Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Does this mean OSX isn't secure? :(

yellow said:
Personally I think 80% of the people that discuss "security" randomly on forums don't really understand what makes a machine "secure" and what doesn't (including me). Like so many other internet-y things they end up as regurgitations of information skimmed from articles and blogs here, there and every where. Sadly, these regurgitations have a way of becoming "fact" and "truth" when there's either minimal truth or none at all. If enough people on the internet say it's true, then it must be true! :)

There's an absolute TON of moving parts in the machine of "security". Being able to call an OS "secure" or "insecure" takes a very deep understanding of all the parts involved. Something that few folks really have. It's just to easy to play the armchair "expert" and take up the call and promote FUD.

Undoubtedly there are mind-boggling amounts of exploits in Mac OS X & Windows, some of them so obscure that only the truly gifted could find them. But find them they will. Write articles about they they will. Eventually someone will take the info and twist the facts to use for self-serving purposes.

Personally, maybe the claim that Vista is more secure than Mac OS X is true. Why? Because no one is running it. Therefore, security by obscurity plays in Vista's favor. ;)

All I know is 90% of what all my colleagues are doing right now is dealing with Windows viruses. It'd been more or less quiet for quite some time and suddenly in the last 3 months..
Click to expand...

Basically it boils down to this: OS X (including SL) is safer than Windows. It is not more secure than Windows. Safe != Secure.

Once Apple implements full ASLR with NX, it will be as secure as Win7 64-bit. Miller has said in another interview (which I can hunt down if you wish) that he suspects that once Apple flips the switch to full 64-bit, they will implement this, possibly in a later SL patch.
 
polaris20 said:
Basically it boils down to this: OS X (including SL) is safer than Windows. It is not more secure than Windows. Safe != Secure.

Once Apple implements full ASLR with NX, it will be as secure as Win7 64-bit. Miller has said in another interview (which I can hunt down if you wish) that he suspects that once Apple flips the switch to full 64-bit, they will implement this, possibly in a later SL patch.
Click to expand...

I need to research some of that goodness. :) I do agree " Safe != Secure".
 
NO the fact is i can put together such list to make you buy my software too...
Other fact is that only TWO trojans from that list work on snow leopard... and that is DNSchanger trojan variants and iservices trojan... others are OLD and dont work on modern systems!
 
coolbits said:
Where did i say it is fully secure?
I just said there are only two trojans for now and both being detected by snow leopard.
Click to expand...

Oh man! Of course the are detected, but not because SL has a especial tool to detect malware. It's just that recognition for those two has been built up. If a new one comes around, it won't detect it.
 
maflynn said:
OSX, the system potentially can be more protected thanks to its unix roots, but until we start seeing actual malware in the wild for OSX any potential damage that can be wrought is pure speculation.
Click to expand...

That's plain false, as discussed previously. No application can write on system files on either OS. OSX is as safe as Windows in that respect (but not others).
 
coolbits said:
NO the fact is i can put together such list to make you buy my software too...
Other fact is that only TWO trojans from that list work on snow leopard... and that is DNSchanger trojan variants and iservices trojan... others are OLD and dont work on modern systems!
Click to expand...

You're saying both lists are fabricated and that somehow none of those trojans, except two, will work on Snow Leopard.

If it's fact, then you will provide proof. Simply making a statement on a forum is not proof and does not make it fact.

I am willing to take Symantec's word over yours when it comes to security, because, quite honestly, you have proven time and again that you have very little knowledge of the subject. I mean claiming spyware has no link to any trojan is quite silly. You think people actually clink on links and download files that are not disguised? It is evident you do not know the definition of "trojan".
 
belvdr said:
I need to research some of that goodness. :) I do agree " Safe != Secure".
Click to expand...

When the guys that do the hacking still recommend OS X anyway, and not only that say that AV still isn't necessary, I'm not going to be too particularly worried yet.

I'm a bit "tinfoil hat"-ish anyway, as I run NoScript in FF, as well as iAntivirus too, and do periodic scans with Clam XAV.

I also run an Untangle server that does Virus, Spyware, IPS, and Phishing protection at home, as well as something similar at work.

I really think Apple is working their way towards full ASLR, and I think it's just a case of getting the devs onboard with 64-bit before flipping the switch and making the 64bit kernel the default one.
 
Macmel said:
Oh man! Of course the are detected, but not because SL has a especial tool to detect malware. It's just that recognition for those two has been built up. If a new one comes around, it won't detect it.
Click to expand...

I know its just a .plist but when new trojans comes arround, im sure apple will update this list.
As for now there are only these two trojans that are a threat. Dont you think apple would include others in this list if existed?
 
coolbits said:
I know its just a .plist but when new trojans comes arround, im sure apple will update this list.
As for now there are only these two trojans that are a threat. Dont you think apple would include others in this list if existed?
Click to expand...

That's not their primary business.
 
coolbits said:
Ok... but you cant compare legit sftware with a trojan please :)
Click to expand...

I didn't say that. I said it was one of those that can be coupled within a trojan.

I'm still waiting on proof that only two of the trojans listed in either of my links works on 10.6.
 
belvdr said:
I didn't say that. I said it was one of those that can be coupled within a trojan.

I'm still waiting on proof that only two of the trojans listed in either of my links works on 10.6.
Click to expand...

Just look at all UNINFECTED mac-s... isnt that enough?
Dont you think that if someones scanner found something on his mac, he would report it somewhere? Like on macrumors for example?
 
coolbits said:
Just look at all UNINFECTED mac-s... isnt that enough?
Dont you think that if someones scanner found something on his mac, he would report it somewhere? Like on macrumors for example?
Click to expand...

That's a lot of assuming and you're using that as evidence. If you're going to make a statement, such as "only two trojans work on 10.6", you can't use assumptions as the basis for a statement of fact.
 
dejo said:
Is this page supposed to provide any details on the items listed? Just seems like a huge list to me.
Click to expand...

I couldn't get past any of it either, but googling around each one revealed other companies saw it as well.
 
darkpaw said:
Putting aside all the arguments about market share, I've had Macs since March 2000, and I've never had a virus or trojan.

I can often be found fixing a friend's Windows box because it's been infected, even though they have AVG anti-virus and SpyBot running.

I'm not saying this as a fanboi, it's simple. In my experience of the past ten years, Windows has had more problems that have adversely affected users and lost/corrupted their data. All my friends with Macs have not had any problems like that.
Click to expand...

+1 I've worked in IT longer then I care to admit and I've never seen mac problems, but windows problems keep me employed (Thank you Vista! Thank you Office! (Outlook especially!))
 
belvdr said:
That's a lot of assuming and you're using that as evidence. If you're going to make a statement, such as "only two trojans work on 10.6", you can't use assumptions as the basis for a statement of fact.
Click to expand...

Same as you assume, that trojans can infect macs because an commercal antivirus company has some list of possible trojans and keyloggers.
Show me an infected OSX computer with leopard or snow leopard with any of those, other than i mentioned, trojans... then i will belive :)
 
coolbits said:
Same as you assume, that trojans can infect macs because an commercal antivirus company has some list of possible trojans and keyloggers.
Show me an infected OSX computer with leopard or snow leopard with any of those, other than i mentioned, trojans... then i will belive :)
Click to expand...

I'm not risking my only Mac to prove a point.

You are making statements as fact, and have yet to provide proof. Plain and simple. You are assuming these vendors are making up these lists, which is the silliest notion I have ever heard of.
 
What exactly is the argument here? That OS X is as secure as Windows, or that it's safer and more "problem-free"?

I can't say I can even keep track at this point.
 
belvdr wants to convince me that a ful list, that he found on a commercial antivirus site, of trojans and keyloggers exist in the wild for osx and macs get infected with those all the time...
But he cant find a single infected MAC or a user with such problem... :)
And i cant proove that they dont exist because they dont exist... simple.
This was the argument on the last page... :)
 
coolbits said:
belvdr wants to convince me that a ful list, that he found on a commercial antivirus site, of trojans and keyloggers exist in the wild for osx and macs get infected with those all the time...
But he cant find a single infected MAC or a user with such problem... :)
And i cant proove that they dont exist because they dont exist... simple.
This was the argument on the last page... :)
Click to expand...

You make no sense whatsoever and it was _not_ the argument. I didn't say they got infected all the time. Never did I say that. Nor did I say I couldn't find a single infected Mac (it is Mac, not MAC).

I said I'm not risking my only Mac to attempt to prove your point. You made the claim that:

1. Only two of these trojans work on 10.6
2. The commercial vendors fabricated the list.

So it's your burden to prove it, not mine. Why should I be expected to provide proof against your claims? That's not the way it works.
 
You want proof.
Ok check out this .plist if you are on snow leopard:
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist

Inside you have footprints for two trojans, that means two realworld threats...
OSX.RSPlug.A and OSX.Iservice

Dont you think that if more existed apple would include them?
 
coolbits said:
You want proof.
Ok check out this .plist if you are on snow leopard:
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist

Inside you have footprints for two trojans, that means two realworld threats...
OSX.RSPlug.A and OSX.Iservice

Dont you think that if more existed apple would include them?
Click to expand...

No I don't. Again you're making assumptions and stating them as fact. It doesn't mean those are the only two, nor does it mean all other trojans somehow don't work on 10.6.

Maybe those definitions are based solely on what has been seen in the past on pirated Apple products.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back