Linked by Hadrien Grasland on Sat 25th Jun 2011 08:55 UTC, submitted by John
Mac OS X "Using a Mac may certainly be a safer choice for a lot of people as despite being vulnerable they are not targeted. However this is not the same as Macs being secure, something Eric Schmidt erroneously advised recently. I may be able to browse impervious to malware on a Mac at the moment, however I personally would not be comfortable using a platform so easily compromised if someone had the motivation to do so. In this article I address just why OS X is so insecure including the technical shortcomings of OS X as well as Apples policies as a company that contribute to the situation."
Permalink for comment 478559
To read all comments associated with this story, please click here.
RE: Just another article
by pantheraleo on Sat 25th Jun 2011 15:12 UTC in reply to "Just another article"
pantheraleo
Member since:
2007-03-07

I think the simple fact that you have to enter an Administrator password for these things to gain access to your Mac is a pretty good deterrent against a widespread attack.


Except you don't have to enter the admin password for many attacks to work on a Mac. For example, I could send you a trojan'd executable that when you run it, will email me everything in your Documents directory. You wouldn't be required to enter any password because it does not need admin permission to do that. I could also email your Apple Mail folders to myself and then harvest email addresses, emails from your bank, etc. Again, no admin permission required because these directories and files only need user permission to be able to access.

Also, keep in mind that the latest versions of MacDefender do not require you to enter the admin password in order to do their dirty work.

I may be wrong, but I think Mac users are pretty wise to such tactics.


You actually are wrong about that. A study conducted by Evan's Data I think it was found that Mac users are actually more vulnerable to being tricked by social engineering attempts than Windows users are. They are more likely to fall for phishing attempts for example. The reason appears to be that many Mac users don't seem to realize the difference between phishing scams, trojans that try trick you into entering admin passwords, etc., and actual "viruses". And Apple has been spending so long telling them that their Macs don't get viruses, and are secure, that many Mac users believe they are immune from phishing attacks and trojans as well.

There definitely needs to be more education of Mac users when it comes to this.

One can ramble all one wants to about technical shortcomings, architecture flaws, anything you want as a reason an OS is "insecure", but the fact there are and has never been, any attacks, trumps all that hoohaa. [/q]

Edited 2011-06-25 15:14 UTC

Reply Parent Score: 7