Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Does this mean OSX isn't secure? :(

Tesselator said:
Not just rumor! MIT proves this with every new release. I haven't followed it since Vista Ultimate 64 (so I dunno about Win7 - I'm SURE it's the same thing!). It started with Win95 IIRC. Microsoft even admitted it for one of their OS's - I forget which. This is very common knowledge in real security circles in academia. I doubt Charlie Miller (LOL!!!) would have a clue. According to MIT the backdoors take on several different forms - some more detectable than others.

You can easily verify this yourself just by searching in Google. So unless your browser is busted or something don't waste my time asking for proof and details. Rather just type in something like: "government backdoor in Microsoft windows" or "NSA backdoor in Windows" and read it for yourself.

http://www.google.com/search?client...ckdoor+in+Microsoft+windows&ie=UTF-8&oe=UTF-8
http://www.google.com/search?hl=en&...A+backdoor+in+Microsoft+windows&aq=f&oq=&aqi=
http://www.linuxtoday.com/news_story.php3?ltsn=1999-09-03-007-10-SC
etc. etc. etc.



.
Click to expand...

I'm sure MS would prefer everyone to be arguing conspiracy theories (which are ultimately very hard to back up with actual PROOF) rather than discussing the more damning things which we know actually happened in the real world. Like the multiple lawsuits regarding the theft of intellectual property from smaller developers, all resulting in gag orders.

Even discussing this diverts discussion away from the abhorrent trainwreck that was Windows Vista - which Microsoft desperately want us to forget about.

:)
 
Personally I find the idea silly. If the NSA wants into your computer, they have the resources to get in there over lunch. If the NSA wants to get into your computer, they will - back door or none. They have the budget to do this. They will get in using the same techniques that regular hackers use. They do not need a back door - achieving such safety from the government is nigh on impossible for most legitimate citizens. Of course, if you are worried about the NSA hacking into your computer, that should be the least of your problems.

ETA: Macs are incredibly secure systems overall due to their architecture, but nobody should think that they are unbeatable by someone with the right resources and will.
 
Well one way to avoid this since M$ is providing back doors and sending computers to the NSA is to wear your tin-foil hats. That way the satellites won't read your thoughts :p

seriously this thread has turned into one of extreme paranoia.

The OP's thread was about OSX's security, not men in black using supposed back doors to peek into your computer.
 
TommyCo said:
I'm sure MS would prefer everyone to be arguing conspiracy theories (which are ultimately very hard to back up with actual PROOF) rather than discussing the more damning things which we know actually happened in the real world. Like the multiple lawsuits regarding the theft of intellectual property from smaller developers, all resulting in gag orders.

Even discussing this diverts discussion away from the abhorrent trainwreck that was Windows Vista - which Microsoft desperately want us to forget about.

:)
Click to expand...

Excellent points!



Thanks for the merge Yellow!



EDIT: Also there's no conspiracy theory here and the idea has nothing to do with paranoia! We're discussing the security of operating systems. To most people that means knowing basically what can or what does go in and out over the communication lines. This NSA (etc.) backdoor falls into the category of what can - proven beyond any doubts. What they actually do or do with what they get I have no idea. With all the eugenics in higher government and that being the very core essence of both IBM and Microsoft I would imagine it's profiling population segments and monitoring temperament, etc. That's only my own guess tho.
 
Personally I think 80% of the people that discuss "security" randomly on forums don't really understand what makes a machine "secure" and what doesn't (including me). Like so many other internet-y things they end up as regurgitations of information skimmed from articles and blogs here, there and every where. Sadly, these regurgitations have a way of becoming "fact" and "truth" when there's either minimal truth or none at all. If enough people on the internet say it's true, then it must be true! :)

There's an absolute TON of moving parts in the machine of "security". Being able to call an OS "secure" or "insecure" takes a very deep understanding of all the parts involved. Something that few folks really have. It's just to easy to play the armchair "expert" and take up the call and promote FUD.

Undoubtedly there are mind-boggling amounts of exploits in Mac OS X & Windows, some of them so obscure that only the truly gifted could find them. But find them they will. Write articles about they they will. Eventually someone will take the info and twist the facts to use for self-serving purposes.

Personally, maybe the claim that Vista is more secure than Mac OS X is true. Why? Because no one is running it. Therefore, security by obscurity plays in Vista's favor. ;)

All I know is 90% of what all my colleagues are doing right now is dealing with Windows viruses. It'd been more or less quiet for quite some time and suddenly in the last 3 months..
 
maflynn said:
Well one way to avoid this since M$ is providing back doors and sending computers to the NSA is to wear your tin-foil hats. That way the satellites won't read your thoughts :p

seriously this thread has turned into one of extreme paranoia.

The OP's thread was about OSX's security, not men in black using supposed back doors to peek into your computer.
Click to expand...

However this is to be expected, after all this is the inter-webs. Who's first to throw in the obligatory nazi comment?

Oh dang I guess I've already done it.. :D
 
Well duh OS X isn't as secure. It hasn't been targeted by as many virus's or spyware crap like Windows has. Windows is very secure - It's a lot harder to get a genuine virus then it used to be (trojans and bots are another story).

OS X isn't secure, but it's safer.

Having said that, I too am amazed that Apple didn't add in the randomizing of the location code is executed (whatever it's called). I'm pretty sure even XP SP2 has that, there's no reason why SL shouldn't.
 
thejadedmonkey said:
OS X isn't secure, but it's safer.
Click to expand...

Eh? That makes absolutely no sense.

security |siˈkyoŏritē|
noun ( pl. -ties)
1 the state of being free from danger or threat : the system is designed to provide maximum security against toxic spills | job security.
• the safety of a state or organization against criminal activity such as terrorism, theft, or espionage : a matter of national security.
procedures followed or measures taken to ensure such safety : amid tight security the presidents met in the Colombian resort.
• the state of feeling safe, stable, and free from fear or anxiety : this man could give the emotional security she needed.

PHRASES
on security of something using something as a guarantee.
ORIGIN late Middle English : from Old French securite or Latin securitas, from securus ‘free from care’ (see secure ).
Click to expand...
 
thejadedmonkey said:
OS X isn't secure, but it's safer.
Click to expand...

TommyCo said:
Eh? That makes absolutely no sense.
Click to expand...

That makes perfect sense. We don't have a measure of how well OSX can withstand viruses because they're haven't had too many.

Take a page from biology. Someone who isn't exposed to real viruses/bacteria is safer because he's not exposed to them, but his immune system is less developed because of that so he's actually less able to fight something off if he was sick.

Likewise with computers and security. All of the low hanging fruit, if you will has been addressed with windows. Most of the obvious glaring holes have been closed because of continue threat of malware and viruses. Not so with OSX. They're may not be too many low hanging fruit, but we really don't know that until the system is tested.
 
windywoo said:
95% and yes, it can be that. Why take the time to learn the vulnerabilities of an OS that is only on 5% of machines worldwide when you can write a virus and hit a potential 95%? E-peen counts for less than Mac users like to believe in the virus writing community. After all, when the hackers come together at conferences the machines they break fastest are Macs.
Click to expand...

Why do people band this about. Most servers are either UNIX or Unix Like. Guess where the important information is kept? Servers!
Guess what OS X is based on? UNIX!

OS X is potentially part of the larger target because when people see a UNIX box, they think server!
 
maflynn said:
That makes perfect sense. We don't have a measure of how well OSX can withstand viruses because they're haven't had too many.

Take a page from biology. Someone who isn't exposed to real viruses/bacteria is safer because he's not exposed to them, but his immune system is less developed because of that so he's actually less able to fight something off if he was sick.

Likewise with computers and security. All of the low hanging fruit, if you will has been addressed with windows. Most of the obvious glaring holes have been closed because of continue threat of malware and viruses. Not so with OSX. They're may not be too many low hanging fruit, but we really don't know that until the system is tested.
Click to expand...

But in the case of OSX, these assumptions are based on a track record of a lack of malicious software. Considering OSX has been running on intel hardware for 3 years now (meaning that PPC hardware differences are no longer a factor) I think that's impressive.

OSX and Windows are based on fundamentally different core frameworks, predictions made for the nature of one, directly based on the evident nature of the other, can only be purely speculative. OSX is built fundamentally differently to windows and as such, it deals with access differently. To use a biological analogy, its like the difference between a tree and a dog if you are an influenza virus.

This isn't to say OSX is infallible to security attacks, there may well be some in the near future, but as is the nature of OSX by design its much harder to get in. I don't believe that macs are neglected by people who devise malicious software simply because there are more PCs in the world. Its just more difficult to get in through the cracks.

On the other hand, if OSX is a sitting duck with an underdeveloped immune system, do you think that in the three years its been on an intel platform its simply been ignored by hackers?
 
maflynn said:
That makes perfect sense. We don't have a measure of how well OSX can withstand viruses because they're haven't had too many.

Take a page from biology. Someone who isn't exposed to real viruses/bacteria is safer because he's not exposed to them, but his immune system is less developed because of that so he's actually less able to fight something off if he was sick.

Likewise with computers and security. All of the low hanging fruit, if you will has been addressed with windows. Most of the obvious glaring holes have been closed because of continue threat of malware and viruses. Not so with OSX. They're may not be too many low hanging fruit, but we really don't know that until the system is tested.
Click to expand...

Let's not start with the "Security Through Obscurity" myth.

It just doesn't hold water.
 
Darth.Titan said:
Let's not start with the "Security Through Obscurity" myth.

It just doesn't hold water.
Click to expand...

It's more then a myth and recent attempts by hackers have shown it. The bottom line is that OSX has not drawn too much attention from hackers and such, and to that end, it appears to be more secure OS then it really is. Just because you link one article saying the opposite, that OSX is virtually impenetrable because of its unix underpinnings does not make for a persuasive argument, especially in light at how quickly hackers have been able to compromise safari, and the keyboard exploit.
 
maflynn said:
It's more then a myth and recent attempts by hackers have shown it. The bottom line is that OSX has not drawn too much attention from hackers and such, and to that end, it appears to be more secure OS then it really is. Just because you link one article saying the opposite, that OSX is virtually impenetrable because of its unix underpinnings does not make for a persuasive argument, especially in light at how quickly hackers have been able to compromise safari, and the keyboard exploit.
Click to expand...

Using your logic, the fact that Safari has been compromised recently should provide evidence that OSX is fundamentally secure as an operating system.

There was a flaw in Safari - a perfect opportunity to cause some mischief. Did any new viruses break through the hole?
 
OS X is safer because you have to authenticate to do anything dangerous. This is because you're not running as a "root" user all the time, which is what you have to do in WinXP for most programs to work correctly.

Sure, you can still get malware on a Mac if you download and install it (and by install I mean type in your password, installer goes to town doing naughty things), but "driveby" walware from websites, or actual viruses attacking you over the network, are non-existent on Macs.
 
From a technical standpoint OSX is less secure than Windows, thats a proven fact. From a real world stand point Windows is less secure than OSX since there are so many websites that target its flaws where OSX is just now starting to see a small number of websites take advantage of it.

People who think they know more about hacking than professionals that actually hacked macs will say its more secure and give bogus excuses, but its been proven multiple times that OSX is unsafe.
 
stainlessliquid said:
From a technical standpoint OSX is less secure than Windows, thats a proven fact. From a real world stand point Windows is less secure than OSX since there are so many websites that target its flaws where OSX is just now starting to see a small number of websites take advantage of it.

People who think they know more about hacking than professionals that actually hacked macs will say its more secure and give bogus excuses, but its been proven multiple times that OSX is unsafe.
Click to expand...

Can we see such proof please?
 
TommyCo said:
But in the case of OSX, these assumptions are based on a track record of a lack of malicious software. Considering OSX has been running on intel hardware for 3 years now (meaning that PPC hardware differences are no longer a factor) I think that's impressive.

OSX and Windows are based on fundamentally different core frameworks, predictions made for the nature of one, directly based on the evident nature of the other, can only be purely speculative. OSX is built fundamentally differently to windows and as such, it deals with access differently. To use a biological analogy, its like the difference between a tree and a dog if you are an influenza virus.

This isn't to say OSX is infallible to security attacks, there may well be some in the near future, but as is the nature of OSX by design its much harder to get in. I don't believe that macs are neglected by people who devise malicious software simply because there are more PCs in the world. Its just more difficult to get in through the cracks.

On the other hand, if OSX is a sitting duck with an underdeveloped immune system, do you think that in the three years its been on an intel platform its simply been ignored by hackers?
Click to expand...

So you say that PPC vs Intel should not be a factor BUT then you say that they are so different as a tree and a dog. Basically, I understand, any virus developer would have to know Mac programming to do it and not merely tweak the windows code, right? So just like when it was PPC, right?.

This is absolutely obvious: there are no virus for Mac because there are no Macs. In population terms, Macs are unexistant: Vast majority of them are concentrated in the US and almost never they are used in big corporate environments. They are like 8% of the total number of computers in the world. Who would learn MAc programming and go through the hassle of designing a virus (for which you could go to jail, depending on the damage caused) for such a small piece of the cake. Nonsense.
 
stainlessliquid said:
From a technical standpoint OSX is less secure than Windows, thats a proven fact.
Click to expand...

Umm, no. Sure, driver bugs and such (especially wireless/network drivers) occasionally pop up that would allow an attacker to execute arbitrary code, but the same is true of Windows. Fundamental design concepts inherent to UNIX (and thus OS X) make the OS X much more secure from the ground up when compared to Windows (permissions model, user model, etc.), ESPECIALLY when dealing with users who will download, install, and execute binary code from a variety of questionable websites (click here for kool screensaver and a botnet installer!).

stainlessliquid said:
People who think they know more about hacking than professionals that actually hacked macs will say its more secure and give bogus excuses, but its been proven multiple times that OSX is unsafe.
Click to expand...
Please cite a study or metastudy analysis, or stop spouting unsupported BS. Nothing is completely secure unless it's turned off. Device driver flaws are found all the time, for both Mac and Windows.

It's all about automation and scale. A driveby malware installer at a popular website using ActiveX on Windows could infect zillions of machines easily. On a Mac, you'd have to download the malware, install it, authorize with a password, etc. The ability for someone to automatically, remotely infect your machine is much lower on a Mac.

Sure, some uber-hacker could own your machine by passing special wi-fi packets to break the driver (or something), but how often does something like that happen to your average Joe who's not surfing open wi-fi at Defcon. :eek:
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back