The core of Mac OS X is BSD Unix, and that OS has been around for
two decades in open source form, inspected by all concerned. That's why Mac OS X is more secure than Windows, according to InfoWorld.
For a long time, apologists for Windows have been arguing "security through
obscurity." However, if it has a CPU, hackers will try to attack it, and
Mac OS X has been a big target for a long time.
"The difference isn't market share, it's the foundation of the operating systems. Given that most virus authors and hackers are in it for the ego, don't you think that there would be a huge incentive to be the first one to write a widespread OS X, Linux, or FreeBSD virus?" Paul Venezia asked.
The key is the foundation of the OS. If the OS is designed on a shaky foundation,
everything on top will suffer. When Apple moved its customer based from Classic Mac OS 9 to Mac OS X, they did so consciously with the idea that they needed a firm foundation for the future. But that meant leaving every Classic app behind in the long term.
Microsoft has never been able to make that commitment and retained the backwards compatibility with Win32 apps. That has put a strain on their whole Windows OS.
"Simply put, Microsoft had the chance to beat Apple to the punch and make a giant leap back in 1997 or so, killing off the existing Win32 platform in favor of an NT-based client and server that did not have to run legacy applications natively. They didn't, and we are still paying the price for it today. Even if you're not running an MS OS, most of the spam in your mailbox came from zombie Windows systems in the control of spammers,"
the author noted.
While Microsoft was reaping the rewards of this compatibility, Apple took the time to move its entire customer base to a highly secure BSD Unix OS. "Microsoft didn't. They're faced with massive-scale exploits like the spreading ANI vulnerability, Mr. Venezia concluded. "That affects every Microsoft OS, server and workstation alike, across the board. This gives us a glimpse into the code shared between generations of Microsoft OSes, and it's not a pretty view."
A quote from Henry Spencer was noted, "Those who don't understand UNIX are condemned to reinvent it, poorly."
OSX on the net for 6 years is hardly what I would call obscure. But OSX being BSD has been around for 20 years, at least the main different parts of it. With no malware,spyware, or viruses in the wild there is no denying OSX is the most secure operating system to date.
Security professionals prefer to call a system whose risks are mitigated "hardened" rather than "highly secure." A hardened system is one where vulnerabilities have been found and fixed along with other issues. A hardened system is accomplished by using the system and having issues reported to the manufacturer.
BSD is a very old operating system. The basis of the BSD kernel dates back to version 4.4 released in the early 1990s. The 4.4 BSD kernel is based on the 4.2 BSD kernel released in the early 1980s. BSD has been around a long time and has been hardened over that time.
To Apple's credit, they chose to use the Mach-based micro-kernel with the BSD personality layer that emphasizes the minimal use of the kernel for providing system services. Using Mach services, Apple implemented everything as separate processes which helps partition other processes. This will prevent a vulnerability in one area from effecting another.
If you look at the vulnerabilities identified in Mac OS X, you will find that they are less than catastrophic and do not effect multiple functions of the system. On the Windows side, a vulnerability that can access to the kernel does open many unintended doors because everything is buried in the kernel.
It was not supposed to be like this. When Microsoft hired Dave Cutler from Digital to redesign Windows that eventually became Windows NT, Cutler designed a multi-layered system with several security domains that would have prevented many of the problems that have occurred--similar to how he designed VMS. Microsoft destroyed Cutler's attempts in the name of "backward compatibility."
Microsoft could have dealt with this backward compatibility problem by working with IBM to leverage the work they did on OS/2 to create backward compatibility with Windows 3.x. One would think that IBM knows a little about virtual machine technologies in order to pursue this path. But Microsoft wanted a complete divorce from IBM and forced Cutler and his team to make NT backward compatible.
In the mean time, Apple converts Mac OS to a hardened kernel and Microsoft pursues Vista that has millions of lines of new code that is not "battle tested." No matter how secure you try to make any software, without being battle tested, it is prone to serious vulnerabilities. Vista has a long way to go to be hardened like the Mach/BSD kernel in Mac OS.
there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app. that would allow them to make the transition quite easily. hell, they could even include a copy of the previous OS and provide a clean way to dual-boot, a la boot camp.
i would have mucho respect for microsoft if they even tried to do something like that. especially if they dropped the "windows" name.
CloseViewName:gslusherPosts: 2063Joined: 13 Nov 2002 Tue Apr 10, 2007 3:25 pmSubject: Windows legacy
In his talk at the TED (Technology Entertainment Design) conference, David Pogue said: "But, actually, I believe that there are really two Microsofts. There's the old one, responsible for Windows and Office. They would ... they're dying to throw the whole thing out and start fresh, but they can't. They're locked in because so many add-ons and other companies' stuff locks into the old 1982 chassis. But, there's also a new Microsoft that's really doing good, simple interface designs." (He likes the Media Center PC and the MS Spot Watch, which failed, not because of the design, but the cost--$10/month for a watch you had to recharge every night and which stopped working when you left your area code.)
burrito wrote: there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app.
HAHAHAHA. Man that was funny. Someone who obviously has NO relevent experience AT ALL knows better than all of Microsoft. Yeah... good luck with that. I could write pages and pages here pointing out how many things are wrong with your statement, but I have to get back to work.
burrito wrote: there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app.
HAHAHAHA. Man that was funny. Someone who obviously has NO relevent experience AT ALL knows better than all of Microsoft. Yeah... good luck with that. I could write pages and pages here pointing out how many things are wrong with your statement, but I have to get back to work.
You could write pages and pages, but you'd still be wrong. Burrito is absolutely right; it's what Apple did with Classic in Mac OS X. And lucky for Microsoft, virtualization products already exist; Microsoft even bought one.
This doesn't mean it would be easy for MS to do so, and it may not be commercially feasible, but it's certainly technically possible. So, I suggest you tone down your arrogance a wee bit.
I find it ironic that any time someone is promoting Mac OS X security, they point to Windows as if driven by some massive inferiority complex. I'm not going to mention Windows again in this post as it is irrelevant and will only focus on Mac OS X security.
To claim with such certainty that Mac OS X is more secure than another OS is not something any respected security professional would do. Not only because the research into the security of OS X is so young, but most would say that it is impossible to compare the security capabilities directly and could only give you a personal preference for how they like to secure their own systems.
While we are on the subject of Mac OS X security myths, here again is yet another article claiming that Apple's reliance on BSD has made it more secure as it inherits the security features of that OS. However, the integration of Mach & BSD is unsound, and many of the security features of BSD can be circumvented because of this.
The research into Mac OS X security is only beginning, it's in its infancy.
"Even though Mac OS X has been available in one form or another for about six years (not counting its pre-Apple days as NeXT/OpenStep), its security education and research community is still young and underdeveloped. With Apple’s transition to an all Intel-based architecture and the steadily increasing adoption of Mac OS X by small, medium, and large enterprises, the Mac OS X security research and education landscape is rapidly being forced to grow up.
"To my knowledge, Apple does not publish planned end-of-life (EOL) policies for their operating systems.
"there is a dearth of well researched and well built Mac OS X honeypots and honeynets. Is it because of a lack of interest, a lack of tools, or both? From my own anecdotal research, I believe it to be a combination of both factors. Mac OS X has only recently been receiving both general and targeted attention from the security community, so the tools necessary for a credible and effective Mac OS X honeynet are only now being ported."
That PDF is what we should all read if we care to know about the current state of security for Mac OS X. We are just seeing the beginning of the discoveries to come in the way of Mac OS X security and exploits.
"The data clearly shows that over the course of time security updates have begun to address more Apple-specific issues than third-party applications, which in turn suggest an increase in focus on OS X specific software by researchers.
"One of the security benefits often associated with OS X is the inherited system design of BSD. A recent disclosure noted that it's possible to circumvent the security features of the BSD sytem because of a flaw in the integration of both the Mach and BSD features into the OS X kernel. Using Mach system calls, it's possible to carry out what should be restricted activities, including lowering the securelevel value.
"With respect to Apple Mac OS X, it would be safe to speculate that a select group of researchers who have been spending their time researching this platform are aware of numerous zero-day vulnerabilities that affect most or all users.
"To date there has been little in-the-wild malicious code targeting OS X. One of the reasons more security research on the operating system hasn't been carried out is the assembly language for the RISC processor design. However, PowerPC is a relatively straightforward assembly language, and many researchers hvae begun to overcome the hurdle quite quickly.
"Although OS X has been less of a target for compromise than other operating systems, there are at least three publicly available rootkits: WeaponX, OSXRK, and Togroot.
"Many Mac users may be unsuspecting of potential nefarious or malicious activities being carried out by attackers. In some cases (such as the unsophisticated distribution of OSX.Leap.A on a form telling people to open a file), infection could have easily been avoided if users had take basic security precautions. This threat is compounded by an unfortunate perception of immunity to malicious code and a general lack of understanding of basic computer security.
"The previous sections of this document demonstrating the existence of numerous critical vulnerabilities, exploits and rootkit technology should shot hat simply combining these readily available tools and problems with a more destructive and viral payload could easily yield higher-profiles malicious code.
"Given that there are numerous security threats targeting OS X and that this number is only set to increase, it is possible that Apple may look into implementing some security enchancements ito OS X. Currently, aside from the usual user-privilege-based security measures, Apple offers little in the way of exploit prevention in their operating system."
CloseViewName:LaurieF- TMO Forum ModPosts: 3517Joined: 15 Jun 2001 Tue Apr 10, 2007 6:45 pmSubject:
Oh dear, oh dear, oh dear. If you were a regular (registered?) reader of these posts, oh Anonymous One, you would have read your very argument here before. Or maybe you were one of the ones that posted it, what, years ago? It's been done to death, and your preaching isn't going to convert anyone.
Anyone who is complacent about computer security is a fool. Nevertheless, I have been using Macs for seven years now. I don't go out of my way to be careful about what I download. However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)
You quote "from the usual user-privilege-based security measures" - well, that's a biggy. As long as users are reasonably careful, that very thing is enough to keep out most malware. Not security by obscurity; security by design. I don't care what Symantec say.
Guest wrote: To date there has been little in-the-wild malicious code targeting OS X. One of the reasons more security research on the operating system hasn't been carried out is the assembly language for the RISC processor design. However, PowerPC is a relatively straightforward assembly language, and many researchers hvae begun to overcome the hurdle quite quickly.
PowerPC is a relatively straightforward assembly language?
LaurieF wrote: However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)
That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.
Engine Joe wrote: Symantec has some insight, but they also have something to sell. So they're hardly disinterested observers here...
true but, flawed integration of mach & bsd, lack of published EOL plans from Apple, lack of security research on the Mac OS platform, kernel vulnerabilities, buffer overflows, malloc insecurities, firewall policies and locking down services, etc are not solved by something they can sell you.
so for the virus, rootkit problems, sure, you could buy a symantec product, but that's just a small part of the discussion in security, but the only part that people who attempt to compare the relative security of Mac OS X to other operating systems focus on.
That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.
Yeah, and you might have the beginnings of terminal brain cancer, just because routine scans didn't show it doesn't mean you can prove you don't. You certainly aren't making a strong case against that diagnosis here.
LaurieF wrote: However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)
That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.
True. But on my system, for example, I don't have excess, unexpected network activity, so my machine isn't acting like a zombie spambot. I regularly access my financial accounts, in which no spurious activity has occurred, so there most likely isn't a keylogger installed. None of my files have been corrupted, all my applications run properly, and nothing seems to be amiss. Why? Most likely, because there is no malware on my system.
CloseViewName:LaurieF- TMO Forum ModPosts: 3517Joined: 15 Jun 2001 Wed Apr 11, 2007 1:22 pmSubject:
Quote
Anonymous wrote: That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.
Interesting? You're a sarcastic piece of tutae. Don't bother. You think I'm uneducated? You know nothing and you're a troll. But since you require the proof, here's my ClamAV log from a week ago:
However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)
CloseViewName:Rainy DayPosts: 607Joined: 07 Jun 2005 Wed Apr 11, 2007 3:03 pmSubject: Not true
Quote
Guest wrote: That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove.
Actually, this isn’t true. Tripwires, checksums, etc. can all be used to conclusively demonstrate that one does not have a gremlin in the system.
Be all that as it may, this “Guest†is nothing but a Symantec shill trying to spread FUD to create a market for a useless product. Mac users need anti-viral software about as much as a fish needs a bicycle.
And lest we forget, Symantec has the dubious distinction of being the only company to sell malware for the Mac: Its Norton AV for Mac turned out to be, albeit unintentionally, trojan horse software which created a major backdoor exploit in Mac OS X (but only for those who installed Norton). This was about a year ago.
For the Mac user, looking to Symantec for advice on OS security is about like asking Adolf Hitler for advice on how to get along well with one’s neighbors.
Well, if you look up one post, you'll see as much proof as I can provide
Well, if that was obtained by connecting the hard drive as a 'slave' to a known good installation, then fair enough. Otherwise...
Quote
Actually, this isn’t true. Tripwires, checksums, etc. can all be used to conclusively demonstrate that one does not have a gremlin in the system
Well, to a certain degree of paranoia - certainly a step beyond a typical paranoia level. If it's done correctly, that is (which isn't entirely straightforward). Well, to be more accurate, it can be used to demonstrate that it's extremely unlikely that important files haven't been changed.
Man, you think I work for Symantec and am promoting their AV software?
Your paranoia runs deep and you completely missed the point. I'll write it again for you, "flawed integration of mach & bsd, lack of published EOL plans from Apple, lack of security research on the Mac OS platform, kernel vulnerabilities, buffer overflows, malloc insecurities, firewall policies and locking down services, etc. are not solved by something they can sell you. virus [and] rootkit problems [are] just a small part of the discussion in security." I wouldn't even say to buy an AV program as there are plenty of free solutions that are just as good. ClamAV that LaurieF is using is just one example of a decent free AV program.
However, Rainy Day has perfectly demonstrated this earlier comment, "the virus, rootkit problems, [are] just a small part of the discussion in security, but the only part that people who attempt to compare the relative security of Mac OS X to other operating systems focus on."
It seems the people here who are intensely trying to defend Mac OS X on security only understand or care to talk about one small piece of security. Either that, or they just drop down a level and sling insults at anyone trying to point to the actual known state of Mac OS X security.
I think it's funny that after everyone is talking about how an AV report cannot prove that a system is free of viruses, only that a system is free of known viruses, that one is offered up as "proof" that a system is indeed free of viruses. Yes, that is how we all get peace of mind, by regularly running AV scans, by using firewalls (soft & hard) and other intrustion detection & prevention tools. None of these tools prove a system is secure or has not been compromised. The fact that you are still trying to "prove" that your system let alone any system is free of viruses shows a lack of education and experience in security. There is only one way to do that, and it's to be in an environment of limited-functionality. If it is proven impossible to create or modify programs within a given programming environment then that programming environment is incapable of spreading viruses. The Java "sandbox" model is a decent example of this kind of limited function, however there is always a desire on the part of engineers and consumers to extend the limited-function languages (as can been seen by the loosening of the original Java security model to include options that permit Java applets to access any part of teh system they want). Mac OS X is not a limited-function environment, so stop trying to prove that which cannot be proven. Simply state what you know and what the rest of people with an understanding of the space would state, "You have a reasonably high degree of confidence that your system is virus free."
Look, it's not like these security flaws are unknown. Apple even published the fact that the unsound integration of Mach with BSD and how one can use Mach specific calls to circumvent the security features of BSD. "When you use Mach to create a task, Mach returns a port right name that references a send right for the port (the receive right for a task port is always owned by the kernel). You can send messages to this port to start and stop the task, kill the task, manipulate the task’s address space, and so forth. Therefore, whoever owns a send right for a task’s port effectively owns the task and can manipulate the task’s state without regard to BSD security policies or any higher-level security policies."
Some other well known examples where Mac OS X security is lacking...
-Firewall. An easy to use firewall is included in Mac OS X, but it only does TCP port filtering and does not even address UDP. It is possible in Mac OS X Tiger to also enable filtering on UDP ports. However, access through the ports used by DHCP and Bon Jour (67 and 5353, respectively) remains vulnerable even with UDP filtering enabled. Bon Jour itself offers a particularly dangerous vulnerability because it can be used to probe a system and determine the status of its security updates. This would allow a would-be attacker or piece of malware to determine specific vulnerabilities based on the information about the update. The fact that Bon Jour is not blocked by the built-in firewall exacerbates the situation.
-Apple's Approach to Security through Obscurity. One classic example is the wireless driver issue. It was demo'd at a blackhat convention in early 2006. Lots of denials from Apple and attacks on the people who demo'd it. Not until that vulnerability was the first one published in the month of kernel bugs did Apple finally release a patch for it. (Here's one example where a vulnerability would not have been addressed without releasing the exploit).
-Lack of Secure Development Techniques. There are number of techniques that APple does not yet use including stack canaries (to prevent buffer overflows), secure heap implementation, address space layout randomization. These techniques don't resolve the existing vulnerabilities, but make it much more difficult to exploit them as attackers cannot assume the location where specific data is stored in memory as they could now.
Again, I'm not trying to do a relative comparison of Mac OS X security to any other operating system, and there are certainly areas of security where Apple has done well. I'm simply trying to point out that there are most certainly security issues and vulnerabilities in the OS. And that when it comes to security, you never know, but can only estimate your level protection. If you are interested in securing your Mac OS X computer, here's a checklist for you: http://www.sans.org/score/macosxchecklist.php
CloseViewName:LaurieF- TMO Forum ModPosts: 3517Joined: 15 Jun 2001 Wed Apr 11, 2007 4:34 pmSubject:
As I have said repeatedly in this thread and in many other threads in this forum, anyone who is complacent about OS security is a fool. There are potential holes in OS X. No-one has ever denied that (or needs their head read if they have).
I can't prove absolutely that I have no malware on any of my computers. However the fact that I have never detected one, despite having continual attempted breakins webserver, and running iChat and Skype, gives me the peace of mind I require. That peace of mind I have never had with Windows.
Look, you can point out all the proof-of-concept breaches you like, and mention MOAB (but if you do, I'll beat you round the head severely with a feather duster), and tell us about the malware spread in a limited iChat group (because the recipients were stupid), but you'll never be able to convince me that there are viruses in the wild that are causing havoc.
It will possibly happen. Those arseholes who write and propogate viruses will keep on trying. One or more of them will possibly be "successful". So far, no-one has been.
In the meantime I shall continue to practise safe hex.
Oh, BTW, it's Bonjour, not Bon Jour. Or Bon Jovi. And if you're going to keep on posting, do us the courtesy of letting us know, at least by an alias, who you are. I can't tell one Anonymous from a Guest.
Last edited by LaurieF on Wed Apr 11, 2007 6:14 pm; edited 1 time in total Reply | Quote
CloseViewName:gslusherPosts: 2063Joined: 13 Nov 2002 Wed Apr 11, 2007 5:57 pmSubject: Re: Not true
Quote
Rainy Day wrote:
And lest we forget, Symantec has the dubious distinction of being the only company to sell malware for the Mac: Its Norton AV for Mac turned out to be, albeit unintentionally, trojan horse software which created a major backdoor exploit in Mac OS X (but only for those who installed Norton). This was about a year ago.
For the Mac user, looking to Symantec for advice on OS security is about like asking Adolf Hitler for advice on how to get along well with one’s neighbors.
Symantec is noted for, among other things, saying that Mac users are not "secure" because they're vulnerable to phishing attacks. Of course, they did this in order to sell their product, Norton Confidential:
"Salem has noticed a movement towards the Mac and is concerned about Apple’s positioning of the platform as virtually virus free. He concluded: 'As more and more people buy Macs, we could end up in a situation where they think they are protected and they’re not. There is a danger that people could think they are secure on the Mac when they aren’t.'"
An interesting note: I cannot find Norton Confidential on VersionTracker OR MacUpdate. It's been out since September, 2006, according to that article. Symantec hasn't added it to the VT or MacUpdate lists, though their other products are there. That way, no negative comments will be posted!
According to the MacWorld review, Norton Confidential has some "undesirable" features:
"File Guard protects files in much the same way that Information Guard protects data. But, in addition to preventing protected files from leaving your computer, by default it also prevents you from moving files in the Finder. This feature is unreliable: it asks for authorization when you try to move files, but you still cannot always move them. You can enable the Allow Mac OS X access option, but this doesn’t resolve the problem. Symantec recommends manually turning off the feature when you want to move a file, but this seems onerous at best. You also need to enter a password whenever you want to save a protected file. I found this feature annoying. Symantec is investigating ways to make the Finder operation go more smoothly for future versions of Norton Confidential."
Sounds very typical. The review concludes:
"While its phishing protection works very well, education works even better: just don’t click those links asking you to enter your credit card number or password."
Also see Symantec's report in 2005 that Mac viruses and hacker attacks were "on the rise."
Rather than Adolf Hitler, I'd make an analogy between Symantec/Intego/etc and Chicken Little: "The sky is falling! The sky is falling!"
you all are some serious conspiracy theorists, i swear
of course that sounds typical, it's a mac propaganda site, duh!
your sky is falling comment just highlights your conspiracy paranoia, clearly you haven't actually read the documentation provided by symantec and compared it to other well respected security sites, and even apple's own admissions, and their reactions to to futher secure the os due to the things being pointed out by these sites.
CloseViewName:Guest Thu Apr 12, 2007 8:46 amSubject: mac
I'm a hacker, theres no point in making stuff for mac, not a lot of peeple use it. If you look at most web statistics its windows what ever with IE6 browser with 800X600 rez. Hacking windows now.
The opposite was proven with the Apple Month of Bugs.. showing that if people specifically targetted the Mac it is a lot more vulnerable than a Windows XP system... let alone Vista.
CloseViewName:Guest Thu Apr 12, 2007 9:32 amSubject: Nick
Biff is right on his comment.
There is a bit more Windows users, Windows dependent companies and software.
It's not that Microsoft can't and wouldn't want to scrap all the old technology. The cold fact is that they can't do that without supporting old systems in some way.
Apple can do this because their computers are only used as desktop computers and their users can live with the idea of updating their software all at once.
When it comes to viruses, it's because no hackers use Mac!