Linked by Thom Holwerda on Wed 25th Oct 2006 19:29 UTC
Mac OS X Apple co-founder Steve Wozniak says that Apple did not need NeXT, the company that provided the foundation for Mac OS X; he argues that System 7 wasn't nearly as bad as it was made out to be. Wozniak also says that Mac OS 9 was more secure than OS X is now: Mac OS X is built in Unix and is therefore more prone to attacks because people are familiar with the holes in Unix, explained Woznaik. "Some of the holes in Unix are well known. So keeping Firewalls on is more important. And we keep announcing, even our own security fixes, not as many as Microsoft but still we never really had those in the OS 9 days."
Thread beginning with comment 175340
To read all comments associated with this story, please click here.
Holes of a different colour.
by twenex on Wed 25th Oct 2006 20:07 UTC
twenex
Member since:
2006-04-21

Now this is an example where security by obscurity DOES work: Apple OS 9 and earlier were closed-source systems, but they were also relatively obscure.

Subtract the internet, and you have a system which is more secure from attacks than the open-source and well-understood BSD. It has holes of a different colour to those of Windows.

Change one of those elements (so that OS <9 becomes an open-source, but obscure, OS, a closed-source OS as ubiquitous as Windows, or an OS as wide open to the net as OS X is now, and you have all the potential for this non-memory-protected OS to be every bit as insecure as Windows.

Reply Score: 1

RE: Holes of a different colour.
by jessta on Wed 25th Oct 2006 22:12 in reply to "Holes of a different colour."
jessta Member since:
2005-08-17

sure, obscurity works agains script kiddies doing wide spread generic attacks to make botnets.
But those sort of attacks aren't the one people should be worried about. They are easy to prevent on any OS.

Obscurity is pointless when a direct attack is made on you company by someone(competitor, theif, etc.) to steal your data or spy on you. The attack would have researched you company and know that you were running OS 9.
They would get a copy of OS 9 and do some random attacks on it's network services to attempt to uncover bugs, and surely there would be many because being obscure also means having less resources to search for bugs.

Or, the attacker might just send you an email with a malicious program attached that expoilts the lack of memory protection in OS 9 and gain complete control of your system.

Reply Parent Score: 1

Soulbender Member since:
2005-08-18

"Subtract the internet, and you have a system which is more secure from attacks than the open-soemse urce and well-understood BSD."

Uh, if you subtract the internet and any outside connectivity all systems are equally "secure".
You cant compare a connected BSD system to a disconnected OS9 system.

Reply Parent Score: 1

twenex Member since:
2006-04-21

True-ish. If you are working on a machine not connected to the Internet on which you have no administrator privileges, you can't install anything that'll damage more than your own user account.

Reply Parent Score: 1