peharri,
I agree with your premise, but would like to rebut a couple of points you made that aren't entirely accurate based on the OS differences between Windows and Mac OS X.
peharri said:
I still don't think anyone's going to take security on the Mac that seriously until a major strike occurs. That will not happen for a while because the Mac's low penetration works against most virusses - that is, a virus needs a high probability of it hitting infectable computers in order for it to spread, and while Mac OS X languishes around the 2.5% mark, that's built-in security.
Your principle points are correct, i.e., market share and numbers being low makes the Mac a low priority target. However, it really depends on the intent of the attack. If someone creating malicious code for the Mac has the sole intent of making the lives of Mac users miserable by deleting all their files in the ~/Documents folder, well, that small market share isn't going to mean diddly to them. They're just angry, or bored, and want to cause harm.
peharri said:
Mac OS X isn't perfect, it's not even, by design, more secure than Windows NT/2000/XP when both operating systems are correctly set up. Windows NT/2000/XP end up being less secure through combinations of higher marketshare, and poorer default user-land security, but there are tools in NT/2000/XP that, were users using them properly, would make the OS very difficult indeed to get in to.
That's not entirely true. Mac OS X is, by design, more secure at the network layer than Windows. Apple chose the BSD network layer BECAUSE of its superior security record, and not performance for sure.
I need to point out "correctly set up" is a very relative statement. There are certain configurations that are insecure by nature because of the amount of utility needed by the user. Proper, or "correct", security practices go beyond the physical and software configuration of any machine. They involve an active participant to audit the machine based on the services running, and this includes user intervention in the form of manual software updates.
Windows "[ends] up being less secure through combinations" of poor programming practices and a legacy code base that is tens of millions of lines long, coupled with inadequate, system-level checks and balances that allow random processes to edit any file at will; including the registry. Mac OS X has, at least, a password mechanism for verifying and confirming software installs that are writing to private system directories. Windows does not do this, at all, ever! That's a very DUMB thing and has nothing to do with the user or his/her practices. It has to do with a fundamental design flaw in the Windows system architecture. Period. No code should be able to write to a system directory without admin/superuser approval. It's a check on malicious code that Microsoft STILL fails to address.
Beyond those items, I'm totally with you. Mac OS X users need to be less dismissive of exploits without at least educating themselves as to what they do and how they do it. Although, this particular exploit seems to have no facts to back it up. I'm not sure where this mysterious Symantec bulletin is, nor have I been able to find any sources, beyond the CNet article, to verify this supposed exploit even exists. I think CNet has gone to the dogs. I, for one, have pretty much given CNet the finger. There's nothing they say that seems worth reading these days. It's either uneducated opinion, or simply bogus FUD.
macnews said:
.......WARNING......
OS X is found to be volunerable for versions 10.0 - 10.4.7. A local exploit has recently been discovered which could create havoc for a mac OSX machine. The exploit is so powerful it can earse an entire hard drive, destroying all of your data. It can also allow the local intruder to gain access to all of your private information via Apple's Keychain utility - a program that stores your user name and password to internet sites like those used for banking and credit cards. The exploit is so powerful that once discovered it can even be used remotely.
LOL...you mean the install CD/DVD which will let you reset the password for any user and then you have COMPLETE control over the machine? That's an exploit that people seem to forget about, and is probably the greatest "local" threat to Mac OS X. Takes less than three minutes to implement and can be totally transparent to the user if you use the 'root' user as the object for the password change. I've done this just to mess with people. It's a lot easier than most might think to do and is the single greatest threat to Mac OS X security given there is no boot password for the Mac BIOS to prevent it.
