Re: spyware on macs ?
- From: Oxford <csma@xxxxxxx>
- Date: Tue, 25 Oct 2005 19:59:17 -0600
TheLetterK <theletterk@xxxxxxxxxxxxxxxxxx> wrote:
> > hogwash, an easy target is what gets hit the most, it has nothing to do
> > with "marketshare". if OSX was "equally" easy to "hit" it would
> > "equally" be "hit".
> Can you back up this assertion? No one in the security field seems to
> agree with your assessment.
funny that... IT security people concerned about job security :) fact
is, if everyone was able to switch over to OSX tonight, it would solve
the entire virus problem in 24 hours... and most all those "security"
people would be out of a job, funny that! OSX is a rock, there is no
way in or a way to propagate malicious code and that's been proven over
and over and over...
> > this isn't about statistics, it about "ease of target". get that through
> > your thick head.
> Statistics plays a huge role in determining infection rates and
> probability of being targeted.
stats have nothing to do with the ease or "dis-ease" of breaking into a
machine. the only stat you need to understand is OSX is immune to
viruses, that's been proven, over and over and over and over.
> > it's not any more difficult to hit than 5% of exposed windows machines.
> Yes, yes it is. Each 'node' would take ~20 times longer to find for a
> Mac virus than it would for a Windows virus. This is due to Apple's low
> share of the userbase. Virus propogation times would slow to a crawl,
> simply because there aren't very many Macs to act as zombies for virus
> propogation.
20 times longer of a few seconds isn't much, you need to learn more
about statistics that's all.
> > plus you are are completely forgetting, 95% of the windows machines sold
> > are not on the internet,
> Can you prove this? I didn't think so.
no, and I never said I could, but we know many PCs are never openly
connected to the web/internet.
> > only about 60% are online, the way that so
> > called "5%" of macs are. lots and lots of pcs are never tied to the
> > internet. cash registers, signage, dumb factory terminals, etc, etc,
> > etc, etc.
> Yes, many are not. But the vast majority are.
60% of that 95% or so...
> > and that isn't a virus, read the link before you post next time.
> Playing with semantics now? Well, by that logic Windows doesn't have
> very many viruses either--they're almost all worms and trojans.
so secunia is playing with "semantics"? they call it a trojan, not a
virus, you were the one that mistakenly thought it was a virus.
"Description:
Trojan Characteristics: This trojan was distributed in a file called
"Microsoft Word 2004 OSX Web Install", hence the name. (Note - the name
can be easily changed and alone can be an indicator of neither malware
presence nor absence)."
> > Really? then please explain why there are 64,00+ viruses for MS based
> > PCs and NONE for OSX? It seems you completely forgot to think before
> > writing your comment.
> Because propogation time for Mac viruses is prohibitively high, the
> target 'audience' is miniscule, and the task is a bit more difficult?
not within a large population of macs, take a campus for example, some
departments are fully mac based, still no viruses, or any of the media
companies or even Apple, they are probably the largest single
installation with 14,000 or so macs, why haven't they ever been hit if
it's..... so easy?
face the facts, osx isn't prone to viruses no matter what you do.
> > go knock on this IP, 70.57.60.153 it's open, why can't you get in? hum?
> It's illegal, you know.
flying a kite in the rain is too, who cares, you can't get into that
machine can you... figures, it's running OSX.
> > Apple has to bow to the ignorant, not having one would be a missing
> > "check off" item, so the people that don't understand security would be
> > mistakenly afraid. It's sad really when MS's weaknesses forces honest
> > companies to cheapen up their products.
> I, for one, am glad that Apple did show a bit of foresight and chose to
> include a good firewall by default. Now, if they could just be bothered
> to turn it on by default... I'm doubly glad that you aren't
> administrator for any of my boxes. Your lack of knowledge regarding
> security is appaling, as is your trust in Apple to provide solutions.
turning it on would cause unneeded disruption to the user, you don't
want that. if you are mentally unstable, turn it on, if not, leave it
off, realll simple. I deal with many, many more macs than you will ever
see, none have firewalls or in form of extra security, some users have
passwords, most do not, none will be infected or breached this year or
anytime in the future.
> > You must be paranoid, I have hundreds of machines with no passwords, no
> > firewalls, all work perfectly, none have been breached. It's the
> > difference of OSX compared to Linux or Windows.
> Right, keep digging that hole oxtard.
you're the one that seems overly concerned with non-issues, it's your
hole we are building, i'm just laughing at you as you shovel.
> > On a worldwide network it certainly is the most battle tested consumer
> > OS.
> Can you justify this statement, or is just another example of your
> favored tactic--'proof by declaration'.
easy, OSX is the top selling OS not based on Windows... Windows is
notoriously insecure, thus, OSX is the most battle tested consumer OS
there is. If you can think of another, please let me know, otherwise,
give it up already.
> > sure if you are sitting in front of the machine and have a startup
> > CD, there is a way in, but a virus writer would be awfully busy trying
> > to do that worldwide.
> I can exploit my own Macs fairly easily--it's how you shore up their
> defenses you know.
and what exactly needs shoring up? go ahead, exploit this mac, bet you
can't 70.57.60.153 (running tiger server just so you know)
> > Great, you can attack my printer!
> No, a malicious cracker could attack your *printer service*. If there is
> a vulnerability in this component, then it could allow the attacker
> access to the machine as a whole. And there is more than just a printer
> service running.
wrong, cackers can't magically jump through print services, into the
rest of the machine, it doesn't work like that. yes, there are more
running/open ports, but none of those ports have facilities to breach
the entire system.
> > go for it... gosh, that's were I store
> > all my gold! Maybe you could have my printer, print fake $$ and have it
> > automatically mail them to yourself? That seems about the level of your
> > intelligence on this matter. Bottom line, there is nothing you can do to
> > break into a default OSX install, it's locked down tight.
> Oxtard, can you become any more of an idiot? It must be a challenge to
> continually lower the bar.
that's funny, you seem to be the one failing on every comment you make,
you didn't know what a trojan was, couldn't breach a naked mac out on
the internet, thought someone could crack print services to take over a
mac, etc, etc.
> > Where are these holes? waiting...
> Let's see... in the last security update for 10.4.2, the following holes
> were patched:
>
> * ImageIO
>
> CVE-ID: CAN-2005-2747
>
> Available for: Mac OS X v10.4.2, Mac OS X Server v10.4.2
>
> Impact: Viewing a maliciously-crafted GIF image may result in
> arbitrary code execution.
>
> Description: By carefully crafting a corrupt GIF image, an
> attacker can trigger a buffer overflow in ImageIO which may result in
> arbitrary code execution. Several components of Mac OS X utilize ImageIO
> including WebCore and Safari. This update addresses the issue by
> performing additional validation of images.
was this ever an issue in the "wild"? no.
>
> CVE-ID: CAN-2005-2746
>
> Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS
> X v10.4.2, Mac OS X Server v10.4.2
>
> Impact: When using auto-reply rules, Mail.app may expose the
> contents of encrypted messages.
>
> Description: Mail.app includes the contents of messages when
> processing auto-reply rules. If a message being processed was encrypted,
> the automatically generated response will include the decrypted message
> contents. This could allow an attacker to intercept the message. This
> update addresses the issue by ensuring that unencrypted responses to
> encrypted messages are not generated. Credit to Norbert Rittel of Rittel
> Consulting for reporting this issue.
was this ever an issue in the "wild"? no.
the rest snipped for brevity.
> > Which is the same for any system.
> Yet you still claim OS X is especially secure... why?
still no serious breaches 4.5 years into use, OSX gets stronger ever day.
> > Which is the same for any system.
> Yet you still claim OS X is especially secure... why?
still no serious breaches 4.5 years into use, OSX gets stronger ever day.
> > And now describe your latest "threat" that caused a breach of security
> > using OSX, bet you can't.
> Your right, I can't. But that is because of the statistical difficulty
> of needing to expliot an OS X box.
18+ million machines, is hardly "rare" on the internet, there are large
pools of 100% mac, none ever compromised. if a breach were to happen, it
would have already occurred by now, OSX is extremely secure as shipped
and constantly being improved to even thwart "clean room based
theories", thus no current spyware, viruses, and probably never will be.
you can reply if you want, but this is my last post, you are too
paranoid to deal with.
.
- Follow-Ups:
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- References:
- spyware on macs ?
- From: asdf
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- From: Oxford
- Re: spyware on macs ?
- From: TheLetterK
- Re: spyware on macs ?
- From: Oxford
- Re: spyware on macs ?
- From: TheLetterK
- spyware on macs ?
- Prev by Date: Re: RIAA a bit heavy-handed you say?
- Next by Date: Re: Front Row is now up and running on non-iMacs
- Previous by thread: Re: spyware on macs ?
- Next by thread: Re: spyware on macs ?
- Index(es):
Relevant Pages
|
