Slashdot Mirror
Study Recommends Mac OS X as Safest OS
rocketjam writes "The British security firm mi2g has concluded a comprehensive 12-month study to identify the safest 24/7 computing environment. In the end, the open source BSD and Mac OS X came out on top with the fewest security breaches against permanently connected machines worldwide in homes, small businesses, large enterprises and governments. The study found Linux to be the most breached environment 'in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded'. Windows was the most breached environment in government computing and led Linux, BSD and Mac OS X by far in economic damage caused by breaches." We mentioned their previous study too. As before, the study ignores the thousands of automatically-spreading viruses for Windows.
...this study is talking about manual exploits, and says as much:
The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded, with 154,846 successfully compromised Linux 24/7 online computers of all flavours.
This is likely because of the great number of Linux servers, and the wide variety of network services and ports open to the world on such servers.
And it does, in fact, make distinct reference to Windows malware (self-propagating worms, viruses, etc.):
Malware proliferation
The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to environments running Open Source including Linux, BSD and Mac OS X. When taking the economic damage from malware into account over the last twelve months, including the impact of MyDoom, NetSky, SoBig, Klez and Sasser, Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware - virus, worm and trojan - proliferation. This is directly the result of very insignificant quantities of highly damaging mass-spreading malware being written for other computing environments like Linux, BSD and Mac OS X.
Also interesting:
For the record, neither mi2g Ltd nor the mi2g Intelligence Unit have a business relationship with Apple Computers and we do not own any shares in that corporation. Previously, the mi2g data for one month was considered to be too small a sample and not representative of the global environment within which different types of entities - micro, small, medium and large - exist. We have addressed those concerns in the new study. The critics were against the previous study which also came out in favour of Apple and BSD, because the entrenched supporters of Linux and Windows felt that mi2g was guilty of 'computing blasphemy'. In subsequent months, mi2g's reputation was damaged on search engines and bulletin boards. We would urge caution when reading negative commentary against mi2g, which may have been clandestinely funded, aided or abetted by a vendor or a special interest group.
There are a wide variety of reasons to expect that Mac OS X is a significantly more secure computing platform than Windows in a non-server/desktop setting; this study only further confirms that.
It's ranked as safest, too.
insert windows jab from overzealous mac user here
That would lead me to the assumption that if its the least used then people wont bother writing virii and bother trying to hack it.
Am I wrong to think this?
moo.
thought you'd said "least sued"...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
The study doesn't specify which BSD distribution they used, besides OS X (Darwin). I guess you could say "all of them" but c'mon, you just can't leave out details like that.
That's a software issue. Most people manually breaching systems are nmapping, finding services that are vulnerable, and exploiting them.
Furthermore, unlike worms, crackers might not know what operating system the site is running until they attempt to infiltrate it. It's not like people go looking for Linux boxes randomly.
I think that the argument that Linux is installed on more target machines than the other operating systems is acceptible here, even though it is somewhat fallacious when it is used to defend Windows security against automated attacks like viruses and worms.
Slashdot: Where people pretend to be twice as smart as they really are by behaving like children.
-flamebait-
security through obscurity. Fewer AmigaOS exploits these days too.
-/flamebait-
(i'm joking.. just couldn't resist.)
Does this article take into account the market share of all of these platforms? I browsed TFA and it didn't look like it did. Ofcourse if few people use osx as a server, it would result in few hacked boxes.
This study is pretty much useless. Essentially what they're reporting is that of all manual hacker attacks that are successful, most of them happen on Linux, and Mac OS has the least of them. This does not mean that Mac OS is more secure. It may simply mean that Mac OS is less often attacked, or the MAc OS is less often used in 24/7 environments.
Show us a report studying attempts/successful attempts ratio, and it might actually mean something.
The ease of use of a Windows machine.
:-)
Microsoft Office.
Internet Explorer.
Open Source.
The fastest PC.
The first 64 bit PC.
DRM Ipod attachment.
And now, the most secure computer!
'Nuff said.
Just buy a Mac
As before, the study ignores the thousands of automatically-spreading viruses for Windows.
Then what are the "459 malware species" examined in the article?
Just as a sidenote, I tried installing FreeBSD 5.2.1 this afternoon. It detected all of my hardware properly, save for the disk geometry of my second hard drive -- I was quite impressed. However, I'm using an optical PS/2 mouse, and I could find no way of configuring it properly! A regular old PS/2 mouse worked in its place, but I'd much prefer the optical.
It is the most secure because:
- It is build around a capability system
- It has no applications
- The scripty kiddies don't know it is there
I haven't heard of any break-ins in EROS!:-) = I am happy
:^) = I am happy with my big nose
C:\> = I am happy with my OS
Wouldn't it be more useful to provide statistics on the percentage of *each environment* that suffered breaches -- e.g., 17% of Linux machines suffered breaches, 28% of Windows machines, 19% of OS X machines?
Unless I've misread the article (which is possible), the numbers they provide don't seem to take into account the *prevalence* of each environment.
Just like the millions of clueless Windows users.
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
So where does this article fit in?
It's such a fine line between stupid and clever.
I know you're just joking, but for others who actually believe this, it bears repeating:
If that were true, then apache would have the most exploits of any web server, since it has the greatest market share. However, that is not the case: Microsoft IIS is by far the most exploited web server, with only around 20% marketshare.
Additionally, lesser marketshare does not automatically imply anything with regard to security. Sure, it's *targeted* less, and people might spend less time attacking it, but that does not mean it is less secure. In fact, there are numerous technical, design, and architectural reasons that, e.g., Mac OS X is more secure than Windows. A few examples would be: no ports or services open by default, services that are used are likely to be open source services like apache and OpenSSH which receive in intense scrutiny so that theoretical holes are closed before they become practical ones, there are more layers of abstraction between an email attachment and it actually becoming a meaningful exploit, prompting and notification for administrative-level or elevated privileges, less likelihood of standardization on a single email client reducing the exposure of a single point of attack, etc.
And sure, marketshare helps too, in terms of things like the statistical likelihood of the next host encountered/scanned by a piece of Mac OS X malware also being Mac OS X. But that's no where near the whole story.
but I for one would like to see some details on their methodology...
Which kind of service were exposed?
Which exploits were used, etc...
Leaving telnet enabled with default passwords is just as dumb not filtering ports 445/135/etc.
But as usual with mi2g, big headlines, without anything to back them up!
CP/M? My old Z100 running off two 5 1/4" drives and a 2400 baud com port modem has never been hacked!!! I'll bet that it has less exploits than even mack (for those mods who miss this is humor, consider this notification :-P Mod me down all you want ;-) )
I'm sure that I could "study" fatalities on US highways and conclude that more people die in autos than on unicycles. Do they even CONSIDER the ratios of Win machines vs Linux vs Mac out there? They pass this shit off as science?!?!
I've been tinkering off and on with Linux for a while now and I'm by no means an expert. About a year or so ago, I got the Knoppix liveCD and did a hard install with it, making it essentially a mixture of Debian stable/testing/SID. Anyway, one day I fire up Quake and, instead of the normal music, it's playing this "We are the Animals" crap. The startup script even says, "This version of Quake has been hacked". I try to install Bastille but can't quite get it to work on this mixed-Debian install. I also can't un-install it.
So, now I'm using SuSE - mainly because it has built in security functions and is easier to configure. I kinda wish I could just go with something like Slackware and set all of it up myself, but I have limited tinkering time these days.
I suspect that a growing population on non-expert Linux users could be a potential security vulnerability.
A goal is a dream with a deadline
everybody starts to use OS X... Then the all the exploits will be aimed at that platform... Then it won't be the most secure!!!
DUH...
My sig smells bad, here take a wiff...
slowness
I think mac users are a very bimodal group. There are lots of pros, comfortable with various OS's. However, there are tons of totally clueless folks.
I cleaned up a lot of macs in the pre-OSX days when a handful of annoyances like macro-viruses were common.
This defies logic. We all know that closed-source, AKA "security through obscurity" software cannot possibly be more secure than open source software like Linux. Please stop tampering with the metaphysical laws of the universe.
"Ask not what your country can do for you." --John F. Kennedy
Mi2G are about as expert in computer security as your local nursery school, they are basically a fraud outfit that decieve companies by using FUD in order to transfer cash from company accounts to the chairmans pocket, and slashdot linked them up
and you wonder why no one subscribes and blocks slashdots adverts
in the security scene they are worthless
Register article
As a Mac user and Linux guy, I have to say that this kind of study is a little tilted... how many Mac users and Windows users really know how to record a breach into their machine? Neither ships with process accounting on out of the box, to my knowledge.
I recently had some puke engage in comment spamming my website. Traceback revealed he was using a Windows XP machine infected with the Subseven trojan. I'd be willing to bet that breach was not recorded.
I think it has to do with the fact that there is much malware written for OS X, and that the OS Security model is better to begin. There is no root account and there are no ports open by default.
of all manual hacker attacks that are successful, most of them happen on Linux, and Mac OS has the least of them. This does not mean that Mac OS is more secure.
They didn't say it was "most secure", they said it was "safest". That adjective takes security-through-obscurity into account.
It's kind of analogous to buying a home in a rural town vs. a downtown metropolitan area -- your neighbors leave their house unlocked all day, but since there's only about zero-point-two reported burglaries in a ten-mile radius every year, who really cares?
it's so safe cause no one uses it =]//. anyways it's the perfect os for my sister. plus you can get a computer that matches your teeth!
It seems like every new Linux admin goes through the "Must do EVERYTHING as root" phase and the "Must give logins on my system to everyone who asks for one" phase. Combine this with distributions that aren't easily updated and you've got a recipe for disaster. Fortunately most people seem to grow out of these two phases after getting rooted a couple of times.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
In a recent addendum to the mi2g's analysis, Executive Chairman DK Matai says,
Any thinking computer professional will see that Microsoft's Longhorn Operating System has had 0 malicious security breaches over the past year. It is obscene to think that anyone with half a mind would not switch to such a secure platform. Our masterfully elaborate computer models lead us to undoubtably confirm that Microsoft's Longhorn Operating System will be the most secure Operating System until it is released, sometime in the later part of the great year 2015. At that time we believe it will experience a downward trend and will be replaced by BSD as the most securest of all Operatinginus Systamicuses around. This indisputable change will be due in large part to the unquestionable and horrifying death of the BSD platform. Indubitably.
slashdot linked up Mi2g , where is the [its funny laugh] tag
a simple google search will tell you all about them and their scams, you seriously have to be a sucker if you believe anything they put out, wannabes would be a complement
more proof that slashdot run by clueless n00bs
You can't really compare automatic spreading of worms with manual hacking attempts. However, you can compare percentage of manual attacks with percentage of worms written. For example, if we say that "67% of attacks are on Linux servers because most servers are Linux servers", it's valid to say that "95% of worms are written for Windows because 95% of desktops run Windows".
I'm not arguing that a hacking attempt is as bad as a worm. The article does state that the economic impact of worms is much greater. However, worms are written because of known vulnerabilities in systems, which is the same reason for manual security intrusions.
It's been widely repeated by many of my compatriots that Macs are simply more secure because they have a tiny user base. However, hacker culture is based on egos, correct? Imagine the fame one could gain by creating a virus that infects Macs too - they'ed be able to smash the "Macs don't get virii(?)" claim and they would get attention - for some people, good or bad doesn't matter.
I'm sure a Mac virus for OS X has at the very least been attempted. Why hasn't it succeeded at spreading all around?
OS X really is more secure
I saw this earlier from a link at osnews (yeah, I know). I was a little surprised it hadn't been mentioned here until I read the article. The site comes across as just another of those l337 haxor orgs trying to "go legit." Lots more disclaimers like that one blaming "people with agendas" writing bad press and even blaming the search engines for linking to it and helping spread the evil word. A "news" page linking to all their press releases where they quote themselves a lot.. oh boy, that's impressive.
Anyway, just in the last fews days I can think of at least one exploit requiring users of real player (on ANY platform) to "update their software" lest they be rooted by a malicious video stream. Previous hacks mentioned in the article were related to both Real and Quicktime being vulnerable to malicious skins.
Since I don't use either of these pieces of crapware I guess I'm 100% safer than everyone else and I don't have to worry about being rooted - because, after all, it's just bad software that makes you vulnerable, not being a warez whore and installing every piece of shit toy on your system that catches your eye.
I see many people here try to justify the answers one way or another: less Macs, more Linux servers, more Windows viruses, etc. The thing is, problems won't go away by justifying them. If you really are concerned with quality and the improvement of software in general, instead of pointing to the loser and saying "yeah well, we're better than them, nyah nyah," point to the winner and say "what are they doing better than us, and how can we be as good or better than them?"
To whomever downmoderated my post, RTFA--it is not OT.
It's such a fine line between stupid and clever.
This isn't intended to be Offtopic, Flamebait, or Trolling, as it is something to keep in mind in any Macintosh-related discussion:
Please don't use the term "MAC". That's an acronym for Money Access Center.
"Mac" is the correct term and is short for "Macintosh".
Up, Up, Down, Down, Left, Right, Left, Right, B, A, START
Please stop with this Mac OSX and Apple fanatism. This is the 1 billionth news regarding Apple and Mac OSX this week! It is just an operating system for God's sake. Why are you people so obssesed with your OS, computer, CPU, ..etc!!!
OK, MAC=Mandatory Access Control, Message Authentication Code, or Media Access Control
Mac=abbreviation for Macintosh
Being less popular is a property that may make a system safer. But, less popular systems are not necessarily going to be safer. If windows 95 only has 1% of the market in 20 years, is it going to be safer that Mac OSX? Mac OSX has several security features that make it less exploitable than any current windows offering. It still has a long ways to go, and MS could make windows more secure than it in the future. Personally I'd like to see a system with easily configurable application specific priviledges. Your point about the statistics in this study not being well explained, or even given as raw data is well taken. Without the numbers, their study lacks credibility.
P.S. I'm not sure what you are talking about with the exploit, your description is a little fuzzy. I'm not sure changing your font size is a 'hack' or if that is what you are trying to say.
I think mac users are a very bimodal group. There are lots of pros, comfortable with various OS's. However, there are tons of totally clueless folks.
Just like Windoze. I'm sure you will run across this in any OS. Linux might be the exception though.
Who's leg do I have to hump to get a dry martini around here?
I can't find the source of the reported breaches. How did they determine which breaches to investigate? Were they only breaches reported to them? I can state for a fact that many companies do not report breach attempts to anyone. So this investigation probably isn't of a very accurate sample pool.
Developers: We can use your help.
Of course, their reasoning is that the Mac does not respond well to Active Directory Infrastructure...namely Audit Policies, login scripts, and constraints on network access.
One has to wonder, though...with the growing numbers of trojan horses, windows worms, and buffer overruns...why not consider the Mac?
That is...until the rest of the industry does the same...then we're right back to where we started.
Mercy was given to me by Christ...I must give the same to others.
First problem: what is a breach? If someone takes down a hosting company's Linux server that is hosting 5000 domains, and someone else takes down a Windows box with one domain and an OS X box with one domain, is that counted as 5000 Linux breaches, 1 Windows breach, and 1 OS X breach, or is it 1 breach of each OS?
Second problem: total number of breaches is a pointless number to look at by itself. For example, if you had 100 Windows servers and 1000 Linux servers, and you had 50 of the Windows server breached and 100 of the Linux servers breached, that would be a 50% breach rate for Windows and a 10% breach rate for Linux. But the way Mi2G reports it they would say 33% of the breaches were on Window and 67% on Linux, so Windows is twice as secure.
From the article: '"More and more smart individuals, government agencies and corporations are shifting towards Apple and BSD environments in 2004," according to DK Matai, Executive Chairman, mi2g.'
They forgot the OS I wrote, it has never had an exploit, there are no viruses that run on it. Therefore it's by far the safest. Granted no one has ever run it. Of course the most prevalent OS will have the most viruses and the most exploits.
I understand what you are saying, and you would be right, if your facts were correct.
0 4/ 10/15/242966.aspx
They are not. In fact, IIS6 has had *way* less security exploits avalible than Apache. Check this out:
http://blogs.msdn.com/michael_howard/archive/20
Professional what? Graphic Desingers? Video Editors? Architects and Engineers? Yeah, these guys all have a clue.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
When there is a HUGE difference between distributions. Are those many Linspire machines (10's of thousands they flaunt on their website) as secure as a current debian box with only the services running and ports open that are required?
Bah. Your manual Linux breeches are no match for my automated OS X pantaloons.
I wonder of mi2g has even heard of OpenBSD?
MAC? As in Media Access Control? I thought this was about Macs! :O
Seriously, though. I don't know if it's the case, but it looks like you're confused. "Mac" is not an acronym. It should not be in uppercase.
(Boy, does it annoy me when I see people do this.)
One important factor with Mac OS X security is its default security settings; when someone buys a new Mac, takes it home and starts it up, their firewall is enabled, all of their sharing/webserving services are turned off, and their root account is disabled.
I don't want to start a holy war here, but what is the deal with you FreeBSD fanatics? I've been sitting here at my freelance gig in front of a FreeBSD (w/64 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this FreeBSD, the same operation would take about 2 minutes. If that.
In addition, during this file transfer, Mozilla will not work. And everything else has ground to a halt. Even BBEdit Lite is straining to keep up as I type this.
I won't bore you with the laundry list of other problems that I've encountered while working on various unixes, but suffice it to say there have been many, not the least of which is I've never seen a FreeBSD that has run faster than its Wintel counterpart, despite the FreeBSDs' faster architecture. My 486/66 with 8 megs of ram runs faster than this 300 mhz FreeBSD machine at times. From a productivity standpoint, I don't get how people can claim that FreeBSD is a superior OS.
FreeBSD addicts, flame me if you'd like, but I'd rather hear some intelligent reasons why anyone would choose to use a FreeBSD over other faster, cheaper, more stable systems.
I always treasured linux as a geeks OS, secure and fun to use. But now that it's becoming mainstream, I think there are going to be more and more viruses created, attackes made, and security holes exploited. While I'm all for Linux taking the place of Wind0ws, I have decided to switch to FreeBSD. I like having a OS with a small user community. It makes you feel like like you are in a class all on your own. Plus I think that the daemon is just so damn cool :) Currently downloading: FreeBSD 4.10 for amd64.
Long live Open Source!
"The Earth is the cradle of the mind, but one cannot remain in the cradle forever..."
I'm a huge OSX supporter, and I wouldn't touch a mac with PRE OSX. OS9 and below are such different worlds from OSX. OSX is a developer's dream environment. I wouldn't spend my own money on any other platform no matter how cheap a NON OSX machine is. And price is not a valid reason to not get a mac these days. The iBooks and iMacs are powerful enough and cheap enough to compare with any PC.
Slackware is easy to install. I'm a Power PC person who uses Mac OS(X), Linux,and NetBSD on my machines.
I did, however, buy a PC *just* to set-up a FreeBSD development server (because I needed a more well-rounded BSD)--and, as a secondary task, run Slackware. I installed both FreeBSD and Slackware on the machine and was surprised at the ease of installing, setting-up, and living with Slackware.
Considering that I love the simple, straight-forward nature and goals of BSD, and although I have been using PPC Linux since 1997, Slackware is the best Linux I have used--It's feels more like Pinnochio than like one of the other Linux systems which feel like a Frankenstein creation.
I am typing this on an unpatched, unfirewalled knoppix HD install.
-Guarddog is less user friendly than Zonealarm, so I don't use it.
-I used to use "apt-get upgrade" to patch security holes. Unfortunately this also turns on any updated daemon that was off, making my system both slower and less secure.
-Intrusion detection system? Don't even think about. Very user unfriendly. Not practical.
-Turn off unnecessary daemons? Is there a program I can apt get that will make let me do this quickly? preferably something that would explain what each daemon is and why I would need it without jargon?
-A user friendly cryptographic instant messenger that will handling all this "key" bullshit for me automagically?
So, who's fault is it that my system is insecure?
I care about security, thats one of the reasons I switched to GNU/linux but my patients has limits.
I am glad you pointed out that this is about manual exploits, NOT about which OS has the best security. If we were talking strictly about vulnerbility the story would be quite different. Quite simply, Mac OS would lose (IMHO): http://www.computerweekly.com/articles/article.asp ?liArticleID=131513&liArticleTypeID=1&liCategoryID =2&liChannelID=22&liFlavourID=1&sSearch=&nPage =1
Not that this matters. But it's also good to know its safe. But how many people actually direct connect to the internet? Doesn't it make sense to have some sort of cheap firewall/router box to protect you?
It's either on the beat or off the beat, it's that easy.
I moderate therefore I rule!
--
As before, the study ignores the thousands of automatically-spreading viruses for Windows.
And in other news, a new auto-safety study by the National Traffic Safety Commission has shown that SUVs are no more dangerous to drive than other types of cars. This conclusion was reached by ignoring roll-over accidents, which are due to the SUV's design, and are thus not caused by the driver.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Screw off Linux and the delusional Penguin idiots!
Coincidentially I was trying to install OpenBSD today to work as a router in my home on an old AMD K6-2 300 - I chose OpenBSD for pretty much this reason. Unfortunately it won't work due to my CPU lacking an onboard FPU; can anyone reccomend an OS to use instead, of a release of OpenBSD which will work anyway? Or a fix or a workaround? I was really looking forward to this...
Well the issue of why Linux getting more breakins then Windows is pritty simple. Most linux Distros are a Server OS. And are installed with a lot of the server tools running at install time. Basic Windows doesn't have as many server tools. And breaking in the windows although you have access it is not nessarly the most user friendly access. Vs. Getting access to a linux box with a full command prompt at your fingertips make haking much more enjoyable and looks more like the movies. Breaking into windows server can just as easily be done but managing a compremised windows system is more tricky to do. Also it is an issue of Compter Skills. Normally when a person installs say Windows 2003 server they usually know a little bit about system administration. Because why else would they shell out all the cash for an OS. Linux is free and you get people DL linux and installing it with very little or no Server Administration skills so they have all the ports they can open so they dont feel like they are stuck and all the programs work fine. If the number of people used Windows Server 2003 for Desktops that Linux People use. Then the hacks may defenatly rise.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
What a fucking idiot. Go fuck your penguin with the other three morons using it.
The study doesn't specify which Linux distribution they used. I guess you could say "all of them" but c'mon, you just can't leave out details like that.
I think it's important for everyone, when discussing differences between OS environments, to really consider whether they know what they are talking about or not. Just because us users can see the GUI of an OS and develop our personal opinions about that OS simply based upon our own personal experience with it, doesn't exactly mean we REALLY know what is going on under the hood? Sure, you can quote the open source ones, but I doubt there are too many people on here making any intelligent or accurate statements based on them. Again, most people are just feeding off of their own impressions and also of the impressions of others to whom they may envy or may have heard about in some highly publisized article on CNN. With regards to this security issue, I think it's just another way for the "die-hards" out there to point fingers and formulate their own reasons for why their OS is "better than yours is". I think a few people have made some good points about why various OS may be at higher risk than others. Of course windows is going to come up high on the scale because (like many people have said) it's the most used OS out there. Most of these hackers too are your die-hard fanatics (whom I would compare to other "popular" fanatical groups) that for some reason or another find it rewarding to create these problems. I guarantee you that it is probably more a social thing than anything else....and probably has nothing to do with Windows or OSX or any of the others. Another thing that I think alot of people are tired of hearing is this reference to Windows users as 'clueless'. Everytime I see it I just think it's hysterical and just a clear illustration of how a generalized statement can come right back and bite you in the ass! OSX can't even compare to Windows in terms of functionality. It's an OS that is years behind a Windows environment and requires a machine that is almost twice as expensive to run it. Designers like it I guess because they can draw inspiration off of the groovy case designs and motion icons. But whatever, I still think it's a pretty slick toy. I've been following the development of various open source OS and such for years now. I think the progress made up to this point probably would suggest that its a waste of time. No one is using them....and I don't foresee anyone using them in the home or in the office. I think MAC has been slowly fading out for years now. Everything you can do on it, you can do 100 times better or more of on a PC. Maybe it's sad, but it's true. So, for all of your die-hards out there...here is another chance for you to crack back with your 'clueless' replys. Just stop kidding yourselves and prevent any furthur spread of the disease.
That's it. My S7fUjkaY OS at home is the safest OS in the world because non of you morons has ever used it!
I did not think of using a Mac until my last year in college when my FreeBSD box crapped out numerous time during my final software engineering project. I spent all my graduation money on a Mac and I still think that it was a good move because I get the power of Unix and Open Source with a nice interface and a system that does not crash and accepts almost anything I choose to stick in the USB port.
My primary reasons for using a Mac are:
I still can use all my office applications without problems. Office for Mac is not bad at all!
As a Unix dude who runs several boxes at home, I find it almost impossible to use windows because I am am glued to Terminal from time to time. I tried Cygwin and I do use it at work; however, I do not like it as much due to the lack of complete intergration into my box.
Mac has been secure for me. Although I consider myself to be a power user, I do have a girlfriend who likes to download all sorts of crap and click on everything that flashes. I haven't had problems with viruses so far.
Mac OS 10.3 has never crashed on me. I do not remember a single time when something went wrong to the point where I had to do cold boot.
Darwinports rule. Open Source programs just the way I like them :)
Mac is based on Unix and that is a key because I like maintaining all my systems in the same way. For example, I can run the same backup scripts with almost the same variables across all my boxes.
Plug-n-Play, as opposed to Plug-n-Pray on Windows. So far, I had no problems with digital cameras, USB keys, scanners, printers, etc. Plug it in and it works.
Human-Computer Interaction and Mac GUI. I cannot stress this enough: details are important! Natural things, like dragging an image from Safari browser or to iChat's icon, make our lives easier. Smooth fonts appeal greater. Software applications, just like people, will be taken more seriously if they are well polished. Thankfully, Apple spent an enormous amount of time and money on HCI research and then turned the results into something productive. I like OS X because it feels more natural than any Windows edition I've used so far.
This is a small one, but CD burning works with OS X without any problems right out of the box. No additional software installations needed. This list was enough to convince me :)
Unfortunatley it wasn't a post-stratified sample, so their conclusions are meaningless. I would like to see their collected data or at least the total sample for each OS so I could draw a more educated conclusion.
This sounds very fishy. After all, FreeBSD, MacOSX and Linux runs the same Apache, MySQL and OpenSSH.
If one of these are less secure than the other, it's definitively the one that sometimes lags months after the other two in security updates. (Case in point: openssh exploit last year.)
> apt-cache search harden
bastille - Security hardening tool
harden - Makes your system hardened
harden-clients - Avoid clients that are known to be insecure
harden-development - Development tools for creating more secure programs
harden-doc - Useful documentation to secure a Debian system
harden-environment - Hardened system environment
harden-nids - Harden a system by using a network intrusion detection system
harden-remoteaudit - Audit your remote systems from this host
harden-servers - Avoid servers that are known to be insecure
harden-surveillance - Check services and/or servers automatically
This article is just a summary. You have to pay for the details you mention.
What the hell does that mean?
*If* one left a computer on the Internet accessible to all kinds of hackers, then blah blah blah
Things like that never happen (what sane person would do that). You want a secure firewall - you get a real firewall (or one of those firewall on floppy thingies). You want a secure server in DMZ? Pretty much any OS will do.
You want a secure desktop on LAN? Almost the same - with little precautions taken. It certainly doesn't require a BSD or Mac.
Quick, be sure to get all of the various ways this study could be wrong posted before any Windows users say, "See I told you so!". Be sure to slander the company, cite bizarre statistical reasons, etc. This is the appropriate reaction for all Slashdot users any time an article mentioning ANY Linux flaws comes up. (Note: Any study that points out Windows problems, even if the study was conducted by a 12 year old and his friends should be affirmed immediately.)
I don't respond to AC's.
You might want to check out Fedora Core 3 when it comes out on the 8th. Although SuSE is a nice linux distro, I find that people are more likely to understand Fedora and be able to use more of its functionality. Don't ask me why heh, its just what I've observed. Also, it's a very secure operating system, super easy to set up, very easy update system (a little icon sits in your system tray and starts blinking with a big exclamation point if updates are available) or you can use yum or apt, FC3 is going to have SELinux compiled into it so you can learn about that and test it out. FC3 is also going to have kernel 2.6.9 and Gnome 2.8 so it should be fast, easy to use, and work well with most hardware. But most important(and this is operating system neutral), only run as root when you absolutely have to! You have no idea how important that is, and if you don't follow that rule then just forget about any other security measures. If you are hacked and you know that you haven't ran as root for a very long time and are positive you weren't root when you got hacked, then all you really have to do is create a new user, delete the infected user (copy over some important *data* files first if you must), and life is good again. This is assuming that you haven't made your system or important system files writable to non root users. When you first install a system (if its not done already) its probably best to make everything read only, except for your home directory. With SELinux you can even get hacked and know exactly what was affected and be confident that nothing else was, its very nice and worth reading about.
Regards,
Steve
Well, judging from your crappy website, you may want to call one of those graphic designers...
The best way to summarize my photoshop skills is to look at the graphics on this site. Although I am not a graphics professional, I believe I am competent with Photoshop and can accomplish most basic tasks in it.
Yeah, so to summarize, your skills are pretty shitty.
much less malware
Sorry, I'm tired.
The parent is a known Troll(TM). Copied-and-pasted innumerable times...
When it comes to security, the distro matters and I'm not just talking about things like Hard Hat Linux. I got a Debian box pwnz0red once and come to find out, by default Debian's services are lit up like a farging Christmas tree.
Rather than futz with a full Debian reinstall I erased the disk and put Slack on. Slackware has fewer services on by default, and furthermore its rc.d is much simpler and easier to tweak by hand. (What can I say, I'm a fan of just going in there with vi and configuring things myself.)
N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
But since they don't tell you how many of each system type is 24/7 connected, it is very hard to draw meaningful conclusions from this report.
.001% of 24/7 connected systems, then I'm not impressed with their numbers. If they comprised 60%, then I'm really impressed.
If OS X/BSD systems comprised only
And...were the attacks against unique machines? Or once machine A was found to be vulnerable, were there 200 different breaches against that machine? One badly configured system could really blow it for the rest.
Finally...which of the "attacks" were against the OS and which were against the applications? MySQl and Apache run on all their listed OSes. If it was a misconfiguration of those, which OS is really not relavant.
They might have the data, but they do not expose enough of it for me to have any confidence in their conclusions.
Pure marketing hype.
Learning HOW to think is more important than learning WHAT to think.
Mac stands for both Mactintosh AND Mouse Activated Computer. It's a fact. Look it up :)
How ironic!
Linux Apache/2.0.46 (Red Hat) 19-Oct-2004 217.154.246.214 Mistral Internet
Oh, no. That can't be. It's not possible. I know better. This is all a bunch of garbage.
/. community just a bunch of ridiculous children, or what?
Is the
So many with such an inordinate amount of intolerance is truly disturbing.
Is this somehow a threat to that obviously fragile sense of superiority that there needs to be such a backlash about a little article. Does this really affect any of you directly? Sounds like everybody wants to whip out a ruller and compare their genitals. It's a very sad state of affairs seeing this kind of outrage and self-association.
Nicely illustrated.
s s= /snac/os/applemac/osx_client_final_v.1.pdf
http://www.nsa.gov/notices/notic00004.cfm?Addre
~hylas
um, i'm not sure how this is offtopic, as mac os x is one of the central items in the story.
According to Netcraft, Apache outnumbers IIS 3:1, and I'm making the (valid) assumption that most Apache web servers run on Linux. Let's also make the other assumption that most 24/7 machines are web servers (that most servers accessible on the net are web servers).
So, Netcraft has 37,620,349 Apache servers on-file, compared to 11,679,222 IIS servers. Mi2G has reported 235,907 successful breaches. First of all, to give you an idea of the sample size, that's 0.5% of all servers recorded by Netcraft! But let's give them that, since this is a sample of breaches occuring in a relatively short time period.
Now here comes the real news. 59,419 of computers recorded as breached are Windows, whereas 154,846 of computers recorded as breached are Linux (mi2g's numbers). Let's take those as percentages of all Linux [*nix] servers, and of all Windows servers. Looks like 0.4% of Linux servers have been breached, whereas 0.5% of Windows servers have been breached. So Windows is a little less secure, by my metric.
Now, this is a little unfair, because my assumption above (that Apache servers run Linux) is wrong. Many Apache servers that Netcraft picks up run BSD and could even run Mac OS X Server, I guess. Even taking this into account, the breach rate would be about the same for the two OSes (probably a little bit better for Linux).
What this doesn't take into account in terms of the Windows/UNIX debate are the hidden costs of an IIS server in terms of administration, virii, stability, reboot requirements, etc. the list goes on and on. It also doesn't take into account SOME hidden costs of Linux/BSD servers, but those are minor compared to the Windows annoyances (trust me, I know: I administer a Windows server, unfortunately).
That said, I do think BSD probably is more secure, and I use Netcraft's "longest uptime" as one of my metrics. To me, it seems the longer a site is on the Internet, the more statistical chance it has to get attacked. That ALL of the top uptime sites on Netcraft's list run BSD shows me that BSD is a pretty rock-solid OS for servers, that you can leave them out there in the wild for years without worry.
The real bottom line is that software that runs on UNIX-like OSes tends to be more secure, and this usually has not too much to do with the OS. For your box to have real security, the system administrator has to be smart (or the distro has to come with Smart Defaults, like I believe Debian does in the Linux world). The only real way to prevent security breaches is to be a smart administrator: to think ahead and secure your boxen before it's too late.
All this study shows me is that no OS is a "magic bullet," that breaches occur on unprotected machines regardless of your OS. No one blames car manufacturers/designers for stolen in-dash CD players if you stupidly forget to lock your doors.
After all less of them are in major auto wrecks every year than say an F150 truck. Must because it's such a safe car...
I saw no mention of OpenVMS in the article. I'd say OpenVMS is certainly safer than MacOS X, *BSD, Linux, or Windows.
No, OpenVMS is not dead. Yes, people still use it in environments where security and uptime are critical.
http://www.port80software.com/about/press/012103
Microsoft IIS, widely criticized for security and scalability issues, faced a perception of declining market share during the past few years. This belief has been furthered by the Netcraft Survey, which reviews every detectable domain name (not web server)on the Internet to generate its Web server statistics. "Hosting vendors using Apache to serve numerous small sites bump up Netcraft's numbers in Apache's favor," said Chris Neppes, Director of Sales and Marketing for Port80 Software. "Netcraft's survey reflects a relatively high ratio of domains to Apache servers. If you look at dedicated hosting or corporate environments however, Apache's market share is likely much smaller. Port80 Software's survey of Fortune 1000 corporate Web server market share shows: Microsoft IIS: 54.1% Netscape Enterprise: 21.0% Apache: 17.6% Other Web servers: 7.3% By the way, Netcraft has a survey that pretty much agrees with this, but you have to pay for it...
My own anecdotal experience would be roughly the same (sans OS X experience). I have known someone whose Linux box was rooted, but it, too, was a manual attack. Windows goes without saying. OpenBSD goes without saying, too (oppositely, of course).
Linux is a very good general purpose OS, but it's development is volatile enough that it requires a conservative approach with respect to security. I would use an older more mature kernel along with manually paring down the rc directories and inetd.conf, among other things. OpenBSD, on the other hand, is stripped out of the box, and the user must add services. I generally feel that Solaris ranks more with Linux, in that a manual hardening effort really is necessary. Never would I put Windows on the Internet--it would be like swimming in the ocean with steaks tied to my legs.
-- "Makes Little Debbie look like a pile of puke!" - Moe Szyslak
It is called GregOS 1.0. It is an operating system I wrote for myself and no one else uses it.
MacOS X is second most secure based on user base.
"the Open Source platform of BSD"
The commercial "BSD" is not open source.
If they mean an 'open source' BSD, which one are they recommending? NetBSD, OpenBSD, FreeBSD?
Your statement is mostly true, but most of the OSX developers have come from an OS9 background and they still usually do things in a 'single user is boss' kind of way.
.dmg that can just be copied, but 90% of the time you need administrator. Why again? Because the programmer never thought the user doesn't have administrator. Try for a while taking your iMac, getting a friend to set the admin password without telling you, and seeing how little you can do with it.
To pick a random example, fink packages are essentially debian packages + a patch. Almost all debian packages can be installed without root (this being the 'unix way') but a great many fink packages accidentially lose this ability and require you to have root. Why? Because the programmer never thought you wouldn't.
Similarly, most shareware requires the administrator's password to install? Sure, occasionally you get a nice
So what am I trying to say with this far too long post? Basically that while the mac keeps expecting admin, exploits are going to be easy.
I always wonder why Netware is never mentioned. That OS is unbreakable.
TFA doesn't even give the impression that they know the difference, let alone break-out the results by flavor. :-
"very easy update system (a little icon sits in your system tray and starts blinking with a big exclamation point if updates are available)"
My Suse 9 Professional does the exact same thing (although the red light/green light update symbol doesn't blink, it just turns red). And using Yast Online Update, it is trivially easy to install the patches.
I'm not saying that the rest of your observations may not be accurate. But on this update issue, Suse can be at least as good.
As before, the study ignores the thousands of automatically-spreading viruses for Windows.
;)
.DMG files are great for Quicken, et al. (No, this is not what Microsoft's EFS is for)
So do I, because I keep my Windows machine at work properly patched and run A/V software. Is it that hard to do? Apparently it is, BlackIce reports thousands of attempted connections from infected machines.
That said, I do my "real" work on my Power Mac G5 at home, and you'll have to pry my OS X machine from my dead, cold hands.
Aside from the bazillion other problems and worries with Windows, it's nice not having to worry about worms (ipfw, and the fact there arent many for OS X). It's also nice because I can clean my machine easily, if needed (you know, pr0n and hacking logs
Encrypted
Quote from article:
The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to environments running Open Source including Linux, BSD and Mac OS X. When taking the economic damage from malware into account over the last twelve months, including the impact of MyDoom, NetSky, SoBig, Klez and Sasser, Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware - virus, worm and trojan - proliferation.
They still argue Linux is much safer than Windows in terms of malware.
As for manual exploits, I can explain some of it. For example, there are a lot of premade web sites that run on the L.A.M.P. platform. While most asp web sites are written from scratch, with significant investment, any kid can toss a phpBB, Wiki, or other website on a Linux server for free, with a minimal requirement of experience and maintenance. Most people deploying premade websites for non commercial purposes fail to install security updates. But exploits are found and patched all the time, visible to any kid who wants to inflate their ego. It's popularity in the non-commercial commons that leads to exploits on Linux servers. But Linux itself is hardly ever exploited, and these exploits are rarely ever root exploits. While with most Windows exploits, it IS Windows itself that's being exploited, and they're usually as bad as root exploits.
Their study fails to factor in the market shares of each operating systems. If you have 10 Linux systems, 4 Windows systems, and 1 Mac, and 5, 4, and 1, respectively, are successfully exploited, they would argue that the Macs had fewer exploits, followed by Windows and finally Linux. I'm not saying that's what happened but their failure to take this into account negates the usefulness of much of their statistics.
Wow, they actually updated that ancient troll to say Mozilla instead of Netscape? And did you actually take the Mac version of that troll and change it to FreeBSD, since BBEdit doesn't seem to list a FreeBSD version on its site? Well, if you have a version of FreeBSD so hacked up that it can run OS X applications, no wonder it's slow.
enough I say! There needs to be the grand ultimate no holds barred OS hacker challenge! Each OS fanclub gets to put one as equal as possible machine on the net, with a provided IP. 24 hours opened to attack, no DDoS, actual penetration attacks. Set up a directory inside with a file called "hackmeplz", the hackers have to add their tag to that file to prove they were there. Hackers or hacker groups have to pre register, with a hashed sig for verification of who they be,and they are the only ones allowed to try.
And here's the twist, the fanclubs are also the hackers, they not only have to try and own the other teams boxes, they have to defend their box!
Once and for all, let's see who's got the OS and the skillz!
I haven't even seen any manual malware for Linux. Sorry, I don't know where they dream up the rubbish they publish, but it's all nonsense. The most recent article I've seen states that 99.99% of Linux based computers have never EVER seen a virus. I know in the 10+ years I've been running Linux --and I'ave always been connected to the Internet, and also ran a 70000+ hits-per-year webserver-- and I've never had even a sniff of a virus. Someone is smoking something really funny (which is possible) or someone is a paid toady. Either way, the printed versions of their 'study' or report or whatever you want to call it makes an excellent liner for the dumpster out back.
http://www.computerweekly.com/articles/article.asp ?liArticleID=131513&liArticleTypeID=1&liCategoryID =2&liChannelID=22&liFlavourID=1&sSearch=&nPage =1
...popular is a property that may make a system safer...
Who cares WHY the Mac is safer, the fact is that it is safer and the reason doesn't really matter. If the time ever comes where Macs get somwhere as numerous as Windows boxes, (not likely at this point) more attempts to break into them may occur, but even right now, if the every Windows box magically turned into a Mac the number of malware infections would be WAY less because Macs have better security. This security is especially good against unassisted break-ins that occur into Windows boxes just because they are connected to the Internet, even in some cases for only a few minutes. No OS can ever be totally secure against social engineering that persuades authorized users to install unknown software.
All theory is gray
This was a study of servers connected to the net in businesses of all sizes and government as well as home run "servers" or possibly desktop machines directly connected to the net without a router/firewall. It was not a study of desktops infected by viruses, trojans or backdoor trojans malware like back orifice.
People who connect their home machines directly to the internet with broadband are idiots just asking for trouble. You should at a bare minimum invest in a hardware firewall/internet router. You can pick one up for about 50 USD or less these days and you get the added avantage of being able to share your broadband with other computers in your home.
I have to shake my head when I see people on broadband either relying on the XP firewall or some other software firewall.
Jesus was a compassionate social conservative who called individuals to sin no more.
I'm sure a Mac virus for OS X has at the very least been attempted. Why hasn't it succeeded at spreading all around? OS X really is more secure.
Well, this somehow contradicts an article I just read yesterday in Ziff Davis Mac and Linux Not Immune to Viruses, and to be honest with you, I tend to agree with the article:
"If I wrote a mail worm for Linux and seeded it well enough (I could even use infected Windows systems for the initial seeding with a special Windows virus just for the purpose), I suspect it still wouldn't get very far, because very, very few typical consumers run Linux systems. Linux users are on average, simply by virtue of their running Linux, more sophisticated than typical consumers.
The Mac is different. I suspect a typical mail worm for the Mac could get some traction if it spread enough copies and had a good social engineering scheme".
....the kiss of death.
-Valiss
i've heard a number of security breaches on OS X, but i've yet to see a remote root that doesn't require some sort of physical intervention. i don't follow this stuff as closely as i should, so maybe i've missed something.
once again, what i'm asking for is an exploit where i run a program on MY machine, and immediately get a root-shell on YOUR mac. i'm eager to hear replies.
Studies were found to be misleading.
Not much chance most Linux users get owned for long.. With Windows users on the other hand, the first time they notice they have a problem is when you have to scrape 200 worms and trojans off their machines.
Besides, all unix variants are so "well known" in terms of the kinds of security vulnerabilities that plenty of people can help out if you *do* get 0wned.
With MS's products, there's probably one person deep in the mire at Redmond who knows *exactly* what might get compromised... (But nobody knows who that person is, or even if they still work for MutleySoft (R)).
http://shit.slashdot.org/article.pl?sid=04/11/02/1 722237
...about my Mac is that it's so safe that I can't play any popular games on it or use a lot of common software for it. Not even legitimate software and files can infiltrate my Powerbook!
Pwn3d!!1!!!one!1
As before, the study ignores the thousands of automatically-spreading viruses for Windows.
And as before, michael just can't help adding his two cents to a story submission, rather than posting a comment in response to it like everyone else, subjecting his opinions to the moderation processes.
If only Slashdot admins could be elected rather than appointed...
Here's a newsflash for you. Many of those Apache servers are running on WINDOWS. There are actually more Windows machines acting as web servers than Linux machines acting as web servers. What do you think that does to your comparison, given that almost 3 times as many Linux machines were breached?
Default settings? Honestly, it is silly to blame the software for most of the breaches, when it is usually human error that is the largest problem.
Good security measures on any system make the biggest differences. Turning off unnecessary services and running a very restrictive firewall are essential for any server, and can (in some ways) make up for the shortcomings in an operating system.
On a side note, although many people see the security models used in *BSD and Linux as being secure and able, the user/group/other model is outdated for real security. Hopefully Red Hat and SuSe will step forward and take advantage of new opportunities and technologies like SELinux. The sort of security that this could give to their distributions could easily give them big edge over proprietary Unixes and Windows.
Systemd: the PulseAudio of init systems
-Guarddog is less user friendly than Zonealarm, so I don't use it.
a n- howto/ch3.en.html#s3.6 /etc/init.d/OFF._service_name_)" /etc/init.d/apache /etc/init.d/OFF.apache
p tion.sourceforge.net/
$40 gets you a NAT hardware solution that gets all script kiddies off your back.
ZoneAlarm is $70
-I used to use "apt-get upgrade" to patch security holes. Unfortunately this also turns on any updated daemon that was off, making my system both slower and less secure.
-Turn off unnecessary daemons? Is there a program I can apt get that will make let me do this quickly? preferably something that would explain what each daemon is and why I would need it without jargon?
http://www.debian.org/doc/manuals/securing-debi
My preferred solutions from that reference is
"move the script file (/etc/init.d/_service_name_) to another name (for example
for example:
mv
-A user friendly cryptographic instant messenger that will handling all this "key" bullshit for me automagically?
http://gaim.sourceforge.net/
http://gaim-encry
from http://www.knoppix.org
"KNOPPIX can be used as a Linux demo, educational CD, rescue system, or adapted and used as a platform for commercial software product demos."
For maximum security you want a minimal install where you add only the things you want. Knoppix is an excellent distribution for the stated purposes above, or for determining which device drivers you want etc. However, it really does put everything but the kitchen sink in your system to achieve that. Still, the above suggestions will make your box a lot more secure so you can get back to whatever it is you enjoy.
I love the fact that people think because there using a lamp based strategy their secure. But the weakest link of lamp is mysql and perl/python. These two parts are left to the web site admin to make secure and as most pro's know there are tons of holes in lamp sites... The problem with pro's is their not very nice and they don't publicy disclose anything their doing because its making them money!!
I disagree. I administer a heterogenous network of around 450 machines, over which I have limited control (guess where I work...)
Around 400 of these machines are Windows boxes, the remainder mainly Mac. The Mac's aren't a problem when it comes to viruses for 3 reasons:
I think mac users are a very bimodal group. There are lots of pros, comfortable with various OS's. However, there are tons of totally clueless folks.
Thanks for sharing your opinion, however the topic is the security of the OS, not the knowledge of the userbase.
My DVD player has never gotten a virus. I wonder why its OS isn't on the list.
This brings to mind the famous saying "There are three kinds of lies: lies, damned lies, and statistics." Read about this quote on Wikipedia.
mi2g is best known for producing astounding dollar figures on worm outbreaks. Generally without any explanation for the figures.
They aren't what you might call a reliable source of information.
meh
What is the logic behind not having a firewall now? If you're typing this on
It is your fault. It is always the fault of the adminstrator UNLESS the vendor did NOT warn you that there was a vulnerability.
Whatever. An inexpensive hardware firewall is the first step.
If you don't want to pay for the firewall, then you need to spend the time learning how to secure your system.
If you are vulnerable to a known exploit, you are the only one to blame.
I love Macs.. what I hate is the stupid Mac fanboys..
I've attempted to move some web sites over to an OSX system, and it was a disaster for a reason that they never warn you about: OSX comes with a caseless file system. This means that if some directory contains files "foobar" and "Foobar", "fooBar" and "FooBar", when you scp or rsync them over to OSX, you get only one of those names, the first one encountered, and it contains the data of the last one encountered. This is inevitably a disaster.
;-). The main answers that I got were far from helpful.
/usr/bin find program when it wanted the "Find" program in its own directory).
I asked about this in a number of fora (including this one, but you can probably imagine how effective that was
The main answer was that Apple also supports a "unix" file system that is case sensitive. That's fine if you control the server and can reformat the disk and reinstall everything. If not, it doesn't help at all. And you have to face the vague, non-specific warnings that some unlisted number of Apple apps won't work right with the unix file system. There's also the question of whether the disk might be partitioned into two file systems, one case-sensitive and one not. This might be doable, but in over a year, I haven't stumbled across instructions on how to do it.
The other main answer was of the form "You're an 1D10T!" if you have files whose names differ only in capitalization. Well, maybe I am. But if you're getting the files from other systems, you can't necessarily dictate the file-naming rules. And many English-speaking people routinely use case for a number of purposes that make perfect sense in file names, so it's not really correct to say that things shouldn't be case sensitive. We all know the difference between buying an apple and buying an Apple, after all.
The whole thing was frustrated by the inordinately long time that it took to diagnose the reason for the bizarre misbehavior of some of the things in our ported web sites. The symptoms were never indicative of the real problem (e.g., an app execing the
Telling victims of this kind of problems that it's because they're stupid does not endear you to the people figthing the problems. In our case, we eventually reached a firm conclusion: Don't even attempt to move web sites over to OSX. It's probably fine if you are building a web site from scratch and aren't importing anything from anywhere else. But OSX is its own pocket universe with some "interesting" file-system characteristics. Porting to OSX often appears easy at first, until you find yourself going crazy tracking down something like this.
Maybe eventually some OSX guru will write a HOWTO explaining just how to solve this problem. Meanwhile, I'd suggest extreme care with using OSX as part of your server farm.
And I wouldn't expect a real HOWTO to be produced soon. The OSX world is, un fortunately, infested with the attitude that you shouldn't worry your pretty little head about it; it "just works". When it doesn't, you'll find the help not nearly as helpful as in the rest of the unix universe.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Hey man. It's the State of Wisconsin you're talking about.
The Proud State Troopers of the State of Wisconsin don't eat no sissy jelly donuts. The only donut that the Best Of The Best in Wisconsin will eat is the Wisconsin Butter + Milk + Cheese (tm) donuts, sponsored by the Wisconsin Milk Marketing Board
Muchas Gracias, Señor Edward Snowden !
According to This Report it is stated that Mac OS-X is easier to exploit than MS-Windoze !!
Muchas Gracias, Señor Edward Snowden !
Why bother doing any of those things. It's a study by miG2. That speaks volumes. All your suggestions are way too much work.
Just in case somebody doesn't get it: http://urbanlegends.about.com/cs/historical/a/jfk_ berliner.htm
and also
http://www.campusprogram.com/reference/en/wikipedi a/i/ic/ich_bin_ein_berliner.html
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
Yet another "security" study that totally ignores the fact that these OSes are so rare that they hardly figure in any hacker's list of targets. Oh boy.
sudo passwd root
type user's password
type in root's new password
type in again
Wa-la! Root enabled with your password of choice. Trivial. On any default user's account. OS X relies entirely on lack of services to exploit as its front line against hackers.
you might want to change the title of your site which currently reads "Untitled Document" to something more suitable, such as "Unskilled Deficant"