Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac OS X Security Criticisms Countered

Posted by simoniker on from the second-round-knockout dept.

Paradox writes "In response to the recent PC Magazine story criticizing Mac OS X security, technologist/author Richard Forno has written a rebuttal criticizing the author and raising some good points about the fundamental differences between Windows and Mac OS X. Considering Lance Ulanoff's tone during his article, a rebuttal from the Mac OS X community was inevitable." Forno's conclusion: "Trustworthy computing must be more than a catchy marketing phrase. Ironically, despite a few hiccups along the way, it's becoming clear that Mac OS, not Windows, epitomizes Microsoft's new mantra of 'secure by design, default, and deployment'."

3 of 464 comments (clear)

  1. I have not heard of one successful r00ting of OS X by teamhasnoi · · Score: 5, Interesting
    Are there *any*? With a generic default install of 10.3 (plus net connection), are there any remote exploits? I'm guessing that any exploit that has been found is due to 3rd party software.

    Are there any viruses/trojans for OS X?

    I know there was the ssh deal a while back, but does anyone know of any remote r00ting of an OS X box anywhere?

  2. stubborn institutional pride/hubris, etc... by The+Lynxpro · · Score: 5, Interesting

    I think Apple has shown the way Microsoft should follow if they wish to bring security and stability to the Windows platform. Apple migrated over to the underpinnings of BSD without compromising the distinctness that only Apple brings to the table. If Microsoft truly cared about "trustworthy computing," they'd shift their gears and concentrate on gluing the Windows GUI and other applications to whatever BSD platform they chose to annoint. After their acquisition last year (the VirtualPC crew), Microsoft has the talents necessary to bring decent emulation of older Windows flavors to their new products. But apparently they [Microsoft] are too stubborn for their own good. It sounds like Longhorn will now be delayed until 2006 or 2007, and every year they slip, the more people and institutions will slip away to Linux and OS X for the very ideal of "trustworthy computing" they profess. Windows is broken as an OS, but as a GUI "bundled" on top of BSD, it would prove to be the magic Microsoft's shareholders are now searching for. And since Microsoft has been infusing SCO with cash, Microsoft would be "safe" from any litigation from SCO in regard to BSD or Linux...

    --
    "Right now, somewhere in this world, Scott Baio is plowing a woman he doesn't love," - Peter Griffin, *Family Guy*
  3. Re:trust by ducomputergeek · · Score: 5, Interesting
    Security was everything at one of the places I worked. We had a special lead incased steel room with computer monitors and armed gaurds to get in and out with at least three different methods of Identity conformation. Those units in that room were not networked and media could go in, but not out. When it was time for something to go, the nice distructo matic guys came in, busted the monitors, all the hardware and ran magnates over everything just to make sure. Granted that was a DoD contractor and much of the work in those rooms were even above my security clearance. That's about as secure as you can get, and yes some of the computers ran windows.

    As far as that goes, no operating system is 100% secure. The only way its secure is if its off. If you require a password to log on, its vunerable. If to nothing else, someone else on the inside figuring out that password. 80% of all the breaches we see are inside jobs. Either disgruntaled employee, sys admins don't remove passwords of terminated or former employees, or a hacker goes calls on the phone saying, "I'm joe from department x or branch y, and I forgot my password".

    Even now, we have an internal network of 3 computers linked to a server that manages our accounting data. None of those boxes are connected to the Internet. That only leaves the possiblity of a breach from within or a unit being stolen physically from our office.

    We do a lot of IT consulting and expaning into security, and the one question we always have to ask ourselves and clients, "Okay, nothing is going to be 100% secure, where do you draw the line?" Granted, most of our clients have 20 or fewer employees and aren't doing a lot that needs governmental levels of security. Usually Zone Alarm Pro and Norton is about the best defense these people are going to get for the money. Some larger companies elect on having a dedicated hardware firewall installed or an *BSD box configured as a firewall too.

    Now on the desk of an average employee sets either a PowerMac G4 of various speeds, an iMac, iBook (yeah, I'm the President and I have an iBook), or a powerbook all running OS X.2 with my business partner's Powerbook the only 10.3 at the moment. We don't worry about the worm of the week on our machines.

    At the end of the day, the way in which Windows is built and the intergration of IE, MP, etc. there is only so much you can do, and saying "Switch to Linux" often isn't the answer as well, at least to our small business clients. And I will defend that position with one word: Quickbooks. At least with Macintosh, they can have their Office, QuickBooks, Email, and Internet with a system they can understand, and provides more security than windows out of the box. Perfect, no, practical, yes.

    --
    "The problem with socialism is eventually you run out of other people's money" - Thatcher.