Slashdot Mirror
Apple Releases 31 Security Fixes
Agram writes, "This week Apple has released fixes for 31 vulnerabilities in its OS, although reportedly a number of known flaws remain un-addressed (according to the instigator of the Month of Kernel Bugs, 'Apple hasn't fixed any of the bugs published during [MoKB], except for the AirPort issue'). Earlier this year, in a move reminiscent of Microsoft's past patching faux pas, Apple released a 'fix' the installation of which broke features unrelated to the targeted flaw. With the growing number of low-level flaws, one has to wonder if Apple's 'more secure' argument still stands. Earlier this month, Microsoft released 6 fixes. Linux does not seem to fare much better. Despite all of these fixes, exploits remain in the wild for each platform. Perhaps, security-wise, the OS choice really boils down to a 'pick-your-poison X user-base' equation?"
From the blurb: Linux (if you need a URL for Linux, you are probably at this site by mistake)
Fantastic! So what the poster is saying is that "If you're on slashdot and you're not a Linux geek you're out of place here".
Out of place as in not welcome for the most part too considering some of the groupthink that goes on.
Just try to get a valid, non-snobbish answer to a n00b Linux question around here. I dare you. Just like the snobs on #Linux. Try it there and you'll get the same.
The day I decided that Linux wasn't for me was the day I went to #Linux and asked for the name of a good distro a n00b could run without pulling out his hair. The response was directing me to DistroWatch or some-such site with nothing more than a list of distros. Out of 40 people this is the lone answer I got.* Great. And yet Linux users still claim Joe Sixpack is welcome to try to adopt? It sounds more like throwing down the gauntlet as opposed to inviting him in.
* Later I tried DSL and Mepis. While I found nothing "wrong" with them I do find overall Linux support lukewarm at best and I don't have the problems with windows that most claim to have. I just don't see a reason to switch yet. Maybe in a few more years when some of the zealots mature a bit and realize that supporting a product is more than just shouting "OMFG~! It's the best, if you don't like it you're just a fucktard!!11!!" and start producing apps a little bit better than Gimp I'll give it another go.
No, no, one doesn't.
Number of Windows machines I've had to painstakingly remove highly virulent spyware/adware from: Dozens.
Number of Mac OS X machines I've had to painstakingly remove highly virulent spyware/adware from: ZERO.
This is far more than just anecdotal evidence; this is how things go in the real world. In the real world, 50+% of Windows machines are badly infected by spyware, and 0% of Mac OS X machines.
ZERO.
By far the most prevalent security and stability breaches "in the wild" are not rootkits or remote exploits... they're spyware and viruses, both of which are virtually exclusively Windows issues. You can claim that this is mostly or wholly due to the overwhelming dominance of Windows over all other operating systems (in terms of "market share"), but the fact remains.
Until I start getting calls from blue-haired grandmas to hand-pick bits of Hotbar and Bonzibuddy and porno pop-up daemons out of their Macs, I won't buy the "Macs aren't any more secure than Windows" FUD. And neither should you!
With spending like this, exactly what are "conservatives" conserving?
Any program files that might have a negative impact on the OS X system must be authorized with the Admin password.
Wrong. The attacker can simply use a privilege escalation exploit.
I'm sorry but I don't agree with this marketshare thing.
If someone is standing on the corner going 'neener neener you can't hit me' someone out of spite regardless of any reward is going to do it. The fact that they've been touting they can't be hacked for several years now and they still haven't been hacked says to me that it's not easy to do/not able to be done as easily as it is on Windows.
Plus a lot of the 'security' problems don't focus on the exploits of IE and simple browsing hijacking your system with crap. That's the largest problem facing most IT departments that I've run across in the last year or two, not the OS itself being hacked but something stupid the browser does destroying the system.
As a rock-in-roll Physicist once said, No matter where you go, there you are.
I remember root-my-mac-mini - the whole thing was a sham - the guy was giving out SSH accounts to the machine and the "local" user was just using a privilege escalation to get more rights. Granted, its a bug that needs fixing - but giving out logins to anonymous users on the internet isn't something I'm in the habit of.... not after last time..... damn squirrels.....
99% of all windows users run as admin. 100% of all windows server administrators log in with a admin level account and do lots of things as admin they they should not.
99% of the things malware wants to do, do not require elevated privileges.
NO APP NEEDS WRITE ACCESS TO THE C:/WINDOWS directory... NONE! yet the microsoft morons designed it that way because of the stupid registry.
Broken application that require write access to Windows system areas are 100% the fault of the app developer. It's got *nothing* to do with Microsoft.
No developer has had an excuse for releasing software that writes to places like C:\Windows for ca. 7 - 8 years.
Let's ignore the fact that most services under Unix lately do not run at the system level but under a protected user that does not have ADMIN access... but hey you were hoping that nobody noticed that.
Like modern Windows services do, you mean ?
Windows web server, buffer overflow = admin access. Linux web server, buffer overflow = user acces. Big different there. granted if you are silly and let apache user read the shadow passwords file your fault for not setting up security right.
IIS runs as its own user. A buffer overflow only nets you the privilege level of that user.