Oh I see. You make the claim, and then when asked to back it up, you can't/won't.
Gotcha.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Researcher Set to Announce 20 Zero-Day Holes in Mac OS X
- Thread starter MacRumors
- Start date
- Sort by reaction score
Oh I see. You make the claim, and then when asked to back it up, you can't/won't.
Gotcha.
These vulnerabilities are usually only relevant for breaking in to or disrupting servers. On a normal Mac workstation, there is a firewall protecting you. For viruses, breaking in is only half the battle. They also have to do something meaningful. I don't expect we will have the same problems as Windows if market share reaches 90%. Even Windows will probably get better eventually. Their legacy stuff is usually the culprit for these viruses. If there are major vulnerabilities (like on windows), Apple is more likely to shift to a new technology then Microsoft who likes to continues to put patches on a poorly designed technology because they don't want to support two products. Apple would just drop the bad technology and support the new one. Look at Flash for example. They don't want to support bad technology so they omit it from the iPad. That forces the industry to switch from it instead of letting it drag on forever.
Or perhaps your so alarmist that you want to give the illusion of FUD when there is really no tangible proof of such. What am I going to protect myself from? Script kiddies? Ok. I'll stay away from Warez and not give my password to every application that asks for it. Done. What are these potentials you speak of? Is a threat tangible? Where is it? Please direct me to a credible hacker who is planning to takeover all of my mac boxes remotely.
It's a blatant dialog box that says "Windows will restart your computer in 15 minutes". And it did.
For the ports that are used for exploits of safari and safari related services the type of traffic that can pass through is preconfigured by the team that produces ipfw and then further modified by apple for its needs.
Edit: This is relevent if ipfw is enabled which it is not by default.
Second Edit: I was double wrong, exploitation using these methods are not uncommon in the wild. But, it is rare in the wild in OS X because the impact of such exploitation in Mac OS X is limited by the low incidence rate of privilege escalation exploits and user space security mitigations that prevent keyloggers and other malware from logging security sensitive passwords, such as from authentication prompts or website logins, without privilege escalation. BTW, user interaction is required to hack a Mac via a crossover cable as the user has to allow "Internet Sharing" in System Preferences. Man-in-the-middle attacks facilitate these methods on wireless networks. Navigating to a malicious website facilitates these methods across the web.
Last edited:
Do you feel threatened because someone else is also posting irrelevant
responses?
Did you patent "responding to a post on a message board with a
completely irrelevant post"?
It is the case. Read up on the security technologies behind both and you'll see that 7 is more secure than OSX. Only with snow leopard did apple start building in these technologies, but not completely. ASLR is still have half assed implementation.
Also when people say 7 is more secure than OSX they are referring to the hacker in this article that said 7 is more secure. Though he also said OSX was safer. Which works with your analogy.
I visit said sites and I will admit to it, in any flavor of windows, and still never had a virus.
Same thing. Both require authorization from the user.
I agree wholeheartedly. Plus, the iTunes music store operation runs on Mac OS. Millions of credit card numbers are the prize if someone can hack into those servers. In addition to the egg on the face for Apple, I'd assume that would be a huuuuge incentive for someone to try, no? I've never said that Macs are secure. I think that's impossible for any OS. I'll take the one that's less targeted though.
My Windows machine sat online for 24 hours and got a virus just sitting there. My Mac is online 24 hours a day for a year and has never gotten a single one. Biggest threat to OS X is weak passwords. Like any UNIX based OS, once someone gets an admin password, they pretty much own the machine.
Mac OS X isn't perfect, so i'm sure people will continue to find "holes" in it. as long as apple continues to fix those holes, OS X will continue to be great
Oh I see. You make the claim, and then when asked to back it up, you can't/won't.
Gotcha.
I said the proof is on the net by researching miller's exploits. Quit being lazy!
Pretty damn much but some people are so damn blind that Apple could do no wrong to them.
Me an alarmist? I'm in IT, I work with Infrastructure of course I see this stuff happen every damn day. You can be as blind and naive as you want but the threats are out there. Its like being promiscuous without protection. One day your going to wake up and your junks going to fall off.
That's not what it says at all. It doesn't auto restart. It lets you postpone the reminder message. You aren't stopping a restart. Though if you click the button it will restart.
I have win7 on 4 computers here. I am aware of the dialog box. I've left it up all day long with no restart.
I guess I should have said safer, because I do stand by that. And, while I believe you may have been lucky at said sites, I've fixed an almost uncountable amount of Windows boxes due to that issue.
As I said to people in my Java course, you cannot judge the lack of Windows viruses by them (or some people here) because we're talking about people who are aware of the issue and know how to protect themselves.
The likelihood of a novice user on Mac getting even a trojan is limited (but not zero), whereas the majority of novice users on Windows get infected regularly.
This is when the numbers come in. I believe if more was out there you'd see more Mac users in trouble because of the rights most users have. Most Mac users just blindly type the name and password in when the dialog comes up.
User Account Control without a password could be easily defeated. By default Windows UAC has no password. OSX authorization require password by default.
Exactly. Every os x security update fixes a lot of these. That means, before the update, there were security vulnerabilities. Think of all the security updates that apple released just for 10.5 in its lifetime. Before each of those updates, those were vulnerability that were "in the wild". You think you're safe just because you don't know.
People on this board continue to not remotely understand the difference between "security" and "safety".
The problem is that Apple has been quite slow to patch holes. Example? Java vulnerability that took them months to patch.
When I make claims, I expect to have to back them up via links/proof. Try it sometime. Yeah, I found it. It just amazes me that people make claims and can't post a simple friggin' link.
This is the real problem with OS X: it's fanbase. It's okay to love the OS/hardware. I do.
But as someone who loves the products, I expect Apple to be responsive and work on improving security, not just be complacent with the lack of attacks.
Apple fanboys should be rabidly pestering Apple to make it more secure, not bragging about how secure their OS, and how much they have nothing to worry about. It's like standing in a forest with camo on and yelling "shoot me". Sure, they probably won't hit you. Probably.
Possibly, but I still believe that Android is a great case for blowing the obscurity myth out the window. Malware writers went for the unprotected, unguarded (Android) store with a much lower market share, rather than trying for the iPhone, which has a much larger market share to attack.
The likelihood of a novice user on a Mac getting a trojan is zero because the recent most trojans are blocked by SL's anti malware , and as far as we now there are no new iterations of the payload, nor any new threats.
But for every leopard et al...yeah...
Sitting in a speeding car towards a brick wall with your seat belt on you're secure. Doesn't mean you're safe!
The reason for this is because Android's reach. It spans pretty far when you look at potential. Multiple carriers, multiple manufacturers, multiple markets, etc. You are right the straight up numbers aren't in place yet, HOWEVER, its span and potential are.
I think its just a different way of looking at though, I am not discounting what you are saying.