[mattyb]

Three million hit by Windows worm.

Plus Microsoft's lawyers get another easy weekend.

[Spheric Harlot]

Apparently, you've missed the current Webkit vulnerability affecting ALL users of 10.5 Leopard - on all applications that use Webkit for HTML rendering...

[shifuimam]

That's what people get for not keeping things updated. Can you imagine what will happen when someone comes up with an iPhone exploit, and users who don't want to update the newest firmware get slammed?

Plus, that particular worm uses an HTTP server to distribute itself. If you're a remotely sane computer user and are running Windows Firewall, you'll know when it tries to start pushing traffic through your Internet connection.

And, ironically enough, if a person has IIS running (XP Pro, Server 2003, Vista Business/Enterprise), I'd wonder if that worm wouldn't be able to work, since port 80 would already be reserved by another process.

[ort888]

But I read that one time a guy at a computer hacker convention was able to easily hack OS X. It's obviously inferior.

[Cold Warrior]

Originally Posted by Spheric Harlot 

Apparently, you've missed the current Webkit vulnerability affecting ALL users of 10.5 Leopard - on all applications that use Webkit for HTML rendering...

Is this the RSS vul that's in the news?

[shifuimam]

Originally Posted by ort888 

But I read that one time a guy at a computer hacker convention was able to easily hack OS X. It's obviously inferior.

What?

That has nothing to do with this thread. I'm just saying that people who don't keep their software routinely updated are always going to be at risk for exploits, regardless of where the software is coming from.

The article specifically stated that this affected people who weren't updated to the latest Windows updates. It's the user's fault for not keeping their machine updated. Microsoft already knew about and patched this vulnerability; it's that there were people too lazy/stupid/ignorant/stubborn to keep Windows updated.

For people who were affected on business machines (which I imagine is less likely), that's why business networks have things like proxies and firewalls to block malicious traffic. If you use your work machine on a different network, it's your own fault for not using your company's VPN to keep your machine protected.

[Spheric Harlot]

Originally Posted by Cold Warrior 

Is this the RSS vul that's in the news?

Yes.

[TETENAL]

Originally Posted by Cold Warrior 

Is this the RSS vul that's in the news?

No, that only affects Safari, not all applications using WebKit. I checked heise security, and there is no mention of a recent WebKit vulnerability. Whatever he is talking about, I missed it too.

[mattyb]

No, I havne't heard about the Webkit vulnerability. Neither have I heard about several hundreds of thousands of Leopard users having been infected by it yet.

IIRC the hacker had physical access to the MacBook Air and directed a browser at a specific page. Any serious security expert will say that the game is over once a bad guy has physical access to a machine.

[Spheric Harlot]

Originally Posted by mattyb 

No, I havne't heard about the Webkit vulnerability. Neither have I heard about several hundreds of thousands of Leopard users having been infected by it yet.

"Affected" != "Infected"

But a barndoor is a barndoor even if nobody uses it.

[shifuimam]

Originally Posted by Spheric Harlot 

But a barndoor is a barndoor even if nobody uses it.

An excellent point. I know that most of you have heard this plenty of times, but OS X does rely at least partially on security by obscurity. You have a small enough market share that people aren't interested in writing exploits for it.

People who write worms aren't doing it to get back at Bill Gates. They're doing it to cause mass damage, which is always accomplished by targeting the largest population - in this case, Windows users. It's like writing malicious code to target AOL's instant messenger client, because it's so massively popular in the United States.

Particularly with the popularity of the iPhone and the iTouch, Apple is going to need to be vigilant about finding and getting rid of any possible exploits. We may find that the iPhone has enough of a cellular phone market share across the globe that it becomes a target for bored script kiddies looking to wreak a little havoc.

[Chuckit]

Originally Posted by Spheric Harlot 

Apparently, you've missed the current Webkit vulnerability affecting ALL users of 10.5 Leopard - on all applications that use Webkit for HTML rendering...

Your definition of the word "affected" must be different from the rest of the world, because no WebKit vulnerability is currently having an impact on my life.

[Cold Warrior]

The RSS vul is avoided by using a non-Safari RSS reader. I use NetNewsWire.

[iMOTOR]

Originally Posted by shifuimam 

but OS X does rely at least partially on security by obscurity.

Source?

[shifuimam]

Common sense.

No operating system is bulletproof. OSes are made by humans, humans are imperfect, therefore the OS cannot be perfect.

If Windows had a 4% market share and OS X had the 96% market share, you can be just about 100% certain that OS X would be the target of the people who come up with this malicious crap.

I'm not saying that OSX is or isn't inherently more secure than Windows. I'm just saying that one of the reasons OS X appears to be generally immune is because it's "obscure" compared to Windows.

[besson3c]

Originally Posted by shifuimam 

Common sense.

No operating system is bulletproof. OSes are made by humans, humans are imperfect, therefore the OS cannot be perfect.

If Windows had a 4% market share and OS X had the 96% market share, you can be just about 100% certain that OS X would be the target of the people who come up with this malicious crap.

I'm not saying that OSX is or isn't inherently more secure than Windows. I'm just saying that one of the reasons OS X appears to be generally immune is because it's "obscure" compared to Windows.

This is correct. I think people conflate "generally immune" (a great choice of words) with "more secure". For instance, you can run various network services on alternate ports and that will make you generally immune to the automated scripted attacks that are out there, but this doesn't actually make your computer any more secure. This is what security by obscurity is all about. However, I think why this term seems to get Mac users' backs up is because it has a negative connotation which seems to imply that the Mac is *only* secure because it is relatively obscure.

[Chuckit]

Originally Posted by shifuimam 

Common sense.

No operating system is bulletproof. OSes are made by humans, humans are imperfect, therefore the OS cannot be perfect.

If Windows had a 4% market share and OS X had the 96% market share, you can be just about 100% certain that OS X would be the target of the people who come up with this malicious crap.

I'm not saying that OSX is or isn't inherently more secure than Windows. I'm just saying that one of the reasons OS X appears to be generally immune is because it's "obscure" compared to Windows.

Mac OS X has roughly 10% share. Does it have 10% as many viruses as Windows? No, it doesn't even have 0.1%. The smaller share does make it a lesser target, but it seems disingenuous to call that a major factor. It's several orders of magnitude safer than it is obscure.

[besson3c]

Originally Posted by Chuckit 

Mac OS X has roughly 10% share. Does it have 10% as many viruses as Windows? No, it doesn't even have 0.1%. The smaller share does make it a lesser target, but it seems disingenuous to call that a major factor. It's several orders of magnitude safer than it is obscure.

This assumes that there is a precise relationship between marketshare and security. There is no way we can define such a relationship. However, it is a major factor because in many cases machines are turned into zombies to send spam, and spam is profit driven, so therefore there is a greater profit potential focusing on Windows machines. The fact that the Windows XP security model is retarded surely makes these decisions even easier, but this fundamental truth still remains.

[Chuckit]

Originally Posted by besson3c 

This assumes that there is a precise relationship between marketshare and security.

The idea of "security through obscurity" assumes that. I certainly wouldn't say such a thing myself. I think it's a little bit presumptuous to cite the Mac's market share as a major factor in its security without being able to quantify that. If you can't even give me ballpark estimate of how the two are related, why even bother mentioning it at all? We might as well start saying that Linux's security "relies at least partly on the weather."

[iMOTOR]

At any given time, as much as ninety percent of the world wide web traffic will be routed through UNIX based servers. There should be plenty of motivation to attack the UNIX platform and I could list dozens of reasons why someone would want to. But arguing over which operating system is a more rewarding target assumes there is always some rational benefit to writing software attacks in the first place.

[Spheric Harlot]

Originally Posted by iMOTOR 

arguing over which operating system is a more rewarding target assumes there is always some rational benefit to writing software attacks in the first place.

From what I gather, the motivation has LONG since switched from fame to actual money charged for "renting out" compromised machines for various nefarious acts.

[besson3c]

Right, it's all a business now. It seems like phishing is where it's at now...

[TETENAL]

This is how the conficker virus spreads via USB sticks. Do you spot the trick?

[mattyb]

^ Nasty !

I'm not sure if it was true or not, but I heard that there was a virus that arrived as an attachment, and if you used the Preview pane in Outlook, then you basically got infected - didn't even have to open the mail.

[Luca Rescigno]

I'm a Windows user. I don't ever click any of the things in those Auto Play boxes. I just close 'em and do it myself.

Most Windows users are brain-dead idiots who think that typing in the name of the latest Britney Spears hit into Google and randomly clicking around the first site they reach will give them something other than a bunch of spyware. I've been using Windows exclusively for the past year and I haven't had any spyware or viruses.

[TETENAL]

Originally Posted by mattyb 

^ Nasty !

I don't use Windows regularly, and I have to admit I might have fallen for that. Autoplay is such a bad idea, I'm surprised it is still in Vista.

[mattyb]

According to The Register (several links) there are now 9 million infected PCs, a hospital has had to shutdown several machines including some in operating theatres and the Ministry of Defence is having some fun as well.

I'm expecting a call for help from both my parents and in-laws soon.

[mattyb]

Well, we live in interesting times. Where I work is a very heavy Citrix user, and guess what - infections, but the dozen.

I've spent the past few days proving that my databases are up with now problems, and showing the end users that its the Citrix servers that keep needing to be rebooted.

Fun and games. TFIF.

[Wiskedjak]

Originally Posted by iMOTOR 

Source?

If Apple software were so bulletproof no one would be able to hack the iPhone and AppleTV OS's.

[Spheric Harlot]

Originally Posted by Wiskedjak 

If Apple software were so bulletproof no one would be able to hack the iPhone and AppleTV OS's.

Rule of thumb in computer security: Given physical access, ALL bets are off.

[Wiskedjak]

Originally Posted by Spheric Harlot 

Rule of thumb in computer security: Given physical access, ALL bets are off.

Ah, but most Windows viruses use social engineering to attain physical access.

[zro]

http://www.youtube.com/watch?v=I1L8l3LrzLA

Every time I see this thread.

[Spheric Harlot]

Originally Posted by Wiskedjak 

Ah, but most Windows viruses use social engineering to attain physical access.

a) No they don't (use social engineering - not "most", at any rate).

b) It be less obvious than I thought I'd made it, but "physical access" means PHYSICAL ACCESS - as in, reach out and touch it. They somehow use social engineering to convince users to plug in other devices or remove hard drives from their computer in order to be able to hack them via back doors available only through hardware access channels (which is how the iPhone and the AppleTV - your examples) are hacked?

WTF?

[Wiskedjak]

Originally Posted by Spheric Harlot 

a) No they don't (use social engineering - not "most", at any rate).

b) It be less obvious than I thought I'd made it, but "physical access" means PHYSICAL ACCESS - as in, reach out and touch it. They somehow use social engineering to convince users to plug in other devices or remove hard drives from their computer in order to be able to hack them via back doors available only through hardware access channels (which is how the iPhone and the AppleTV - your examples) are hacked?

WTF?

The original Jailbreak for the iPhone only required the user to click a link on a webpage. From that point, the owner of the link could have pretty much done whatever they wanted to you iPhone.

[Spheric Harlot]

ah, true.

Of course, that wasn't possible until the system was extensively hacked using hardware access, but you're right.

[Wiskedjak]

Originally Posted by Spheric Harlot 

ah, true.

Of course, that wasn't possible until the system was extensively hacked using hardware access, but you're right.

Don't most virus writers have hardware access to systems running MacOS so that they could extensively hack them to learn the vulnerabilities and then send out social-engineering viruses?

[Salty]

You guys realize Apple also gets by by in general having smarter users right? Mac users are more likely to know another Mac user and get advice on things and what not. Not to mention it's way easier to write viruses for Windows.

[Laminar]

Originally Posted by Salty 

Mac users are more likely to know another Mac user

I don't believe this.

[Luca Rescigno]

Originally Posted by Salty 

You guys realize Apple also gets by by in general having smarter users right?

Yes, because Windows users comprise over 90% of total computer users and when you have that many people you're going to have a lot of people bringing down the average. Also, the average Mac user is going to be a lot wealthier than the average Windows user, which sometimes indicates that they're smarter or at least more educated.

[Chuckit]

Originally Posted by Salty 

You guys realize Apple also gets by by in general having smarter users right?

I find that unlikely. Probably FreeBSD has smarter users in general because a dumb person just won't be able to use the thing, but I don't see how the Mac is supposed to weed out the stupid.

Originally Posted by Salty 

Mac users are more likely to know another Mac user and get advice on things and what not.

You think a Mac user is more likely to know another Mac user than a PC user is to know another PC user? I find that very unlikely.