Slashdot Mirror
First Scareware For the Mac
I Don't Believe in Imaginary Property sends us news from F-Secure of what they claim is the first rogue cleaning tool for the Mac. MacSweeper is a Mac version of Cleanator, hosted from a colo somewhere in the Ukraine. The article points out that the company's About page is lifted verbatim from Symantec's site. With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years. The F-Secure author adds as a footnote that a journalist said to him something you don't hear every day: "I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."
With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years.
I didn't realize Kane & Lynch had been announced for the Mac platform
The theory of relativity doesn't work right in Arkansas.
The journalist should have visited using a linux livecd. If the site hosts mac malware then it is a pretty good bet they already have established "businesses" in the field of windows malware.
it was only a matter of time!
The category of "cleaning tools" was rather dodgy even before the trojaned ones started showing up. The notion that getting infected by god knows what, running a little wizard, and being all ok again is insane. Both the notion that one can reliably detect malware that has already had time to romp with your system and the idea that infection is so routine that there should be tools to be run every few days for it are pretty gross.
And now we have an example of this fine species showing up on a platform that doesn't really have malware. How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?
I just checked this using a PC with linux and clicking the "free scan' prompted me to download a .dmg program. I somehow doubt the dmg could have been executed on a PC...
Either they changed their website, either the article lies on some points.
I gave up with the idea of an useful sig...
"I visited the macsweeper.com website. I know I probably shouldn't have but I used a Mac so I knew I wouldn't get infected."
...
oh wait
+1 fashionably cynical
What, you need to download something to your mac and then INSTALL it?
This kind software has be there long time ago and there is nothing new to see here.
Market share is still smaller than GNU/Linux and it is not having this kind problems, wait, it has.
Come back again when F-secure and others have proof for worm or virus what works like windows platform, automatically.
The screenshots seem to show that all it detects are evidence of viewing porn sites. Yes, you can view smut on the mac. Everyone go hide in fear.
Care about electronic freedom? Consider donating to the EFF!
Yeah the difference is, you can't get spyware installed on a Mac by clicking a banner ad in a browser. The software doesn't even have permission to do software installation, so it would be asking for a password (unless some unknown vulnerability is exploited). Frankly if you're entering your password for your computer when some arbitrary website asks for it, you've already got have way worse problems than spyware on your Mac.
common as Macs continue to grow in popularity. Malicious code tends to gravitate towards the largest user base (more targets), and Apple's market share (or perhaps, more importantly, positive PR) is growing at a decent rate. I'm surprised that it hasn't happened sooner.
The same could happen to Linux, (Free|Open|Net)BSD, etc. All it takes is an uneducated* user behind the console, and Linux's drive to take on the desktop makes that all the more likely.
* I mean uneducated in the security sense. You can be highly intelligent, have 3 PhD's, and still not know a thing about what downloads to avoid. We can't know everything about everything, after all.
The wise follow a damned path, for to know is to be forsaken.
Would you prefer "Proclaiming", or "acting all snobbish while saying", or "falsely believing"?
It doesn't take special permissions to put stuff in ~/Applications. It's not done by default, but some users do do it, and Finder supports it.
.Apps don't need an installer, nor need to be in /Applications.
Or heck, just put it on the desktop where the user can click it. No special permissions needed. Most
Well, assuming Apple's market share is increasing (which I don't know for sure, just taking it as a given for making my point), some significant fraction of those new Mac owners are former PC owners. Many of these people will assume that all the crapware they "needed" for their Windows machine is just part of owning a computer. It's not that there's a problem with a Mac, it's that a lot of people just don't know any better.
[b.belong('us') for b in bases if b.owner() == 'you']
Why do almost all of the articles on the slashdot main page say only "25 comments"? Is it some kind of bug? (I'm not logged in, and I'm using IE7 on Vista. Flame me. :))
#!/bin/sh
rm -rf /
The point being that if you do dumb shit on any computer you can break stuff.
Engineering is the art of compromise.
But the Applications folder does not run as root, but as the regular user. The malware can only screw up the current users session, it cannot access or modify anything that needs root permissions without asking for the root password. Without root, malware is annoying, but not difficult to get rid of.
oh. sorry, I keep forgetting people don't know it's such a waste to even bother with such stuff on a Mac.
-- Tigger warning: This post may contain tiggers! --
Exactly! There are too many Mac users all smug with the notion that their OS is super secure. Which is true, the system is secure - but the user is not. The first time they ignorantly run a malicious app that clean out the contents of their home they'll likely learn the distinction though.
Personally I've never fretted over having to reinstall an OS. I typically clean install with every major release. What I dread is losing my data.
Yes, but if you ask a user what they care more about - the OS or their data - you'll find few who care that they'll have to reinstall the OS. It's an irritant, but easily replaced from the source media.
Our data is far more critical, making the ~/Applications folder (or the ~/Desktop folder) a dangerous place for executables.
Of course, in these enlightened days we all have regular backups now or Time-Machine-enabled external drives. Hmm...
Linux and Mac OS will never get the malware trouble Windows does for a good reason - the communities behind them.
Windows has such a large userbase, there are many shady-looking shareware apps that work just fine and do what they're supposed to. The problem is that Windows has developed a culture of suckiness such that users can't readily tell the difference between a legitimate vendor and illegitimate software. I had a webcam where I had to obtain the driver on a website that looked ripe for hosting malware. There's also the issue of having everything ActiveX enabled and scripting-friendly that essentialy lets malware distribute itself.
On both Linux and Mac, there is no ActiveX equivalent vulnerability, so the malware authors are going to have to work through the community.
On Linux, repositories are peer-reviewed and open code is generally preferred over closed-source solutions. Since software is under review all the time, there's no place for malware to hide and it is quickly detected and shunned by the Linux community.
On Mac, if an app is low quality, people generally gravitate away from that app and towards the better solutions. And the malware authors generally don't create a front that is believable. If you look at a lot of Mac dev sites, you will see that a lot invest a lot in fit, finish, and glitz. If the authors of Mac malware want to get anywhere, they'll have to find a way to auto-propagate malware - that or break into the Mac community - through recommendations by respected Macheads and investing effort into making their software appear usable. And by that time they've spent likely more effort than they're willing when there's the giant Windows bullseye just waiting to be shot at.
If you go to the macsweeper.com website, you'll find they lifted Apple's home page and modified it to make it ugly. If a Mac dev can't even create their own good-looking website, why would I trust them with software on my computer?
There are now 10 or more Mac users?
I'm sure people care more about the contents of their /bin folder (or whatever passes for that in OS X) than the graduation pictures of their kids and their tax returns. So I guess that's OK. The OS was never compromised! Incidentally, you don't need root to turn a machine into a spam-spewing zombie. On any OS.
it cannot access or modify anything that needs root permissions without asking for the root password.
Well then, it will just ask for the root password. You're thinking here that the user won't provide it for some reason? They just clicked on a "Punch the monkey" banner, after all.
The twitter monologues. Click on my homepage and be amazed.
I thought Symantec released the first Scareware for Macs?
Looks like they read slashdot. Their "Contact Us" page is already edited now to remove the text copied from Symantec. Now the page doesn't say much of anything at all. No phone numbers, no addresses. Just a bare e-mail address. Hard to believe how scam artists can operate out in the open these days.
That is assuming that (a) there are no (as yet unknown to you) security holes in your web browser, media plugins, &c., which could be used to execute arbitrary code, (b) there are no (as yet unknown to you) security holes in OSX or any of its components that could be used for privilege escalation, and (c) crackers haven't discovered these and used them or traded them on "zero-day" forums. Which is a pretty big assumption.
Using a Mac is safer than using Windows, though using something like NoScript to disable JavaScript, Flash, &c., for untrusted sites makes it even safer.
Computer security is like wearing porous armour: the more layers you have on, the less likely it is that something will make it through the holes.
2008, year of the malmacware?
I'll just use my special getting high powers one more time...
apparently if you subscribe, it'll even clear your DLL cache! http://www.macsweeper.com/buynow.php
I'd prefer to focus on the ZERO self propagating pieces of malware in the wild.
"I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected." And yet he probably did. Why would they limit themselves?
I'm not naive enough to think my BSD and Linux machines can't be infected, but.... This would seem to be yet another argument for ports, apt, etc. I've never feared any of the software installed through those routes. (Yes, I know security alerts arise and are addresses...I'm talking about over malware.)
Everything can get viruses that can run code on them. This includes the PSP, Linux, BeOS, the DS, ETC. However it is true that Linux/Unix have a much, much lower risk of malware then Windows.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
I'm sure people care more about the contents of their /bin folder (or whatever passes for that in OS X)
For the record, there is aStylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
Comment removed based on user account deletion
True, although most malware that people actually have to worry about doesn't delete your data. Most commonly, the intent is to deliver popup ads, or steal e.g. credit card info or logons when you order stuff or do banking online ... I think these are probably the most common hazards. I guess to do that on a Mac, malware would probably have to at least modify Safari in some way, I'm not sure if an ordinary user logon can do that.
- User Data: not protected
- System Data: not protected
OS X:- User Data: not protected
- System Data: protected
Ok, sure, OS X is not perfectly safe. Clearly it is the better choice though in terms of protecting system data. I really only made this reply because some of these posts (not necessarily the one I'm replying to) seem to be implying the OS X is somehow less safe. At worst it's no more secure than Windows; at best it is significantly more so.Protecting system data may not be the most important thing in computing, but it's a bit ridiculous to claim it's less important than user data. You're probably right: the affected Joe User probably cares a lot more about his photos that he's procrastinated on backing up for the last 3 years than whether or not his OS is functional. However, I'm pretty sure that the other users on that PC are very glad that they weren't affected by Joe's actions. And let's be realistic here: how often does a piece of malware destroy files wholesale? Save the occasional virus writer that hates the world, most malware creators are much more interested in profit (i.e. getting users to buy something, typically through inserting advertisements).
The thing though is, in a Unix-like system (like Linux) or a Unix system (like OS-X) the person logging in does not have root capabilities (or at least shouldn't) and thus keeps the possibility of attack low. In addition, Linux (OS-X can be configured to) have a centralized repository where most users download their programs that the source has been scanned for presence of malicious code (OS-X's version is called Fink I believe) this is one of the main reasons there is little malware for Linux, OS-X though, being mixed free/proprietary (more or less BSD with a nice GUI) software, doesn't have this and instead most applications are downloaded binaries, I am not sure whether or not they can be installed without root privileges (I know apt-get on Linux requires it, but I think ordinary programs can still be executed without root privileges, just not in the directory of system-wide binaries) this keeps the risk of data deletion down because the most it can do (deletion-wise) is delete the /home directory (the Unix equivalent to My Documents on Windows). As for the polymorphic spyware, if it was executed by a normal user (not root) the most it would (or should) have access to is the /home directory, keeping the risk of it going very many places down because most people check their home directory and unless it was hidden (not sure how the default file manager in OS-X handles them) it would be very very easy to figure out that you didn't create that file. For zipping up your documents with a password, that could be done, however assuming that either A) the password is the same B) the generator creating it is the same and if it was encrypted, it would be trivial to brute-force the password, figure out the algorithm then release a patch that fixes it. Overall, Unix systems are very hard to crack given that all the patches are installed, as one person said: To break Linux (or Unix) you need to work at it, to break Windows all you need to do is work on it.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
I'm not saying that having a secure OS is an unworthy goal, by any means, but whatever OS is top dog will always be the most plagued by stupid users... and unless you lock them out of the system (which is just going to piss them off), there's nothing that can be done about it.
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
I have a fun screenshot of the Registry Cleaner web page, saying their software can fix problems in my registry which are causing all sorts of problems.
The first funny part is it desperately tries to look like an IE window with a close and cancel button etc which just clicks the download link, which is laughable since the browser is clearly firefox. Then next you notice the apple in the upper left of the screen...
I work for the Department of Redundancy Department.
Doesn't matter. Stupid users trump all possible security measures (except locking them out of the system for their own good, which isn't really feasible), and there's no shortage of them. Until the programmers can prevent stupid users from infecting their systems, it doesn't matter how damn many malware samples there are in the wild, and you have no right to be smug about the security of your OS.
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
No, it has a couple of advantages.
/" as a normal user, you would only lose the files you had access to and not break the system.
1. Privileges, an ordinary user can't mess up the entire system. Unless the user is *really* stupid, they are not root and therefore do not have Write privileges on system-critical files. So even if you ran "rm -rf
2. Most software is installed through a repository. Now, I realize that Mac does not by default (although there are projects to port apt-get and the like to it) but most distros of Linux have a way of installing via the repository.
3. Most first-party OS-X software is at least partly open-source including the key components of the OS such as the Kernel, Browser rendering engine, and some of the other utilities. This adds a layer of protection to prevent programming errors from not being noticed as anyone can look at the code and submit fixes to it. In addition, this adds security by having parts of Safari being looked at to prevent such flaws as drive-by-downloads which were a major problem of IE and a reason many Windows users got infected by malware.
While it is true that if someone really wanted to mess up OS-X or were just plain stupid they could. However, the chances of Unix breaking from normal usage are far far smaller then those of Windows.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
I'm amazed parent got modded troll, that was a relevant comment
It doesn't take special permissions to put stuff in ~/Applications. It's not done by default, but some users do do it, and Finder supports it.
/Applications folder is owned by root, and it is grouped to admin. Other has only read access. If you want to write to /Applications you have to be a member of admin, which is usually identical to the list of sudoers. Although probably 70% of accounts on macs are admins, (less than the 99% of windows...) not everyone is. If you are a parent and have kids, your kids are probably not admins on the computer so they can't break it. (at least can't break it for the rest of the family anyway)
Actually it does. The
The point being made was that yes, you are allowed to hose your account. No one should have any expectation that the system can protect you from yourself. You can just as quickly drag your Documents folder to the trash and empty it yourself as you can double click a script written to do just the same thing. The difference is you don't tank the entire machine, or cause problems for the other user accounts on the computer. By the definition you appear to be using, someone posting a text file with instructions on how to "optimize" your computer by dragging the contents of your home folder to the trash, could be considered malware.
The primary difference between this and most of the earlier windows malware is this is not a "drive-by download", where merely visiting the web page triggers a download and execute of code that can do damage. On a mac, if you DO click on something, you will get one or two warnings that you have downloaded an application and asking if you want to allow it. You get one warning when downloading the DMG, and another warning when trying to run any app inside the DMG once opened. The first warning has been around awhile, but the second one is new and goes something like "you are opening application xxx for the first time, which you have downloaded from the internet. Do you wish to continue?"
I don't personally think there is any way for the mac to remain anywhere near as free of 'malware' for even the near future. It's going to come up. I'll just be happy if it remains worm and virus free for the long term. And the way it's designed, there's a very good chance of that. It's the computer's job to block viruses and worms. It's the user's responsibility to avoid malware. (although it remains the computer's job to mitigate the damage caused by a user that chooses to run malware, and most importantly to protect the other users)
I work for the Department of Redundancy Department.
In Windows, if you're running as a limited user (or are using Vista with Protected Mode on) then your system data is protected too.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Your comments on OS code, whilst quite valid, are actually rather incorrect. Something that a lot of people seem to fail to remember with open source code is that the code IS available IF you wish to look at it. Personally I've never gone near the Kernel code, so I wouldn't have a clue if it is secure or not (perfect example of this: Firefox).
My $0.02 AU, Ignore at will.
Me failed English...
FreeBSD over Linux. If my comments seem odd, this may explain...
For your seeing more OS-X machines, I think part of it could be the popularity of OS-X is way more then OS-9 ever was, and yes Unix sometimes is tempting to mess around with mostly with the strange names for files (fstab anyone?) that although are nice on a command line look obscure when looking at it in a GUI. But then again, I don't know your situation but if it is computer repair, part of it could be the Windows users who are so used to coming in for repairs switching to Macs and lacking the Mac or Unix skills to fix problems.
Yes, most people don't look at the code, however it is nice that you COULD look at the code if something seems off on a new update or such. One of the reasons I won't use Opera for any extended period is when I think about how much information passes through my web browser how do I know that it really is safe? However, it is nice to know that other people can look over the code and that you can too, plus, who is going to try to hide spyware in a GPL'd product?
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
... any recommendations for the following:
Real cleaning software for the Mac, that you've actually used and deemed worth continuing to use?
Best web sites to learn about Mac security?
Oh, yeah, it's not easy to pad these out to 120 characters.
Not a virus, just a trojan horse. Program claims it does something that it doesn't, program is installed, program does what it actually does. Nothing in the article suggests that this installs itself, just that it tries to get the user to install it.
Everything is subjective.
- Clean all bad cookies. Simply deleting these cookies is not enough. MacSweeper really gets rid of the evidence! I guess it really gets rid of cookies by....um....deleting them?
And they say they'll even clear my "Unniversal Binnaries!"
If this isn't some kind of malware it sure as hell comes off like it.
It is funny, but Asus expects that the little Linux based Eee PC (typing this on one!) will outsell the Macintosh this year.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
I would like to explain all the situation, about MacSweeper. We are really trying to make a good software, and you wont find any viruses/spyware/trojans/malware in MacSweeper (test it your self, if you don't believe me, you can use any type of firewalls, dissemblers, or other tools) . The problem is that we are using selling partners that forces us to use this marketing type. We would like to leave them, we don't want to completely destroy Good Name of MacSweeper application. :((
Personally I adore Mac Platform, and it hearts to here that the program you wrote is said to be some kind of "Rogue application" , i wouldn't like to destroy good manners of software written for it
I would like to say sorry for all inconveniences that we could bring to you, but believe MacSweeper is meant to be a useful application.
You can ask Questions, and i will try to answer them! Thank You!
you must be new here...
SATISFACTION GUARANTEE: Shop safely at MacSweeper.com with the MacSweeper 100% satisfaction guarantee. If for any reason you are not happy with your purchase, simply contact our customer support staff within 30 days, and we will refund 100% of the purchase price with no questions asked. At MacSweeper.com your security and satisfaction come first. If you're unhappy, we're unhappy... then MacSweeper's unhappy. And, that just simply will not do.
Copyright 2007 MACSWEEPER.com.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
As a linux user, I am under no delusion that my system is "more secure" than a windows box or a mac.
For me, the worst thing that can possibly happen, is somebody destroys my home directory. Ok, that's easy, if a virus is logged in as me. If they hose my system, so what? I can always re-install linux, that isn't a problem. There aren't any other users. I allow myself access to the internet and to email, so if a virus starts spamming the world, well, that isn't stopped by security policy either.
What you're talking about is a linux server. There, it's hard to root the machine and cross-infect, sure. But what spreads viruses the most these days is users downloading shit in email and not knowing that their browser just executed something. Linux is *not* more secure. *I* am a user am less prone to viruses because I maintain a strict policy of which sites I use each browser for, where I take cookies from, and I browse sketchy shit only inside vmware and restore from a clean image frequently. But I'm still vulnerable to all sorts of attacks -- if google pushes an ad with linux-targeted malware, for example.
If you think linux is somehow inherently virus-proof, you're deluding yourself. Using linux on the desktop is the same as using any other desktop system -- if somebody else knows how to make an executable for your system, it's probably vulnerable.
Until the programmers can prevent stupid users from infecting their systems,
This is an under-appreciated benefit of a less user friendly operating system: fewer "stupid users" will be interested in using it -- at least to any deep extent -- thereby leaving those that do in a safer community.
Mac users around the world are going to have to throw away their macs and buy new ones! What about people with portable Mac computers? They wont be seen in Starbucks no more pretending they are journalists.
I don't know but considering some of the code that one can write can be obscure as hell I'm sure spyware could be slipped into a product with relative ease. Whilst I've forgotten who and what, there was some PABX software recently that called home (it always had) that took $x long to become well known... leave you to think on that.
Me failed English...
FreeBSD over Linux. If my comments seem odd, this may explain...
Agreed, and I would like to add that there is the possibility that some one can look at the code, find the bug and exploit it. For years MS thought they built a secure product(ok well maybe they thought that) and look where it got them. Just because software is open or closed doesn't make it more or less secure than the other. Software is made more secure by quality programmers/testers/patches/testers/updating/testers. Replace anyone of those with crap and your odds of making crappy/buggy/exploitable software goes up....
Insert funny smart-ass comment here.
True, the worst thing that can happen is that your home directory is wiped out, but if you logged in and saw that all your files were gone you would immediately log off and log in as a different not infected user and could easily clean up your system, so the virus would have a very short time to spam the world or whatever it was released to do. So it wouldn't wipe out your files, but would instead try to hide, and it wouldn't have very many places to do so.
This is why using a system with clear privilege compartmentalization makes viruses much less of an issue. Once infected they are easier to detect and much, much easier to clean. Sure you can reinstall Linux if rooted, but you can almost as easily reinstall Windows. If the security model is set up correctly, though, normal use shouldn't put you at risk of having to reinstall your OS just to clean it up.
If the end user is the security risk they should be running in a mode that minimizes the risk to the total system. This is why a stock install of most Linux distributions *are* more secure than stock Windows distributions.
Did you read my comment? I did not say /Applications. I said ~/Applications
True, a default Mac install gives users admin privileges and the /Applications folder requires admin rights. So most Mac users have the rights they need to modify the /Applications folder. Note: "admin" on a Mac is not "root" for Unix purposes. From the Unix perspective "admin" is just a group with rights on a lot of privileged items in the system.
/Applications folder it will put up a window informing me that I don't have the right to take that action and offering me a chance to authenticate. If I choose to authenticate, it lets me type in the username of an admin account (say "apple") and the password. It then uses that account's authority to take the action. This is very similar to a Unix sudo. Since daily use of the OS requires so little admin access, this really presents no problem.
/Applications directory or any other special location without forcing an authentication request that should, at the least, make me suspicious.
However, it is _highly_ advisable for any reasonably security conscious Mac user to create a second admin account (let's call it "apple") and then _remove_ admin privileges from their regular user account. Day to day life in MacOS X does not require any admin privileges. This is how I've run all my systems for at least three years now. I do not have admin rights from my user account. MacOS X is very graceful about this. For example, when I do need to add something to the
What is the benefit? While the user can know the admin username/password, rouge software won't know that. There is no way for software using my user privileges to even add anything to the
So, yes, while the default behavior is as stated, it is very easy (and I would even go as far as saying recommended) for users to remove admin privileges from their regular user account.
Depends on what version of OS X you're talking about. Drop something in ~/Library/Input Managers in Tiger and below, and every cocoa app is infected when you run it. Or put something in ~/Library/LaunchAgents and watch for Safari and inject code (non-root for PPC only,special group or root for Intel). Or rewrite plugins residing in ~/Library/Internet Plugins...
With some more thought I can probably come up with a pile more.
This is how I normally run. Unfortunately, it is buggy and still not completely effective. There are those user based locations I mentioned in other comments. Even worse, when you drag into /Applications, even after authenticating as the admin user, the permissions are for the current user with full access. So once it's installed, anything else running with your credentials can edit it.
Almost every techie I've ever met who makes a broad statement like "(Linux|OS X) is way more secure than Windows" has been so security-retarded it's not even funny. I've used Linux exclusively for years but I'm under no delusions that any general-purpose execution environment is malware-proof. I used to run Win98 and Win2k without anti-virus or firewall and I only got a single virus in 6 years because I opened an exe sent to me by a friend. On my Linux box, anything worth doing can be done as me: stealing personal information, sniffing passwords and credit card numbers, running a botnet client or a daemon on a non-privileged port. I've also got SSH keys that grant me access to my own dedicated boxes, as well as dozens of my employer's servers, not to mention the source code to proprietary applications worth millions. What makes Linux safer is that most people aren't writing trojans for Linux. It's almost sad to watch the Mac market grow like it is, knowing what it will rain down on the smug little bastards. I've got nothing against Mac users, but at this point their hubris is almost Titanic in its proportions. Additionally, Linux has a steeper learning curve than Windows or Mac OS X, meaning most users are more likely to be aware of proper security concepts. Still, I've found rootkits on the servers of many *nix sysadmins. Oh, and they all believed Linux was "way more secure" than Windows.
I have come here to chew memory and kick ass... and malloc() is returning a null pointer.
No, I don't use Time Machine. I don't have a handy large FW drive.
I use a 2x500GB Linux-based NAS box in a RAID 1 array over gigabit Ethernet (via 802.11n) to store occassional backups (when I feel like it, although I could easily use one of the many apps or even the Unix commands).
There, I think I've covered all the backup buzzwords.
My experience in a mixed environment for a media company are that the problem machines are whatever's oldest at the time. Doesn't matter if it's the XP machines in sales or the OS X machines in design, the machines next in line to be replaced are the ones that start to bite it... I love how you're comparing OS 9 to OS X. When we were running 98, often times a simple reboot would fix the problem, that doesn't work as much with XP so obviously 98 is superior.
As a desktop user I severely disagree, I'd rather lose everything but ~ and if I'm stupid enough to run malware that malware will have the necessary permissions to delete everything I care about.
And about opensource being better because people can look at it and find vulnerabilities. Have you ever looked at the Mozilla code? Lots of people have and yet regularly there are new exploits found, some that have been there since the browser was called Mozilla.
I monitor a few open source applications mailing lists and often when a security vulnerability is found, it has been there a long time. How many more are lurking in that mess of C++ code?
https://en.wikipedia.org/wiki/Inverted_totalitarianism
1) Windows has user privileges that work too. The default settings of XP suck though. A definite +1 for UNIX in that regard. Vista *finally* addresses this. As for people being "stupid", you obviously overestimate the aptitude of the masses. A few years back a email worm for Windows came in a password protected zip file with the password in the body of the email...and it spread! Yes, people actually put the password from the body of the email to open the zip file and executed the payload.
2) The repository model, while nice (FreeBSD ports rocks!), would never work in the free market software ecosystem where proprietary software dominates the landscape. It would be like herding cats. Even in a ecosystem where most software is open source, I still think would fail if the amount of software available approached that of the amount of Windows software. The sheer scale of it would be too big, and conflicting interests would end up destroying it. My point is that if Linux gained a significant installed base, the repository model would fall apart the and Linux would be pulled into the "wild will west" where Windows currently resides. OSX has the same free market model as Windows anyway, so I don't see how it directly related to this article.
3) Meh.
BTW, to the fuckwads who modded me down for questioning the god of UNIX:
Fuck off! <---(That's "-1 Flamebait" right there, bitches)
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
With the former Windows users using the Mac more and more, it's not surprising to see the platform vulnerable to crapware as PC's have been for years.
There, fixed the summary.
All those moments will be lost in time, like tears in rain. Time to die.
Oh, and you mis-spelled "purchase" in two methods in MacSweeperDaemon.
The binaries have references to KIVViSoftware throughout them -- you wouldn't happen to be one and the same with these guys, would you?
Disclaimer: I didn't find anything blatantly malicious -- but I only took a quick look. Given the folders that it tinkers around with, any bugs could do some damage to your Mac, so be careful.
Because they have absolutely no concept of what a moderator is supposed to be doing.
Just callin' it like I see it.
No it doesn't take special permissions to put stuff in Apllications, it's pretty danm near impossible though without user intervention though. However with 10.5 the system keeps tabs on apps that come from the internet. On first run at least you will be prompted that the application your about to run came from the internet the first time with the option to not allow it to run.
I think one of the big problems that we still have is that users don't don't differentiate between programs and data. Or app settings, or functions of the OS, or anything else. It's all just a big mushy, magical, computerish blob. Recently I tried very hard to explain to someone that the Windows error reporting for some random app crash had nothing to do with them somehow destroying their network driver a week later. Maybe I'm just terrible at explaining, but as simple as I could make it ("like I keep saying, it's not related, at all"), the guy kept bringing it up, like it was the magical key to everything.
(Un)common sense says: your data is the only thing in there that can't be replaced. Keep it organized & backed up, don't lose sleep over the rest. And don't feel bad when the computer breaks, because no one's ever built one that didn't.
I just hope someday people will figure out doing their weekly defrag or whatever isn't making their computer better, it's just time wasted that should be spent backing up the things you value. But it's easy and makes them feel good...it scares me when I see how superstitious people can be with these things. So while messing with people's data is much worse than changing their homepage, they really don't see a difference. All you get as the designated help desk person or unfortunate family tech is a grunt to say "it's not working".
Like you hinted at...time machine makes it almost fun(!) to keep backups, but still, many don't bother. And they get what they get, I guess.
The only really interesting response in this thread and me without mod points. Oh well.
I'd have to say I'm quite concerned that the TODO list implies that LittleSnitch is something they want to blacklist.... assuming I'm parsing the list correctly and understanding the semantics. Anything that wants to remove my network monitor goes straight to my dustbin.. - oops - it just turned into an eject button... huh - okay - hang o
I'm sure people care more about the contents of their /bin folder (or whatever passes for that in OS X) than the graduation pictures of their kids and their tax returns.
:D
I'm guessing you're being sarcastic here, but even so...consider that they might not know the difference at all. It sounds crazy but I don't know many people that really separate their data from the programs that open them. I call it "icon fever"
Stupid, meet journalist, your brother.
Assorted stuff I do sometimes: Lemuria.org
Obviously nothing's ever for sure, especially not with your computers. But if your browser isn't running with elevated privileges, then you don't need to worry about malware coming in through it the way people with WinXP + IE6 do, save for any specific & isolated exploits. So I would argue that linux is more secure (if by linux we mean "your average linux distro") because your average distro is going to install software from a trusted repo, not have a default install that leaves you running your browser as root every day, and will also give you the tools to control your network interface. And even if you don't use those tools, the fact that 9/10 of the linux users out there do use them does in fact make you a little safer. It gets better...the myriad differences in distros, software packaging, and choice of software means that any "linux" exploit is not going to affect all linux users, unless it's at the kernel level, and even then, there's plenty of variation in people's kernels. Safety in numbers, I guess.
not quite. the theoretical possibility of someone looking at the code is not particularly comforting. the good thing is, people actually do. let's say there are 100 million firefox users worldwide. now if only a thousandth of one percent actually looked at the code, it would still be 100 eyes outside mozilla/google/whoever totally unattaced to the company looking at the product and helping to fix things or warn us of problems and malign features.
the point of open-source software is not that you personally look at the code (this is aimed at the parent) just as the point of doctors is not that you personally are one.
What the hell are you talking about?
I would argue that they are found precisely because people are looking at the code.
You can't find them all at once, especially if you're focused on development. But I don't have to explain how much easier it is to patch the exploits when the application is open source — Firefox vs. IE record speaks for itself.
Ignore this signature. By order.
Ignorance is not linguistic drift.
1) This is not a virus
2) Now that you've implied that there are virusees for Mac OS X, please provide evidence
There's no reason why Macs couldn't geet viruses. Most viruses rely on human stupidity for propagation, and there definitely are dumb Mac users. But the edge cuts both ways: If you feel the need to complain about Artie MacStrawman, you should provide some evidence that your complaint isn't just as stupid as Artie's claims.
While I haven't seen a Mac user claim that Macs can't be infected by viruses, I see morons complaining about supposed Mac snobs in each damn article about Mac security.
I'm not sure who's the snob here, Artie MacStrawman or you, who seems to think Mac users are dumb, deluded snobs.
(Score:1, Insightful)
The next time somebody claims
And that matters because...? ~/Applications is just a regular directory. You don't need to put an app in there for it to run, and apps in there don't get any additional privileges.
I monitor a few open source applications mailing lists and often when a security vulnerability is found, it has been there a long time. How many more are lurking in that mess of C++ code?
Haven't you thought that it is funny how everything is in the last place you look for it?. That is, the place where you find it.
But yeah, I also laugh when reading those comments saying that the "only" thing that can happen if a virus infects a Linux machine is that you could lose your home directory which contains all your data... Sheesh, fortunately all the prgorams (which are available all over the internet, and in my installation disk) will not be touched.
Ubuntu is an African word meaning 'I can't configure Debian'
Actually there are known methods to do so. We are working for a long time in security sphere, and can ensure you that everything is vulnerable. But too keep Mac platform safe, we won't discuss it here. MacSweeper doesn't use any of the vulnerabilities, it is made to be Simple and powerful System Cleaner, and helps to warn people to be more careful. There are known security holes with cookies, so MacSweeper has its own database of dangerous websites and cookies. It secures unwanted cookies, the same way MacScan does. And I repeat, we love Apple and all their great products and we want to keep them clean and secure!
Thanks! Finally there is a man who can think wise :)
TODO list, yeh, thats some minor mess up, but it really shows what we are doing and what we about to do in our application.
At the moment we are rapidly working on new, most wanted features like Dead Applications files removal. It should work something like AppZapper, but users won't need to drop every application into some area, it will work even when you removed any application. Just finds and cleans, it's that simple!
Spam bots don't need admin privileges. Just that they get pass the firewall. An evil mIRC/Irssi script would be a great example I think.
You don't know what you don't know.
Little snitch default location is not /Applications or ~/Applications, its stored in/Library/Little Snitch/ which is not a standard location for the applications, thats why it is in our TODO list, because we don't want it to be removed, if there are some other applications out there, which are not using standard locations, we will add them to list.
Security professionals who believe in security through obscurity aren't. Also, I suspect that people who can't differentiate "to" and "too" aren't smart enough to really consider all the nuances of full system security.
In other words, my crackpot meter is going "beep! beep! beep! beep!"
I for one welcome our looped-steel-wire overlords!
... still waiting for this free-as-in-beer free beer I keep hearing about.
I think the doctors point was a bit off... but how bout an example of a major advance in cancer treatment? You won't apply it, yourself, but you could still potentially benefit from a skilled practitioners ability to apply it on your behalf. The open source model is similar in some ways.
On the other hand, I suspect alot of those 100 eyes will be looking at what they find interesting or think needs improvement. Given this, it wouldn't be all that hard to hide evil code in an unusual (and boring) place.
Popularity grows, so it becomes an interesting target.
For the people that went Mac for security reasons. Welcome to Ubuntu, comes preinstalled here:
http://dell.com/ubuntu
LOL nice reply. =) But no thanks I'm quite happy having friends that not only know how use a computer but know how to fix them. They are the best of friends =)
As in most religions, it's the followers that turn people off to the religion. And Mac users are the worst.
Or a buffer overflow in Java that Apple had for more than a year after Sun fixed it.
"Aw, gee, the malware hosed my data! Well, I'll just grab the version from last hour."
As an administrator of 100-odd macs myself, used in advertising design and textile design, let me give you a foolproof recipe to making your life 95% easier:
1 Mac OS X Server, configured with all users in Open Directory, and policy to lock out users from system preference panes they have no business being in
1 FileWave server for application deployment and file integrity checking, obtainable from www.filewave.com (note, this will cost money, but will pay for itself the first time you don't have to reinstall an application, because whatever file the user just fucked up just got checksum'd and rewritten)
x users NOT running as a local administrators of the machine
1 unlimited license of Apple Remote Desktop, so that you can remote control / observe, execute code, get system reports, etc.
Mix ingredients together, bake at 350 (or 177 C) for 20 minutes.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Linux & OSX ARE more secure than Windows. Windows has ActiveX & IE. Other platforms don't. Most Linux distros fix their holes fairly quickly. Microsoft doesn't (though they're better than they used to be).
That doesn't mean people can afford to be complacent. A stupid user who will give his password to see Britany pics is going to get pwned, even if he's running OpenBSD.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
The thing is, it's not a choice between losing your stuff and losing the system. It's a choice between losing EVERYTHING and losing your stuff. Either way, your stuff is toast.
I agree that my stuff is more important than the OS, but it's at least slightly easier to restore the good stuff if you have an uncorrupted OS.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
I understand that meth addiction is difficult to kick, but I urge you to please consider it for your health, both physical, and - particularly - mental. With time the paranoia will subside and you will be able to return to rational, productive behavior. Remember, we're here for you.
Dewey, what part of this looks like authorities should be involved?
Oh dear LORD if this app will be deleting files in such a manner you will break SO MANY things. Just do the honorable thing, pull it before it does serious damage.
The statement of principles you make are all sound but you actually don't understand why they are not so relevant on a mac.
/bin or the man pages or the libraries, or /etc, then generally you wind up in dependency hell, paths that break, man pages that can't be found, and no other user can run it. So in practice root only installs are prgamatically mandatory on Linux for any complex programs you want generally available. Same with Windows.
1) On macs you don't need root to install (most) applications, and applications don't (generally) run with root privledges.
2) Cosnequently, When you application does need root it must ask for it during install. Since this happens seldomly it is a much larger red flag than if this happened all the time.
3) Most applications don't require that you run an installer, and when they do run the installer, it's usually just an unpack operation, not an executable process. When it does need to run an executable to install, the installer asks first. Again being seldom it's a red flag.
Many (not all) Linux and Windows applications require root (or the equivalent) or make you know some archane flags if you don't want to installa s root. On linux if you try to go the route of not installing into root owned directories like
Also not only is there an apt-get port project, it's mature and in widspread use. Actaully there are at least three repositories for mac software. Ironically, because of their linux origins, they all have to be run as root and thus have all the dangers.
4) mac apps are self contained and thus are easy to uninstall. they don't spray pieces of themselves into special directories and possibly overwrite other simmilarly named libraries.
5) While open source is in theory examinable, linux apps drag in so many dependencies there's a lot of ground to cover. Package managers in some way make this worse since one draws from repositories that are spread geographically. If you work for government agencies there's some greater worry when pulling in some weird compression library from Russia than from say stanford. COnversely since mac apps are self contained it's one stop shopping, as long as you trust where you got it.
Some drink at the fountain of knowledge. Others just gargle.
Except it can modify all your applications.. trojan itunes, trojan safari. On top of that, you don't need root to turn a machine into a zombie.
...if I create a new, non-admin user on an OS-X system, can I browse to any site I want, launch any hostile process that I want, and feel secure that I won't damage either the OS or other accounts (that use the default privileges)?
Both under windows and OS-X, creating restricted users and using those accounts to browse potentially hostile websites is what I've always done to keep my system clean - this means that malware must first find a hole in the browser, then launch a process that finds a hole in an admin/root process for escalation (which is a much harder target to hit).
I never work as a privileged user. Is not not enough anymore?
...here is why:
A user can be educated.
An OS that can be exploited with no user intervention is an insecure operating system.
Let me reiterate my point.
There are ZERO pieces of self propagating malware in the wild for MacOS X.
"So you figure it is better to only lose your home directory containing everything you care about, email, pictures, personal documents, all your settings like bookmarks etc. As long as the rest of the system, which is easy as hell to reinstall, is not compromised?
:)
As a desktop user I severely disagree, I'd rather lose everything but ~ and if I'm stupid enough to run malware that malware will have the necessary permissions to delete everything I care about."
That is worst case on Unix. On Window worst case is you lose EVERYTHING. So yes it is still slightly better.
Do you have kids? Does your spouse use your PC? Again the worst case is that user can infect and maybe loose there home directory and not everybody's.
So yes it is better to just loose your home directory. BTW make backups. No matter how secure you OS is that important data is sitting on a drive that will fail some day.
"I monitor a few open source applications mailing lists and often when a security vulnerability is found, it has been there a long time. How many more are lurking in that mess of C++ code?"
Yes but that is the key. They are out in the open. How many more are lurking in that mess of C++ code that is Windows that nobody fixes?
Linux has a higher security rating than Windows at least that is what the US government says.
If you want a really secure OS then I suggest running VMS
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Since we can't ever educate all users (or nearly all), all operating systems are insecure.
Let me reiterate my point.
The number of "self-propagating malware" pieces in the wild is just e-peen waving. All operating systems are insecure against the only thing that matters, and if you think that the situation will be any better the moment (SELECT * FROM osnames WHERE os != "Windows") is the primary OS in the world, you're only fooling yourself.
"16MB (fuck off, MiB fascists)" - The Mighty Buzzard
I don't disagree that the user is the most exploitable part of the computer system. see Honestly, I don't care about any computers that I don't use. If all the exploits require user intervention for my chosen systems, then I will continue to feel pretty secure in using them.
But yeah, I also laugh when reading those comments saying that the "only" thing that can happen if a virus infects a Linux machine is that you could lose your home directory which contains all your data...
Your data is worthless. Everything on the computer is worthless compared to the ACCESS TO OTHER COMPUTERS with ability to impersonate you. I can back up, erase and restore my home directories all day, but $deity forbids, someone will be able to use my computer to impersonate me on the network at my work, modify my backups or interfere with my work when I handle other people's accounts.
Contrary to the popular belief, there indeed is no God.
I agree with the popularity factor, and I happen to also think that Mac OS will not withstand the security demands as the competing, current, time-tested, and server-grade OS's that have been targets for as long as I've been able to grep. I hope I'm wrong; it'd be nice to have Mac live up to its self-hype. However, this is a moot point to make without a lengthy, dead-horse argument that will only fuel the flamewars. I say this only to make clear that this is not my point. I'm here to point out that the Ubuntu user, in all his leety indi-ness, has just as much to worry about as the Maccy did so many years ago; when he was dancing around singing "Under Pressure" in front of a bright green background, as the newest Zero-day vulnerability exploits ravaged his friend's XP home edition box. Abandoning ship or gloating is the boob's argument. You can island hop all you want, but the waters are still rising. As a Windows user who has stuck it through all the way to Vista, lost and won many a battle with a straight face, and learned so much more throughout on how to protect myself in my environment of choice, I say bring it on. If you so can't stand being exploited as to learn from it, get off the Internet.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Well, actually I use Debian, but I happen to believe in diversity as a way to fight large automated attacks. Let the fileformats be standarized, but the implementations diverse. If 60% use Windows, 10% Apple and the rest goes Amiga and different flavours of Linux I think the internet would be a much safer place against those automated massive attacks.
Any application though can delete your My Documents folder in Windows. However many applications can mess up your Windows install too. Therefore even when Linux can have the home directory erased, Windows has that and more.
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
Maybe the worst thing that could happen if your Slashdot account details were compromised would be that your account would be used for trolling, and quite possibly that doesn't bother you in the least. But what other computers do you use in similar ways? What about all those online stores you've probably given your credit card number to over the years - wanna bet all those are only operated by highly-trained security professionals? Because I don't. What about government agencies? We've hardly been short of "stolen $DEPARTMENT laptop held $MANY million citizens' personal details" scandals in recent years...
And I think we all know why so much spam comes from residential IP addresses, right?
Given which, I'd really rather there not be any malware at all for any operating system. An OS that has malware in the wild is an insecure OS. Just because all the malware requires user intervention doesn't mean the OS is secure. It means it's more secure, and clearly a superior choice over OSes that suffer from hands-off malware, but "more secure" doesn't mean "safe" any more than "growing up" means "mature".
This is why you don't get any malware for linux.
This is how the loudness war is killing music.
A good point, Britz, but I'm not sure I agree entirely.
"By the toll of a billion deaths man has bought his birthright of the earth, and it is his against all comers..." --H.G. Wells, War of the Worlds
I'm sure there's consensus to the truth in this. That species which is attacked most by the most diversity of attackers will be naturally resilient to future attacks through its survivors. That's that point, and I have a slightly different one.
Diversity is important, but we're not talking about diversity within a species when we compare Ubuntu, Windows, Mac, etc., we're talking about a different species altogether, and the newcomer may as soon be a Debian as a Mac.
The key, however, is in the fact that they often belong to the same genus, phylum, what-have-you (this is only an analogy of course). After all, an Intel chip, under any other OS, is still an Intel chip, and a buffer overflow vulnerability will smell as sour; in a kernel, in an OS, in a plug'n'play driver, ready to exploit your specific CPU, just as my pet ebola is patiently waiting on that taco. Ebola doesn't ask you what clothes you're wearing before it wants to eat your organs. If you eat it, it is hilariously good at what it does. It's just a matter of time before I find out what you like to eat.
Now, again, I agree that diversity is important, and I submit that diversity in computers is far more vast and complex than simply saying Mac, Ubuntu, Windows are species in a genus, and I can make ebola tacos, but all of these OS's can be far less diverse on fundamental levels. Let's say I plop ebola on a big mac, a taco, and a garden burger on one plate, make 6 million of these plates, and hand them out. If I know 90% of everyone who gets a plate will eat one of those meals, I'm the freaking iron terrorist chef.
By blaming ActiveX and IE for security problems in Windows you've proven the parent posters point quite nicely.
IE and ActiveX are no different from Firefox + Addons or Safari + Java JRE in that they are all just browser/plugin combinations. All can be exploited to the same extent. IE + ActiveX's ubiquity has been it's greatest downfall.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
good point
Dude, you must work in tech support... Mac hatred is so 1997 among computer folk.
Doesn't matter really... some people just don't get good humor... ;) offtopic? :P bah.
And as a Mac user who knows how to fix his computers... (even the macs)... I'm doing just fine myself... Of course one of my macs runs Fedora... so that probably isn't technically a "mac" in the religious sense of the word...
Remember, though... guns don't kill people... windows computers do.
It's the Stay-Puft Marshmallow Man.
You seem to be skipping user areas, user applications, and even general applications that are accessible via a default user/program.
Here contrast this, in Vista, IE can't even write to user areas, let alone program/application areas. Additionally, even normal users or applications CANNOT write to applicatin/program areas in Vista, so even if the user is using Firefox, the applications are still protected.
Nowadays, that's a backwards priority, and we need to stop prioritizing system over data, if you ask me. Most computers of these UNIXy machines (OSX, Linux, even NT-based windows for the point of discussion) folks use nowadays are essentially single-user, or at most a family. It's exactly the user's files that are important. If I (or a trojan) nuke my OSX system, I can just pop the Tiger install disc back in & be back up in an hour (or two, allowing for third-party software installation). If I lose all my data (either due to stupidity or malware), I've lost months of work, unless I've backed up. (Kudos to Apple for simple backup in Leopard...)
The idea that the system is more important than the data is a relic of shared-use UNIX workstations, if you ask me.
This is a reason why I suggest, if you set up a Mac for a family you should keep the admin account to yourself, and give everyone else a user logon without admin rights. The Mac is marginally more secure than windows, but you still have to use judgement and commonsense.
You people seem to forget that the first big worm spread around the internet and brought the entire thing to a halt... all running on Unix. Linux-targeted malware is malware that has been crafted to take advantage of a hole in Linux. Find a hole in firefox on linux, and you're 99% the way there. If you don't think that's possible, I've got a bridge to sell you...
You're over-thinking it and you've fucked up your analogy as a result. In your analogy, software is a vector of infection. Clearly, software is a target of infection, whatever the vector. So far, no malware author is infecting a person via their computer.
Diversity works like this (whether the scale be that of a home network, a business, or the internet): (1) A monolithic network, i.e., one dominated by a single OS, can be taken down at the knees. A mixed environment, while it might be crippled if half its component systems go down, can still hobble along and some work can get done. (2) The more diverse a network, the smaller the overall vector, thus slowing propagation of infection. Under these conditions, a virus might be contained or even burn itself out before reaching epidemic status.
Incidentally, ebola is not a food borne disease. I'll eat one of your ebola burgers if, in return, you let me wipe my syphilitic penis in your eyes. Deal?
It's not offtopic, dumbass. It's orthogonal.
I was aware that my analogy did not use ebola in realistic terms. I'm not a virologist or an epidemiologist. It's a bit of a sad shot to poke such holes in an analogy, but thanks for your words of wisdom, mighty syphilis man. If any such analogy were so flawless as you seem to suggest they all should be, we would indeed have computer-to-human virii. I'll assume such absurd statements were attempts at humor, though, as were mine.
Let me stop using analogies so I can make this simple, direct, and boring. Diversity is not simply determined by OS. I agree, though, that it is a major factor in epidemics, since many epidemic-grade virii are highly tailored to automate the exploitation of a large base of the same OS. You make a good point by explaining that multi-OS networks are an example of diversity in this attack scenario, and I agree that statistically a network has been safer from the majority of epidemic attacks by running OS-diverse networks.
Perhaps in this light, I invited such a response (ie: "fucked up (my) analogy") by my use of epidemic imagery, which was not necessarily the attack methodology I was referring to. My intended focus was in the fact that uniformity exists in many networks on lower levels than just the OS, using the Intel CPU as the relevent example for our article, thus undermining the idea of security through diversity of the OS. My response was to those who at one time thought changing to Mac was a safe security option by default because of targetting trends, and now to those who suggest jumping to Ubuntu, etc., because somehow Macs have begun to be targeted. I'm not going to take any more time to try to explain why this is a problem, because you clearly have more of a clue than the schmuck who waves a Ubuntu banner every time a zero-day vulnerability is announced on a mainstream OS.
To be honest, I'm not sure it was necessary to make a point of joining the fray on this one, considering how clear of a mistreatment of the problem changing one's OS is to those who care enough to know better, and how unimportant it is to those who don't. Of course, I suppose I did get a sexual offer out of it. Where should we meet?
You make a good point about the other layers of the network, especially the hardware level. There was just an interesting story about "drive-by" cracking of wireless routers. Well, that's software, but it does demonstrate how the crackers' repertoire has expanded into other components of the network.
The majority of attacks today are on the OS. No particular OS is safe, of course. However, the epidemiological model does apply where viruses and worms are concerned, because a diverse OS "gene pool" (if you will) can slow and halt the spread of a computer "disease", just as it happens in nature. A virus needs a large enough vector to reach explosive epidemic growth. A homogenous population that is susceptible provides just such a vector, while a heterogeneous population decreases the vector. When the virus hits a non susceptible OS, it's reached a dead end. If the OS gene pool contained three OSes evenly distributed, the virus would only have a one in three chance of infecting the next computer to which it gets passed. Meanwhile, in the homogenous pool, the virus would have a 100% success rate, resulting in an epidemic.
Granted, this is just one tactic against viruses. It wouldn't be successful against a virus that targeted some other subsystem of the network.
Sooooo, anway, thanks for your reply and for overlooking my rudeness and crudeness. You really did make my day with that well deserved name.
It's not offtopic, dumbass. It's orthogonal.