Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Researcher Set to Announce 20 Zero-Day Holes in Mac OS X

If all the Mac bashing people who wish to make Mac OS just as bad as Windows keep repeatedly announcing the fact that the Mac OS doesn't get viruses is because of obscurity, doesn't that make their whole story obscure? As in if no one really cared about the Mac, then why make such a fuss about its security?
 
What about us in the suburbs? Are we considered Linux or something? :p
 
millertime021 said:
I'm just saying that no software is perfect. There have been instances where a few virus/trojans have appeared for OS X. Granted it was 10.5 but maybe its "perfect" now, but give people time. If someone really wants to make a trojan for OS X they will.
Click to expand...

NEVER been a virus (at least not for OS X) and only a couple trojans.
 
Ca$hflow said:
I suppose viruses and security holes are two separate things. Trojans a third? How many more bad things are there?
Click to expand...

You are correct. Both Viruses and Trojans are very aptly named, if you know a thing or two about history and medicine.

A Virus is a self replicating program that requires no human interaction to spread. To do this it must take advantages of "holes" in a system, because systems are not designed to allow a program to do this for obvious reasons. A security hole may enable the creation of a Virus, however often times you need a number of holes in a number of layers in order to create an effective virus.

In simple terms, it's no use having a hole that allows you to enter a machine, if there is not a second hole that allows you to reproduce, and yet another hole that allows you to transmit yourself undetected to other machines.

Quite differently is a Trojan. Just like the horse, this is just a program designed to look like something else. No system is immune to these, because you are tricking the computer user into thinking they are doing one thing, when really they are doing something else. If I rename your Chrome browser to "Firefox", that is a Trojan, just not a harmful one. If I write a destructive Apple Script and call it "photoshop", that is also a Trojan, and there is no security hole that needs to be taken advantage of.

The analogy goes back to the Human immune system. You can have a kickass immune system that doesn't let any viruses in, nor reproduce, and certainly not transmit. That doesn't mean that if your friend hands you Neosporin for your large cut, and really it's just a big ol' bottle of AIDS you're rubbing on your wound, that you aren't @#$%ed.

As long as the User has the ability to be destructive to a system they own, a Trojan will be a viable way of doing damage.
 
mabaker said:
Needless to say I remember this very topic in 2006 when first “virus" aka trojan to Mac OS was introduced:
Click to expand...

A Trojan is not a Virus. A Virus requires a exploiting a flaw in your system in order to perform actions that are not authorized.
A Trojan on the other hand tricks the user into providing credentials and installing the program. There is little that can be done to harden a system against Trojans while still allowing the user to run unsigned apps.

A Virus gains power by exploiting the system
A Trojan gains power by exploiting the user.
 
rerelease said:
You'd think that an OS with 5%-10% of the market share would have 5%-10% of the viruses...
Click to expand...

I've been saying this for years but I guess the allure of botnet comprised of the worlds most unsecure operating system is just not a big enough draw for most hackers. Even script kiddies won't touch that scant marketshare :cool:, even though it'd be a walk in the park (or so i'm told).
 
Great thing to announce!

Hey why don't you post plans for a neutron bomb?

Get a life and leave Apple alone!
:mad:
 
zombiedictator said:
More secure than what? Windows XP yes. Windows Vista? Maybe. Windows 7? Hell no.
Click to expand...

There's nothing in Windows 7 that makes it more secure than OS X technically, besides full ASLR, considering that UAC and the system's other security measures are regularly and easily bypassed by malware.

CharlieMiller said:
So until this year, applications on Apple were way easier to exploit than Windows. This is because Apple had weak ASLR and no DEP while Windows had full ASLR and DEP. This year, Snow Leopard has DEP, so its no longer trivial to exploit. In fact, I have lots of bugs in Safari that I easily could have exploited on Leopard but will be very difficult on Snow Leopard. So it used to be that that it was much worse, but now its mostly comparable (although still slightly behind)

RuntPacket: How effective do you think various exploit mitigation technologies are in deterring exploitation? If OSX could get real ASLR of all userland and kernel space, would your job get a substantially harder?

It'd be harder. Right now they have DEP+some ASLR. Of the executable code, which is what you really care about for DEP bypass, they randomize all but one library and the executable. So the amount of code you have is already small (so its already hard), but it'd be way harder if there was NONE - which is what full ALSR would give you.
Click to expand...
 
no over achieving viruses on the Mac

:rolleyes:

AMP Radio

:cool:


These are viruses that didn't really apply themselves when the teachers asked them too.
 
IntelliUser said:
There's nothing in Windows 7 that makes it more secure than OS X technically, besides full ASLR, considering that UAC and the system's other security measures are regularly and easily bypassed by malware.
Click to expand...

The biggest security threat to both Windows 7 and Mac OS X is the end-user.
 
Windows 7 is as vulnerable as any other Windows OS if nothing is installed to keep Viruses, etc. off of it. UAC helps, but doesn't cure all of it. But the bigger/biggest hole on Windows 7, or any OS for that matter, is the person sitting at the keyboard...
 
munk-eee said:
Yeah actually, there have been no proof of concept or real VIRUSES written. Maybe it can be done, but no one has been able to do it. Yes there are Torjans out there that require someone to fall for it, but these are 2 different animals. Find me self-propagating virus and I will be worried.
Click to expand...

Here you go,

"Security alert, email this to all of your friends!!!!!!

New virus found for the Mac. Protect yourself now!!!!!!!!!!

Here is how to protect yourself:

1. Forward this to all of your friends first. Everyone needs to help get the word out. DO THIS FIRST!

2. Open up your computer and find your hard drive. It looks like this [attached image].

3. take a magnetic tape bulk eraser, attach it to the hard drive of your computer. plug it in and let it run for 15 minutes. This will send out alternating magnetic fields that will demagnetize the bytes that store any viruses in your computer. This will let the bites harmlessly fly away. (You will not kill the virus, just make it no longer dangerous and set it free.)

Remember, tell your friends first, then demagnetize your viruses. DO THIS NOW!"
 
Earendil said:
A Virus is a self replicating program that requires no human interaction to spread. To do this it must take advantages of "holes" in a system, because systems are not designed to allow a program to do this for obvious reasons. A security hole may enable the creation of a Virus, however often times you need a number of holes in a number of layers in order to create an effective virus.
Click to expand...

Wrong, wrong, wrong.

When will people who know zip about security stop trying to talk with authority?

A security hole is just that, a security hole. It could be that you have services enabled with default passwords. It could be a buffer overflow that allows an application to crash based on a certain type of user input, or allows you to execute code by having bad stuff overwrite the buffer of a memory allocated for system use. Heck, it could be you forgetting to lock you machine when you go to the bathroom.

A virus is a malicious application that requires manual execution. A WORM is a self-replicating application that propagates itself through a transport method (USB, network, etc). Typically this is a system-level bug that most commonly spreads through open Windows shares.

Quite differently is a Trojan. Just like the horse, this is just a program designed to look like something else. No system is immune to these, because you are tricking the computer user into thinking they are doing one thing, when really they are doing something else.If I rename your Chrome browser to "Firefox", that is a Trojan, just not a harmful one.
Click to expand...

Oh...God. Please stop talking.

A trojan is an application that hides in the background that leaves a backdoor for remote access and control, not "I renamed your shortcut".
 
Although Windows machines are more targeted than Macs, the amount of threats Macs receive isn't proportional to the amount by which their user base is smaller, it's far less.

I just remembered the time when each time you reinstalled Windows XP (the first one, without any service packs), on the first boot when you were connected to the internet (and every subsequent boot until you found the solution), a message would greet you saying that some process has failed and the computer will power off in 45 seconds. You had 45 seconds to find the solution each time, or else the system would crash. It was caused by some code that automatically attacked any computer that had that specific security hole. Temporarily stopping it was as simple as relaunching the process that failed, but finding how to do that on various forums took ages with your computer rebooting every 45 seconds.

Even with the best anti-virus software installed, my Windows machines would still get viruses and the anti-virus software would just say "unable to remove the file" all the time. You had to manually find it an delete it.

Just some old memories... Fortunately...
 
WestonHarvey1 said:
What I also liked in that story is how her car was "always" getting stolen. How many times was it stolen? The same car? Recovered multiple times, only to be stolen again? Or kept buying new ones? And she never learned?

I have family in the country, and they do indeed leave doors unlocked. But they're also smart people, and understand that you don't do that in the city.
Click to expand...
It was a toyota camry that was stolen and recovered four different times.
I never said she was very smart.
Just like it's not very smart to assume your operating system will never have security vulnerabilities.
 
baryon said:
I just remembered the time when each time you reinstalled Windows XP (the first one, without any service packs), on the first boot when you were connected to the internet (and every subsequent boot until you found the solution), a message would greet you saying that some process has failed and the computer will power off in 45 seconds. You had 45 seconds to find the solution each time, or else the system would crash. It was caused by some code that automatically attacked any computer that had that specific security hole. Temporarily stopping it was as simple as relaunching the process that failed, but finding how to do that on various forums took ages with your computer rebooting every 45 seconds.
Click to expand...

Conficker

That was so halarious. The world was in panic mode waiting for the "ultimate payload" to release all over the interwebz and disable the world haha.
 
Are the trolls that run rampant on these forums paid by someone? Or to they just have nothing better to do with their lives?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back