Linked by Thom Holwerda on Fri 20th Mar 2009 13:51 UTC, submitted by google_ninja
Privacy, Security, Encryption Fresh from winning the PWN2OWN contest yesterday, Charlie Miller has been interviewed by ZDNet. He talks about how Mac OS X is a very simple operating system to exploit due to the lack of any form of anti-exploit features. He also explains that the underlying operating system is much more important in creating a successful exploit than the bowser, why Chrome is so hard to hack, and many other things.
Thread beginning with comment 354213
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Eye Opener
by vaette on Fri 20th Mar 2009 21:11 UTC in reply to "RE[2]: Eye Opener"
vaette
Member since:
2008-08-09

Still, you probably are much more secure on the Mac than on Windows anyway. This is so simply because Macs are targeted very seldom compared to Windows machines (not the most technically stylish way to stay safe, but very effective ;) . So, really, just making sure you are patched up and taking care in surfing iffy sites tends to be plenty.

Reply Parent Score: 1

RE[4]: Eye Opener
by soonerproud on Fri 20th Mar 2009 21:49 in reply to "RE[3]: Eye Opener"
soonerproud Member since:
2008-03-05

So, really, just making sure you are patched up and taking care in surfing iffy sites tends to be plenty.


That is very bad advise to rely on security by obscurity and patching your machines. Good security practices require a layered approach on all OS's. The problem with just relying on those two things is Apple has been notorious for being slow to patch flaws and the game could change at any time and there are signs that is happening now.

With Apple approaching near 10% in the US in market share and the popularity of the iPhone in North America and parts of Europe and Asia, OSX is starting to be a lot less obscure. Trojans now exist for the Mac and gray hackers are now demonstrating how easy it is to hack a Mac. Lets not forget that mobile OSX is real popular to crack and unlock. With all the media attention to the ease of exploiting OSX, cyber criminals now have a new target for easy pickings to obtain private and banking info. Mac owners tend to be well off financially compared to most PC counterparts and are much more lackadaisical about security in general. People that rely on security by obscurity are about to get a huge wake up call when thousands to millions of Mac owners have their personal information and identities stolen.

To sum this post up, the layered approach I suggested earlier is the only way to secure any PC connected to the net, regardless of OS. None of the suggestions I gave earlier will interfere with the end user experience and may actually enhance in the larger scheme of things. Buying a anti-malware suite should not be an issue to some one that could scrape up the money to buy the Mac to begin with, especially when the risk to your identity and bank account are at stake.

Reply Parent Score: 1

RE[5]: Eye Opener
by vaette on Sun 22nd Mar 2009 13:23 in reply to "RE[4]: Eye Opener"
vaette Member since:
2008-08-09

A bit late but still; The reality of the matter is that Mac is by far safer than Windows though, and I think it doesn't hurt to take that away from this. Not that one should feel overly safe certainly, but there are some rewards in a more heterogenuous technology landscape that should not be ignored.

Certainly no Mac user should feel the need to switch away from their platform on the count of security, it is not really thanks to Apple (except in that they failed to command a very large portion of the market) but it is still a pretty safe place to be.

I am also for that very reason a bit vary of the suggestion to use Firefox actually, since I would prefer that Safari/webkit grabbed a bit more marketshare to even things out. Firefox is becoming a big target, with both the downsides of pages catering to IE/Firefox and the obvious cracker attention.

But I wont say that you are *incorrect* in your suggestions, just that some notes on the realities of the dangers may be missing ;)

Reply Parent Score: 1