Linked by Thom Holwerda on Thu 25th Mar 2010 22:20 UTC
Privacy, Security, Encryption It's that time of the year again; that time of the year where news outlets get to indulge in sensationalist headlines about how Mac OS X got hacked in twenty seconds. Yes, CanSecWest just held its Pwn2Own contest again, and they fell like drunk 16-year-olds this time (don't read too much into that one, please).
Thread beginning with comment 415319
To read all comments associated with this story, please click here.
Good Job
by kaelodest on Fri 26th Mar 2010 00:25 UTC
kaelodest
Member since:
2006-02-12

Honestly Chris Miller seems to have done his homework correctly and thoroughly. Now there are ways to tighten the OS and as a Mac guy I will stand by my tools and techniques. At the same time talking "Mac Security" to Mac users is like leading stupid horses to water. My favorite user(My Wife copy/pasted a link into Safari and pow '0wn3d'). No amount of code signing or address space randomization will replace solid understanding of what I am doing just good situational awareness. So the Next level of responsibility falls to Network Security, I hit the switch on the router. Then I checked my firewall logs and settings. Then I checked the logs on the Mac and the firewall again. It was trying to telnet her/our address book somewhere, that port was blocked, and now that address is blocked. If it hadn't happened in real time I suppose I would only have theory on what I (as more than just a random end user/ my kids or carol in Accounting…) would do if my unhackable box got hacked.
Does this mean that I am safe or less safe on a Mac? or on a PC? or some FOSS/Linux? My wife kept asking me if we were safe. And I suppose that we still are basically as safe as we want to believe. And out in the world or on some open/unencrypted network - Well if it can happen at home (and a failed hack is just as good as a fire for me) then it can happen 100% easier on an uncontrolled network.

Reply Score: 2