Linked by Thom Holwerda on Wed 3rd May 2006 16:11 UTC
Mac OS X The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification. Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What's more, Mac users don't need to install firewalls and anti-virus software.
Order by: Score:
v ...and in other news...
by Tuishimi on Wed 3rd May 2006 16:20 UTC
v RE: ...and in other news...
by Windows Sucks on Wed 3rd May 2006 16:28 UTC in reply to "...and in other news..."
Not again
by Tom K on Wed 3rd May 2006 16:34 UTC
Tom K
Member since:
2005-07-06

Please, Lord, not again. Can we stop with this already?

Analysts: OMG MAC VIRUSES!1`1!!
Security Pros: Yeah but the risk is still low.

[... a few days later ...]

Different Security Pros: OMFG I GOT INFECTED, MACS ARE NOT IMMUNE!!11!
Analysts: Indeed, Macs are not immune, but still hard to infect.

Honestly now ... what the F*CK does it matter that Macs are not immune to viruses? Who ever thought they were? Why do the two camps feel the urge to constantly rehash the same old points?

I *know* that OS X is not a cure-all for computer security issues. Big deal -- I still like it, and it's still a whole lot safer than Windows. Just *try* to make me use Windows or Linux on the desktop, but please ... for the love of God, shut up already.

Reply Score: 2

RE: Not again
by Tuishimi on Wed 3rd May 2006 16:42 UTC in reply to "Not again"
Tuishimi Member since:
2005-07-06

Easy tiger. ;) Yeah, about 80% of the "news" these days are about Vista slipping dates or dropping support and that OS X is susceptible to viruses.

Reply Score: 0

RE[2]: Not again
by raver31 on Wed 3rd May 2006 17:08 UTC in reply to "RE: Not again"
raver31 Member since:
2005-07-06

No, the real news is here...

http://finance.yahoo.com/q?d=t&s=msft


why is the Microsoft share price falling through the floor ?

Reply Score: 4

RE[3]: Not again
by rcsteiner on Wed 3rd May 2006 19:17 UTC in reply to "RE[2]: Not again"
rcsteiner Member since:
2005-07-12

They're going to be spending more money than analyst thought they would...

So why is it that companies are penalized for the fact that a few analysts somewhere blew a prediction?

Reply Score: 1

v RE[3]: Not again
by rockwell on Wed 3rd May 2006 19:42 UTC in reply to "RE[2]: Not again"
RE[4]: Not again
by raver31 on Wed 3rd May 2006 20:07 UTC in reply to "RE[3]: Not again"
raver31 Member since:
2005-07-06

why would that be ?

I think you on the other hand have been brainwashed by Microsoft for so long, you think something bad is actually good.

the share price is falling, and it is plain from anyone to see... yet you think I need to learn finances ?

Reply Score: 1

RE[5]: Not again
by rockwell on Wed 3rd May 2006 20:26 UTC in reply to "RE[4]: Not again"
rockwell Member since:
2005-09-13

Oy.

The share price rises and falls. It's fallen before. It's risen before. It will fall again. It will rise again.

Any company with US $40 billion in cash need not worry much about a falling stock price.

I won't even go into the myriad factors that go into wether a F100 companies' stock rises or falls in any given day/week/month/year/quarter.

(and fwiw, I own 0 shares of MSFT, unless it's within one of several mutual funds.)

Reply Score: 2

RE[5]: Not again
by Tom K on Wed 3rd May 2006 21:08 UTC in reply to "RE[4]: Not again"
Tom K Member since:
2005-07-06

I think it's quite telling about your character and logical reasoning capabilities that the moment someone challenges your knowledge about something you don't know much about, you insult their intelligence and tell them that they've been brainwashed by Microsoft.

You don't run Linux, by any chance, do you?

Reply Score: 0

RE: Not again
by TechniCookie on Wed 3rd May 2006 17:11 UTC in reply to "Not again"
TechniCookie Member since:
2005-11-09

I guess its because some/many Mac users have claimed for many years (wrongly of course) that Macs were immune. This probably annoyed alot of people and they feel like saying "Haha! The bastards deserve it". But these news bits do remind me a bit about the story of the boy who cried wolf. There is still no real threat of virus infection to the Mac users.

Reply Score: 1

RE: Not again
by ApproachingZero on Wed 3rd May 2006 17:39 UTC in reply to "Not again"
ApproachingZero Member since:
2005-11-10

I *know* that OS X is not a cure-all for computer security issues. Big deal -- I still like it, and it's still a whole lot safer than Windows.

I agree. There seems to be a push lately (but who's it really coming from?) to give the impression that OS X is "just as insecure and vulnerable as Windows." Based on what?

Just because a couple theoretical vulnerabilities are found and a couple proof-of-concept trojans have been created doesn't mean squat. OS X would have a long, long way to go before it could ever even hope to catch up to the current Windows level of insecurity.

All cars are susceptible to crashing, yet some models are still much safer to drive than others. Go figure.

Reply Score: 2

Good article
by Punktyras on Wed 3rd May 2006 16:35 UTC
Punktyras
Member since:
2006-01-07

... as it shows principles of getting infected in popular language. I like it as I can use it in persuadng others to try ***X machines. I'll translate it and put it in my website.

Reply Score: 1

Another Advert???
by rtfa on Wed 3rd May 2006 16:37 UTC
rtfa
Member since:
2006-02-27

for a Anti-virus vendor?

Reply Score: 1

Anti-FUD is still FUD
by Pseudo Cyborg on Wed 3rd May 2006 17:04 UTC
Pseudo Cyborg
Member since:
2005-07-09

"What's more, Mac users don't need to install firewalls and anti-virus software."

WHAT??!? They might not need too, but I'd still recommend it. At the very least, every computer in the world should be running a firewall. That's just common sense in this day and age. I run Windows, OS X, and Linux. All of them have a firewall up and running.

Reply Score: 5

RE: Anti-FUD is still FUD
by TechniCookie on Wed 3rd May 2006 17:15 UTC in reply to "Anti-FUD is still FUD"
TechniCookie Member since:
2005-11-09

Just out of curiosity, if all the ports are closed per default, what is the gain in having a firewall? Wouldn't the benefits be marginal?

Reply Score: 4

RE[2]: Anti-FUD is still FUD
by Flatline on Wed 3rd May 2006 17:22 UTC in reply to "RE: Anti-FUD is still FUD"
Flatline Member since:
2006-03-06

It all depends on how anal you are and what you're going to be using your machine for...if you wanted to monitor traffic (incoming or outgoing)on a per-port basis, or if you wanted to do some NAT for...say...an FTP server or mail server, etc. Not everyone will stick with the defaults.

Reply Score: 1

RE[3]: Anti-FUD is still FUD
by Pseudo Cyborg on Wed 3rd May 2006 17:34 UTC in reply to "RE[2]: Anti-FUD is still FUD"
Pseudo Cyborg Member since:
2005-07-09

Plus it's also a matter of who has physical access to the machine. There's more than one way to get into a computer.

Reply Score: 1

RE[2]: Anti-FUD is still FUD
by kfet on Wed 3rd May 2006 17:36 UTC in reply to "RE: Anti-FUD is still FUD"
kfet Member since:
2005-07-06

> Just out of curiosity, if all the ports are closed per default, what is the gain in having a firewall? Wouldn't the benefits be marginal?

My thoughts exactly. A firewall on a desktop computer is a very ugly patch to the real problem - let the user manage the services he's running, in a user friendly way.

If you want a port closed you'd better not start the service at all - no one has ever hacked trough a non-runnig service (while compromizing firewalls and NATs is the norm).

Reply Score: 2

RE[2]: Anti-FUD is still FUD
by dagw on Wed 3rd May 2006 17:48 UTC in reply to "RE: Anti-FUD is still FUD"
dagw Member since:
2005-07-06

It prevents bad things happening in case the user accedently opens up port, or some program he installs opens up a port for him.

Reply Score: 1

RE[2]: Anti-FUD is still FUD
by macisaac on Wed 3rd May 2006 22:31 UTC in reply to "RE: Anti-FUD is still FUD"
macisaac Member since:
2005-08-28

"Wouldn't the benefits be marginal?"

pretty much. in fact, some might argue that they can be the opposite of benefitial:

http://web.mit.edu/kerberos/firewalls.html

Reply Score: 2

RE[2]: Anti-FUD is still FUD
by twenex on Wed 3rd May 2006 20:43 UTC in reply to "Anti-FUD is still FUD"
twenex Member since:
2006-04-21

Is there even any anti-virus software for OS X (that doesn't just deal with Windows viruses?)

Also, if you have a firewall between you and your internet connection, there's no need for EVERY computer to have one.

Reply Score: 1

RE[3]: Anti-FUD is still FUD
by Pseudo Cyborg on Wed 3rd May 2006 20:47 UTC in reply to "RE[2]: Anti-FUD is still FUD"
Pseudo Cyborg Member since:
2005-07-09

There is, but they're not nearly as "vast" as the Windows ones.

You're right. I should have been more clear. Every computer should be behind one.

Not many homes have a network, though, which is why I worded it the way I had, but thanks for pointing that out.

Reply Score: 1

RE[4]: Anti-FUD is still FUD
by twenex on Wed 3rd May 2006 20:52 UTC in reply to "RE[3]: Anti-FUD is still FUD"
twenex Member since:
2006-04-21

Not many homes have a network, though, which is why I worded it the way I had, but thanks for pointing that out.

You're welcome, and that's true enough. I guess I'm just too used to using routers to avoid USB ADSL modems!

Edited 2006-05-03 20:53

Reply Score: 1

RE[5]: Anti-FUD is still FUD
by TezKAh on Thu 4th May 2006 05:01 UTC in reply to "RE[4]: Anti-FUD is still FUD"
TezKAh Member since:
2005-07-06

You're not the only one, I work at a call center for a major ISP, and even the people who call in and have no clue about the internet have routers. I'd say at least 80% say they have a router. Its just more convenient than having a direct connection (except for things like forwarding ports, ugh).

Reply Score: 1

RE[3]: Anti-FUD is still FUD
by GStepper on Thu 4th May 2006 13:14 UTC in reply to "RE[2]: Anti-FUD is still FUD"
GStepper Member since:
2006-03-08

Also, if you have a firewall between you and your internet connection, there's no need for EVERY computer to have one.

Well, I'm sorry but I don't agree because if you don't use a firewall per host then you'll someday have troubles on your LAN...

A so-called admin in the company I work for told me exactly the same thing and it wasn't hard to prove him wrong. Consider the fact that we have laptop users who work from their home or wherever they want, once they get a virus/trojan/spyware/you name it and that the laptop is plugged on the LAN again, then the firewall at the "entrance" of the LAN won't protect ANY of the other hosts on the LAN. Firewall is a must have for EVERY host that's connected onto a network, it's that simple ! Do you think it's by coicidence that EVERY major OSes provide a firewall?

Reply Score: 2

RE: Anti-FUD is still FUD
by elmimmo on Wed 3rd May 2006 22:31 UTC in reply to "Anti-FUD is still FUD"
elmimmo Member since:
2005-09-17

>> "What's more, Mac users don't need to install firewalls and anti-virus software."

> WHAT??!? They might not need too, but I'd still recommend it.

You do not need to install a firewall, because (besides all ports being closed by default) the OS come bundled with one as decent as a firewall can get.

Not installing does not mean not running one, if you already have one installed wether you want it or not.

And regarding virusÖ I'll install one as soon as there is one single identified one, really. But in the meantime I'll dedicate those clock cycles to something that actually has some purpose.

Reply Score: 1

RE[2]: Anti-FUD is still FUD
by Pseudo Cyborg on Wed 3rd May 2006 22:34 UTC in reply to "RE: Anti-FUD is still FUD"
Pseudo Cyborg Member since:
2005-07-09

"You do not need to install a firewall, because (besides all ports being closed by default) the OS come bundled with one as decent as a firewall can get."

Yes, I know that. I didn't say to necessarily install one, just to make sure one is running. ;P

I agree about anti-virus on *nix or OS X, which is why I skipped that part. People running Windows, however, should have anti-virus installed and running.

Reply Score: 1

FUD is FUD
by aGNUstic on Wed 3rd May 2006 17:29 UTC
aGNUstic
Member since:
2005-07-28

Hold on, let me log into one of our Mac servers remotely.

Holy Hosts Batman, MacOSX has TCP Wrappers!

I can allow and deny connections.

Look'ee there too. I can disable ports or redirect them.

Maybe some people should read the `fine` manuals before they post crazy stuff from the Arkham asylum for the mentally `gifted`.

Reply Score: 2

RE: FUD is FUD
by Pseudo Cyborg on Wed 3rd May 2006 17:37 UTC in reply to "FUD is FUD"
Pseudo Cyborg Member since:
2005-07-09

Indeed. It really boils down to one simple fact: no computer is 100% secure. Some may be less secure than others, but that doesn't mean people shouldn't exercise a little caution. All this media hype is beyond ridiculous.

Reply Score: 1

Mac OS X
by aaronb on Wed 3rd May 2006 17:34 UTC
aaronb
Member since:
2005-07-06

Of course Mac OS has Viruses and bugs. But at the same time these problems are (hopefully) fixed in the updates. I have yet to receive a Mac/Linux/BSD virus. But there was a time where I had 70 emails a day with attached Windows executables.

To put things into context...
Mac OS, Linux and BSD do not suffer from the same scale of Viruses as Windows. And its because every time a "bad" program runs the user has to use the admin/root password (if the user has not been really daft).

Reply Score: 0

Re: FUD is FUD
by aGNUstic on Wed 3rd May 2006 17:53 UTC
aGNUstic
Member since:
2005-07-28

`All cars are susceptible to crashing, yet some models are still much safer to drive than others. Go figure.`

Agreed. Here is a point using the above metaphor. I can purchase an automobile. It can be models: W,M,L,U, or B.

Even if I drive the safer models of U,M,B, or L. I still have to watch out for model W. Why? Just becuase it `is` the dominant model of automobile with 90 percent of them on the road. No. That's not the problem. Maybe it's a driver `PEBCAK` issue. Who knows.

Aside from the fact many W drivers are constantly patching leaks (some of which they are notified of by the manufacuter and get automatic recalls on), changing their oil from one grade to another, allow car-crakers into their vehicles without knowing, and have trouble with their engines freezing up or restarting in the middle of the interchange ... this does not scare me.

It's those that drive model W. They swear they have no problems with their vehicles and drive like maniacs. There are the same types that head right into the red-light and trojan side of town. Heck some people just roll down their windows and get infected while driving by.

I, as a long-time systems mechanic, prefer to work on models U, M, L, and B. They are just great cars to work on and have a superior design and safety record. I'm sure some mechanic or technician can actually build and test a 'flaw' in the design but I haven't really seen those work outside the garage.

Edited 2006-05-03 17:57

Reply Score: 1

RE: Re: FUD is FUD
by rockwell on Wed 3rd May 2006 19:45 UTC in reply to "Re: FUD is FUD"
rockwell Member since:
2005-09-13

er ... that was kinda H,A,R, and D to follow. But I think there was a good point in it. Somewhere.

Reply Score: 1

Re: FUD is FUD
by aGNUstic on Wed 3rd May 2006 19:52 UTC in reply to "RE: Re: FUD is FUD"
aGNUstic Member since:
2005-07-28

Yeah, you may be right. Maybe I need to dumb it down a little. Just tired of Microscrap users calling who lost their tool bar and want to how we're going to help them get it back.

I have a few ideas but that might be physically impossible. Maybe I'll just threaten to install Linux if they don't try to think a little.

Reply Score: 1

RE: Re: FUD is FUD
by protagonist on Wed 3rd May 2006 23:11 UTC in reply to "Re: FUD is FUD"
protagonist Member since:
2005-07-06

Just tell them to boot to a DOS prompt and type in format C: :-)

Reply Score: 1

RE[2]: Re: FUD is FUD
by robertojdohnert on Thu 4th May 2006 03:00 UTC in reply to "RE: Re: FUD is FUD"
robertojdohnert Member since:
2005-07-12

I tried doing that and here is what the output was:

C:Documents and SettingsXXXXXXXXX>format C:
The type of the file system is NTFS.

WARNING, ALL DATA ON NON-REMOVABLE DISK
DRIVE C: WILL BE LOST!
Proceed with Format (Y/N)? y
Verifying 38154M

Format cannot run because the volume is in use by another process. Format may run if this volume is dismounted first.

ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID.

Would you like to force a dismount on this volume? (Y/N) y

Cannot lock the drive. The volume is still in use.

Edited 2006-05-04 03:00

Reply Score: 1

But seriously
by vitae on Wed 3rd May 2006 17:55 UTC
vitae
Member since:
2006-02-20

Doesn't this make you want to be a tech writer? Easiest money a writer will ever make, you just can't afford to take much pride in it. But maybe those vacations to Maui and Mazatlan will make up for that empty hole.

Reply Score: 1

insecurity in windows is a feature
by bedo on Wed 3rd May 2006 18:13 UTC
bedo
Member since:
2006-01-03

I used to have windows xp home on my laptop; and my main user which is also has administration rights has a very long and strong password. I felt safe because I always updating my system and don't click on suspecious attachments or phishy websites.

But, after two years, I discovered that the root user (administartor) actually has no password. WTF is that;

Reply Score: 1

DrillSgt Member since:
2005-12-02

"But, after two years, I discovered that the root user (administartor) actually has no password. WTF is that;"

That's because when you set up the system you did not enter an administrator password. Not Windows fault you just clicked through without reading the screens.

Reply Score: 1

protagonist Member since:
2005-07-06

Seems to me I remember being forced to enter a PW when I set up my Mac. The fact that Windows does not do so just demonstrates what happens when your OS is insecure by design.

Reply Score: 2

house/windows
by narcissus on Wed 3rd May 2006 18:13 UTC
narcissus
Member since:
2005-07-06

If your house has windows in it, how safe is it?

Reply Score: 1

The day.
by Windows Sucks on Wed 3rd May 2006 18:30 UTC
Windows Sucks
Member since:
2005-11-10

I will start to worry the day when using my Mac or Linux machine means that I could get hijacked by happenstance.

The day I pick up the paper and read that a worm has devastated the Mac community. Then I will run out and get that virus scan that Mcafee has been trying to sell me.

As a matter of fact lets just take a simple glance at Mcafees website.

Hummmmm, almost all the vulnerabilities in Windows are rated medium, high and critical (Mostly high) while for Linux and Mac, although the amount is growing, the threat level is almost always low and medium. Why is that?

Here goes a link to the Mcafee threat center: http://www.mcafee.com/us/threat_center/default.asp

You get there and the first thing you see is:

BREAKING ADVISORY
April 24, 2006. There are no patches available for the Mac OS X vulnerabilities disclosed last week. As proof-of-concept code is available, Mac OS X users should be careful opening media files from unknown origin and visiting un-trusted websites. Learn More.

They then give you a link to this site: http://www.security-protocols.com/modules.php?name=News&file=articl...

(Strange that Mcafee doesn't have it's own research but is linked to a site that looks like a 15 year old put it together)

So I look through what they have listed on the above site and I see a bunch of Medium problems? And one listed as high that when you read through it should prob not be listed as high???

My point is that most of the bad facts out there about the Mac OS seem to be put out by people who want to sideline the Mac OS. None of this was running around till Mac went to Intel?? Hummmm, I wonder why! Anyway, call me when the mass outbreak happens and then I will worry. Till then lets continue to wonder when Vista will be out. I hear they are taking bets on Golden Palace.com to see if Vista comes out before or after Jan 1 2007. Place your bets now!

Anyway It's just a fact that the current versions of Windows are not that secure as the Mac OS or Linux. And when there is a hole (Why there are still so many holes in a 5 year old OS confounds me!) There are mush bigger effects to the machine if someone takes advantage of the hole.

Edited 2006-05-03 18:31

Reply Score: 1

so it is ok...
by dvhh on Wed 3rd May 2006 18:41 UTC
dvhh
Member since:
2006-03-20

... to get my document corrupted by a virus ? or even having a zombie running while I work with my comp.
hey why not asking a hacker to run a bot on my desktop.

More seriously security alert even if they seem insignificant should never been taken lightly. As much as backups are importants.

Linux / BSD sofware are "more" secure because of the auditing tools available for these systems (audit of source code and audit of setup). Plus these systems are not for the adverage user ( or if they do use them they are severly limited in the use of such system ).

We agree that there is not such thing as an impenetrable system when it offers networked services.

Reply Score: 1

RE: so it is ok...
by Windows Sucks on Wed 3rd May 2006 19:07 UTC in reply to "so it is ok..."
Windows Sucks Member since:
2005-11-10

? "Plus these systems are not for the adverage user ( or if they do use them they are severly limited in the use of such system )."

Hummm, my mother, brother, sister and grandmother all use Linspire on Desktops and Laptops. Granted Linspire is not great, but I don't worry about viruses, and I don't worry about them not doing the things they want to do, like Webcams, DVD's, Music, games, documents.

I don't know what you mean by limited. The only limits I see are the fact that some Windows apps are not written for Linux, but that is not a reflection of the OS it's self.

My brother didn't like it at first, but when he started to see his friends that use Windows dropping off like flies he was HAPPY to have his Linspire machine!

Reply Score: 1

RE[2]: so it is ok...
by rockwell on Wed 3rd May 2006 19:51 UTC in reply to "RE: so it is ok..."
rockwell Member since:
2005-09-13

//and I don't worry about them not doing the things they want to do, like //

... using 99% of the software the see at Best Buy or CompUSA.

//My brother didn't like it at first, but when he started to see his friends that use Windows dropping off like flies //

No offense, but your brother must have some very ignorant friends. I've used Windows OS's since 1995, and I've had maybe a half-dozen virii on the 15 or so computers I've used ... and both were immediately detected and deleted by my AV program.

Oh, the agony of using Windows. Yes, I see it clearly, now.

Reply Score: 1

v RE[3]: so it is ok...
by Windows Sucks on Wed 3rd May 2006 20:39 UTC in reply to "RE[2]: so it is ok..."
RE[4]: so it is ok...
by rockwell on Wed 3rd May 2006 21:15 UTC in reply to "RE[3]: so it is ok..."
rockwell Member since:
2005-09-13

//Wow, so I guess all users are ignorant but you? LOL! //

Umm ... do you even know what ignorant means?

In regards to the rest of your diatribe ... the point stands that you can (and many have) get a stable and virus-free Windows system, with minimal effort. *If* you follow some basic rules, it's pretty damn hard to get a properly-configured XP install hosed by virii/spyware/whatever. If you (or your brother's friends) can't be bothered with it, then that's your choice, and that's fine.

And ... of course, other OS's can be more secure, and other OS's are likely better candidates for some server work. But no OS is an universal answer for all IT problems. If you think that's true, then you really *are* ignorant.

Reply Score: 2

RE[5]: so it is ok...
by Windows Sucks on Wed 3rd May 2006 21:42 UTC in reply to "RE[4]: so it is ok..."
Windows Sucks Member since:
2005-11-10

There is no universal answer for any IT problem. But some answers are better then others.

The problem is that I have to "GET" a stable and virus-free Windows system! Which means as I have been saying that it's not even close to that out the box, not only do you have to do work to get it that way, but I have to spend extra money on extra software and pay a never ending license fee (For Mcafee or Symantec)to get even close. On top of that I have to get spyware software, I have to STAY on top of patches and install them like crazy! (Yes I must install patches on my Macs and my Linux machine, but I don't have to freak out when I do, and it's very seldom that I have to cry cause I didn't test the patches and my machines get jacked up.)

Yet it's not so hard to get the same thing for less work, less hassle and less maintainence for free.??? Now that is a sad shame.

I work in an office of 300 users, 250 on Windows 50 on Linux. The security team just runs passive scans on our Linux machines to check ports etc, since most problems on Linux are normally related to server software like PHP and Apache our desktops never make a peep! On the Windows side they have to run what they call a deep reflex scan, go all into the registry, looking for hidden spyware. We had to pay almost 200,000 to get the plugin to Mcafee enterprise that handles spyware removing.

Guess how much we paid for our Linux machines? $0 (Not including the hardware) And what did we do to make the machines secure, ummmmm, install latest patches, turn on firewall, done. Took all of 10 minutes. LOL!

So please when you compare secure to SECURE your best bet is to compare Windows to other Windows versions, not to real multi user operating systems.

On a final note Linux is as old as windows. Came out the same year if I am not mistaken. Yet Dos had as many virus issues as Linux has now. LOL! (And most dos machines were not even networked! LOL!) Shows you MS's history!

Edited 2006-05-03 21:49

Reply Score: 1

RE[6]: so it is ok...
by rockwell on Thu 4th May 2006 13:55 UTC in reply to "RE[5]: so it is ok..."
rockwell Member since:
2005-09-13

I agree with you in saying "out of the box" a desktop Linux system is more secure than XP ... goes without saying, for various reasons.

But, in regards to:
// but I have to spend extra money on extra software and pay a never ending license fee (For Mcafee or Symantec)to get even close. On top of that I have to get spyware software, I have to STAY on top of patches and install them like crazy! //

Extra money? I paid $0 for AVG AntiVirus, SpyBot, AdAware, and Kerio Firewall (and firewall software shouldn't be necessary in an office of 300 computers ...I'm sure you've got a Cisco PIX or other firewall already setup).

So ... zero dollars for antivirus/spyware checker/firewall.

And installing updates ... come now ... "set it and forget it" and reboot a few times a month? Not that big a deal, really.

Reply Score: 1

RE[7]: so it is ok...
by Windows Sucks on Thu 4th May 2006 14:48 UTC in reply to "RE[6]: so it is ok..."
Windows Sucks Member since:
2005-11-10

First off set and forget patching is crazy in Windows. For instance we just had to back off the April patches for Windows XP because like 200 users could not copy and paste or cut and paste in office XP without the dang machines locking up!

As for Anti Virus in an enterprise no one is going to use the Free version of AVG when it has no enterprise track record, people will buy Mcafee or Symantic.

And maybe I am not seeing it but the home version of AVG looks to be cheap but not free. (Unless you bootlegging it)

Spybot and Adaware are ok but they don't work 100% or even 90% and on top of that the free versions don't work in real time. So you can still get spyware and then you will spend a hell of a time trying to get the crap off (Which is why after testing we went with the Mcafee software for realtime spyware scanning.)

Wait, wait, wait why am I even going through all this, so what you can get all that crap for free? Why should I have to worry about that crap in the first place, I don't have to think about it on my Mac or on my Linux boxes?? But I have to spend extra time worring about it on Windows! That sucks.

And you are right, I don't need a firewall on the PC's (Even though on my Linux machines I have them turned on) But we actually have offices all over the world including China and Russia, which means it's possible (And has happened) that attacks could come from inside the network so extra protection doesn't hurt.

Edited 2006-05-04 14:55

Reply Score: 2

RE[3]: so it is ok...
by protagonist on Wed 3rd May 2006 23:09 UTC in reply to "RE[2]: so it is ok..."
protagonist Member since:
2005-07-06

"No offense, but your brother must have some very ignorant friends. I've used Windows OS's since 1995, and I've had maybe a half-dozen virii on the 15 or so computers I've used ... and both were immediately detected and deleted by my AV program."

Ahh, a newcomer to windows. :-) Actually, in times past when I used to run Windows and test for Symantec I kept several hundred thousand virii contained on my system. The number these days is much larger. Given that you would be hard pressed to round up more than a handful for Mac/UNIX/Linix, what more needs to be said?

Reply Score: 1

Yawn
by Buck on Wed 3rd May 2006 19:05 UTC
Buck
Member since:
2005-06-29

OSNews should also post this bit about an OpenBSD virus.
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0153....

Reply Score: 2

Yes again
by d4rkn1ght on Wed 3rd May 2006 19:12 UTC
d4rkn1ght
Member since:
2006-01-02

TechniCookie wrote:

"I guess its because some/many Mac users have claimed for many years (wrongly of course) that Macs were immune. This probably annoyed alot of people and they feel like saying "Haha! The bastards deserve it". But these news bits do remind me a bit about the story of the boy who cried wolf. There is still no real threat of virus infection to the Mac users."

There were Mac viruses for Classic back in the day. But even then Mac OS 9 viruses werenít as destructive as the ones in Windows of that time.

The Classic Mac OS has never been cracked. It was very secure because it has no telnet built into it and it didnít came with its ports open.

Of course that was in those times, if you want to crack Classic today with the new tools of today, thatís a different story.

Reply Score: 1

RE: Yes again
by Thom_Holwerda on Wed 3rd May 2006 19:30 UTC in reply to "Yes again"
Thom_Holwerda Member since:
2005-06-29

Of course that was in those times, if you want to crack Classic today with the new tools of today, thatís a different story.

Cracking OS9 and down (Classic) is pointless. It will crack itself.

Reply Score: 5

RE[2]: Yes again
by d4rkn1ght on Wed 3rd May 2006 21:32 UTC in reply to "RE: Yes again"
d4rkn1ght Member since:
2006-01-02

Thom_Holwerda wrote:

"Cracking OS9 and down (Classic) is pointless. It will crack itself."

You're right! Just like Windows 9.x crack itself even more today than it always did back then.

Reply Score: 1

RE[3]: Yes again
by someone on Thu 4th May 2006 13:50 UTC in reply to "RE[2]: Yes again"
someone Member since:
2006-01-12

Just like Windows 9.x crack itself even more today than it always did back then.

It has nothing to do with back then and now. Classic was never designed to be a multi-tasking OS, unlike Win9x. Cooperative multitasking was at best a hack and the stability and security of the OS suffered because of it.

Reply Score: 1

RE[4]: Yes again
by d4rkn1ght on Thu 4th May 2006 18:19 UTC in reply to "RE[3]: Yes again"
d4rkn1ght Member since:
2006-01-02

someone wrote:

"It has nothing to do with back then and now. Classic was never designed to be a multi-tasking OS, unlike Win9x. Cooperative multitasking was at best a hack and the stability and security of the OS suffered because of it."

Windows 9x wasn't a true multitasking either. NT and OSX are the true multitasking OSes.

Stability? Do you remember Windows ME?

With Windows ME I couldn't even open Office without a blue screen. No to mention how slow and terrible that OS was doing normal tasks.

On Mac OS 9, I remember been able to finish whatever tasks I was doing. Tasks like, Programming, Designing Pages, Recording music with ProTools, etc.

I wonder if these kind of discussions will happen when better OS than OSX and XP/Vista are around.

Reply Score: 2

RE: Yes again
by someone on Thu 4th May 2006 13:45 UTC in reply to "Yes again"
someone Member since:
2006-01-12

The Classic Mac OS has never been cracked. It was very secure because it has no telnet built into it and it didnít came with its ports open.

Classic didn't even have protected memory. That should tell you how secure and crack-resistant it is.

Edited 2006-05-04 13:47

Reply Score: 1

RE[2]: Yes again
by d4rkn1ght on Thu 4th May 2006 17:51 UTC in reply to "RE: Yes again"
d4rkn1ght Member since:
2006-01-02

someone wrote:

"Classic didn't even have protected memory. That should tell you how secure and crack-resistant it is."

Are we talking about crashing the machine? Because Windows and Mac OS had their equal crashes back then.

Taking control of the machine with malware or hack (cracking) was something easier done on Windows 9x than Mac OS Classic.

Reply Score: 1

v Firewall???
by seabasstin on Wed 3rd May 2006 19:26 UTC
mac magic
by grrr on Wed 3rd May 2006 19:58 UTC
grrr
Member since:
2005-09-03

Mac is safer not because it is technically safer but because a mac user is a nicer person and will not harm other mac users. This effect is so strong that even if a windows virus writer wants to try to write a mac virus as soon as he seats him self behind a mac he can not write a virus anymore.

Reply Score: 3

It takes one to understand one....
by Trollstoi on Wed 3rd May 2006 22:23 UTC
Trollstoi
Member since:
2005-11-11

Most OSNews readers probably don't understand this because of their literacy on the subject (computers in general) but in a noob point of view (me for example) the thing translates to:

-I will buy a Mac because I don't know how or don't want to have any concerns about security and someone told me Macs are 100% safe.

-Macs now can be exploited by malicious software...

-z0mg, what to do now????

It will take time to make people understand that any OS can be exploited in some way.

Reply Score: 1

OSX Security reminds me a Windows
by voidlogic on Wed 3rd May 2006 23:01 UTC
voidlogic
Member since:
2005-09-03

Security through obscurity will not hold out much longer for OS X. I recently wrote a blog on the general linux, windows, osx security issue:

http://blog.myspace.com/undriedsea

Mac OS X is much closer to Windows than Linux in security in my opinion, but please form your own ;)

Reply Score: 1

protagonist Member since:
2005-07-06

"Security through obscurity will not hold out much longer for OS X. I recently wrote a blog on the general linux, windows, osx security issue: "

I think you miss the point. It is not so much security thru obscurity, but rather security by design. There are far more servers out there running Linux than are running Windows. If your theory were correct the Linux servers would be the ones being compromised rather than the Windows servers. But that is definitely not the case.

One other reason Windows gets whacked so much is because it is just so darn easy to do.

Reply Score: 1

voidlogic Member since:
2005-09-03

I said: "Security through obscurity will not hold out much longer for OS X" this is becuase i belive OSXs security is based more on obscurity than design (see my blog for evidense of this). On the other hand, I belive Linux's security is based on good design (there are many more servers running linux than OSX, linux is a hacker target and holds up well). So you are reading more into what I said than what in really said. We are probably in agreement on the issue at hand.

Reply Score: 1

sappyvcv Member since:
2005-07-06

They do get compromised.

Reply Score: 0

Duffman Member since:
2005-11-23

I am sorry for you but your opinion just suxe.

What are you comparing with your charts ?

A whole OS (Mac OS X) security holes VS a kernel (Linux 2.6) security holes. Are you kidding ?


This sound just like a joke, especially when you are comparing the security holes of Mac OS X and the linux kernel 2.6 since 2003 when the last one was released in 2004 ...

Your blog is just another linux fanboy point of view ...

Reply Score: 0

voidlogic Member since:
2005-09-03

"I am sorry for you but your opinion just suxe."

You have a right to think so, but there is no need to be rude and disrespectful

Edit: Also, you are correct, so that means when viewing those graphs perhaps you should focus on the Severity, Locality and Type percentages rather than on total number of exploits. The smaller sample period may make the linux results there less relible, but there is nothing that can be done about that. I guess I thought everyone would make this realization when they looked at the data.

Edited 2006-05-04 14:18

Reply Score: 1

Duffman Member since:
2005-11-23

"but there is nothing that can be done about that."

Perhaps if you compare a Linux Distribution (which is an OS) between Mac OS X (which is also an OS) instead of a kernel between an OS, something can be done ...

The only thing you are proving is that the linux kernel alone as almost as security holes than Mac OS X or Windows.

Compare the Mac OS X kernel XNU between the Linux kernel and then you should be able to talk.

Reply Score: 1

voidlogic Member since:
2005-09-03

"The only thing you are proving is that the linux kernel alone as almost as security holes than Mac OS X or Windows."

A thousand pinholes is far better than a thousand semi sized holes. Its worth noting that Linux did have less than the other too. Your conentration on volume is not the concentration of my blog. I am talking about severity, locality and type.

Reply Score: 1

Duffman Member since:
2005-11-23

Again, you seems to not understand that almost all critical security holes came from software outside the kernel.

On Mac OS X, almost all critical security holes came from safari, not mac os x itself (and you are not obliged to use safari ...).

Reply Score: 1

Mac OS X Safe after all?
by robertojdohnert on Wed 3rd May 2006 23:48 UTC
robertojdohnert
Member since:
2005-07-12

I pretty much disagree with the author on his many points and here is why

http://rjdohnert.wordpress.com/2006/05/03/mac-os-x-safe-after-all/

Reply Score: 1

RE: Mac OS X Safe after all?
by sappyvcv on Thu 4th May 2006 14:25 UTC in reply to "Mac OS X Safe after all?"
sappyvcv Member since:
2005-07-06

I hope you get banned for linking your blog every damn time you comment and not actually putting your thoughts IN YOUR COMMENT.

Reply Score: 1

RE: mac magic
by Soulbender on Thu 4th May 2006 06:09 UTC
Soulbender
Member since:
2005-08-18

"Mac is safer not because it is technically safer but because a mac user is a nicer person and will not harm other mac users. This effect is so strong that even if a windows virus writer wants to try to write a mac virus as soon as he seats him self behind a mac he can not write a virus anymore."

I cant tell if you're being ironic or if you are completely delusional.

Reply Score: 1

RE[3]: so it is ok...
by Terracotta on Thu 4th May 2006 11:39 UTC
Terracotta
Member since:
2005-08-15

Mhm, there are other places to get software, on windows I'm not even capable of installing my favorite programs: konqueror, amarok, k3b...., besides, it really depends what task you want to do, there are almost always free alternativs that do match up to their commercial counterparts. Instead of looking at what program to use, one should better look to the task he/she would like to accomplishe. For games this is of course a bit different :s, sadly enough...

Reply Score: 1