Re: spyware on macs ?
- From: Oxford <csma@xxxxxxx>
- Date: Tue, 25 Oct 2005 15:52:52 -0600
TheLetterK <theletterk@xxxxxxxxxxxxxxxxxx> wrote:
> > but we aren't talking about "ease of target" we are talking about "ease
> > to infect",
> The two concepts are very closely related. Why would any virus writer
> try to attack OS X in the first place? Whatever virus they release will
> spread slowly, and attack a more difficult (but not, by any means,
> impenetrable) target in the process. Why would they bother when Windows
> targets are so much more prevelent and easier to compromise?
hogwash, an easy target is what gets hit the most, it has nothing to do
with "marketshare". if OSX was "equally" easy to "hit" it would
"equally" be "hit".
> > It's a technical reason OSX doesn't get viruses,
> Right--the statistical difficulty of actually infecting large numbers of
> completely defenseless OS X boxes. It's just too rare a target for
> virus writers to bother with.
this isn't about statistics, it about "ease of target". get that through
your thick head.
> >>>the reason is far more
> >>>technical in nature,
> >>
> >>Well, if you consider statistics to be 'technical'.
i've already proven it's not related to any "statistics".
> > Stats have very little to do with it, if 100% of the macs were not on
> > the net, then you might have a point, but a good 80% are on the net, and
> > ZERO have been infected over 4.5 years of use.
> Yes, with a userbase that hovers somewhere below 5%. Thus, it's a
> difficult target to hit, simply because each potential target is so
> rare. It would be like a human virus that could only *possibly* effect 5
> out of 100 people.
it's not any more difficult to hit than 5% of exposed windows machines.
plus you are are completely forgetting, 95% of the windows machines sold
are not on the internet, only about 60% are online, the way that so
called "5%" of macs are. lots and lots of pcs are never tied to the
internet. cash registers, signage, dumb factory terminals, etc, etc,
etc, etc.
> >>>the fact is a good 15 million osx macs are
> >>>connected to the net 24/7/365, so don't you think "one measly virus"
> >>>would of infected the population by now?
> >>
> >>One did. The fake word installer virus.
> >
> > post a reference, bet you can't
> http://secunia.com/virus_information/9393/as.mw2004.trojan/
and that isn't a virus, read the link before you post next time.
> > no, but there are some serious security mistakes in windows. in OSX, not
> > so much.
> The mistakes Microsoft made were assuming that technical superiority is
> more effective than simple (but less versitile) procedures. Windows *is*
> technically more secure than OS X is. In practice, securing it is so far
> beyond the average user that it might as well be swiss cheese.
Really? then please explain why there are 64,00+ viruses for MS based
PCs and NONE for OSX? It seems you completely forgot to think before
writing your comment.
> >>>so it's basically impossible to remotely
> >>>enter a mac,
> >>
> >>Well, if you feel so secure, leave your Mac outside your firewall and
> >>post your IP addy for the world to see.
go knock on this IP, 70.57.60.154 it's open, why can't you get in? hum?
> > firewalls are for wimps, they are basically unneeded on OSX.
> That's why Apple includes one?
Apple has to bow to the ignorant, not having one would be a missing
"check off" item, so the people that don't understand security would be
mistakenly afraid. It's sad really when MS's weaknesses forces honest
companies to cheapen up their products.
> > my systems
> > are always on, no passwords, sharing is on, come get me or any mac user
> > for that matter.
> I wouldn't even consider it--but post your IP addy out here. I wonder
> how long it would take for someone you annoyed to bring down your
> unsecured Mac. Probably not very long, considering just how open OS X
> actually is by default.
You must be paranoid, I have hundreds of machines with no passwords, no
firewalls, all work perfectly, none have been breached. It's the
difference of OSX compared to Linux or Windows.
> > 1) 30+ years of unix, Live 24/7 network development. No other consumer
> > OS is this battle tested on the Internet.
> OS X isn't particularly 'battle tested'. It uses a kernel that was,
> until OS X came out, extremely rare. It's only saving grace is the use
> of the FreeBSD tools. However, FreeBSD is probably the least secure of
> all of the BSD distributions... OS X is even less so for the inclusion
> of new and untested software, as well as a relatively untested kernel.
On a worldwide network it certainly is the most battle tested consumer
OS. sure if you are sitting in front of the machine and have a startup
CD, there is a way in, but a virus writer would be awfully busy trying
to do that worldwide.
> > 2) Known insecure networking ports are turned off by default.
> Go run an nmap scan against an OS X box with the firewall turned off
> (this is it's default state, by the way).
Great, you can attack my printer! go for it... gosh, that's were I store
all my gold! Maybe you could have my printer, print fake $$ and have it
automatically mail them to yourself? That seems about the level of your
intelligence on this matter. Bottom line, there is nothing you can do to
break into a default OSX install, it's locked down tight.
> > 3) Automatic Software Update is turned on by default.
> The same is true for most consumer operating systems these days. It's a
> good thing too, because OS X has plenty of holes OOTB.
Where are these holes? waiting...
> > 4) All administrative actions require a password.
> Nothing special here. Even Windows does this, assuming you don't do
> something silly like run as administrator.
Most everyone on a Mac runs as an Admin, but Apple was smart enough to
separate the privs of this user from a high level "root" user. MS, not
so much.
> > In other words, for
> > Virus to move from machine to machine, a Virus writer must go into every
> > house/office then figure out the user's password, then hit return. (now
> > you know why there are Zero viruses on Macs)
> Hardly. There are plenty of methods of falsifying or circumventing such
> a security procedure. A simple keylogger would solve that problem.
> There's also the tried-and-true method of just misnaming an installer
> and sending it to the user with a message like 'Click me for hawt pr0n!'.
How is a keylogger going to help you if you don't have access to the
system? you really need to think things through before you post. Sending
a trojan installer isn't going to "install it" you still need to type a
password, so unless the user knew you, you couldn't get in.
> > 5) Root administrator account is turned off by default.
> Unfortunately, if someone managed to exploit the user into revealing
> their password... this precaution would do no good.
Which is the same for any system.
> > 6) Apple's quick response with security patches.
> Apple can't patch user stupidity.
Which is the same for any system.
> > 9) Mac OS X by default supports secure encryption and communication
> > protocols for authentication: Kerberos, SSH, VPN, MS-CHAP2, DIGEST-MD5,
> > CRAM-MD5, DHX, OTP, SMB-NT, APOP.
> And this prevents the user from being exploited... how?
ease, by using Kerberos, SSH, VPN, MS-CHAP2, DIGEST-MD5, CRAM-MD5, DHX,
OTP, SMB-NT, APOP.
> > Finally, many of Mac OS X's security problems are only theoretical and
> > can never materialize, nor propagate in the wild.
> That's right--propogation difficulties are what keep viruses off OS X.
> It's difficult not because OS X is especially secure, but because OS X
> is just so rare.
Nah, it's because OSX is impossible to breach, after 4.5 years of
trying, nobody has gotten in.
> > They work with the CERT (http://www.cert.org/) and the
> > FreeBSD community (http://www.freebsd.org/security/) to address security
> > issues. They also belong to FIRST (http://www.first.org/). In short
> > Apple takes security seriously and if you work with Macs as I do you'd
> > know it too.
> I do work with Macs, this is why I have absolutely no faith in Apple
> when it comes to dealing with security threats.
And now describe your latest "threat" that caused a breach of security
using OSX, bet you can't.
.
- Follow-Ups:
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- References:
- spyware on macs ?
- From: asdf
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- From: Oxford
- Re: spyware on macs ?
- From: TheLetterK
- spyware on macs ?
- Prev by Date: Re: OT: And you thought GAS was high?
- Next by Date: Re: Front Row is now up and running on non-iMacs
- Previous by thread: Re: spyware on macs ?
- Next by thread: Re: spyware on macs ?
- Index(es):
Relevant Pages
|
Loading
