While Snow Leopard includes some improvements in the area of security, noted security researcher Charlie Miller, winner of two consecutive "Pwn2own" hacker contests and co-author of The Mac Hacker's Handbook, concludes that Apple missed the boat on security in Mac OS X Snow Leopard. "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," Miller said.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2009-05-20
Oh, no! I can play this game too:
Linux: Found: 9298 Secunia Security Advisories, displaying 1-25
Os X: Found: 18085 Secunia Security Advisories, displaying 1-25
Oh, no!
Member since:2006-05-09
Come on guys, if MacOSX would have the marketshare Windows has, *Leopard would have more security issues than any version of Windows.
Anyway, all this people concerned about OS security shows some kind of paranoia; we need to have reliable systems, with some kind of security, of course, but, let's be real, almost all of us do not have superdoopersecret information in our boxes, viruses infecting and erasing ALL our sensitive data are not every day beer and almost all of us do not have a hacker friend trying to break the security of our boxes to steal our.... photos or music...
I think almost all the responsability of the security in my box, depends more on me than on the OS.
Edited 2009-09-16 16:03 UTC
Member since:2005-06-29
No.
I asked for two massive infections, i.e. the types we saw during the Windows XP days. Windows Vista has seen none.
The SMB issue is a security flaw - not a massive infection. And linking to Secunia is silly, as if you look at Secunia's Mac OS X figures between 2006 and 2009 (which is the timespan of the Vista figures), it lists 71 of them.
Of course, none of those (either on Windows or Mac OS X) have lead to massive infections of up-to-date systems, so your point is moot anyway.
So, let me simplify the question: give me 1 massive infection on Vista.
Member since:2005-04-01
Your definition of "massive infection" is wonky, Thom. There is malware and spyware ALL OVER Vista machines. That's just as bad, if not worse, than the "massive infections" you're talking about (virus/worm) because they are usually not as easily spotted and they persist and reduce system resources/speed/responsiveness.
Holes in Java and Flash still give people a successful doorway to Windows, and we simply don't see that on the Mac. So I think the article is fair: OS X security is not up to par, but it really doesn't matter on the grand scale, you're still more vulnerable on Windows.
Member since:2006-01-02
Obviously that number is not perfect and everyone is shooting for zero. But it's pretty hard, and one always has to be ready to issue patches and use defense in depth.
In comparison, there have been 84 such advisories reported in just the 2.6 kernel of the Linux OS stack over the 2007-2009 time period.
Member since:
2005-07-06
Remote Vulnerability Reported in Vista, Windows 7 and Server 2008
Reports are spreading this morning of a remote network vulnerability in the SMB2 protocol, affecting Windows Vista, Windows Server 2008 and Windows 7. Earlier versions of Windows, including Windows XP, are not affected. File sharing has to be turned on, which is not the default.
The initial report, and the one with the most detail, is on Laurent GaffiƩ's blog, The key part of the description: "SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality." He includes a proof of concept exploit and HD Moore is working hard to get it into Metasploit.
http://blogs.pcmag.com/securitywatch/2009/09/remote_vulnerability_r...
ALSO ***69** MORE vulnerabilities for VISTA HERE:
http://secunia.com/advisories/product/13223/?task=advisories
Thom is that enough for you???
Edited 2009-09-16 15:54 UTC