[steve477668]

Techworld.com - Mac OS X security myth exposed

time to put my useless firewall back on then

[cgc]

I wouldn't get worked up about this, it's hype to attract people. I would leave that firewall on though.

[Sherman Homan]

From the Article:

Mac OS X doesn't stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004, 61 percent could be exploited across the Internet and 32 percent enabled attackers to take over the system.

I haven't heard of a single case.

[Chuckit]

Do a poll of all the computer users you know to see how many have been hacked or infected with malware. Feel free to weight the results to account for the likely smaller number of Mac users. You will find that whatever Secunia says, Macs are safer than Windows PCs.

[shinji]

Not sure why you turned off your firewall? I use my router, and I've got OS X's version of ipfw turned on.

You're a lot safer from trojans, keyloggers, browser exploits, etc. on a mac. Apart from the nicer interface, that was one of the main reasons I switched.

[besson3c]

I'm just afraid that the idea that the Mac is invincible from any security exploit will grow to the point where people start to become burnt by the dissemination of this myth.

[TETENAL]

Originally Posted by steve477668 

Techworld.com - Mac OS X security myth exposed

One thing the hard figures have shown is that OS X's reputation as a relatively secure operating system is unwarranted, Secunia said. […] "Secunia is now displaying security statistics that will open many eyes, and for some it might be very disturbing news, […] The myth that Mac OS X is secure, for example, has been exposed."
[…]
Windows XP Professional saw 46 advisories in 2003-2004
[…]
Suse Linux Enterprise Server (SLES) 8 had 48 advisories in the same period
[…]
Red Hat's Advanced Server 3 had 50 advisories in the same period
[…]
Mac OS X doesn't stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004

I don't know, but with the least amound of advisories that would count as "relatively secure operating system" for me. Even if you factor in the percentage of highly critical bugs OS X has still the fewest of them. I was expecting something more spectacular.

Anyway, in the four years since those security issues (why is this data so old?) the amount of malware and viruses for OS X is still pretty low.

[ghporter]

This article is from THREE YEARS AGO. And Apple has distributed a large number of patches since then, along with what-two OS upgrades? Besides, most of the advisories the article refers to are about minor holes that can crash a program or otherwise cause minor problems. XP advisories tend to be about stuff like "visiting a malicious web site could allow the download of an invisible ActiveX tool which gives the writer unlimited, administrator-level remote access to the user's machine."

OS X is more secure than Windows because it is fundamentally different. Instead of hundreds of interlinked files providing everything from minor functions to the core of the OS, OS X is built from components that are nowhere near as interdependent. Hosing up a few OS X files will cause funky operation, but not compromise the whole OS. Can't say that about Windows...

[steve477668]

Originally Posted by shinji 

Not sure why you turned off your firewall? I use my router, and I've got OS X's version of ipfw turned on.

You're a lot safer from trojans, keyloggers, browser exploits, etc. on a mac. Apart from the nicer interface, that was one of the main reasons I switched.

i do usually keep my firewall on, but ive been trying to get a Ftp server running so its been off for a while...
i have the routers firewall (spi) and little snitch, but when i think of all the ports ive got forwarded then its probably not worth having any of it
i suppose thats why the original article caught my attention, as i switched from a windows machine to a mac about a year ago, i rarely crash this mac as much as my old windows machine, it never gets viruses, i keep all of my internet bandwidth (instead of having three quarters of it taken up by spyware), and i dont have to chase popups around all day. *sigh*
the list really does go on....
so is windows more secure than osx?...

[ghporter]

Originally Posted by steve477668 

so is windows more secure than osx?...

Read my post above. NO, Windows is NOT more secure. And because of its structure it CANNOT BE AS SECURE as OS X. Further, the way updates are issued by MS is not nearly as effective, and when you're talking about managing servers, it's completely dysfunctional.

That THREE YEAR OLD article was hype then, and it's hype now. And before you start thinking I'm some Mac fanboi, I earned my BS is in Computer Science working with Windows computers. I also spent many years in a corporate computer security position dealing with some extremely sensitive materials. I'm not quoting hearsay, I'm stating established, scientific fact: Windows XP (and probably Vista) is by its very nature, prone to exploits that cannot possibly work on OS X.

[steve477668]

Originally Posted by ghporter 

Read my post above. NO, Windows is NOT more secure. And because of its structure it CANNOT BE AS SECURE as OS X. Further, the way updates are issued by MS is not nearly as effective, and when you're talking about managing servers, it's completely dysfunctional.

That THREE YEAR OLD article was hype then, and it's hype now. And before you start thinking I'm some Mac fanboi, I earned my BS is in Computer Science working with Windows computers. I also spent many years in a corporate computer security position dealing with some extremely sensitive materials. I'm not quoting hearsay, I'm stating established, scientific fact: Windows XP (and probably Vista) is by its very nature, prone to exploits that cannot possibly work on OS X.

sorry, i didnt mean offence, but as my title says (and my post), i am only just getting started using macOsx so i think im allowed a little dysfunction.


http://forums.macnn.com/images/smilies/argue.gif

[ghporter]

No problem. This is one issue that irritated me about some Mac users, not only when I got started with Macs, but pretty consistently. "We're invulnerable" was way that attitude came across. That sort of arrogance is both unfounded and unhelpful, because Macs are NOT invulnerable. But to hurt a Mac, you usually have to get the Mac user's help.

The kind of sneaky ways Windows malware gets into a PC is not what happens with Macs. Instead, malware for Macs depends on social engineering. The site or email promises something a Mac user might want, and so a lot of naive users can get caught up by the hook and hurt themselves. We're all good people, right? Yeah, right! NEVER trust "something for nothing" or "too good to be true" offers. That's just smart surfing.

But at this point in time, while you can find tons of web sites that don't work properly with Safari, you CANNOT accidentally hurt your Mac by just visiting a web site, and it's pretty much impossible for the other common ways that bad guys use to get at Windows to hurt your Mac either.

[besson3c]

Originally Posted by ghporter 

No problem. This is one issue that irritated me about some Mac users, not only when I got started with Macs, but pretty consistently. "We're invulnerable" was way that attitude came across. That sort of arrogance is both unfounded and unhelpful, because Macs are NOT invulnerable. But to hurt a Mac, you usually have to get the Mac user's help.

The kind of sneaky ways Windows malware gets into a PC is not what happens with Macs. Instead, malware for Macs depends on social engineering. The site or email promises something a Mac user might want, and so a lot of naive users can get caught up by the hook and hurt themselves. We're all good people, right? Yeah, right! NEVER trust "something for nothing" or "too good to be true" offers. That's just smart surfing.

But at this point in time, while you can find tons of web sites that don't work properly with Safari, you CANNOT accidentally hurt your Mac by just visiting a web site, and it's pretty much impossible for the other common ways that bad guys use to get at Windows to hurt your Mac either.

There are many other ways to penetrate a Mac though:

- Exploit vulnerabilities of running service, if any (e.g. Samba, Apache, FTP, etc.)

- Exploit vulnerabilities of any third party application that listens for incoming connections or sends a password outbound in the clear

- Install a keystroke logger on a public workstation

Like you said, there is also all of the social engineered attacks that are quite common on Windows that would work the same way on the Mac. Authentication won't even be necessary to, say, delete the contents of your home directory.

[Chuckit]

Originally Posted by besson3c 

There are many other ways to penetrate a Mac though:

- Exploit vulnerabilities of running service, if any (e.g. Samba, Apache, FTP, etc.)

In practice, not that easy because there aren't very many vulnerabilities with tried and tried software like that.

Originally Posted by besson3c 

- Exploit vulnerabilities of any third party application that listens for incoming connections or sends a password outbound in the clear

What application sends your system password in the clear?

Originally Posted by besson3c 

- Install a keystroke logger on a public workstation

That's not really penetrating any more than I penetrated that open house I visited the other day.

[besson3c]

Originally Posted by Chuckit 

In practice, not that easy because there aren't very many vulnerabilities with tried and tried software like that.

Are you kidding? Look at the errata for any Unix distro, and you'll find Samba exploits from time to time as well as plenty for NFS, Apache, ipfw/iptables, etc. Of course they exist, don't be naive.

What application sends your system password in the clear?

I don't know, but there are lots of applications that authenticate to external services: any instant message client, Foxmarks, perhaps a network backup app, the iPhoto gallery plug. Granted, this password may not be the same as your system password, and I don't know which of these send passwords in the clear, but the point is that this is possible (I never said probable). A number of people consolidate on a single password for everything.

That's not really penetrating any more than I penetrated that open house I visited the other day.

Sure it is. Install a keystroke logger on any network with a centralized authentication source - be it Kerberos, Active Directory/LDAP, whatever. If you can obtain this password, you have access to their network accounts. This authentication information could be the same as the user's system info (in fact, it would be if OS X itself authenticated to these same services, which is likely in environments where these services exist), and regardless, technically you could say that such an exploit occurred on a Mac, no?

[analogika]

Originally Posted by besson3c 

There are many other ways to penetrate a Mac though:

- Exploit vulnerabilities of running service, if any (e.g. Samba, Apache, FTP, etc.)

Not an issue, because none of these services are actually RUNNING on a default system.

You have to explicitly turn them on, in which case a) you generally know what you're doing, and b) ghporter's point that Mac exploits need the explicit assistance of users (and thus a heavy degree of social engineering) still stands untouched.

Originally Posted by besson3c 

- Exploit vulnerabilities of any third party application that listens for incoming connections or sends a password outbound in the clear

This is a point that does not affect the Mac, though - it affects external services, exclusively.

That's like saying the Mac is insecure because you can still receive a phishing e-mail and enter your eBay account details on a forged site.

Like, duh.

Originally Posted by besson3c 

- Install a keystroke logger on a public workstation

Or better yet, STAND BEHIND THE USER and watch him enter his password.

OMFG MAC OS EX SECURITY ISSUE!!!!!!!11

Originally Posted by besson3c 

Like you said, there is also all of the social engineered attacks that are quite common on Windows that would work the same way on the Mac. Authentication won't even be necessary to, say, delete the contents of your home directory.

Of course not.

But running a script to delete a user's home directory is the most pointless and mind-numbingly STUPID thing a "hacker" or script kiddie could want.

The entire point of malicious software is to control as many machines as possible - for fun or for profit.

Writing a trojan to delete some unsuspecting users' home directories has neither replicated and spread the program, nor has it benefitted the creator of the code in ANY way - not in recognition, nor in saleable value.

It's like peeing in a jar of soup and putting that back on the supermarket shelf.

If that floats your boat.

[besson3c]

Originally Posted by analogika 

Not an issue, because none of these services are actually RUNNING on a default system.

You have to explicitly turn them on, in which case a) you generally know what you're doing, and b) ghporter's point that Mac exploits need the explicit assistance of users (and thus a heavy degree of social engineering) still stands untouched.

If you design a gun into an interface, users will consistently shoot themselves with it. There will be many users that will enable one of these features while trying something out, leaving it enabled, or enabling them for some other reason. While it is true that these cannot be exploited while they are disabled, my point was that they are a part of OS X, and they do play into the fact that Mac OS X is not impervious from attack like ghporter was saying.

This is a point that does not affect the Mac, though - it affects external services, exclusively.

Do users that think that their Mac is invincible know this?

Or better yet, STAND BEHIND THE USER and watch him enter his password.

Did I say that this is an OS X security issue? We've had several keystroke loggers installed around here though, it does happen.

Of course not.

But running a script to delete a user's home directory is the most pointless and mind-numbingly STUPID thing a "hacker" or script kiddie could want.

The entire point of malicious software is to control as many machines as possible - for fun or for profit.

Writing a trojan to delete some unsuspecting users' home directories has neither replicated and spread the program, nor has it benefitted the creator of the code in ANY way - not in recognition, nor in saleable value.

It's like peeing in a jar of soup and putting that back on the supermarket shelf.

If that floats your boat.

Sure, but like I said, however improbable, it still means that OS X is not invincible. That was my point, and a pretty simple one really. Sorry if I wasn't clear.

[OreoCookie]

People, no reason to get into such a heated argument.
Fact is, there are vulnerabilities in OS X just like in any other OS. Fact is, that these have not been exploited by malware or viruses yet (other than occasional proofs of concepts). Macs aren't targeted (yet) by script kiddies and whatnot, but that may change.

For sure I didn't have to reinstall my computer because of virus infestations (my brother had to do that on my parents' computer two, three times a year before spam filters were commonplace).

However, I do think that *nix-like OSes (like OS X or Linux) are easier to secure/fix different parts separately, with Windows a lot is just mingled together (e. g. take over IE and have full access to all files).

[NobleMatt]

From my limited knowledge macs were always seen as a very safe platform because their market share was so small that they were'nt worth targeting, but Mac's are on the up and the more and more popular they get the more and more unsecure users will become.

(sorry if someone has already pointed this out)

Matt

[analogika]

Originally Posted by crazyreaper 

From my limited knowledge macs were always seen as a very safe platform because their market share was so small that they were'nt worth targeting, but Mac's are on the up and the more and more popular they get the more and more unsecure users will become.

(sorry if someone has already pointed this out)

Matt

That was true for OS 9.

It is NOT true for OS X, as, for example, its entire network stack is BSD-based, which is fairly widespread among publicly accessible systems, and which, by virtue of its reputation as being pretty much the most secure networking environment alone, is (probably) used for a number of servers that would be WELL worth compromising.

We're about four years past the "security by obscurity" arguments.

Either way, this thread is precisely about the REST of the story.

[NobleMatt]

right, thanks for that little snippit of info

[analogika]

Just thought of a good way to put it:

The Mac never used to be a *worthwhile* target. This is changing.
Mac OS X, however, an extremely *difficult* target. This is not changing.

[Chuckit]

Originally Posted by analogika 

That was true for OS 9.

Actually, it wasn't true for OS 9. Even though it didn't have much in the way of marketshare, there was a small but not completely insignificant amount of malware for OS 9. A design place I used to work got infected by one virus, and I know there were several others in the wild.

In contrast, the number for OS X — even today — is zero.

[Catfish_Man]

My stepdad got hit by a rootkit a year or two ago. Of course, he was running with no password, but it was interesting that such a rootkit had been made and people were going around looking for open machines to install it on.

[analogika]

Originally Posted by Chuckit 

Actually, it wasn't true for OS 9. Even though it didn't have much in the way of marketshare, there was a small but not completely insignificant amount of malware for OS 9. A design place I used to work got infected by one virus, and I know there were several others in the wild.

In contrast, the number for OS X — even today — is zero.

The total number of viruses for OS 9 was somewhere between 60 and 80 towards the end of OS 9 lifespan. At that time, there were somewhere between 40 and 60 THOUSAND Windows viruses.

I had my last Mac virus in '92 (actually 91, but a year later I inserted an old disk with the WDEF virus - which of course no longer worked, anyway).

The old Mac system was much more vulnerable than OS X is, but the small market share made it much less interesting.

[- - e r i k - -]

Originally Posted by TETENAL 

Anyway, in the four years since those security issues (why is this data so old?) the amount of malware and viruses for OS X is still non-existent.

Fixed.

[NobleMatt]

So should i be changing my set-up? i have no password on my account, i mean i have one to make system changes but no log-in password, i have no anti-virus/firewall on the machine (unless theres one built into OS X) but my router does have a firewall (goodness knows if it works).

Matt

[besson3c]

The password you use to make system changes is the same as your login password.

If you are behind a router and your router is not configured to forward traffic destined for certain ports, the only other machines that can exploit your system with an incoming attack are those also behind this same router.

However, you still need to take care of securing all outgoing communication from your machine to other machines. This is not protected by your router.

[analogika]

Originally Posted by crazyreaper 

So should i be changing my set-up? i have no password on my account, i mean i have one to make system changes but no log-in password,

You *do* hav a password on your account; the machine just isn't asking for it when you turn it on (because auto-login is enabled).

This is not a security risk in terms of being connected to the internet.

[NobleMatt]

ok well i suspected that password would be my log-in password should i ever turn on the log-in screen, in fact i did know it was from when i buggered OS X up and had to make another account to fix it... lol

i have one port forward set up on it for a Bit-Torrent Client that required it. My wireless is using WEP and theres only 3 machines on it, all 3 being mine.

Matt

Edit: just thought i'd link you to this as ive just come across it for anyone who hasn't seen it:

False positives run amok in Vista anti-virus tests | The Register

[steve477668]

Mac OS X hacked under 30 minutes
Munir Kotadia, ZDNet Australia
06 March 2006 01:58 PM
update Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.
On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Participants were given local client access to the target computer and invited to try their luck.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".

The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .

According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.

"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.

"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.

Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.

In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.

An Apple Australia spokeswoman said today it was unable to comment at this stage.



heres a link to the new "osx rape' worm:
Mac OS X Hacking: InfoSecSellout’s “Rape.osx” Worm and ExploitingiPhone.com “iPhone Exploits” � TheMostBoringBlogInTheWorld

its at the bottom of the page as:
RE: MAC_osX_Malware_Data_Sourc_codes_papers..zip

by the way, norton failed to repair this one for me..

[TETENAL]

Nobody has ever seen this "rape.osx" worm. The guy to claims to have created it refuses to notify Apple about it (or anybody else for that matter). To quote him:

Computerworld > Mac OS X worm maker raps Apple on security

"I do believe in being responsible and working with vendors," said Info Sec, "but I also feel that some vendors need to be treated like children and learn lessons the hard way. Apple has a very long way to go when dealing with security issues in their products."

I'm not sure who's the child here, but fact remains that there is currently nothing in the wild.

[Sherman Homan]

Steve, why are you doing this? The rape virus exists in the mind of a hacker, it doesn't exist in the wild. The “InfoSecSellOut“ crew has been thoroughly discredited, they didn't do what they claimed. Your article talks about two Mac viruses, what two Mac viruses? Your article talks about "easy pickings" and doesn't present an example. Your article revisits the idiotic contention about the Mac market share. Please understand, if you were a hacker and wanted to prove your street cred you would write the first virus or exploit that cracked a Mac. You would be a contender. The market share theory doesn't cut it.
Go to Symantec and look at the Mac virus descriptions. Go to Clam, look at the virus 'update' there.
As far as downloading that info sheet, does it strike you as odd that a legitimate virus detection article should be buried in a web site dedicated to stock manipulation scams and boobie screen savers?!

[Chuckit]

Originally Posted by steve477668 

"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users…

Uh…what? Is this for real? A server is typically a box where people only have remote access.

[analogika]

Yep. I remember that "rm-my-mac" competition.

They set it up as the equivalent of an apartment with the front door keys hanging on a nail outside the door, but locked the living room and bedroom doors. Surprisingly, the hackers were able to access the living room.

The exact same challenge was repeated a few weeks later, WITHOUT giving the hackers the local account name and password (i.e. the front door keys).

It was removed from the 'net a few weeks later, still unhacked.

[TETENAL]

There are many places, like schools and universities, that need to allow physical access to the machine. The system should not grant underprivileged users root access. That is a bug after all.

[besson3c]

Tetenal: your signature is a little blurry.

[analogika]

Originally Posted by TETENAL 

There are many places, like schools and universities, that need to allow physical access to the machine. The system should not grant underprivileged users root access. That is a bug after all.

The system doesn't.

Apart from that, the basic fundamental of system security, as I've gathered, is that unmonitored physical access == hacked system.

There are ways to crack the Open Firmware password, and once that is done (if it is implemented at all), root access is a single re-boot away.

[TETENAL]

You can remove the Open Firmware, or EFI I guess it's called nowadays, password, but that requires you to open the machine and change the RAM configuration. Cases can be locked however and while such a lock could be cracked that's another category alltogether. A non-admin account and just mouse and keyboard use should never give the regular user root access. If it's possible it is always considered a but regardless that the user had local access.

[osiris]

Originally Posted by steve477668 

Mac OS X hacked under 30 minutes
Munir Kotadia, ZDNet Australia
06 March 2006 01:58 PM
update Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.
On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Participants were given local client access to the target computer and invited to try their luck.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".

The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .

According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.

"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.

"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.

Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.

In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.

An Apple Australia spokeswoman said today it was unable to comment at this stage.



heres a link to the new "osx rape' worm:
Mac OS X Hacking: InfoSecSellout’s “Rape.osx” Worm and ExploitingiPhone.com “iPhone Exploits” � TheMostBoringBlogInTheWorld

its at the bottom of the page as:
RE: MAC_osX_Malware_Data_Sourc_codes_papers..zip

by the way, norton failed to repair this one for me..

I'm sorry, but this is baloney.... The 'hackers' were given local access to machines attached to the server... something a hacker would not have in real life. A real hacker would have to get to the local machine first, and/or the server...

and ""The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower.." ... excuse me, but Windows is a flea infested gangrene covered virus trap. Unix is not.

Phew.

[- - e r i k - -]

A security "researcher" who believe that security by obscurity is a valid security measure isn't worth listening to.

[rehoot]

It is dangerous to think that Macs are invulnerable to attack, but the biggest danger is not a flaw in the software but in the bad habits of the user. If you download crap software from some Russian porn site, you better count on getting malware. If you have the fanciest software and you or your kid clicks the button to allow a strange program to stay on your computer, then you might become infected regardless of the protection. I have used Windows for many years and Macs for about 5 years, and I had virus protection most of that time. I had one warning that my virus protection caught some kind of bug (java script?), and it was because I was speed-clicking the results from Google without reading about the sites before clicking. I can tell you that Macs are much more resistant to malware, in part because most of the viruses are written for Windows. I don't speed click to crap sites any more.

[rubaiyat]

Originally Posted by besson3c 

Tetenal: your signature is a little blurry.

Looksh fine on my massheene!

[rubaiyat]

Chuckit is right about the Classic Mac OS being historically more vunerable than OSX, but even then despite much higher market share the numbers of viruses for the Mac were few.

I put it down to the lack of inbuilt automation in the original OS, relative clarity of the OS (fewer places to hide) and the heightened sense of social responsibility and co-operation I have always found on the Mac platform. For example the long term and very effecive shield against viruses was Disinfectant which was freeware maintained by a Caltech academic I think.

The old Mac was harder to write software for and I think the malicious individuals are fundamentally lazy and look for easy targets which Windows supplies in spades.

OSX could however potentially, if it is breached, offer plenty of opportunity for harm because of it's complexity, obscurity and powerful scripting ability. Having created a few Automator actions and attached them to smart folders, I was struck by the fact that nothing warns you that those folders could fatally alter anything you move into them. Create a few of those and get them onto user's machines and you have the equivalent of ActiveX or MsOffice's macro malware.