http://news.yahoo.com/s/nf/20060306/tc_nf/41948
So you thought you were better than us PC users, huh? Not so safe anymore, huh? Mwa ha ha. Tremble. Next stop, the Blue (Or maybe Apple-Green) Screen Of Death.
Pity Commodore sank. The Amiga should be the ruling platform.
Mac users=PWNZORED!!1!!
Mac users=PWNZORED!!1!!
Don't hold grudges. GET EVEN.
The guys over at Penny-Arcade should hear of this.
The world would be a better place if there were less shooters and more dot-eaters.
Jesus' BE ATTITUDE FOR GAINS:
1. Pure, Mournful, Humble Heart
2. Merciful Peacemaker
3. Suffer for Righteous Desire
Jesus' BE ATTITUDE FOR GAINS:
1. Pure, Mournful, Humble Heart
2. Merciful Peacemaker
3. Suffer for Righteous Desire
Disclaimer: I am primarily a Mac user, but use whatever OS best fits the task, whether that be OSX, Windows, some UNIX or GNU/Linux, or (my personal favorite) BeOS.
This article is nothing more than an ad for Symantec. Vincent Weafer is an absolute idiot if he thinks Windows and OSX are identical in number and type of vulnerabilities. With the differences in kernel stucture, security models, and general system design, (not to mention that OSX has only been around for about 5 years, and Windows has been around for over 15) there is no way the two systems are comparable.
Then there's the virus count. Doing a search in Symantec's own virus database for "Mac" brings up only 38 results, some of which are merely talking about MAC addresses on NICs.
Fsck this guy is an idoit (or marketing drone).
Now, that being said, OSX is far from perfect and has vulnerabilities. One of its strengths is also its achilies heel: open source programs in its UNIX base. OpenSource programs are great - but you have to keep up with the patches. So, Apple needs to monitor the status of each of those programs and roll out OSX updates whenever new core software is available. Of course vulnerabilities are not limited to open source software, as the recent Safari/Mail 'auto execute shell scripts' problem demonstrates.
Back to the article, putting a web server on a home OS and letting it loose on the Internet, even if you're not daring script kiddies to "haxxors my boxen", is just asking for trouble. For one thing, home OSes are not designed for the kind of server load websites can experience. Secondly, web hosting companies pay people to maintain the servers and monitor their status constantly. 30 minutes is plenty of time for most sysadmins to notice the attack and do something to stop it. What home user is going to sit around all day watching server logs, bandwidth/CPU utlization screens, compare system-critical files with known good configurations to check for a breach, all day, every day?
Fsck, alarmist advertising FUD that pretends to be news really pisses me off.
This article is nothing more than an ad for Symantec. Vincent Weafer is an absolute idiot if he thinks Windows and OSX are identical in number and type of vulnerabilities. With the differences in kernel stucture, security models, and general system design, (not to mention that OSX has only been around for about 5 years, and Windows has been around for over 15) there is no way the two systems are comparable.
Then there's the virus count. Doing a search in Symantec's own virus database for "Mac" brings up only 38 results, some of which are merely talking about MAC addresses on NICs.
Fear, Uncertainty, Doubt. YOU MIGHT BE AT RISK!! ZOMG buy our product!!According to Weafer, the number of Mac vulnerabilities discovered and the possibility they will be exploited will gradually rise as a direct result of an increased interest in Mac OS X. Weafer urged Mac users to make sure they have installed antiviurs and antispyware applications and are updating them regularly.
Fsck this guy is an idoit (or marketing drone).
Now, that being said, OSX is far from perfect and has vulnerabilities. One of its strengths is also its achilies heel: open source programs in its UNIX base. OpenSource programs are great - but you have to keep up with the patches. So, Apple needs to monitor the status of each of those programs and roll out OSX updates whenever new core software is available. Of course vulnerabilities are not limited to open source software, as the recent Safari/Mail 'auto execute shell scripts' problem demonstrates.
Back to the article, putting a web server on a home OS and letting it loose on the Internet, even if you're not daring script kiddies to "haxxors my boxen", is just asking for trouble. For one thing, home OSes are not designed for the kind of server load websites can experience. Secondly, web hosting companies pay people to maintain the servers and monitor their status constantly. 30 minutes is plenty of time for most sysadmins to notice the attack and do something to stop it. What home user is going to sit around all day watching server logs, bandwidth/CPU utlization screens, compare system-critical files with known good configurations to check for a breach, all day, every day?
Fsck, alarmist advertising FUD that pretends to be news really pisses me off.
Um, that article offered nothing new. Everybody in the know already knew that an Apple could just as easily be hacked as Windows. That's why Apple has never touted its lack of virii: it didn't want to provoke the hackers. Nothing will really change after this event unless Apple's market share increases since it's less efficient to go after Apple rather than Windows.
Big deal, this is no different from the Capture The Flag competition they do at Def Con every single year. Any machine running services that are visible to the 'net is going to be vulnerable to some exploit. Still, there's a big difference between 'took a skilled hacker 30 minutes to gain root' and 'took a botnet worm 4 minutes to gain Administrator access'.
We here shall not rest until we have made a drawing-room of your shaft, and if you do not all finally go down to your doom in patent-leather shoes, then you shall not go at all.
-
Stormwatch
- Posts: 2327
- Joined: Thu Jan 27, 2005 1:04 am
- Location: Brazil
- Contact:
Granted, this is from a Mac-centric website (http://www.macworld.co.uk/news/index.cf ... wsID=14029), but...
Macworld wrote:What that report didn't explain was that anyone who wanted to try to hack that test Mac was given a local account on the machine which could be accessed using SSH. This effectively put the hacker in front of the machine and made the exercise much easier to accomplish.
The organisers of the new Mac hack competition said: "Yes, there are local privilege escalation vulnerabilities for OS X; likely some that are 'unpublished'. But this machine was not hacked from the outside just by being on the internet. It was hacked from within, by someone who was allowed to have a local account on the box. That is a huge distinction."
-
judesalmon
- Posts: 504
- Joined: Mon Jan 31, 2005 6:46 pm
- Location: Rule Britannia, Britannia Rules The Waves
Yeah, Max OS is just as vulnerable as Windows, just that hackers tend to target Microsoft's platform as a) there are so many more users and b) because Microsoft make a concerted effort to beat them.
Be attitude for gains:
1) Be praying...
2) Be praying...
3) Be praying...
And a shameless plug for the stuff I'm selling on eBay, if you're into that sort of thing.
1) Be praying...
2) Be praying...
3) Be praying...
And a shameless plug for the stuff I'm selling on eBay, if you're into that sort of thing.
If Apple decides to put Safari's WebKit/KHTML rendering engine in kernel space, like MS has done with IE on Windows, then I'll agree with you.judesalmon wrote:Yeah, Max OS is just as vulnerable as Windows, just that hackers tend to target Microsoft's platform as a) there are so many more users and b) because Microsoft make a concerted effort to beat them.
