than it always did back then.
It has nothing to do with back then and now. Classic was never designed to be a multi-tasking OS, unlike Win9x. Cooperative multitasking was at best a hack and the stability and security of the OS suffered because of it.
someone wrote:
“It has nothing to do with back then and now. Classic was never designed to be a multi-tasking OS, unlike Win9x. Cooperative multitasking was at best a hack and the stability and security of the OS suffered because of it.”
Windows 9x wasn’t a true multitasking either. NT and OSX are the true multitasking OSes.
Stability? Do you remember Windows ME?
With Windows ME I couldn’t even open Office without a blue screen. No to mention how slow and terrible that OS was doing normal tasks.
On Mac OS 9, I remember been able to finish whatever tasks I was doing. Tasks like, Programming, Designing Pages, Recording music with ProTools, etc.
I wonder if these kind of discussions will happen when better OS than OSX and XP/Vista are around.
The Classic Mac OS has never been cracked. It was very secure because it has no telnet built into it and it didn’t came with its ports open.
Classic didn’t even have protected memory. That should tell you how secure and crack-resistant it is.
Edited 2006-05-04 13:47
someone wrote:
“Classic didn’t even have protected memory. That should tell you how secure and crack-resistant it is.”
Are we talking about crashing the machine? Because Windows and Mac OS had their equal crashes back then.
Taking control of the machine with malware or hack (cracking) was something easier done on Windows 9x than Mac OS Classic.
all Ports off.
exe can’t execute without identifying themselves and prompting me for action.
Explorer, and Office Macros can’t run on the machine, and there is no activeX or VB on the machine.
I use “little snitch” to monitor all outgoing traffic, use Safari for most web work except for some specific sites where I use firefox.
Why is it exactly that I need to have antivirus or firewall?
There might be some know vulnerabilities in the os, but there are no know bugs, so how is AntiVirus software going to help me?
you know its like the Bird Flu, until you have a real vaccine, you are pretty much screwed as there is no real way of stopping it short of killing all birds around you.
(hmm getting rid of all windows machines is a very nice thought though)
Especially if whatever bug would most likely circumvent whatever the AV software companies had in mind?
I HATE FUD, and all the dumbasses that push it.
hmmm do I have a real reason to use a firewall?
Nope no reason at ALL.
dorks.
(oh I also hate windows ‘experts’ telling people that all computers should have antivirus and firewalls cause you know Windows Machines need them, so everyone else needs them right?)
hugh!
PS: people that wear shoulder pads, elbow pads, knee pads, helmets, gloves, shin guards, etc, while riding their bikes are DORKS.
PPS: this is a flame cause its the only answer to the dumbass fud being constantly spewed by security ‘sexperts’ these days.
PPPS: don’t reply to this comment as it is a stupid inflammatory rant, even if it is true.
Mac is safer not because it is technically safer but because a mac user is a nicer person and will not harm other mac users. This effect is so strong that even if a windows virus writer wants to try to write a mac virus as soon as he seats him self behind a mac he can not write a virus anymore.
Most OSNews readers probably don’t understand this because of their literacy on the subject (computers in general) but in a noob point of view (me for example) the thing translates to:
-I will buy a Mac because I don’t know how or don’t want to have any concerns about security and someone told me Macs are 100% safe.
-Macs now can be exploited by malicious software…
-z0mg, what to do now????
It will take time to make people understand that any OS can be exploited in some way.
Security through obscurity will not hold out much longer for OS X. I recently wrote a blog on the general linux, windows, osx security issue:
http://blog.myspace.com/undriedsea
Mac OS X is much closer to Windows than Linux in security in my opinion, but please form your own
“Security through obscurity will not hold out much longer for OS X. I recently wrote a blog on the general linux, windows, osx security issue: ”
I think you miss the point. It is not so much security thru obscurity, but rather security by design. There are far more servers out there running Linux than are running Windows. If your theory were correct the Linux servers would be the ones being compromised rather than the Windows servers. But that is definitely not the case.
One other reason Windows gets whacked so much is because it is just so darn easy to do.
I said: “Security through obscurity will not hold out much longer for OS X” this is becuase i belive OSXs security is based more on obscurity than design (see my blog for evidense of this). On the other hand, I belive Linux’s security is based on good design (there are many more servers running linux than OSX, linux is a hacker target and holds up well). So you are reading more into what I said than what in really said. We are probably in agreement on the issue at hand.
They do get compromised.
I am sorry for you but your opinion just suxe.
What are you comparing with your charts ?
A whole OS (Mac OS X) security holes VS a kernel (Linux 2.6) security holes. Are you kidding ?
This sound just like a joke, especially when you are comparing the security holes of Mac OS X and the linux kernel 2.6 since 2003 when the last one was released in 2004 …
Your blog is just another linux fanboy point of view …
“I am sorry for you but your opinion just suxe.”
You have a right to think so, but there is no need to be rude and disrespectful
Edit: Also, you are correct, so that means when viewing those graphs perhaps you should focus on the Severity, Locality and Type percentages rather than on total number of exploits. The smaller sample period may make the linux results there less relible, but there is nothing that can be done about that. I guess I thought everyone would make this realization when they looked at the data.
Edited 2006-05-04 14:18
“but there is nothing that can be done about that.”
Perhaps if you compare a Linux Distribution (which is an OS) between Mac OS X (which is also an OS) instead of a kernel between an OS, something can be done …
The only thing you are proving is that the linux kernel alone as almost as security holes than Mac OS X or Windows.
Compare the Mac OS X kernel XNU between the Linux kernel and then you should be able to talk.
“The only thing you are proving is that the linux kernel alone as almost as security holes than Mac OS X or Windows.”
A thousand pinholes is far better than a thousand semi sized holes. Its worth noting that Linux did have less than the other too. Your conentration on volume is not the concentration of my blog. I am talking about severity, locality and type.
Again, you seems to not understand that almost all critical security holes came from software outside the kernel.
On Mac OS X, almost all critical security holes came from safari, not mac os x itself (and you are not obliged to use safari …).
I pretty much disagree with the author on his many points and here is why
http://rjdohnert.wordpress.com/2006/05/03/mac-os-x-safe-after-all/
I hope you get banned for linking your blog every damn time you comment and not actually putting your thoughts IN YOUR COMMENT.
“Mac is safer not because it is technically safer but because a mac user is a nicer person and will not harm other mac users. This effect is so strong that even if a windows virus writer wants to try to write a mac virus as soon as he seats him self behind a mac he can not write a virus anymore.”
I cant tell if you’re being ironic or if you are completely delusional.
Mhm, there are other places to get software, on windows I’m not even capable of installing my favorite programs: konqueror, amarok, k3b…., besides, it really depends what task you want to do, there are almost always free alternativs that do match up to their commercial counterparts. Instead of looking at what program to use, one should better look to the task he/she would like to accomplishe. For games this is of course a bit different :s, sadly enough…