This article looks at vulnerabilities detected in Mac OS X in the first half of 2006. It compares these vulnerabilities to those detected in the first half of 2005, providing an overview of the evolution of threats targeting this increasingly popular platform. While the author believes that Mac OS X is pretty secure by default, he states that “like any other platform, Mac OS X has software flaws. Such flaws inevitably draw the attention of malicious users, especially if users don’t think they need to take action to protect against possible threats.” In the meantime, Apple has launched a Bluetooth version of its Mighty Mouse.
>> I believe that out-of-the box machines running under Mac OS X are more secure than those running under other platforms.
Yeah, right. I run Windows box without any antivirus software and I get no viruses. The weakest point is usually between chair and keyboard.
While XP has indeed gotten secure, if you think about security as a metric, that means if I were to test the security of an out of the box XP (ok all updates installed) to an out of the box Mac OS X with also its updates installed, and I head out to some questionable websites (you guys know what i mean ;P) then you will see the XP machine zapped whereas the the OS X machine will be just fine. I think that is another big part of security. You are keeping your machine secure by restricting yourself to only certain parts of the web. If one were to visit the other parts of the web, the XP machine would be dead and thus that would prove wouldnt it that OS X is indeed more secure than XP?
He said that the OS is more secure that the others, he didn’t include the human factor because he was comparing OSes specifically:
A virus on windows has more ways to do damage, more chances to get admin rights, more ways to propogate.
I’m not saying the human factor doesn’t exist, but that’s not what this article is about. OS X as an OS on its own is more secure by default than Windows: Fact.
Well I suppose I’d tend to agree with you, in that I don’t feel quite so paranoid when I’m on a OS X machine as I do when I’m on Windows. But I still wouldn’t make such a blanket statement.
OS’s can do a lot of different things. So yeah, if you’re going to tell me browsing the web is safer with Firefox on OSX as opposed to IE on Windows, then yeah, I’ll whole heartedly agree. But if you’re going to go and tell me that apache running on OSX is more secure than apache running on Windows XP, then I’m not so sure this is going to be “fact” as you put it.
Hehe, on a side note, I’ll take Mandriva, Xandros, CentOS, Red Hat, Fedora, Solaris, or FreeBSD any day of the week over OS X or Windows (sorry, just had to get silly on it).
Hehe, on a side note, I’ll take Mandriva, Xandros, CentOS, Red Hat, Fedora, Solaris, or FreeBSD any day of the week over OS X or Windows (sorry, just had to get silly on it).
LOL hey, that’s ok. What’s this site coming to if you can’t joke around anymore, right?
The thing is that you cannot gauge security based on the number of exploits alone, but by what the OS and software has in place to put security in mind.
Now, lets say for example that there were two zero day exploits in use, one for OS X browsers and one for Windows browsers. Let’s also say for the sake of example, that OS X usage was exactly 50% and Windows usage was also 50%. A lot of people write off OS X security as only perceived because it’s not being targetted, but let’s say for our hypothetical example it is.
Now which of these two has the better security? Both were exploited and both had unpatched flaws! Does that make both of them insecure? That’s a different thing entirely. All OSes, and all software, critically, can have flaws.
My Point is that in a hypothetical world where OS X and Windows have equal exploitation on the web – OS X would suffer the least damage due to Unix permissions, and Viruses would have less vectors for propogation. It is this by which security of an OS is measured – not just “Browsing the web” until you get hit by a virus.
Yeah, right. I run Windows box without any antivirus software and I get no viruses. The weakest point is usually between chair and keyboard.
Mich like some people don’t wear seat belts because they consider themselves safe drivers. Accidents only happen to other people.
But I’m curious, if you run a Windows box without any antivirus software, then how exactly do you know you don’t get any viruses?
Or is this one of those “tree falling in the forest” philosophical conundrums?
“Much like some people don’t wear seat belts because they consider themselves safe drivers. Accidents only happen to other people.”
Much like people who drive SUVs end up in the ditch as soon as the snow starts falling because they consider their car having superior handling. Accidents only happen to the inferior front wheel drive cars.
<i >”But I’m curious, if you run a Windows box without any antivirus software, then how exactly do you know you don’t get any viruses?”[/i]
Let me ask you this: If you are running a Mac OS X box, obviously without an antivirus, how exactly do YOU know that you don’t get any viruses?
”Or is this one of those “tree falling in the forest” philosophical conundrums?”
No, it’s mostly one of those “I know all the processes running and what they do, and no suspicious applications are trying to gain access to the internet” philosophical conundrums.
I thinnk the other thing is this; the only time I’ve ever seen someone get infected by an adware/spyware/worm/virus are in these cases:
1) The receive an email, and are stupid enough to open an attachment; for me, I delete all attachments; want to send me something, give me a prior warning.
2) Downloading either bootleg software, crackers or serial generators; my brother for example, downloaded a serial generator for a programme; it was innocent enough, a *rar file with a serial.exe file, and the usual *.txt and *.nfo files; and when he ran the exe, nothing happened, so he ran it again; little did he know, his computer had been infected.
In a nutshell, I’ve run Windows without a virus checker or a firewall, and yet, it brings to fits of laughter when I hear people spontaneously getting infected and claiming they did nothting, when in reality, they were doing something stupid.
Just to point out, most of the people who don’t run local virus scanners on their Windows box (myself included) use some sort of online scanner. I used to use Trend Micro’s free online scanner if I noticed any fishy behaviour or slowdown.
Just to point out, most of the people who don’t run local virus scanners on their Windows box (myself included) use some sort of online scanner. I used to use Trend Micro’s free online scanner if I noticed any fishy behaviour or slowdown.
JI really don’t see how not running antivirus software is “moronic”.
Let’s look at it logically.
Anti virus software is just reactive; it picks up a nasty virus and tells the user “looks like you’re hooped”. It isn’t like it actively fights off viruses. Normally by the time the virus scanner has picked up a problem, the system has been rooted (to one degree or another) and the only true fix is a reinstall.
I really don’t understand the people who run a virus scanner 24/7, detect the virus, use a weak built in “virus cleaner” tool, and keep on running the same system. As soon as a box is compromised, it should be taken offline and wiped.
The only piece of software I think your “moron” statement could apply to is a firewall (and that’s regardless of the OS).
A/V scanners aren’t a one-step solution, they’re a component of a multi-layered security approach, whether you’re talking about home users or global corporations.
Online scanning solutions are a good fall-back, but that is a passive approach. A good A/V scanner or content filter can be an active approach that will catch the bad stuff as it comes through, whether it’s by filtering everything coming through the network port or being written to the hard drive. Quarrantine it and take action immediately and automatically. What good is it finding out a week or two after the fact? You’re also assuming that you’ll “sense” malicious activity from slowdowns. I won’t call that moronic, but it is naive.
Will an A/V scanner block everything and secure your system? Of course not. Like I said, it’s a single component and hardly bulletproof. But to dismiss it is like saying, why bother locking my car if people can break a window anyways. Why would you want to make it easy?
Price isn’t an issue either. I use AVG on most of my personal systems, it’s free and works like a charm. But I also use it alongside ZoneAlarm and MS Anti-Spyware (laugh if you eant, it works well.) All free. Multi-layered approach, zero cost, and imperceptible impact on system performance. Mostly inobtrustive unless something bad happens. Again, it would be like turning down free home, life and auto insurance because you think you’ll never need them.
Good system, network and application design goes to great lengths to ensure that things are coded securely and can’t be broken. Users need to have trust in the infrastructure in order to work effectively.
Good security design assumes that all that good design in networks, systems and applications means nothing, and people will find holes in the system, so you’d better take every reasonable step to protect yourself, even if it seems redundant or unnecessary. Really good security design assumes you will be hacked anyways despite your security barriers, and plans appropriately.
Smart computing is important, but again, relying on it is futile. Certainly things like visting pr0n sites, or warez, or downloading P2P carries risks. But when browsing conventional sites like The Register or MySpace become vectors via ad-banner exploitation, for instance, you may as well cut yourself off from the net completely if you don’t want to secure your system.
OS X and Linux users (I’m a mostly full-time linux user myself) are living in a temporary nirvana. If either platform sees widespread adoption, and this is very very slowly starting to happen with OS X, they’ll start to see more vulnerabilities, whether at the OS level or the application level. Sh!t happens, and the best engineering in the world can’t prevent it, so it’s best to take every possible step to protect yourself from the unexpected. It’s all about hoping for the best, and expecting the worst.
The last thing you should be doing is assuming you’re secure because you “know” how to use your system safely. You’re creating an implicit trust chain between yourself, your software vendors, your hardware manufacturers, and the people you communicate with. If any one of those links is broken, you’re invariably screwed. Be safe, not sorry. There’s no shame in being paranoid, because people on the net are, in fact, out to get you.
Yeah, right. I run Windows box without any antivirus software and I get no viruses. The weakest point is usually between chair and keyboard.
Ok. Fine. How do you then know which viruses, worms & spyware your Windows machine has installed, – and is right now hosting, serving and maintaining ?
Even if you had any of the major AV.apps installed on your Windows they would only, on the average, detect 20% of new malware.
The keystroke loggers on your Windows PC must be producing tons of nasty smiles in the other end of your TCP/IP-line, – reading your post
On the 19th of July 2006 ZDNet AU writes
Eighty percent of new malware defeats antivirus
http://www.zdnet.com.au/news/security/soa/Eighty_percent_of_new_mal…
Sure, I’d buy that. Heck, I’d expect the number of new viruses and whatnot to defeat antivirus even more than eighty percent of the time. I spose virus writers aren’t always original.
With that said, if you keep your anti virus software up to date on a regular basis then you’re still going to be a lot better off in the long run. I mean, sure the virus writers will have a window of opportunity every now and again where you’re vulnerable to the latest and greatest MS Nimda Code Red Slammer worm, but hopefully it will only last a few hours to at most a few days.
At any rate, I do agree with you I guess is what I’m getting at. You’re a moron if you don’t run antivirus software on your Windows PCs.
I really don’t see how not running antivirus software is “moronic”.
Let’s look at it logically.
Anti virus software is just reactive; it picks up a nasty virus and tells the user “looks like you’re hooped”. It isn’t like it actively fights off viruses. Normally by the time the virus scanner has picked up a problem, the system has been rooted (to one degree or another) and the only true fix is a reinstall.
I really don’t understand the people who run a virus scanner 24/7, detect the virus, use a weak built in “virus cleaner” tool, and keep on running the same system. As soon as a box is compromised, it should be taken offline and wiped.
The only piece of software I think your “moron” statement could apply to is a firewall (and that’s regardless of the OS).
That’s not how virus scanners work. They usually monitor each executable file, or file that can be infected by viruses like Office documents, and will alert you when it notices the presence of a virus in any of these files. This alert prevents you from running said infected file, and thus *preventing* the virus from spreading to your entire system. This is in stark contrast to your view of how anti-viruses work (i.e. only being run when your system has already been infected).
Thus, not running an antivirus is a moronic thing to do, since it’s more preventative than reactive.
“Thus, not running an antivirus is a moronic thing to do, since it’s more preventative than reactive.”
That’s sorta correct. While an running anti-virus software is a preventative measure towards not getting a virus, anti-virus virus definitions are reactive to new virii. You just have to hope your anti-virus software vendor of choice reacts quickly.
I’ve seen plenty of people still get infected with virii even when running fully up to date antivirus software. This however is often not the fault of the software, rather the users reaction to what the software is telling them.
In turn I’ve seen machines that do not run anti-virus software realtime but do periodic checks remain free of virii.
Ok. Fine. How do you then know which viruses, worms & spyware your Windows machine has installed, – and is right now hosting, serving and maintaining ?
I also use Windows without any anti-virus or anti-spyware applications, but I occasionally install (and update) them just to make sure my certainty that I’m not stupid enough to get my machine buggered over is right.
Oddly enough, I’ve been 100% accurate the entire time. Funny that…
Alright, that MacOSX security newsitem was just an excuse for telling us about the real thing: the Bluetooth Mighty Mouse!
I’ve been waiting for it.
If you are running Linux … say Debian. How do you know your server isn’t owned?
Various intrusion detection software kits, log monitoring, rootkit checkers, etc. Of course a _really_ good pro cracker _might_ be able to hide in the system undetected. Most of the cracked boxes I’ve read about (linuxquestions.org security forum has some interesting stories) are through script kiddies who follow a specific process (ie: replace key binaries, download eggdrop, etc.).
Plus, a lot of the time a careful system admin may be able to tell if the OS is acting “differently”. Maybe log files a little smaller than usual, a few quickly changing processes, lots of network traffic, etc.
Well, they’ve done it to Debian a couple of times.
http://news.soft32.com/debian-server-hacked_1861.html
Hi all,
I can relate to the elitist attitude witnessed by some in the community, but I guess I can also relate when that same situation is applied to the Linux community too. That said, I think that these two gentlmens switch to Linux will be a posative one. I understand that they are using Ubuntu, while not one of the ‘hardcore’est distros around, it is one of the most popular at the moment and also the one which in my opinion has the most community resources for new users seeking help (seconded by Gentoo).
It is a generalisation, but I believe most people are right when they compare most Mac users to Christians. They really do take things WAY too seriously and they don’t hesitate to bite if you upset them in the slightest. I guess that is a defense mechanism they have developed over the years to help combat the feeling of being part of a smaller community (not worse off or inferior mind you! Just smaller.)
I like Macs… I just don’t buy them.
It is a generalisation, but I believe most people are right when they compare most Mac users to Christians. They really do take things WAY too seriously and they don’t hesitate to bite if you upset them in the slightest. I guess that is a defense mechanism they have developed over the years to help combat the feeling of being part of a smaller community (not worse off or inferior mind you! Just smaller.)
It’s quite funny to see people equating fanaticism and zealotry with Christianity, especially given the past couple of years. When was the last time you heard of Christians ‘biting’ (lobbing head off, shooting, murdering, etc) someone they disagreed with? I suppose, Christian bashing is much more acceptable (and safer!) than bashing others.
I’ll give you that it is easier to take pot shots at Christians, but their zelotry really can be quite intrusive at times, so I feel quite justified in my statements. That said I think all religions are just as naive in their beliefs and actions.
The only way to evolve is to let go of such archaic beliefs, maybe then we can explore the universe together in peace and harmony.
Please tell me you’re joking. If your solution to every problem is reinstalling I know for a fact you must be running Windows. No other operating system gets screwed up so quickly, so easily, and so often that reinstalling is truly the easiest way to deal with problems for some people.
There is no reason to run anti-virus software on Mac OS X at this time. It does have a few detected security flaws now and then, but they are often fixed and rarely exploited. There are no real peices of malicious software for OS X that the average user has any serious chance of obtaining.
Mac OS X is more secure than Windows in both ways:
1) Through obscurity. Even if Mac OS X did have more security flaws than Windows most of them probably would not be discovered and even feweer would probably be exploited because its user base is much smaller and seems to be less conducive to malicious software at this time.
2) Through design. Mac OS X is a more secure operating system than Windows XP and Windows Vista. There are less security flaws, period. If Mac OS X and Windows went open source tomorrow it would be the shit storm of all time – hackers would be busy for 2 years taking advantage of Windows security flaws. Mac OS X, not so much.
Now, that’s the operating system. I’m not saying that every application on Mac OS X is superior to its equivalent on Windows.