Based on the number of vulnerabilities announced in 2002 that affect operating systems, the SCO Unix, Apple Macintosh and Compaq Tru64 Operating Systems appear to be the least prone to hacker attack and damage from viruses and worms. This is one of the startling conclusions of the end-of-October 2002 analysis of digital attacks to be released on 1st November.
MacOS, SCO Unix, Tru64 Least Vulnerable to Attack
2002-11-01 Privacy, Security 27 Comments
Is it UnixWare?
Is it SCO Openserver?
Is it OpenUnix?
I remember http://www.army.mil swtiched over from IIS running on NT4 a couple years ago to MacOS (Not OSX) due to security issues
How many tru64 and SCO based systems are there out there? Not very many. Especially when compared to Linux, FreeBSD, Solaris, Windows, even NetBSD, OpenBSD, and BeOS.
The less exposure an OS has, the less likely that someone will find a vulnerability.
As for MacOS, how many MacOS systems run any services? Not that many, and if they do, it’s something not traditionally exploitable (ahem, apache) for ANY platform.
Just my $0.02
nobody uses them.
Most SCO installations are not even connected to the internet; MacOS is rarely used as a server. As for Tru64, I don’t know.
Notice Mac OS, Tru64 and Sco UNIX (OpenUNIX) all are least vunerable to attacks. I know why. Look at their respective markets. They have a small and shrinking market share.
Sco UNIX (OpenUNIX) ? They didn’t mention the actual OS anywhere in that writeup.
Tru64 certainly has a shrinking marketshare, because Companq and now HP decided to kill it. Same goes for MacOS (non-X), but I wouldn’t be so sure about some of the SCO products (for a fact, OpenUnix is growing, not sure about OpenServer and UnixWare).
Mac OS was called “secure” because it didn’t have command line execution, everthing was click’n’go .
So what if it didn’t scale and uptime was not a question -it was “hacker-proof”.
How about this comment on the bottom – they have collected data for 7 years and result is – over 101,000 overt digital attacks and 6,100 hacker groups. I’d suspect more. They should check insurance claims.
Experts have come to the conclusion that the most secure OS is GeOS on the Commmodore 64. Some other experts however affirmed that the east-hungarian version of the latter was nowadays used by absolutely noone for any public service. Therefore making it the definite choice for security, assuming it running is behind a firewall blocking all ports, just in case.
OMG, I only just realised it’s our old friends Mi2g.
IIRC, Unixware is directly based on SCO Unix. I’m not so good at this…..
I’m sure it had none
One is based off the original source of UNIX from AT&T after SCO bough it off Novell. The other version is based on Xenix which was bought off Microsoft during the early 80s IIRC.
Now, I think Xenix —> UnixWare
AT&T UNIX —> OpenServer
Actually, I’m pretty sure it’s the other way around.
SCO bought Unixware off Novell, so I’m assuming that is the version that came from AT&T
What I would like to know is why they need two different versions of UNIX? What market does each one satisfy such that they couldn’t have discontinued one, just as HP is going to do with Tru64?
Pre OSX MacOS was secure because there was no way to remotely control the OS. You had to be sitting in front of it, using the attached input devices. But it also relates to what you said, no command line execution means you can’t execute system level commands from a remote machine. Also it was a single user OS.
“Also it [Mac OS] was a single user OS.”
That’s funny, because I’m logged in as a seperate user under Mac OS (non OS X) right now…
bitgeek: but can you be logged in as 2 seperate users at once?
There is 3 general levels of multi-user
there is no multi user or profile aka BeOS
there is multi-profile eg win9x
Then there is true multi user aka *nix
Of courses there are levels inbetween and such, but those are the general groups. I would suspect MacOS fits into the middle group
This is why I gave my mother-in-law BeOS
The fact that some Oses issues less number of security problems or patches does not mean that they are secure. With this criteria, it is not the Mac OS but Atheos or some other not very well known OS is the most secure system. So somebody here is lying and distorting facts.
Also even though an OS may be more secure than the other, it doesn’t mean that it is a good OS. Security is generally achieved with less number of features, less information and less usability. So even though an OS is really really secure, it may mean that it lacks lots of useful features, very hard to use and so on.
Another issue is that if you have 99 Windows and 1 another OS, it is more likely that you will find a problem with Windows. It doesn’t mean that the other OS doesn’t have any vulnerability, but it means that you have a far more better chance of finding a hole in Windows. Also related with this, even though a hole is found in the other OS, since the market is mostly owned by Windows, it is highly likely that nobody will care about the hole in the other OS. As a matter of fact although people will count two related holes in Windows as separate holes, in the other OS, people will likely count them as one.
the point is that there is no such thing as SCO Unix. That’s why I was peeved at the article from the word “go”.
The Wizard: they have 3 versions of Unix, 4 if you count Linux (but “Linux Is Not UniX”)
I am not 100% sure, but:
UnixWare: the big bad Unix, super-scalable superstorage, lot’s of CPUs and memory, lots of enterprise apps existing. Mostly for databases and application servers.
OpenServer: it’s I think their older Unix, for workstations, webservers workgroup/department fileservers.
I used both OpenServer and UnixWare, and my impression is that OpenServer is much lighter on the computer’s resources (I.E. you can run it on a 486 with16 MB RAM).
OpenUnix (their 3rd Unix) is the newest in the family: is still uses the superscalable UnixWare kernel, but it has also the Linux Kernel Personality for running Linux applications. I think it has the full Linux userland.
The TRS-80 reigns supreme !
Now available in Beowulf cluster flavour –
This study has got to be flawed. Search bugtraq – you will find NO remote vulnerabilities for OS/400. It may be slow and expensive, but in this case security through obscurity has definitely worked.
Umm, probably they are safer because NOBODY USES THEM.
I’d be Syllable’s pretty secure
What about VMS? Many people out there think VMS is dead but they are wrong. The US gov’t still runs VMS on its critical systems. And, right out of the box, VMS is C2 certified.
I agree that there are serious flaws in the analysis, but there’s a stricking result that seems consistent with the data:
* windows gets a lower vulnerabiility rate (attacks/market share) than linux or freebsd.
I wonder whether there results are product of biases in the sample that are making these results trivial (e.g. these are just servers, open source communities are more prone to post warnings, etc.) or they actually show that linux/freebsd are more vulnerable.
PS: I wouldn’t make much of the ‘winning’ OSs: the numbers are so small that they’re far from being significant.
With the Mac having a lot of it’s routines in it’s toolbox ROM (firmware) does that also limit the effectiveness of hackers/virus writers?
Santa Cruz Operation (SCO) developed Xenix (based on UNIX System III). Microsoft bought the company, and later set it free but in the meantime, SCO developed Xenix System V. Caldera bought AT&T UNIX System V, a.k.a. UNIXWARE. They later merged with SCO.
Then, there’s BSD which was originally based on UNIX version 7.