Linked by Eugenia Loli on Tue 1st May 2007 00:35 UTC
Privacy, Security, Encryption Dino Dai Zovi, the New York-based security researcher who took home USD b10000 in a highly-publicized MacBook Pro hijack on April 20, has been at the center of a week's worth of controversy about the security of Apple's operating system. In an e-mail interview with Computerworld, Dai Zovi talked about how finding vulnerabilities is like fishing, the chances that someone else will stumble on the still-unpatched bug, and what operating system - Windows Vista or Mac OS X - is the sturdiest when it comes to security.
Permalink for comment 236084
To read all comments associated with this story, please click here.
RE[2]: True
by evad on Tue 1st May 2007 09:37 UTC in reply to "RE: True"
evad
Member since:
2005-09-10

The sad part of it all is 90-95% of the available Linux distributions are in the same boat as OS X: lack of active security due to arrogance of distro devs/complexity of implimenting them.


This is a rather rude, inflammatory personal attack on developers of OS X and Linux distributions. You are, of course, allowed to say such things but I think you should at least defend your claims.

Nobody is perfect at security - and nobody can be. It is not fair to argue that "90-95%" of linux distributions have arrogant developers who produce operating systems that have worse security than Vista. You present no evidence to back up this claim.

I will, on the other hand, present evidence:

http://www.debian.org/security/
http://www.ubuntu.com/usn
http://fedoraproject.org/wiki/Security
http://www.novell.com/linux/security/securitysupport.html
http://www.apple.com/macosx/features/security/

You didn't state this, but, how on earth can anybody claim Mac OS X has no "active security"? They rely on the security built right into the Unix core (yes I know, this is an old claim) - but that didn't stop them having (1) Auto Update - just like Windows and Linux distributions. (2) A firewall - just like Windows (and, uh, Linux, depends on the distribution!).

The original post mentions "active security", and you say OS X and Linux does not have "Active Security". I'd like you to first tell me what Active Security is. It seems you are throwing two acronyms around - ALSR and NX.

Well guess what. Linux and Mac OS X support the NX bit and have done so for a while. Mac OS has supported NX bit ever since Apple released an Intel Mac OS X. Support was added to the Linux kernel in 2004. Many other operating systems support it.

Amusingly, there has been something called PaX available for the Linux Kernel which does exactly what ASLR does. PaX however has been in existence since 2000. PaX also does a heck of a lot more than the Windows kernel does. Sadly, and I don't really know why, most distributions don't compile it into their Kernel - I might be missing a key reason why they don't.

I'm now going to throw around some acronyms and names regarding Linux security: you can look these up yourself before claiming Vista is far better. Linux Security Modules, grsecurity, SELinux, ExecSheild, AppArmour, Linux Intrusion Detection Systems (LIDS).

Windows doesn't have them, the developers must be arrogant!

In reality, Microsoft, Apple and lots of open source companies and groups care deeply about security and they all work hard to make their operating systems as secure as possible. The last thing this debate needs is slander and personal attacks - it needs real evidence and constructive criticism.

Edited 2007-05-01 09:39

Reply Parent Score: 5