Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Viruses

Penn Jennings said:
Penn Jennings is my real name.
Click to expand...

What is your business email address for your place of employment?

I found a MySpace account with info that corresponds to the personal profile you provided but it does not provide an email address.

I am worried your credentials and the MySpace page are spoofs so I want to verify them before I take your word for anything.

It is just as easy to make a fake persona as it is to make a semi-anonymous one. Essentially, they are the same thing.
 
Last edited:
wpotere said:
and I am asking for you to back yours...

You can read me your resume all day and it won't mean squat to me. I want you to back the comments you have made. GGJ's comments are backed as all you have to do is a quick search to see that there are no active viruses in the wild.

Guess what, I have 17+ years in the industry and I still support what GGJ is posting.
Click to expand...

What statement of fact did I make that is not common knowledge?

"People get mugged in New York City, it's a fact". That should be common knowledge, I'm not going to go back that up.

"Mac OS X is NOT the most secure OS". I love it, I use it, I trust. It might be the most secure "Consumer OS". Out of the box though, it is not the most secure. Thats my opinion but I'm fairly certain thats true.
  • There is no audting on by default.
  • You can see other users files be default
  • Time Machine backups are in the clear.
  • The firewall is turn off by default.
  • Consumer services are on by default.
  • etc, etc.


What does 17+ years in the industry mean? Doing what exactly?

Supporting is fine, unless you are saying "There are no viruses on Mac OS X in the wild". The statement doesn't just apply to Apple Software, it also applies to Adobe plugins like flash, javascript, MySQL, etc. Unless you are a security researcher, work for a major security company or maybe Apple you can't begin to back that up. There have been enough arbitrary code execution vulnerabilities in the past on Mac OS X to raise serious questions about that. I doubt that a Mac virus would like a Windows virus.

There has been a sharp increase in targeted attacks and lets face it, Mac OS X does not get the scrutiny that Windows does when it comes to tracking new exploits. Targeted exploits sometimes go unreported, even on Windows where people make money looking for them. To find something, someone has to look. There is no money looking on Macs, so they will be under reported. Maybe Apple would tell us (cause they are always so forth coming).

However, again, I'm not trying to prove that their are or aren't. I never said that there were or were not.

.. And with this, it's safe to say this whole discussion is unproductive and I'm done with it.
 
LOL, you can't even answer the question! Sorry, I am not going any further with my resume as I don't need to (I can easily answer this question). I called you out and your response was "Google it". Many services are turned off by default, this is normal when you first setup an OS. Most backups are also made in the clear, this is also normal. If you are worried about your backups being made in the clear then you really need to analyze your network rather than just your computer.

Please tell me which OS's are more secure? I'm still waiting for an answer. So far your years of IT service hold little weight with me as it sounds like you Googled most of your information.
 
Penn Jennings said:
I never said that there were or were not.
Click to expand...
Actually, you did:
Penn Jennings said:
Thats actually false, there ARE Mac Viruses in the wild...
Click to expand...
Prove it.
Penn Jennings said:
.. And with this, it's safe to say this whole discussion is unproductive and I'm done with it.
Click to expand...
.... and another one throws in the towel without disproving my statement. I'll say it again: I welcome anyone to prove that there has ever been a virus in the wild that can infect Mac OS X, in the 10 years since it was released. You can prove this by simply naming ONE such virus.
 
I'm with Penn on this one. The relevant points have already been made in this thread. It's just spiraling downhill from here on out. If people truly want to believe false things then the consequences of believing those false things as applied to real life is their problem. I will only spend so much time on a futile effort.
 
I am not one to post...but

You can see other users files be default

Can you please explain this one. From what I understand and from years of troubleshooting the only files that are available to another user is the public or shared folder. In order to see another person's files you have to authenticate to their home folder. So files are not available to any user.The only way I know to access all the files on a mac is to activate the root user, which is not on by "default". Accessing files via root can be combatted by turning on filevault for that user.


Time Machine backups are in the clear.

Are we talking locally, or via a network(Time Capsule)? Locally, I would not see a reason why the data wouldn't be sent in the clear. I think it is a safe assessment to say that if you plug a hard drive into your mac and attempt a backup, then you know what you are doing and where the data is going. While sending data over a network, the WPA2 Algorithm protects the data transferred between the time capsule(the only apple supported way of doing a network backup via time machine) and the computer. Once you make that handshake with the time capsule, Using the WPA algorithm then you can transfer data. Anyone "listening in" on the connection will need the WPA2 key.

Now I could be wrong on all of this, and I will definitely educate myself a bit more. My opinion on AV is that you DO NOT NEED IT AT ALL. In the matter of fact, most AV stand in the way of time machine completing a successful backup (Especially the F$@$@% norton crap) , because it "scans" before you send the data, making the backup take forever to finish!! As soon as I see a virus in the wild for my mac, then I might worry. But there isn't one, so I dont..
 
wpotere said:
Please, do tell us which operating systems are more secure.
Click to expand...

FreeBSD, upon which Mac OS X is largely based, is more secure out of the box. But, by default, many installations do not have a GUI and the firewall, ipfw (same as packet filter in OS X), is running with the most restrictive ruleset such that the user must know how to set packet filter rules to even use the web browser.

Interestingly, Apple and the FreeBSD team share a lot of information concerning their common open source foundations. This relationship is directly related to the security features that make achieving system level access via exploitation of both OS rare in comparison to Windows.
 
munkery said:
FreeBSD, upon which Mac OS X is largely based, is more secure out of the box. But, by default, many installations do not have a GUI and the firewall, ipfw (same as packet filter in OS X), is running with the most restrictive ruleset such that the user must know how to set packet filter rules to even use the web browser.

Interestingly, Apple and the FreeBSD team share a lot of information concerning their common open source foundations. This relationship is directly related to the security features that make achieving system level access via exploitation of both OS rare in comparison to Windows.
Click to expand...

LOL, I know... My question was for him. He made the comment, I wanted him to prove he knew what he was talking about. He clearly doesn't.
 
Penn Jennings said:
The firewall is turn off by default.
Click to expand...

Actually, Mac OS X is firewalled by default using the TrustedBSD MAC framework. The server-side services that are ON by default are sandboxed using this framework. Server-side services that are turned OFF are set to only be accessible from localhost. Turning ON one of those services, turning ON one of the two firewalls, and then allowing the service through the firewall provides no more protection than just turning ON the service unless you manually set rules in the packet filter to limit the IPs (specific IPs, LAN, etc) that can access the service. This is because those services by default are only accessible via localhost and when turned ON are remotely accessible given the services intended purpose regardless of the firewall being turned ON.

AppArmor in Linux is based on the same foundation as the TrustedBSD MAC framework. The default firewall setup in Linux distros, such as Ubuntu, is essentially the same as Mac OS X. But, you never hear about the default level of firewalling being brought up in criticism about Linux. Seems strange given that Linux dominates the server market share.
 
Last edited:
munkery said:
FreeBSD, upon which Mac OS X is largely based, is more secure out of the box.
Interestingly, Apple and the FreeBSD team share a lot of information concerning their common open source foundations. This relationship is directly related to the security features that make achieving system level access via exploitation of both OS rare in comparison to Windows.
Click to expand...


Google: "backdoor in freebsd" without the quotes.
 
DVD9 said:
Google: "backdoor in freebsd" without the quotes.
Click to expand...

Read the articles. The backdoor was supposedly in OpenBSD and AFAIK those claims have been debunked.

To clarify on an earlier post, socket-filter based application firewalls, like the one in the security preferences, have very little efficacy in preventing exposed services from being modified via exploits, such as memory corruption exploits. This is shown by browser exploits still being effective despite the presence of a firewall; this is true for any OS. This is why Apple is moving toward sandboxing using mandatory access control (MAC) and pointing turned off services to localhost while leaving the application firewall disabled.

A better means to secure services is to use the packet filter to limit the number of IPs that can access the service. The application firewall will pass connections from anywhere onto allowed applications. If the allowed application is the target of the exploit, a socket-filter application firewall does not provide any protection.
 
Last edited:
munkery said:
Read the articles. The backdoor was supposedly in OpenBSD and AFAIK those claims have been debunked.
Click to expand...



"Gregory Perry, the former chief technologist at the now-defunct contractor Network Security Technology, or NETSEC, said he's disclosing this information now because his 10-year confidentiality agreement with the FBI has expired"

"Debunkers" are a lower form of life than serial child molesters.

The backdoor exists.
 
Rodimus Prime said:
"Virus" by the term of any type of malware then yes Mac can get those. The malware being things like trojan and spyware bot of which use the user install them and therefor by passing all security.

Just practice good internet practices in the terms of not installing or opening files you are not sure about and you will be OK. Other wise you are at risk.
Click to expand...

+1

I always keep a firewall on a computer. I, mostly, like Intego's X6 suite (firewall, antivirus, etc), even though I had problems with iTunes for a while.
 
DVD9 said:
"Gregory Perry, the former chief technologist at the now-defunct contractor Network Security Technology, or NETSEC, said he's disclosing this information now because his 10-year confidentiality agreement with the FBI has expired"

"Debunkers" are a lower form of life than serial child molesters.

The backdoor exists.
Click to expand...

Haha, you're funny.

The OpenBSD team did a code audit and found no evidence of a backdoor.

The audit has proved to be a useful exercise for the OpenBSD community, but it has turned up no evidence to support Perry's claim of a government-planted backdoor.
Click to expand...

Again, this is OpenBSD not FreeBSD.

thermodynamic said:
+1

I always keep a firewall on a computer. I, mostly, like Intego's X6 suite (firewall, antivirus, etc), even though I had problems with iTunes for a while.
Click to expand...

Using a firewall is a good idea, but it does not do nearly as much in terms of protecting the system as many individuals believe. Neither does anti-virus software. Many users only rely on those two security measures without any thoughts toward applying user knowledge for protection.
 
I found an article for those interested in reading about Apple's implementation of sandboxing. http://www.exploit-db.com/download_pdf/16031

Windows also implements a system similar to MAC, called mandatory integrity control (MIC), but it has been shown to not be very robust as shown by recent browser exploits. MIC is more flexible but less secure than sandbox systems used by OS X and Linux (AppArmor). MIC's functionality relies on inherited permissions so the privileges of the given account determine the level of sandboxing. Turning off or lessening the restrictions set by UAC have an equal impact on this sandboxing mechanism.

Mac OS X sandbox does not inherit permissions. The sandbox is the same regardless of the permissions of the currently active account.

From the article linked above:
On Windows, the access control enforcement is on the kernel object level with inherited permissions — there is no monolithic system for access control like the other operating systems.
Click to expand...
 
Upon further reading, Windows mandatory integrity control (MIC) really is more analogous to UNIX discretionary access controls (DAC) than it is to mandatory access control (MAC).

This is because DAC functions via inherited permissions which are defined by the currently active user account. Both DAC and MIC work by defining the files, settings (prefs or reg), and other processes that a process can modify using access control lists (ACL) in Windows or ACLs and UNIX permissions in Mac OS X.

So, Windows does not yet have a sandboxing mechanism similar to MAC in Mac OS X, BSD and Linux (AppArmor).
 
Last edited:
fessen said:
Many who work in security apparently still feel that a, if not the, major factor explaining the lower risk of malware attack on OS X compared to Windows is the lower marketshare.
Click to expand...
Their perceptions are false. The market share theory doesn't hold water.
 
wpotere said:
Where is my popcorn! You guys arguing for AV are way out of your element and haven't a clue on system security. Sorry, but most of what you have posted is pure rubbish!
Click to expand...

How many popcorn boxes have you completed? I ate 50 and i need more but I am now too fat to go anywhere. Maybe you could bring some over?
 
GGJstudios said:
Their perceptions are false. The market share theory doesn't hold water.
Click to expand...

Android and iOS have proved that. iOS is still more widespread than android, and android is the one with more virus,trojan, and malware related problems.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back