Slashdot Mirror
Does Sophos' Switch Argument Hold Water?
Wednesday's press-release-borne message from security firm Sophos that the best way for Windows users to compute untroubled (or less troubled) by malware is to switch to Mac OS X drew more than 500 comments; read on for the Backslash summary of the conversation.
Several readers pointed suspicious fingers at Sophos' motive for issuing the message in the first place; no one can call a company whose products are meant to offer "protection from viruses, Trojans, worms, spyware and spam" a disinterested party in evaluating OSes. Techguy666, for instance, writes "We use Sophos at our workplace. I also use other antivirus and antispyware — often to clean up the crap that Sophos doesn't find. Speaking as someone who's familiar with Sophos, I think it's curious that Sophos is telling home users to consider buying Macs. Go to Sophos' website and try to find a home user product ... They don't seem to promote any. If I were a conspiracy theorist, I would think this is a warning shot aimed at Microsoft because of MS's sudden focus on security, to the detriment of companies such as Sophos; send Microsoft's small clientele to the enemy &mdash it's no skin off of Sophos' corporate nose. ... They're talking to an audience that they don't serve or interact with."
(To this, an anonymous reader writes "Sophos has a number of fat contracts with institutes of higher learning, like mine. Every student has access to a fully licensed copy of Sophos if they so choose — available for Windows 98-XP, Linux, and OS X.")
A subtler gripe comes from Kope, who calls the metrics used by Sophos "misleading," and writes that "[s]aying that the most common malware only effects Windows, therefore Macs are more secure is simply bad reasoning. ... I'm sure that 'out of the box' Macs are better. But it's not 'out of the box' that I care about. My concern is level of security during actual operation. I have no problem believing that Macs are more resistant to malware, but this measure doesn't show that to necessarily be the case."
ZachPruckowski agrees that Sophos's claim is based on a "dumb study," but not that there's an easy line to draw between out-of-box and long-term use: "For 75 percent of the world, 'out-of-the-box' == 'during actual operation.' It's those people who get infected by malware. Don't expect users to do any extra work beyond going straight to Office or IE or their email app. Thus, 'out-of-the-box' is a pretty important state."
Whatever the company's reason for issuing what many Slashdot readers would consider the farthest thing from a discovery, no reader's comments seemed to cast doubt on the conventional wisdom that Mac users are at present far safer from malware than are typical Windows users — the reasons behind that situation, though, are hotly contested. One version of the story is that OS X, by dint of its design (including UNIX-style multi-user orientation and compartmentalization generally) simply can't help being more resistant to viruses and spyware; Windows intentional integration of operating system components has let security flaws in one small part of the operating system (such as Internet Explorer or Outlook) become flaws in all the others, too.
Reader cwgmpls, for instance, doesn't buy the argument that OS X is safe only because it's more obscure than are the various versions of Windows.
"Even if OS X is only 5% of all PCs in the world, surely there are a good number of hackers out there who would love to release an OS X virus into the wild, just to prove it can be done. Besides, the total number of OS X installs today is certainly greater than the total number of Windows installs that existed at the time the first Windows virus was released.Most hackers don't need a huge number of installs to stroke their ego. The opportunity to prove that OS X is just as vulnerable as Windows should be more than enough to motivate someone to release an OS X virus into the wild. Yet no one has done it.
There must be more at work here than OS X's small market share. OS X must be inherently more secure than Windows to not have a virus in the wild six years after its release. Certainly there are enough hackers out there who would love to show their prowess by writing an OS X virus, even for the relatively small number of OS X installs that exist; but nobody has been able to do it yet."
Several readers assert that the real reason has little to do with the hardware or the software used by the rival camps, and is mostly an issue of user education and sophistication. Typifying this argument is reader WombatControl's (unsurprisingly contested) conclusion that "the Mac userbase tends to be a lot more savvy than the Windows userbase." His argument, in short:
"I'd hazard a guess that the vast majority of Windows malware comes not from the inherent insecurity of the Windows platform but from users doing dumb things. Someone who installs some stupid little weather applet and gets infected with spyware got infected not because of a flaw in the system, but because they didn't bother to determine whether or not the source of their software was credible or not. Even if they got a prompt like Vista and OS X present they'll still authorize the program. There's no patch that can be applied to a system to prevent stupid users from mucking it up. ...
Macs are more secure because Mac users have a much tougher stance towards crapware. Mac users tend to be much more technically proficient than the average. If that "zero-tolerance" policy changes, I'm not so sure we'll see an increase in the amount of malware targeting Macs.
OS X does a great job of providing technical barriers against malware, but nothing can prevent malware that uses social engineering to do its work. Mac users are safer because they choose to be - but if you get a group of users who have no awareness of security and will blindly execute anything they come across, even if the system specifically tells them not to, that could change very quickly."
Several Windows users agreed with the thrust of this argument — namely, that no system is truly safe from a determined, malicious attacker unless users (or their trustworthy proxies) head off not just automated attacks, but social-engineering tricks that really have little to do with the OS a user is interacting with. Their approach is based on heading off malware.
Readers like snwod (a sometimes user of Mac, Linux, and Windows) offered a level-headed synopsis of this approach: "I run a good firewall/anti-virus combo along with using Ad-aware and the rest. I don't click on banner adds and I don't install strange pop-up programs. Pretty simple really." Result? "[I] haven't had a virus or malware problem in years."
To this line of reasoning, though, aphor says "My grandma's Mac isn't infected, and she clicks on everything! I'm calling bullshit. Please produce the infected Mac. One synthetic test does not make a real-world case. I run the system updater on my grandma's Mac about 3-4 times a year. That's probably 1/10th (liberal estimate) of the exposed vulnerability that a [Windows] box has."
Even if sophisticated trickery might fool any user, Savage-Rabbit thinks avoiding mechanically the more widespread script-kiddy attacks is nothing to sneeze at: "I bet there still is a fair number of Windows users who envy the Mac zealots for not having to waste their time pruning Norton/Panda/Macaffee/etc... anti-malware suites with monotonous regularity never mind the endless nag screens these anti-malware suites throw at you."
The status quo has a way of not staying that way in the long term, though, and reader spyrochaete contributed one of the several (and sane) cautions against hubris on the part of OS X users, though the same logic applies to Linux and other systems whose security may be real and considerable but is grounded in part on being a smaller target for online vandals and thieves than is Windows. As he writes, "They said the same thing about Firefox, but that's starting to change. Mozilla is fixing holes all the time and I'm starting to see ads that get through Adblock (stupid Mediaplex). This is just an article about security through obscurity — the best kind of security according to too many Apple fans I've talked to. ... Faith in obscurity means you'll be totally unprepared when disaster strikes."
Amen!
Thanks to all who took part in the discussion, especially those readers quoted above.
This story-about-a-slashdot-story idea must have come from 'management'. Soon to be featured in Dilbert.
Out of the box may be one thing, but continuing use is something else.
Don't let anyone tell you macs have no malware, it's just not true. from Renepo the rootkit, to php worms that send out spam infecting message boards, to word macro viruses to the recent oompaloompa, they affect macs as badly as they can affect windows.
One thing that tells mac users they have fewer viruses is poor antivirus software. A friend of mine works in a mac shop and often people will come in with bizarre problems with their macs. No networking working, slow networking, random crashes, won't wake properly from sleep. Scanning with an antivirus package shows no viruses, yet a software reinstall fresh from scratch fixes many of those problems. What does that tell you caused the problems? Some malware running on the machine is what.
When mac software gets up to scratch in detecting the worms that are out there for macs, that is the only time people will get the truth about maleware infections. Sophos need to get off their ass and make something more worthwhile for macs and then we'll see who goes saying what about security.
This isn't news. It's just pulp to get people riled up and screaming. Besides, it's nothing we haven't seen before.
No matter what OS exists.
I believe the anti virus firms are doing normal users a service by keeping lists of known bad software and preventing its spread.
That software might come in from an exploitable hole in the OS or it can come just as easily by invitation through the front door because the user believed the catch line.
3 simple words: i love you have been enough in the past, what will it take in future...
liqbase
Is OS X's attack surface smaller than Windows? Sure it is. Is it impervious to user stupidity? Absolutely not. No operating system is. Linux and OS X will probably eventually get there, and the complain we'll be hearing instead of M$ is teh fuxxorz will be well, what do you expect? users are stupid!!.
Just wait, and you'll get there eventually.
[This post is brought to you courtesy of the 300 million absolutely clueless Windows users who think it's OK to run executables in password-protected ZIP files that arrive in their inboxes with lead-ins such as "hello, teh info yuo requesteded is in the attachments". We can't wait for you to take them away]
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
...is that their argument would have held water if they had done a bit more work. i.e. Instead of saying, "the top 10 viruses only work on Windows", performing an analysis of what flaws were exploited would have been more useful. Then they could have claimed that, "based on the flaws exploited by the most dangerous viruses today, it seems that Mac users will remain more secure for the time being."
Javascript + Nintendo DSi = DSiCade
Very interesting synopsis of the arguments presented without BS. It's definitely worth a read.
There will always be security problems. At least your mind will be off them with all the promises of OS X.
||| I still can't believe Parkay's not butter.
Obviously it helps that there haven't been any worms on OS X, but in principle writing OS X viruses isn't technically difficult. Spreading them is.
In addition, Microsoft finally appears to be concerned about security, as demonstrated with XP2 and as will probably be demonstrated in Vista. So the security advantage of OS X is, I suspect, likely to dissipate over time. Still, I plan on using OS X for the foreseeable future.
Goddammit moderators, it's this kind of moderating that makes the problem worse. I run a mac house, and word macro viruses are the bane of my existence. Word is absolutely ESSENTIAL to our business, and currently no mac antivirus software properly rids a mac of word macro viruses, fullstop. We've been through them all, and over & over we end up with client documents coming in, infecting other client documents, leaving us sending out infected files.
It's not a nothing problem you can just sweep under the carpet with a quick moderation, people, it's going to come up and bite you in the ass, and bite HARD.
Don't be ignorant shits.
* swearing included so you can have a reason to mod me down. bah.
I recently switched to mac OSX, partly because my windows machine finally gave up the ghost. I have to admit that the mac is much smoother than windows, and it's nice to not have to worry about maleware and run and anti-virus constantly. However in my experiance OSX is a little less stable than XP, my mac system crashes or locks up about every other week, while windows crashed on me about once every 4 months. Maybe I'm doing something wrong. Its also a pain in the arse to have to re-learn everything, for example I still can't figure out how to get an equation to pretty print to a jpg on a mac.
Philosophy.
That broadband Internet cable, it's like a hypodermic needle. Used right and with the correct stuff in the syringe, it will enhance the quality of life. But you'd better hope that someone knows what they are doing !
With a reasonably sandboxed (virtual machine / chrooted jail / or simply separate unix account) environment for a web browser opening even the most malicious executable file could at most destroy your sandbox and mess up your browser.
I've long read all my porn & spam this way - under a separate user who doesn't have permissions to see any of my data that I don't explicitly copy to a
Sure, I still see some spam and viruses; but they can't do any harm to my system nor access any private data.
Their motives were questionable. Their evidence was lacking. But they were right. No matter how much the Microsoft trolls talk the fact remains that there is far less malicious software for OS X, even if you take into account its relatively tiny market share. It's also more secure by design, no matter how many minor flaws they find they haven't even come close to what has been (and is currently) wrong with Windows.
I'm not really surprised that everyone supporting an illegal monopoly has been brainwashed, but it's still kind of sad.
Haiku for you!
. . . the best way for Windows users to compute untroubled (or less troubled) by malware is to switch to Mac OS X. . .
the best way to avoid malware is (like abstinence is the best [most reliable] way to avoid pregnancy and STDs) is to stay off the internet completely and never install new software.
...the future crusty old bastards are already drinking the Kool-Aid.
When is comes to MS and holding water I can't help but picture a screen mesh. But is OS/Unix any better? Lets face it one of the reason holes in MS are found so often is because their are a lot more people, from securty experts to lowly script kitties, looking for them. Would the world be a safer place if we all used OS/UNIT starting tomorrow? Yes it would, but only until the next wave of script kitties, black hats, and malware devs got back up to speed.
Stop repeating yourself!
The best way for Windows users to compute untroubled (or less troubled) by malware is to switch to Mac OS X
Or in a more general sense: the best way to be safer from viruses is to use a platform that is not the mainstream one. Mac OS X is one example of something that could be used. Also, Linux, Free BSD, Solaris and various other platforms would work.
No Sigs!
I already done it long time ago!
My thought is that there's three reasons Macs and *nixen have fewer viruses.
Make stories from comments to other stories.
Please do it for all stories. Then I only need to read the follow up stories to get the best arguments from the discussion. It'll save me *hours*.
... and then you plug in the network cable.
if we can do a /. story about a /. story, then next thing we'll have a /. story about the /. story about the /. story. From there it's just one small step to perpertual motion, clean energy and breaking the lightspeed barrier! Excelsior!
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
http://www.divisiontwo.com/articles/MacMini2.html " My Office 2003 CD would not install, despite claims I had heard from Mac fanboys that OS X is compatible with Office. Heck, the Internet Explorer icon isn't even out on the taskbar by default, it's buried in the c:\applications folder" "but Apple includes a program called Mail, which is like a stripped-down email client that can't execute scripts or open attachments without user intervention. " mac users are clearly smarter then windows users. (I am not sure if the reviewer serious or not)
...you better hope that nobody is filling your tubes full of Internets or you'll experience delays that'll last for days.
She currently runs:
- a-squared
- xoft spy
- Ad-aware
- Windows Defender
- Symantec anti-virus corporate edition
- spybot S&D
- BigFix
and her computer runs almost as slowly as it would with a nasty case of malware. She doesn't want to uninstall any of the programs, so she has the cleanest, and possibly the slowest, windows XP machine I've seen. You just can't win. *sigh*The Cheese Stands Alone.
No it is like a tube... not a truck.
When you talk about security things and security software people like to have numbers, it makes them feel good. Like the Snort IDS has 3000 signatures (I'm not sure what the latest number is but I imagine it's around 3k) or Norton AV detects 50,000 viruses where non-Norton AV may only detect 20,000 known viruses and some other IDS may only have 100 signatures. Does that make Snort and Norton AV better because they have bigger numbers? For certain types of audits it might be better but for real security it doesn't matter that much. At any given time you're probably only realistically concerned with a smallish handful of IDS signatures or viruses. The old "stoned" viruses for example (of which there are dozens of variants) simply aren't interesting or even terribly important today. This has a direct correlation to desktop security. Basically, the number of holes as a raw metric isn't so interesting, you're really concerned about the holes you have that people don't know about (or maybe they do) Fundamentally though, at any given time there are only a handful of interesting viruses that are active or interesting exploits that people are really using, big databases of them look better but don't mean much.
Mac OS X isn't built using some exotic technology (or maybe not exotic, Ada or Java would be exotic for an OS) that somehow creates fewer bugs. It's in C, C++ and Objective-C, not that different from windows. It has gone through some porting which might lead to better code and coding practices. Relatively speaking the bug densities should be fairly similar. Apple is different from MS in a somewhat larger way though, they don't have the same resources and so they probably generate a lot less code. They also have to please Steve and rather than adding feature after feature which has kind of been the MS way, they've taken a much more simple route. Less code is less bugs. More features probably does mean more bugs but I'm not sure I've seen that really established as a general truth anywhere.
The crapware point is an interesting one. Personally, since I've been Mac OS Xing it, my taste and tollerance has changed. I don't know that it's particularly more secure but I do expect things to work and I think I have a higher standard than I have in the past. I know on windows (which I don't use much) I've been less expectent of things working. In the wildwildwest days of Linux I got really use to v0.4 and 0.7 of various things working enough to get some stuff done. On OSX I pretty much demand that things work, I demand that apps are "good." (TM) There are some emotional things that may result in better security, I don't just willy-nilly install stuff, I like some vendors better than others, Apple for example has a track record of building really good software for OS X, I'm more likely to use their shit. Nagware is simply a no-go. To be completely honest, there isn't that much stuff that I really *have* to install on it to get it up and running and productive. I can't remember not "enhancing" a Linux install or windows install before it was "useable"
Maybe the other biggest thing and I couldn't back this up with real science anywhere, MS has a tremendous legacy to support. Simply removing DCOM or OLE or Active-X might fix a ton of security problems but windows wouldn't keep working. I think Apple may have learned some of those lessons form AppleTalk back in the day; I don't even know if you can make OS X do it, I really have no need.
The fact of the matter is that more people are going to believe a simple quantified statement than an abstract technical discussion; so Sophos is making the argument that will convince the most people, rather than an argument that would convince, say, the more technical folks on Slashdot.
Oh, you want the technical reasons? Okay, here goes my list:
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
I'm a SQL Server DBA.
... enjoy!
Install the free Aqua Data Studio database admin tool.
My parents would but they do not like change. They had enough issues upgrading from Windows 98 to Windows XP.
This is more a matter of social engineering. Some people fear change, while other are taught only applications, not resourceful thinking.
My brother would but he plays WoW and he is not texh savy to get OSX to run on his PC.
Take the same WOW cds and put into your Mac. Double-click the install icon. Did you forget that WOW (and pretty much every Blizzard title) is cross-platform?
Those who laugh at you for you having a Mac.. are the people who constantly call you to fix their PC.
There you go. The reason sex exist at all and why monocultures are dumb. Diversity and variation makes life very difficult for diseases.
In fact the security advantage of OSX isn't likely to dissipate all that much, a monoculture will always be more likely to spread diseases, all it takes is a single flaw and there are going to be plenty of flaws in millions of lines of code.
Deleted
The article and the thread still spout the same uninformed reasoning about why there aren't OS X viruses. Let's take a look at each of the bogus reasons.
"It's because there aren't many OS X machines."
Bogus. 4% might be a small percentage, but there are tens of millions of Macs out there. Not only that, Apple users tend to be smug and Apple itself puts out a constant vibe of superiority, plus a very visible chain of elitist boutique retail stores. Is there not a hacker on Earth motivated to take down those arrogant Mac users?
On top of that, with millions of OS X machines out there, the number of self-propagating viruses in the wild should be greater than zero. But the number is actually zero.
Surely something more than "security through obscurity" is at work here.
"Mac users are more sophisticated."
Bogus. Aren't Macs supposed to be the computer "for the rest of us," the non-technical, the artsy-fartsy, the writers, the musicians, the English majors? Those people are NOT technically savvy, yet they are the Mac's core users.
Macs have fewer viruses even though their users are not technically oriented and are not security savvy.
"All you have to do is trick a Mac user into entering their root password."
Bogus. The root user is not enabled by default in OS X. The non-technical users mentioned above are not going to know how to turn it on.
You might be confusing the root and administrative passwords, since there isn't that much of a barrier between the two in Windows.
The Mac is safer because of the nature of Unix architecture and Apple's own safeguards, not because of obscurity or user sophistication. There are things you can get away with in Windows, like certain e-mail-based viruses, that are simply not allowed in OS X. Mac OS X is not invincible, but clearly there are structural advantages to how OS X is set up for security.
Remember, the number of viruses in the wild for Mac OS X is not proportional to market share, user base sophistication, or anything. It's pretty hard to correlate the number of viruses to any single cause when the number is ZERO.
Apparently this is some sort of "Publicity stunt".
I hear these "Publicity stunts" are used to provide the company with free press and thereby they increase sales.
Maybe I'm reading between the lines, but you didn't say you're switching to a Mac. Instead, you said your Windows machine gave up, and you switched to Mac OS X.
.dmg file. A third party program on Windows is used to convert .dmg to an .iso before patches are applied, so you can burn the resulting image under Windows. This conversion is error prone, probably more so than the patches themselves. Some people have had to try it a few times before they get a good "checksum."
If you're using Mac OS X on a PC, you need to know that most (illegal) images you grab on the net has some sort of patch applied to it in order to make it install and run on non-Apple hardware. The patches do not come with any reliability guanratee.
Furthermore, the "original image" was most likely grabbed by Disk Utility on OS X, which results in a
Sometimes the "original image" came from a developer snapshot (DTK) rather than an official release. A developer snapshot is inherently unstable.
Considering all the disadvantages I mentioned above, if you're using Mac OS X on a non-Apple computer, you should not use this experience against Mac OS X itself.
I once had a signature.
Oh sure, Mac OSX is more secure...... and then you plug in the network cable.
Yes, at that point the Mac and Windows box are equally secure.
Then you turn both of them on...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Considering that the average Mac user is the least tech-savvy user of all OS users (FreeBDS or SUSE desktop user will most likely marked as a geek, but not a Mac user). So there is no way possible for Mac user without proper tools (which he dont have and dont want to use) to identify and report any intrusion.
Oh come on now. It's not like this exact story and many of the comments were just posted earlier this week or anything.
Begun the flamewars have! I hope you remembered to charge your lightsaber... here comes the Microsoft droid army and they are pissed!!
Only to idiots, are orders laws.
-- Henning von Tresckow
Is OS X's attack surface smaller than Windows? Sure it is. Is it impervious to user stupidity? Absolutely not.
Again... Not my problem. Social engineering tricks are only the fault of the user and never the OS.
The point being is that it is very hard to hit you with invisible or automatic attacks with OS X.
Sure I might put in an admin password or run a fungame.app which clears out my user directory, but you know... That was my fault and I should hold the blame.
Other user's stupidity isn't my problem and if it becomes my problem (as in a relative keeps installing spyware by visiting porn sites) I would lock down everything on their machine, blacklist all their porn sites in the OS firewall, and say "here! can't get infected now!" (they might not like that answer, but again... not my problem if they can't educate themselves)
My problem and my responsiblity is to be educated about my boxes... Whether they are OS, WinXp, or Linux. If I do something stupid then I'm to blame, but if I plug up a fresh install of my box to the internet and it gets infected in 90 seconds then there is something horribly wrong with the OS that really needs to be fixed. Secondly, the OS needs to minimize damage of unintended and commonly don't activities.
To invisibly and automatically install spyware, rootkits, or viruses without any yes/no/put in your admin password is what made Windows so insecure. Heck, hit up the wrong site in a google search and you can get screwed. But with OS X at least I know if I type in my password or click "yes, run this program for the first time" it is completley my fault that I allowed the program to run.
That is why OS X is more secure than Windows.
Again... Social engineering of other people isn't my fault...
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
We all know a lot of exploits make use of weaknesses in code like buffer overflows to run the attackers code instead.
Well what happens now that the whole Mac architecture is shifting to Intel? It's substially harder (almost impossible) to write a buffer overflow attack that works on two different processor architectures. You have to choose which architecture your attack is going to execute code for.
So then if there are not enough Macs around to write exploits for today, it stands to reason that there will not be any significant Mac exploits until the number of mac users at least doubles from current figures, possibly even more.
Yes there are also attacks that attempt social engineering on a user but they often work in conjuction with more classic code exploits to gain more permission than they would have otherwise.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
In actuality, most hackers don't crap where the eat. So there probably it's likely they are not going to take a dump on OSX when a large percentage use it... just a 2 pennies worth...
You may want to try running the Memtest application to see if you have faulty RAM.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
OpenBSD for the desktop! Yay!
Other than that, you're right about social engineering.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
The type of attacks follow what the system is usde for and good at. Windows is most widely used as a desktop. Lots of clueless users that will exectue software without thinking. Ok, so target that way, send e-mail, ride on top of apps they want, etc. Come in via the front door since there's lots of software flowing in that way. Also Windows hasn't historicly had good remote administration built in and it's still not really the same level as UNIX (and is usually off by default on home machines).
UNIX systems are most widely used as servers. Generally you aren't installing new, random shit on your servers, you only put something on when you need it. However, servers do have lots of services listening, that's their job. So you go in through the back door, bugs in the services, instead. Because of the excellent remote access capabilities, it's easy tog et what you need done once you are in, just get a command line and you are golden, and they are useful to stage attacks from once you have control.
I certianly see that at work. We have got things pretty well locked down, but some groups (we are a university) insist on doing their own thing. The Windows boxes get owned by the user running something, either a virus e-mail or installing software with spyware. It's almost never a network exploit since they are all firewalled off on the system. Linux and OS-X systems get owned via network exploits. The users will do something stupid like run an FTP server with no passwords and write access (an OS-X box got owned like that receantly and was being used to do IRC attacks) or run an old version of Linux and not patch.
That's not to say there isn't crossover, but in general you are going to see attacks targeted at what you find the most and is the most useful. Writing Linux spyware wouldn't really get you much of anywhere. Not enough Linux desktops. Likewise you aren't likely to see scripts for exploiting the Microsoft telnet server because nobody ever turns it on, or indeed even knows about it.
The fact that Mach was designed with security in mind is why no one sane used it. Mach checked port rights on every message send, which made a Mach system call and order of magnitude slower than a BSD system call. While people might be willing to sacrifice 10-20% of their power for security, 90% is too expensive. This was exacerbated by the fact that Mach required a lot of context switches to get anything done. On OS X, this is irrelevant. The entire XNU kernel runs in a single address space, losing the memory protection benefit that a multi-server Mach-based OS (like Mach/HURD) gains. In addition, Mach messages are only used at the Mach layer (and for a few low-performance things, like notifying the GUI of kernel-related changes), removing this benefit.
I am TheRaven on Soylent News
Create your equation in either Grapher.app or the Equation Editor tool that comes bundled with Appleworks. (Equation Editor is more powerful and flexible and has a certain classic charm, but it's very old and a little clunky. Grapher is newer and easier to use).
Select and copy the equation to the clipboard. Open Preview.app. Select File->New (or hit Cmd+N); this creates a new document containing the image in your clipboard. Select File->Save As (or Cmd+Shift+S) and save as the filetype of your choice.
You can also paste equation as PDF directly into TextEdit, or Pages, or OmniOutliner, or any other fine application.
ENDUT! HOCH HECH!
No question in my mind. I'm not saying they are invulnerable. Heck, the community is so tight knit that if you could get something downloaded (say that MacSaber program a few weeks ago) and put something in it, you could get the virus out there. It may be found fast, but you got it out there and by then you may have done damage.
That said, if I were to run MacSaber for the first time (or some little game or widget or whatever) and I suddenly got a box asking for my root password, you can bet I would be stopped dead in my tracks. You just DON'T SEE those boxes unless you are doing system updates or installing software like Office. If you just download a program and double click on it and get that, you have to wonder what it's doing.
Now before I switched last year, I had a PC and I ran AV and all that stuff, but it never did any good. The fact is I had a clue and could have run with nothing but my firewall and been fine. You are not guaranteed to get malware on Windows. But let's talk about my little sister and my parents. They download stuff. And since they don't know where the reputable sites are, who to trust, which programs are good, etc... they find that stuff easily. Every time "the computer is broken", it is almost inevitably malware. That or they turned something off I installed they shouldn't have (Disk Keeper, for example, which is practically required to run Windows IMHO). Same thing with neighbors I help. Even if they are somewhat savvy and can use the computer and install hardware, it still happens to them. It's pathetic. There have been viruses that you just have to preview in Outlook to get your OS infested. That is just plain bad design.
After using my Mac, it is clear to me that any idiot who sits down and uses a Mac day to day is less likely to end up with Malware. From the root prompts, to the fewer security holes, I think there is a clear reason for this divide. Mac users are not smarter. There is a very sizable portion of them that are just like introductory Windows users. They do the same stupid things. The fact they aren't ravaged by malware says something.
Now I won't deny that the Mac's market share has played a part, you'd be an idiot not to. However, I think the virus-in-the-wild count for OS X (hint: 0) means something. It means instant fame for the first person to make a good virus for OS X. You get it out there, even if it doesn't do much but change people's wallpaper or whatever and you get your name EVERYWHERE. Slashdot, Digg, all the Apple sites, the mainstream computer media (PC World, et all). That is a REAL tempting target. Let's not forget that every time a story like that gets published, it is just someone publishing a big bulls-eye on the Mac. But the market share helps with the pop-up ad problem. How many ads do you see on the 'net that look like a Windows dialog box telling you "Your computer is infected, click here". Guess what, people do. In my house people do, my neighbors have. It tricks 'em. Most people on a Mac wouldn't be fooled by that (just because it looks different). So that kind of thing does make a difference. That report the other day that 80% of users can't tell the difference between a real toolbar and a picture of one was scary.
Macs aren't immune. The OS is better designed.
As for Linux, it's better designed too, but it also has some other influences (for example, it would be tough to make a virus that worked reliably across different kernel versions and distro configurations). But again, there are SO MANY Linux servers out there that there must be enough run by idiots that if it was just as bad as Windows we would see a reasonable number of viruses out there (ie.. more than next to none).
There was a report in my PC World today (I think it was) that was basically scare tactics about viruses ("10 Myths That Make You Vulnerable" or some such). The one about Macs and Linux being safe really made me mad. While they are not immune, Windows for the average computer user is a leaper colony compared to running Mac or Linux.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
Take the same WOW cds and put into your Mac. Double-click the install icon. Did you forget that WOW (and pretty much every Blizzard title) is cross-platform? ... enjoy!
Tell me, what does WOW stand for? With Out Windows?
---- "XML is like violence. If it doesn't fix the problem, you aren't using enough."
Please provide examples of this. I've been using Windows for more than 12 years and I've never had this happen to any of my boxes, and after all these years I've never had anyone I know ever be surrepticiously infected by anything that wasn't their fault.
So you were lucky and either:
1.) Never bought a music cd with a Sony rootkit on it
or
2.) Had a hardware/software firewall or NAT router that prevented your computer from being infected in 2003 when the Blaster worm outbreak occured. The Blaster Worm nailed my parents new computer they bought from the store within 10 minutes of hooking it up to the net. My room mates dial up box got hit and they didn't use that for anything other than for a proxy to the internet. (I was like "Why does this box keep rebooting itself?")
Basically a NAT or service pack 2 with xp will prevent you from being infected, but if you don't remember this then you didn't know many people with computer back in 2003.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Anybody have a link to cache/mirror to the article. I think the site has been /.ed.... oh wait... nm
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Bah... GNAA and goatse trolls are the spice in my slashdot cuisine.
Trolling is a art,
Good luck explaining all that to Joe User who has no clue what the hell a virtual machine is. People aren't even willing to update their computers by clicking "Windows Update". What makes you think they're going to do everything you just mentioned?
So, "Spyware and spam will NOT remain to be problems" for YOU. Congratulations.
Here's another good one: boot your OS from CD and don't store any data. Problem solved! Spyware and spam will NOT remain to be problems!
We'd have a plurality of systems: 33% Windows, 33% Mac, 33% Linux. Or even 60-20-20. Or any combination. The more the better. Diversity breeds resistance.
AND
We'd have more secure OSes. Microsoft is already borrowing from OS X and Linux, which is good
AND
We'd have better educated users. This takes patience and persistence. People need to keep plinking away at friends/family.
dedazo, I believe your question was "Please provide examples of this." (To invisibly and automatically install spyware, rootkits, or viruses without any yes/no/put in your admin password is what made Windows so insecure)
so vertinox did (The Blaster Worm nailed my parents new computer they bought from the store within 10 minutes of hooking it up to the net.)
The fact that you didn't get hit by Blaster doesn't negate the point that vertinox was making - it is possible to get hit by a virus without the user doing something foolish (unless, of course, you consider buying a new computer with Windows pre-installed, and connecting to the internet, as being a foolish action.)
The problem here is that these problems are somehow considered to be the exclusive domain of Windows. That's absolutely not the case. Since the article at hand talks about migrating to another OS to be "safe" then it makes no difference. Imagine if Apple suddenly discovered a vulnerability like Blaster after it had already shipped a million boxes, and a lot of people got nailed when the brought their shiny new Mac home. What would be the likely reaction? It would go like this: "Well, you should have used a $25 NAT router you moron luser!!! What, do you expect Apple to patch shipped boxes sitting in a warehouse? No! It's your responsibility to make sure you're safe! OS X rulez!!"
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Am I the only person that can't get SeenOnSlash to render properly?
All the actual content is outside the white area, all the way over on the right hand side. (This is with Firefox 1.0.7.
It's odd -- I've used Firefox for a while now, and never had a problem with very many pages rendering (outside of the odd bank page or something that just refused to work). But in the past week I've run into two pages that just looked awful in Firefox, obviously poorly created, but looked okay in other browsers. Are site authors just getting lazier, or what?
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
It's a feature, dammit, not a bug! Just like dupes: they give a chance for those who missed the story the first time to post their inane opinions! It's all part of a brilliant plan to co-opt AOL users.
It's not offtopic, dumbass. It's orthogonal.
No you would not get nailed because all listening services (listening to an IP other than 127.0.0.1) are off by default on OS X on a fresh install or new machine. That is part of the overall point of risk, Macs by default have a near zero worm attack surface, leaving only email attachments and most often only in combination with social engineering available to exploit. Admin and user passwords are set during the config walk through and are required.
Windows has most of its services (RPC, file sharing, and more) active from the start even on an XP home system and without passwords. WHY!???!! They ship a system by default with no passwords for all accounts (you have to explicitly add one for each user as a separate step) and file sharing active by default on XP Home and wonder how they get hit so easily. All of this is in direct violation to what they recommend for even a home system's security. XP Home is worm food, nothing more. XP Pro can be reasonably secured but you must work at it.
With a Mac, you just follow the assistant's directions (a.k.a. wizard to Windows users) and you are good to go for a home system. No file sharing, SSH, FTP, RPC, etc. on by default. Just go into the System preferences under sharing and check box what you want turned on and you can have them. If you don't know to use them then they are off and present very little risk.
A blaster style worm is as close to impossible on a standard MacOS X install as humanly possible since nothing is listening for a connection. And this is even without its internal firewall turned on. Please, learn a little more about what you are talking about before assuming that everyone else does things the same way as Windows. It demonstrates a lack of both knowledge and an unwillingness to learn.
I do not agree. This hasn't been true since Word 6.0 for the Mac, which indeed was a steaming pile of crap. In fact, Office 98 for Mac was generally acclaimed as better than Windows Office 97. The current offerings are quite comparable, and exceedingly capable.
I hate Microsoft's OS, and many of they ways they do business, but MS Office is a damn fine piece of work whether on Mac or Windows.
-ccm
Too much Law; not enough Order.
Too bad MS owns all the most stupid Internet users, you know...the users who click on anything and everything and invite a problem child into their house. the Internet is like the wild wild west, proceed at your own risk...
This editorial on The Register gives very good reasons as to why Linux and Mac have better security because of design, not just market share. I'm pretty sure that market share does affect security, but design does, too.
Blaster isn't an anecdotal datapoint. Millions of people go hit with it, because it was so stupidly easy to do so.
As for your hypothetical example --- that's what it is. We can talk about it when it actually happens.
A deep unwavering belief is a sure sign you're missing something...
If you want to go back to the OSes NT and OSX are based on, the NT core is based on VMS's design (almost as much as OSX from Mach, though OSX actually uses code from Mach, whereas NT has VMS's developers) and VMS was first released in 1978. Since NT was released, its core has undergone almost no changes. The biggest one was with Plug+Play supplementing device detection and power management.
NT was designed with security in mind. Note that the NT core itself doesn't define a security policy, it just gives you the API to implement such policies. I'll admit that Microsoft has been known to have somewhat crappy defaults for security and sometimes bad tools for fixing it. This isn't really a design problem in the OS, though.
There are 3 places (at most) that applications can put their files in order to be following the rules that Microsoft has been publishing since at least NT 3.1:
This is similar to the unix policy, except that unix usually specifies a specific dir for application binaries. I don't see how this is 'all over your system'. Doesn't OSX have any shared libraries? How are these installed? Besides, since at least the year 2000, the Windows Installer has been the standard (and recently the only MS sanctioned way) to install, which hides all these details, and allows unprivileged installation. Domain admins can even publish .msi packages on the domain which unprivileged users can install at their option (that or the admins can make installation mandatory and unattended). IIRC, the designed for Vista logo will only be possible for apps that can install unprivileged (unless they are administration type tools useless to normal users). If the article is referring to misbehaving apps, then that's hardly Microsoft's fault. Microsoft has long published 'designed for' logo requirements that are not unreasonable for their OSes.
I'm not sure how installation conventions are related to inter-process communication, though. Processes create named objects for IPC and specify their own security descriptor at that time. Any other process that wants to open that named object must be granted access according to the SD specified by the object's creator. Every type of IPC is ultimately protected by a security descriptor. Even windows, which recieve window messages exist in a desktop object which the calling process must be granted access to according to t
Actually you raise an excellent point that I'm surprised most others here don't see. The relative danger level between Windows and OS X isn't really in the installed base -- it's the application base. Silent back-door vulnerabilities - true viruses and worms that spread without user complicity - have been shoved out of the limelight for years now. Their place has been taken by a huge steaming crapload of malware, pushed by disreputable software vendors and authors.
There is no technical hurdle to writing an application titled ASSBAR that gloms onto Safari in OS X and redirects every other click you make to a pr0n portal -- then putting that application on a flash website with "FREE! INTERNET SPEDUP(TM) FOR OS X!" blinking all over it. OS X package installer asks for the password? So what, it's INTERNET SPEDUP(TM), of course it's legit! And of course, it doesn't come with an uninstaller of any kind. Where's your OS X tool to remove it? Nowhere. TEH ASSBAR OWNZ J00.
There's nothing to prevent ASSBAR from slurping everything out of your Keychain app's Safari section and form-posting it to a script in upper Mongolia, either. It's just a matter of ROI for a scruple-deficient programmer. As the userbase grows, the ROI will increase, and those apps WILL proliferate, and the internet WILL become the same jungle for OS X users as it is for Windows users... The software pool, as you have aptly called it, WILL get leeches and sharks.
If they were serious, the next update that a virus checker made to a Windows box would be a download of something like Ubuntu ...
...
Of course, I would love for the virus checkers and Microsoft to kill each other with their last dying act.
Now back to my Debian testing desktop with XFCE and Firefox and OpenOffice and Rhythmbox and
I am anarch of all I survey.
Right On!
More focus on hacking something worth while.
Like Unix!
Perhaps that would be your point of view, but it would not be mine. My reaction would be that Apple should do a better job on their OS, and place a higher emphasis on security.
Nobody is going to make me buy a ford. They don't fit with us in these parts. No I don't care if they ride longer, and don't break down. No I don't care if they look better, drive smoother, or nuthin. And don't go bring that them there thing around here either. Makin people feel funny about themselves, like they are not payin attention. Honey, lets go... He doesn't know we are chevy people.
Interesting. Two questions: can you get Adblock and a spell checker for Seamonkey? If you can, I'm definitely interested; those two features are necessities though, as far as I'm concerned.
Adblock has been the best thing that's happened to my internet experience since dropping dialup in favor of broadband, moral arguments about blocking ads be damned; and spell checking is just a no-brainer with the amount of time I spend on various forums.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Out of the box, OS X has an active firewall
/var/temp and their home folder.
based on the standard unix IPFW with all ports
defaulting to closed. Also all of the standard
daemons and services are inactive by default.
The user must explicitly enable each service
and open the associated port in the firewall
to allow a service to be visible from outside
otherwise nothing will be listening to the
ports used by PC worms.
OS X also does not enable the root userid and
instead displays a dialog prompting for the
administrator password for each function that
wants to update a system option.
Non Administrator users cannot install a virus
even if they want to because they cannot update
any folder except
Doesn't work. First you have to uninstall all the junk that Dell/Sony put on there. And they don't give you standard install CDs so when you do your biannual Windows Wipe(TM) you get to do it all again.
Dang.
Ed Palma
There have been a lot of views expressed in the comments and I'd like to just throw another viewpoint out there =) We recently released a whitepaper detailing the data we have collected from our Malicious Software Removal Tool. I'll let our whitepaper speak for itself. =)
Call me a cynic but do you really think that this report is supposed to be some grand gesture to free us from malware? This was a statement made by a commercial organisation and therefore serves Sophos commercial interests in some way. You have to ask...
Do thay have a poorly-selling Mac anti-malware product and need more customers?
Do they want more Mac users to promote more malware production and create a new market where they can take a share from Symantec and McAfee?
Do they just want to make noise to get more visibility; make contraversial statements and get more coverage?
Would they really say - 'move to Mac and you won't need our products any more'?
Take this at face value and it probably doesn't hold water for many of the reasons already posted. Look at it from another angle and maybe it does serve its purpose of spreading FUD for commercial gain.
And behold, a command prompt and he who sat upon it, his name was shutdown and -h 3:11 followed with him
I've written an article that I'm in the process of getting published. Included is a user space key stroke logger that :
a) Installs itself "hidden" to the user for execution on login
b) Installs itself as root and hidden from the user if there is no root password (which is the case on approximately 80% of all the systems I've tested... about 50 of them)
c) E-mails key stroke logs to a list of addresses
d) Avoids detection by Sophos and Symantec Antivirus as well as the ClamAV installed on OS X server mail
e) Once a week presents itself to the user as a OS X update and requests the administrator password from the user to install itself
f) Replaces the Finder.app executable with itself so when Finder is being started, it starts and then spawns the real Finder.
This application was easy to write and extremely easy to get users to install.
Now to make a certain point clear, OS X is damn near impossible to fool without user intervention. The user has to agree to install the program in the first place, so I packaged it as an OS X VNC implementation. So when you install this version of OS X VNC (which has a backdoor password as well), this program is installed too. The benefit of using OS X VNC as the method of shipping is that users and adminstrators alike would be willing to install it without reading the license which specifically says :
"This program installs malicious software on your system. If you don't mind us getting all your key stroke and having a backdoor into your system, click agree."
Of course this was written at the end of the license to make sure that it was "legal" hehe. After this program running for 1 week, it deactives all malicious code, it was designed strictly as proof of concept for a security firm I was consulting for. They use it for the purpose of convincing their customers to take training of system administrators with regards to Mac more seriously.
I visited the Apple Store in Tampa Florida as well as the Office Line Apple Store in Oslo Norway. I asked in both places if I would need to worry about malicious programs on the Mac and if anti-virus programs were really necessary on the Mac I was considering purchasing. They told me they didn't see the need for anti-virus applications but if I felt that I needed one, they would gladly sell me one.
So, I'm not sure how confident I would be in the report in the first place. I personally hope that Apple doesn't market the security of OS X too much since it might lead to malicious hackers writing real virus and trojans for the system. After all, how many Mac users really verify the source of the Soduko programs they download from Version Tracker?
By now I would have thought that it was common knowledge among Slashdot readers that Sophos' announcement basically speaks the truth. Although I personally would rather have heard them say that just about any other modern, PC operating system is safer than Windows, OS X is a good enough choice. Over the years I've had a number of clients who run OS X, know nothing about computers and never run any updates for it, but have never been infected with anything either. Sure, it's expensive, but it seems reliable and secure enough to me. Okay, Apple has a small market share, but there's nothing new about that either.
On the other hand, Microsoft's operating systems dominate the market and cost money to boot. However, their security and stability have always left much to be desired. For example, it's still the only major PC operating system that, when freshly installed and attached to the Internet (without a router/NAT), will become infected within seconds; an inexcusable flaw. If it wasn't for Microsoft's all-powerful marketing department, consumers would have given up on this dog years ago.
And let's be honest here: this kind of article appearing on a major news website is a major break with tradition! Usually, when you read an article about computer viruses and security issues on the BBC, for example, no mention is made of alternative operating systems; they simply conclude with some advice on how to keep your Windows PC from becoming infected. Previously, their only step in the other direction was an article by their in-house pundit, Bill Thompson, stating that he had given up on Windows and moved to OS X.
So, why on Earth is Slashdot suddenly doubting an announcement like the one Sophos just made? Because Sophos may have ulterior motives? Ridiculous! If all Windows users were suddenly to take their advice, Sophos would simply go bankrupt. Have the Slashdot editors gone soft? You'd almost think they were on Microsoft's payroll.
serious tho, regular apple users are jsut that users.
:P )
... so.
ah! but a in the windows crowd ya have lots a tinkerers.
serious, viruses and malware are not a issue on >NT windows
boxes. everything greater then NT is "just the same" like linux
and >=OS X: files a have permissions!
it's just many people in windows worlds started out with win95 which
didn't have the concept of file permissions.
if u run as a "limited user" in *nix, linux, windows, OSX there's nothing
a virus can do. same for all. (*)
what all of the above are vulnerabel too are bad code in the OS. every
system has/had them. no anti-spy ware / virus removel tool will help with
this. if that OS exploit is used by a virus it can be used on the affected
OS.
my wasn't the first virus accctually a *nix virus using something in the
SMTP program flaw?
other stuff everybody agrees to is that some code will never be safe but we
need it so they CHROOT it. (just wondering about that for some XP services
the problem with windows is, that many people are clues-less about file permissions,
users, group, super-user account etc. -AND- windows has something called windows
scripting host (part of activeX?) or such
i'm sticking to the kick-@ss combo for linux on my server and Win XP on my desktops.
no apple for me thank you (well maybe if someone gives me alot of money, but that
i will just use to buy some portable apple dual-core hardware then install XP on it)
(*) i mean hose the system. it is still possible to erase files and stuff belonging
to the d0rk executing the nasty.
The AC speaketh the truth.
I found out the same thing while trying out kernel development.
Happy people make bad consumers.
i wonder if not this safety thing about mac's comes from them using a diffrent cpu and all that...
that way you had to write a virus that not only could deply diffrent attacks to enter diffrent systems, but allso one that could run on diffrent cpus. not a easy task i belive...
but now that everything is on x86 you only need to target it...
i do belive that there is atleast one virus out there that have targeted both linux and windows at ones...
as long as the code runs on x86, you just need to find a way to start it...
comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
Sure, OSX could/can have viruses. Yes, Word on a MAC can introduce macro viruses. Yes, PHP exploits can run on a Mac. But folks, the proof is in the pudding. If you switch to a Mac, at least now, you will have less virus and malware trouble. It's a fact. Whatever the reason, it's a fact. And people should be doing it. I'm encouraging everyone I know to do it. I've spent countless hours rebuilding systems and/or cleaning them when I can see that if they had a Mac their problem never would have happened. Windows is a sloppy, virus nursery. Yes, OSX or even Linux may/will one day have their share of viruses but today, July 7, 2006 switching is the quickest way to rid yourself of virus and malware issues.
First off, there have been mac/unix viruses in the past, however none were ever more than a small issue. The viruses never had explosive exponential growth, and there were patches and fixes released very quickley.
In order for a virus to spread, it must find new computers to infect. With a windows virus, there are thousands of avalable computers to go after, but for a mac/unix virus, the avalable targets are more limited. Without a large number of potential targets, the virus's growth is very slow, and a fix is released before the virus has speread beyone a small number of people.
If it's dead, you killed it.
And I suppose I'm insane then, as I used Mt. Xinu Mach as my home system for years. So thanks for your characterization.
And I'd have to see a reference to your claim of Mach system calls being "An order of magnitude slower". I was at USENIX when the CMU folks were presenting Mach with a BSD emulation process (and an old MacOS Multi-finder emulation, running Solaris and MacOS(5?) binaries on the same Motorolla 68k box...), and at the time they said that using the BSD emulation through Mach was "almost as slow as BSD", as opposed to the native Mach calls, which were faster, and they had benchmarks to prove it.
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
Even the best design can be implented sloppily, and Microsoft has made that practice a part of their culture, IMHO. This is why when the guys at wisc.edu did fuzz testing of Windows/NT (and later Windows 2000), they noted [emphasis mine]:
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
Sorta offtopic, but funny. At the time "I Love You" began circulating, I was on active duty in the Navy. Someone evidently was (illegally) moving files between the secret (SIPRNET) network and the unclassified one, because a raging infection of "I Love You" broke out on the SIPR side. I managed to avoid getting it, because the first thing I saw when I opened my e-mail that morning was a message with the "I Love You" subject line... from the Marine colonel the next deck up. I was pretty sure he really didn't love me (and if he did, I really didn't want to know), so I didn't open the mail.
Sean
I was thinking about something similar myself. Why wouldn't someone just write a little game, like Super Breakout Tetris 3000 and stick a keylogger in it. Spread it by word of mouth / email and have an offshore webpage that posts top scores. Send all the data encrypted to the server which includes the keylogger logs. Use some simple social engineering to convince people to log into their email address while the application is open - like to register an account. The hard part is the propagation, hence the website, offer to forward the game onto friends - just enter their email address. Once you have their email it would be a walk in the park to set up a database and keep statistics on them. I'll let your imagination run wild with that.
... need to stop. urge to be malicious rising ...
There is so much more that someone can do to get someone than to simply own their system. Sure it might be hacker pride to be able to completely control a system, but all most as much can be accomplished with just user level permissions.
Nihilism means nothing to the dancing peasants
The fact that I have a router has nothing to do with my choice of OS. It's simple common sense.
It's only simple and common in a complicated area full of fairly rare skill. Let's not confused something you learned with something everyone just knows, okay?
Slashdot - where whining about luck is the new way to make the world you want.
I think it's surprising that there are still people believing MACs are much securer than Windows...
? newsid=1798):
... ... has no fucking idea what he is talking about ... is a OS X fanboy
Considering that there are quiet some sources which claim otherwise (http://www.techworld.com/security/news/index.cfm
"Mac OS X doesn't stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004, 61 percent could be exploited across the Internet and 32 percent enabled attackers to take over the system. The proportion of critical bugs was also comparable with other software: 33 percent of the OS X vulnerabilities were "highly" or "extremely" critical by Secunia's reckoning, compared with 30 percent for XP Professional and 27 percent for SLES 8 and just 12 percent for Advanced Server 3. OS X had the highest proportion of "extremely critical" bugs at 19 percent."
Not to forget the OS X Advisories:
"An error in Safari / LaunchServices can cause a malicious application to appear as a safe file type. This may cause a malicious file to be executed automatically when visiting a malicious web site."
"A boundary error in ImageIO within the handling of TIFF images can be exploited to cause a stack-based buffer overflow. This crashes an affected application and may allow arbitrary code execution when a specially crafted TIFF image is viewed."
"A format string error within the logging functionality of the setuid program "launchd" can be exploited by local users to execute arbitrary code with system privileges."
And finally an unpatched Mac OS X bug:
"Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment.
This can also be exploited automatically via the Safari browser when visiting a malicious web site."
Summary:
Everyone who claims Mac OS X is secure
or
Of course at the moment there are far less people targeting OS X with their trojans/viruses/... but this could change.
The best way for Windows users to compute untroubled (or less troubled) is to uninstall Sophos. Our IT department switched to Sophos about a year ago and we in development have had nothing but problems. My machine barely runs now. The updates every three hours render the machine unusable until Sophos completes its download. We get off easy. Most departments get updates every hour. I would glady run the risk of infection by having no anti-virus software over using Sophos. The lost productivity clearing one virus pales in comparison to the daily loss caused by this "tool." If you are forced to use Sophos I recommend setting exclusion on all your drives for on-access and on-demand. This will slightly improve the performance of your machine. Don't bother excluding file types. It takes too long and Sophos clears your exclusions periodically. Does Sophos even work? I've never had it detect anything. Either I don't get infected or Sophos doesn't work. We always here a Windows box will be infected within seconds of connecting to the internet. So, why doesn't Sophos report all these attacks? I'm probably rambling at this point, but I really hate this product. I felt strongly enough to make this my first Slashdot post since Feb 2005.
I thought I had an appetite for destruction, but all I really wanted was a club sandwich. --Homer J.
Bzzzt, wrong. As I said before, desktop objects are the security barrier between windows (and their messages). Every window is owned by a thread; messages to the window are posted to that thread's message queue. Every thread that can participate in window messaging is associated with a desktop object. A thread can only send or recieve messages to and from windows on the same desktop it is associated with. A window message cannot be sent without a destination window on a specific desktop. A thread can only be associated with a desktop if that desktop has been opened with sufficient access. The process of opening a desktop includes a check against the desktop's security descriptor. Microsoft guidelines have always warned against putting windows of different privilege levels on the same desktop because of the possibility of the harmful interaction it allows. As long as apps are following those guidelines, there is no way for a unprivileged malicious program to send arbitrary messages to a privileged process.
The most a process could be expected to be tolerant of is arbitrary user input, but even then the security model doesn't require a user's applications running with that user's authority to be protected from the user himself. The only programs that need to be immune to user input are ones that are trusted by the OS, yet interact directly with the user. Winlogon is the only process that fits that description. (Note that Winlogon has its own desktop to protect itself from any messages coming from the user's processes.)
There's no argument that Win32's messaging system is old and quite ugly, but to say it's an inescapable security hazard isn't true. When used properly, there's no vulnerability. Win32 is not X-Windows.
Look up shatter attacks. It's the same idea, and they're inaccurate for the same reasons.
A few choice quotes:
I didn't. Thanks though.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
The argument that Mac OS is not a virus target because there aren't many people using it just doesn't hold water. Most PC users I know see me as "the enemy" spend much of their time explaining to me why I shouldn't use a Mac (largely the "lack" of software argument - where is Garage Band for Windows, then?) and being as arrogant about windows as Mac users are usually accused of being about Mac. If any of these people could code and had a personality disorder, they'd be dangerous.
"I hope you like Guinness, Sir. I find it a refreshing substitute for, er... food." Col. Jack O'Neil, SG-1
So I guess I needed to amend my initial point. It's not just that the underlying code base is robust, mature, and moderately well designed from a security perspective. It's also that the people doing the overall system seem to understand how the security model works, and don't do silly things that thwart it.
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
Yeah, sorry. Looking back, I went over the top a bit. You're absolutely right about Microsoft not following their own best practices in many cases. Microsoft's marketing likes to say that Windows is highly integrated, but it's actaully many different pieces, of different quality levels, done by different people that don't really understand each other's components. This is just one of the many cases where Microsoft puts in a good backend but botches the last mile; the security features are there but the shell people don't undestand how the system is supposed to work. I'd also have to agree that the shell (of which IE is a part) is one of the least secure subsystems.
I've used multiple desktops before, but usually to insulate something less trusted from my main desktop. Winlogon uses a seperate desktop for the logon screen and one for screen savers. Every non-interactive service gets its own desktop as well. Otherwise, I'm not aware of anything that uses multiple desktop objects.
In the olden days when NT's security system was designed (same for classic UNIX security), users were given access rights; the user's processes got those rights because they were trusted to represent the user faithfully. Now with application vulnerabilities on the Internet and users that run software they shouldn't be trusting, users are finding that they need to be protected from their own applications. This was not seriously considered in the old model.
Yes! I was thinking about this the other week. We need new permissions sets for systems
today, and browsers need to run as several components:
* Browser id/permission-set/whatever that can *only*
- fetch web content from the network
- put it in a web download spool area
- tell viewers, etc. about content via a tightly syntax-checked channel.
* Image viewer id/permission-set/whatever that can *only*
- read your web download spool
- display media on the screen
* File saver that will run as end user
- prompt user for where to save content
- virus filter, etc. before actually saving
This is archetecturaly how the really early web browsers worked --
separate applications displayed the inline images, etc. But in this
case they would be running as different users or with different permission
sets, so if they are taken control of via a code bug and malicious content,
they can't do anything besides scribble on parts of the screen to which
they are restricted...
- "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'