Star Miller: Macs Less Secure, But Safer than Windows Machines
Linked by Thom Holwerda on Thu 26th Mar 2009 20:51 UTC
Law and Order Winner of this and last year's PWN2OWN contest Charlie Miller made some bold statements last week, stating that Mac OS X is easier to exploit than Windows. In a new interview with Tom's Hardware, Miller explains that that doesn't mean users should avoid Mac OS X for security reasons. He also gives a little more insight into his winning exploits, and what exactly they do.
E-mail Print r 2   · Read More · 47 Comment(s) http://osne.ws/gd9
Permalink for comment 355393
To read all comments associated with this story, please click here.
RE[2]: From the article ...
by rom508 on Fri 27th Mar 2009 12:24 UTC in reply to "RE: From the article ..."
rom508
Member since:
2007-04-20

Although I don't agree with your definition of "rooted" (considering you are really talking about NOT getting root) I agree with your comment. Me too have been in debates with linux geeks and been presented the same argument. "linux is more secure because you don't run as administrator". That may very well be, but you are still f--ked when the attacker can read all your documents which just happens to be stored as your regular user, run your webcam and mic since applications running as regular users have access to these, and so on. Of course, what they can not do is to statically inject code into executables where the user only have the rights to execute. That is still something, but what really matters is the user generated data that the attack would have access to, and the attacker WILL have access to the resources the user has access to.


A bigger problem is if your user account is compromised, it opens an attack on the rest of the system. OS kernel can have security flaws that a hacker can exploit to gain privilege escalation. The same applies to the suid executables which are run by the users and executed as root.

Reply Parent Bookmark Score: 1