OSX on the net for 6 years is hardly what I would call obscure. But OSX being BSD has been around for 20 years, at least the main different parts of it. With no malware,spyware, or viruses in the wild there is no denying OSX is the most secure operating system to date.

Security professionals prefer to call a system whose risks are mitigated "hardened" rather than "highly secure." A hardened system is one where vulnerabilities have been found and fixed along with other issues. A hardened system is accomplished by using the system and having issues reported to the manufacturer.

BSD is a very old operating system. The basis of the BSD kernel dates back to version 4.4 released in the early 1990s. The 4.4 BSD kernel is based on the 4.2 BSD kernel released in the early 1980s. BSD has been around a long time and has been hardened over that time.

To Apple's credit, they chose to use the Mach-based micro-kernel with the BSD personality layer that emphasizes the minimal use of the kernel for providing system services. Using Mach services, Apple implemented everything as separate processes which helps partition other processes. This will prevent a vulnerability in one area from effecting another.

If you look at the vulnerabilities identified in Mac OS X, you will find that they are less than catastrophic and do not effect multiple functions of the system. On the Windows side, a vulnerability that can access to the kernel does open many unintended doors because everything is buried in the kernel.

It was not supposed to be like this. When Microsoft hired Dave Cutler from Digital to redesign Windows that eventually became Windows NT, Cutler designed a multi-layered system with several security domains that would have prevented many of the problems that have occurred--similar to how he designed VMS. Microsoft destroyed Cutler's attempts in the name of "backward compatibility."

Microsoft could have dealt with this backward compatibility problem by working with IBM to leverage the work they did on OS/2 to create backward compatibility with Windows 3.x. One would think that IBM knows a little about virtual machine technologies in order to pursue this path. But Microsoft wanted a complete divorce from IBM and forced Cutler and his team to make NT backward compatible.

In the mean time, Apple converts Mac OS to a hardened kernel and Microsoft pursues Vista that has millions of lines of new code that is not "battle tested." No matter how secure you try to make any software, without being battle tested, it is prone to serious vulnerabilities. Vista has a long way to go to be hardened like the Mach/BSD kernel in Mac OS.

there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app. that would allow them to make the transition quite easily. hell, they could even include a copy of the previous OS and provide a clean way to dual-boot, a la boot camp.

i would have mucho respect for microsoft if they even tried to do something like that. especially if they dropped the "windows" name.

In his talk at the TED (Technology Entertainment Design) conference, David Pogue said: "But, actually, I believe that there are really two Microsofts. There's the old one, responsible for Windows and Office. They would ... they're dying to throw the whole thing out and start fresh, but they can't. They're locked in because so many add-ons and other companies' stuff locks into the old 1982 chassis. But, there's also a new Microsoft that's really doing good, simple interface designs." (He likes the Media Center PC and the MS Spot Watch, which failed, not because of the design, but the cost--$10/month for a watch you had to recharge every night and which stopped working when you left your area code.)

Quote

burrito wrote:
there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app.

HAHAHAHA. Man that was funny. Someone who obviously has NO relevent experience AT ALL knows better than all of Microsoft. Yeah... good luck with that. I could write pages and pages here pointing out how many things are wrong with your statement, but I have to get back to work.

Quote

Biff wrote:

Quote

burrito wrote:
there's absolutely nothing preventing microsoft from scrapping windows in favor of a fresh, completely written OS now. all they need to do to retain backwards compatability is to include a nifty little virtualization app.

HAHAHAHA. Man that was funny. Someone who obviously has NO relevent experience AT ALL knows better than all of Microsoft. Yeah... good luck with that. I could write pages and pages here pointing out how many things are wrong with your statement, but I have to get back to work.

You could write pages and pages, but you'd still be wrong. Burrito is absolutely right; it's what Apple did with Classic in Mac OS X. And lucky for Microsoft, virtualization products already exist; Microsoft even bought one.

This doesn't mean it would be easy for MS to do so, and it may not be commercially feasible, but it's certainly technically possible. So, I suggest you tone down your arrogance a wee bit.

I find it ironic that any time someone is promoting Mac OS X security, they point to Windows as if driven by some massive inferiority complex. I'm not going to mention Windows again in this post as it is irrelevant and will only focus on Mac OS X security.

To claim with such certainty that Mac OS X is more secure than another OS is not something any respected security professional would do. Not only because the research into the security of OS X is so young, but most would say that it is impossible to compare the security capabilities directly and could only give you a personal preference for how they like to secure their own systems.

While we are on the subject of Mac OS X security myths, here again is yet another article claiming that Apple's reliance on BSD has made it more secure as it inherits the security features of that OS. However, the integration of Mach & BSD is unsound, and many of the security features of BSD can be circumvented because of this.

The research into Mac OS X security is only beginning, it's in its infancy.

http://www.symantec.com/enterprise/security_response/weblog/2007/01/macinenterprise_mac_os_x_inspi.html

"Even though Mac OS X has been available in one form or another for about six years (not counting its pre-Apple days as NeXT/OpenStep), its security education and research community is still young and underdeveloped. With Apple’s transition to an all Intel-based architecture and the steadily increasing adoption of Mac OS X by small, medium, and large enterprises, the Mac OS X security research and education landscape is rapidly being forced to grow up.

"To my knowledge, Apple does not publish planned end-of-life (EOL) policies for their operating systems.

"there is a dearth of well researched and well built Mac OS X honeypots and honeynets. Is it because of a lack of interest, a lack of tools, or both? From my own anecdotal research, I believe it to be a combination of both factors. Mac OS X has only recently been receiving both general and targeted attention from the security community, so the tools necessary for a credible and effective Mac OS X honeynet are only now being ported."

http://www.symantec.com/enterprise/security_response/weblog/2006/11/os_x_threat_landscape_document.html

That PDF is what we should all read if we care to know about the current state of security for Mac OS X. We are just seeing the beginning of the discoveries to come in the way of Mac OS X security and exploits.

"The data clearly shows that over the course of time security updates have begun to address more Apple-specific issues than third-party applications, which in turn suggest an increase in focus on OS X specific software by researchers.

"One of the security benefits often associated with OS X is the inherited system design of BSD. A recent disclosure noted that it's possible to circumvent the security features of the BSD sytem because of a flaw in the integration of both the Mach and BSD features into the OS X kernel. Using Mach system calls, it's possible to carry out what should be restricted activities, including lowering the securelevel value.

"With respect to Apple Mac OS X, it would be safe to speculate that a select group of researchers who have been spending their time researching this platform are aware of numerous zero-day vulnerabilities that affect most or all users.

"To date there has been little in-the-wild malicious code targeting OS X. One of the reasons more security research on the operating system hasn't been carried out is the assembly language for the RISC processor design. However, PowerPC is a relatively straightforward assembly language, and many researchers hvae begun to overcome the hurdle quite quickly.

"Although OS X has been less of a target for compromise than other operating systems, there are at least three publicly available rootkits: WeaponX, OSXRK, and Togroot.

"Many Mac users may be unsuspecting of potential nefarious or malicious activities being carried out by attackers. In some cases (such as the unsophisticated distribution of OSX.Leap.A on a form telling people to open a file), infection could have easily been avoided if users had take basic security precautions. This threat is compounded by an unfortunate perception of immunity to malicious code and a general lack of understanding of basic computer security.

"The previous sections of this document demonstrating the existence of numerous critical vulnerabilities, exploits and rootkit technology should shot hat simply combining these readily available tools and problems with a more destructive and viral payload could easily yield higher-profiles malicious code.

"Given that there are numerous security threats targeting OS X and that this number is only set to increase, it is possible that Apple may look into implementing some security enchancements ito OS X. Currently, aside from the usual user-privilege-based security measures, Apple offers little in the way of exploit prevention in their operating system."

Symantec has some insight, but they also have something to sell. So they're hardly disinterested observers here...

Oh dear, oh dear, oh dear. If you were a regular (registered?) reader of these posts, oh Anonymous One, you would have read your very argument here before. Or maybe you were one of the ones that posted it, what, years ago? It's been done to death, and your preaching isn't going to convert anyone.

Anyone who is complacent about computer security is a fool. Nevertheless, I have been using Macs for seven years now. I don't go out of my way to be careful about what I download. However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)

You quote "from the usual user-privilege-based security measures" - well, that's a biggy. As long as users are reasonably careful, that very thing is enough to keep out most malware. Not security by obscurity; security by design. I don't care what Symantec say.

Quote

Guest wrote:
To date there has been little in-the-wild malicious code targeting OS X. One of the reasons more security research on the operating system hasn't been carried out is the assembly language for the RISC processor design. However, PowerPC is a relatively straightforward assembly language, and many researchers hvae begun to overcome the hurdle quite quickly.

PowerPC is a relatively straightforward assembly language?

Quote

LaurieF wrote:
However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)

That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.

Quote

Engine Joe wrote:
Symantec has some insight, but they also have something to sell. So they're hardly disinterested observers here...

true but, flawed integration of mach & bsd, lack of published EOL plans from Apple, lack of security research on the Mac OS platform, kernel vulnerabilities, buffer overflows, malloc insecurities, firewall policies and locking down services, etc are not solved by something they can sell you.

so for the virus, rootkit problems, sure, you could buy a symantec product, but that's just a small part of the discussion in security, but the only part that people who attempt to compare the relative security of Mac OS X to other operating systems focus on.

Quote

Anonymous wrote:


That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.

Yeah, and you might have the beginnings of terminal brain cancer, just because routine scans didn't show it doesn't mean you can prove you don't. You certainly aren't making a strong case against that diagnosis here.

Quote

Guest wrote:

Quote

LaurieF wrote:
However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)

That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.

True. But on my system, for example, I don't have excess, unexpected network activity, so my machine isn't acting like a zombie spambot. I regularly access my financial accounts, in which no spurious activity has occurred, so there most likely isn't a keylogger installed. None of my files have been corrupted, all my applications run properly, and nothing seems to be amiss. Why? Most likely, because there is no malware on my system.

Quote

Anonymous wrote:
That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove. Just another example of a mac user who is uneducated about security.

Interesting? You're a sarcastic piece of tutae. Don't bother. You think I'm uneducated? You know nothing and you're a troll. But since you require the proof, here's my ClamAV log from a week ago:

Code

-- summary --
Known viruses: 91244
Engine version: 0.88.7
Scanned directories: 23232
Scanned files: 106226
Infected files: 0
Data scanned: 18510.67 MB
Time: 7338.667 sec (122 m 18 s)
--------------------------------------
Scan started: Thu Apr  5 06:55:49 2007

Note the important bit: Infected files: 0

That's proof enough for me.

Quote

However I do not have any viruses, trojans or keyloggers (or combinations of the above) on any of my computers, including my webserver. (I have the proof, in case you think I'm kidding)

Just curious - what is the proof?

Well, if you look up one post, you'll see as much proof as I can provide.

It's not possible to disprove a negative. However I have great peace of mind.

Quote

Guest wrote:
That's really interesting, because the absence of viruses, trojans, etc. is pretty much impossible to prove. The presence of one can be proven if it is a known bug, but the absence of them is an assumed property of a system that has been well protected, not something that you can prove.

Actually, this isn’t true. Tripwires, checksums, etc. can all be used to conclusively demonstrate that one does not have a gremlin in the system.

Be all that as it may, this “Guest” is nothing but a Symantec shill trying to spread FUD to create a market for a useless product. Mac users need anti-viral software about as much as a fish needs a bicycle.

And lest we forget, Symantec has the dubious distinction of being the only company to sell malware for the Mac: Its Norton AV for Mac turned out to be, albeit unintentionally, trojan horse software which created a major backdoor exploit in Mac OS X (but only for those who installed Norton). This was about a year ago.

For the Mac user, looking to Symantec for advice on OS security is about like asking Adolf Hitler for advice on how to get along well with one’s neighbors.

Quote

Well, if you look up one post, you'll see as much proof as I can provide

Well, if that was obtained by connecting the hard drive as a 'slave' to a known good installation, then fair enough. Otherwise...

Quote

Actually, this isn’t true. Tripwires, checksums, etc. can all be used to conclusively demonstrate that one does not have a gremlin in the system

Well, to a certain degree of paranoia - certainly a step beyond a typical paranoia level. If it's done correctly, that is (which isn't entirely straightforward). Well, to be more accurate, it can be used to demonstrate that it's extremely unlikely that important files haven't been changed.

Man, you think I work for Symantec and am promoting their AV software?
Your paranoia runs deep and you completely missed the point. I'll write it again for you, "flawed integration of mach & bsd, lack of published EOL plans from Apple, lack of security research on the Mac OS platform, kernel vulnerabilities, buffer overflows, malloc insecurities, firewall policies and locking down services, etc. are not solved by something they can sell you. virus [and] rootkit problems [are] just a small part of the discussion in security." I wouldn't even say to buy an AV program as there are plenty of free solutions that are just as good. ClamAV that LaurieF is using is just one example of a decent free AV program.


However, Rainy Day has perfectly demonstrated this earlier comment, "the virus, rootkit problems, [are] just a small part of the discussion in security, but the only part that people who attempt to compare the relative security of Mac OS X to other operating systems focus on."

It seems the people here who are intensely trying to defend Mac OS X on security only understand or care to talk about one small piece of security. Either that, or they just drop down a level and sling insults at anyone trying to point to the actual known state of Mac OS X security.

I think it's funny that after everyone is talking about how an AV report cannot prove that a system is free of viruses, only that a system is free of known viruses, that one is offered up as "proof" that a system is indeed free of viruses. Yes, that is how we all get peace of mind, by regularly running AV scans, by using firewalls (soft & hard) and other intrustion detection & prevention tools. None of these tools prove a system is secure or has not been compromised. The fact that you are still trying to "prove" that your system let alone any system is free of viruses shows a lack of education and experience in security. There is only one way to do that, and it's to be in an environment of limited-functionality. If it is proven impossible to create or modify programs within a given programming environment then that programming environment is incapable of spreading viruses. The Java "sandbox" model is a decent example of this kind of limited function, however there is always a desire on the part of engineers and consumers to extend the limited-function languages (as can been seen by the loosening of the original Java security model to include options that permit Java applets to access any part of teh system they want). Mac OS X is not a limited-function environment, so stop trying to prove that which cannot be proven. Simply state what you know and what the rest of people with an understanding of the space would state, "You have a reasonably high degree of confidence that your system is virus free."

Look, it's not like these security flaws are unknown. Apple even published the fact that the unsound integration of Mach with BSD and how one can use Mach specific calls to circumvent the security features of BSD. "When you use Mach to create a task, Mach returns a port right name that references a send right for the port (the receive right for a task port is always owned by the kernel). You can send messages to this port to start and stop the task, kill the task, manipulate the task’s address space, and so forth. Therefore, whoever owns a send right for a task’s port effectively owns the task and can manipulate the task’s state without regard to BSD security policies or any higher-level security policies."

Some other well known examples where Mac OS X security is lacking...

-Firewall. An easy to use firewall is included in Mac OS X, but it only does TCP port filtering and does not even address UDP. It is possible in Mac OS X Tiger to also enable filtering on UDP ports. However, access through the ports used by DHCP and Bon Jour (67 and 5353, respectively) remains vulnerable even with UDP filtering enabled. Bon Jour itself offers a particularly dangerous vulnerability because it can be used to probe a system and determine the status of its security updates. This would allow a would-be attacker or piece of malware to determine specific vulnerabilities based on the information about the update. The fact that Bon Jour is not blocked by the built-in firewall exacerbates the situation.

-Apple's Approach to Security through Obscurity. One classic example is the wireless driver issue. It was demo'd at a blackhat convention in early 2006. Lots of denials from Apple and attacks on the people who demo'd it. Not until that vulnerability was the first one published in the month of kernel bugs did Apple finally release a patch for it. (Here's one example where a vulnerability would not have been addressed without releasing the exploit).

-Lack of Secure Development Techniques. There are number of techniques that APple does not yet use including stack canaries (to prevent buffer overflows), secure heap implementation, address space layout randomization. These techniques don't resolve the existing vulnerabilities, but make it much more difficult to exploit them as attackers cannot assume the location where specific data is stored in memory as they could now.

Again, I'm not trying to do a relative comparison of Mac OS X security to any other operating system, and there are certainly areas of security where Apple has done well. I'm simply trying to point out that there are most certainly security issues and vulnerabilities in the OS. And that when it comes to security, you never know, but can only estimate your level protection. If you are interested in securing your Mac OS X computer, here's a checklist for you: http://www.sans.org/score/macosxchecklist.php

As I have said repeatedly in this thread and in many other threads in this forum, anyone who is complacent about OS security is a fool. There are potential holes in OS X. No-one has ever denied that (or needs their head read if they have).

I can't prove absolutely that I have no malware on any of my computers. However the fact that I have never detected one, despite having continual attempted breakins webserver, and running iChat and Skype, gives me the peace of mind I require. That peace of mind I have never had with Windows.

Look, you can point out all the proof-of-concept breaches you like, and mention MOAB (but if you do, I'll beat you round the head severely with a feather duster), and tell us about the malware spread in a limited iChat group (because the recipients were stupid), but you'll never be able to convince me that there are viruses in the wild that are causing havoc.

It will possibly happen. Those arseholes who write and propogate viruses will keep on trying. One or more of them will possibly be "successful". So far, no-one has been.

In the meantime I shall continue to practise safe hex.

Oh, BTW, it's Bonjour, not Bon Jour. Or Bon Jovi. And if you're going to keep on posting, do us the courtesy of letting us know, at least by an alias, who you are. I can't tell one Anonymous from a Guest.

Quote

Rainy Day wrote:


And lest we forget, Symantec has the dubious distinction of being the only company to sell malware for the Mac: Its Norton AV for Mac turned out to be, albeit unintentionally, trojan horse software which created a major backdoor exploit in Mac OS X (but only for those who installed Norton). This was about a year ago.

For the Mac user, looking to Symantec for advice on OS security is about like asking Adolf Hitler for advice on how to get along well with one’s neighbors.

See Symantec's own alert.

Symantec is noted for, among other things, saying that Mac users are not "secure" because they're vulnerable to phishing attacks. Of course, they did this in order to sell their product, Norton Confidential:

"Salem has noticed a movement towards the Mac and is concerned about Apple’s positioning of the platform as virtually virus free. He concluded: 'As more and more people buy Macs, we could end up in a situation where they think they are protected and they’re not. There is a danger that people could think they are secure on the Mac when they aren’t.'"

An interesting note: I cannot find Norton Confidential on VersionTracker OR MacUpdate. It's been out since September, 2006, according to that article. Symantec hasn't added it to the VT or MacUpdate lists, though their other products are there. That way, no negative comments will be posted!

According to the MacWorld review, Norton Confidential has some "undesirable" features:

"File Guard protects files in much the same way that Information Guard protects data. But, in addition to preventing protected files from leaving your computer, by default it also prevents you from moving files in the Finder. This feature is unreliable: it asks for authorization when you try to move files, but you still cannot always move them. You can enable the Allow Mac OS X access option, but this doesn’t resolve the problem. Symantec recommends manually turning off the feature when you want to move a file, but this seems onerous at best. You also need to enter a password whenever you want to save a protected file. I found this feature annoying. Symantec is investigating ways to make the Finder operation go more smoothly for future versions of Norton Confidential."

Sounds very typical. The review concludes:

"While its phishing protection works very well, education works even better: just don’t click those links asking you to enter your credit card number or password."

Also see Symantec's report in 2005 that Mac viruses and hacker attacks were "on the rise."

Rather than Adolf Hitler, I'd make an analogy between Symantec/Intego/etc and Chicken Little: "The sky is falling! The sky is falling!"

you all are some serious conspiracy theorists, i swear

of course that sounds typical, it's a mac propaganda site, duh!

your sky is falling comment just highlights your conspiracy paranoia, clearly you haven't actually read the documentation provided by symantec and compared it to other well respected security sites, and even apple's own admissions, and their reactions to to futher secure the os due to the things being pointed out by these sites.

[img]www.timewarp-toys.com/troll.jpg[/img]

I think we have fed this one enough, let it register if it desires more.

This msg was typed on my Wii!

last post was mine, forgot no auto-login on the wii (not setup anyway).



Please don't feed.

I'm a hacker, theres no point in making stuff for mac, not a lot of peeple use it. If you look at most web statistics its windows what ever with IE6 browser with 800X600 rez. Hacking windows now.

OSX is definately more secure than windows
The only OS more secure would be the Unix/Linux OS's, the ones OSX is based on.

The opposite was proven with the Apple Month of Bugs.. showing that if people specifically targetted the Mac it is a lot more vulnerable than a Windows XP system... let alone Vista.

Ok then, how come no one has ever heard of anyone trying to hack OSX (in a significant way)?

Hackers have moved past ego and are in it for the money. And money is where the market share is and that would be Windows.

Biff is right on his comment.

There is a bit more Windows users, Windows dependent companies and software.

It's not that Microsoft can't and wouldn't want to scrap all the old technology. The cold fact is that they can't do that without supporting old systems in some way.

Apple can do this because their computers are only used as desktop computers and their users can live with the idea of updating their software all at once.

When it comes to viruses, it's because no hackers use Mac!

Amen! - Shalom Geek

you only have a 20 gig harddrive?? What you running on that machine?

Sorry but this is BS. Virus writers are in it for the money and therefore go after the marketshare leader.

Ego has nothing to do with it.

Oh and you won't have a "widespread" virus until there is a wide area to cover, 5% ain't gonna cut it.

Why Apple had the Lucky ability to recreate...

Fortunatly or Unfortunatly - without getting into that argument- I believe Apple could reinvent due to a smaller user base. An considering Apples history of "Screw You" to consumer and Partners they had the ability to say we have changed you better too.. Microsoft on the Other hand actually does not have that luxury.
a) The Behemoth has to support a lot of major corporations who run a lot of legacy in house developed apps that they spent more money developing that the platform. If MS says so sorry we are changing the core... Hello S***Fest.

dgr814vr
akhilesh

(I did not register but I can be contacted on )
akhileshDOTsabharwalATgmailDOTcom
(replace caps with the characters)

Im just wondering but isnt MacOSX able to run win32 apps trough paralells? I know there are limitations, but can you get win32 viruses on paralells in OSX, or have apple + paralells in some way solved the whole backwards-compability problem trough emulation? If the old win32 addons was written for old computers, performance should not be a problem, and even if paralells cant run all apps, microsoft should be able to do the same (but better) since they have the win32 api source...

any comments on this?

Some might not, but of course the majority do it for their ego. thats why they let everyone know their nicknames, they would release their real names if they wouldn't get arrested. Also imagine if Microsoft did not ahve backwards compatibility, you would have written an article to this day complaining about it

First off, your article doesn't even deal with the subject of the title. All you do is go on and on about backwards compatibility and how Apple doesn't have to worry about that. In that front, you're right, they don't because 99% of the businesses in the world, don't run on their platform. When the entire world has to have legacy support, you can't just cut them off, or you cut your own throat.

Now as far as virus writing goes, that whole idea that virus writers only do it for ego, is long dead. That was the 90's, this is the 21st century. Have you not paid one bit of attention to virus behavior in the last five years? Viruses are no longer damaging, or just out to set records for number of infections in one day. Viruses now are part of organized crime, spammers, and other black and gray market worlds. It's about sending spam, or stealing personal info.

So yes, Macs are still too small and inconsequential target for virus writers. If you're going to write a tech article, at least understand your freaking subject.

Symantec has a vested interest to disclaim any argument that would affect their bottom line

i don't think windows making a virtual type PC for it's legacy apps is a great idea... i'm virtual PC wasn't exaclty the smoothest running app.. and microsoft made that.

I think you're a little off in your analysis of why Mac OS X is more secure than Windows. First, you include this quote "Given that most virus authors and hackers are in it for the ego..." which is flat out false. While it may have been true 5 years ago, no it's an entirely different game. Most malware authors are in it for the money, and they're going to concentrate their resources where it will make them the most money. Second, you say that the BSD underpinnings of Mac OS X are more secure than Windows. I urge you have a look at the report Symantec recently published about all the vulnerabilities found in many different OS's and then- the real determination of a secure os -how quickly the manufacturer patched them. Because even if you have 3 vulnerabilities versus 300 if it takes you 6 months to patch them that's a bigger hole than the guy who patches his 300 in 2 months.

I think you are going to see OSX virii pop up, because people are going to realize OSX users are ignorant and arrogant. If I were to write an OSX virus, and then distribute it, all the mac users would be running around with their heads in the clouds saying that "I DONT GET VIRUSES I HAS A MAC".

Apple knows it's user base is arrogant. When there IS a security problem, it gets silenced, and it MIGHT get fixed in the next revision of the OS. I don't know if any of you guys have submitted bugs to Apple, but their bug tracker is an abyss. They don't care because they KNOW mac users are arrogant.

I mean, look at the first post. "OSX IS THE MOST SECURE OS TO DATE."

If you didn't have your macfag head in the clouds, you would know that SunOS and Solaris are by far the most secure and reliable operating systems in existence. But, because you are inept, arrogant, and under-educated (yet you think you know all), you believe your overpriced OSX on your proprietary Apple computer is awesome.

If you want to make claims, please, research. I know Solaris is based off BSD/UNIX, BUT, just because it is based off one thing doesn't mean it's going to inherit all the traits. Even if you aren't a fan of windows, you can't argue that there are better versions than others, and some of the bad versions come from the good ones, and some of the good ones come from the bad ones.

I can't stand you ignorant macfags. Apple knows you are ignorant. They feed off you. They throw in little toys to play with, and they add drag and drop, just to cater to people like you. People who use Yahoo web based mail, and think they don't get spam because of OSX.

Please, wake the #@!$ up. Apple is charging you for free software. Not only do they have the balls to do this, but they OVERCHARGE you for hardware, and THEN they take the free software and modify it so it only works with THEIR stuff.

My first view of a mac forum. Man this is weird, smatterings of truth with ample degrees of complete idiocy.

If an AV program says you have no infected files, that means you have no infected files...of viruses it knows about. That is no proof.

Viruses don't need to be written in assembly. The RISC instruction set doesn't have everything to do with the lack of viruses. I will grant that as antivirus versus virus wars rage on a platform, tricks in assembly to avoid detection are employed such as self-modifying code. But plenty of Spyware Adware and Viruses are written in soley in the usual high-level languages.

Microsoft implementing a virtualization compatibility layer would be more difficult. It would be hard to provide seamless access to your data files and prevent virtualized programs from being able to corrupt files used by non-virtualized programs. I think the virtualization that Macs employed for older programs would also have allowed this, but since OSX is such a massive difference than the older MacOS, and Apple has greater control and influence over its users, this wasn't as much an issue. I think virtualization would be employed as "yet another vector" by the virus authors. MS would have to employ a tricky, elegant, well-implemented (doubt it!) sandboxing and user data management scheme to pull off virtualization compatibility.

nice post, i agree with you about risc, but i think that the main point about the assembly language wasn't about viruses, but was about general security vulnerabilities. it's just not an assembly language most people spend their time using, except for some one-off school projects. so people are just more adept as using more mainstream processors, but apple is supporting intel now, which could open them up further. that other comment was a little over the top, but this made me laugh, "Apple is charging you for free software. Not only do they have the balls to do this, but they OVERCHARGE you for hardware, and THEN they take the free software and modify it so it only works with THEIR stuff." What's funny, is their modification made it so people can get around the added security layers of BSD.

"The difference isn't market share, it's the foundation of the operating systems. Given that most virus authors and hackers are in it for the ego, don't you think that there would be a huge incentive to be the first one to write a widespread OS X, Linux, or FreeBSD virus?" Paul Venezia aske"

I still think this statement is wrong. yes, the foundation might be slightly more secure, but the truth of the matter is:

if less than 10% of the Internet is using a specific OS, there would be no point in making spyware for it and trojans/worms/viruses will not spread very far. Plus, many hackers see microsoft as corporate america and actually like linux and or mac.

Windows gets a bad rap because the majority of its users are not-technical and can easily be fooled into clicking on a virus or spyware infected link.

Justin

Justin Silverton
<a href="http://www.whenpenguinsattack.com/scripts">High performance PHP</a>

Err... sorry LaurieF..who posted your virus scan results saying - infected:0 ...

Im not trolling, but if you think about it, If you ARE infected then your virus scan will say that you are not... your AV prevents you from being infected, however if it is a newly written virus or not in the virus database, then you AV will not pick up on it.... so... if you are infected you will not know about it... there are millions of infections out there.. not just 91244.

Also its worth noting that there are many things like rootkits and exploits that do not set off the AV either.

Solution: Well configured Hardware ROUTER/FIREWALL and FIREWALL software...?... maybe... tho this is annoying and time consuming you can control most of the information that is being sent, to and from your pc. A few times my firewall has prevented attack.

anyway, the fact that macs are virus free is bulls**t... there are SO MANY methods of attack... not just virus/keyloggers etc. Open your minds people and become paranoid at the lack of security in EVERY piece of technology.

Quote

horvatic wrote:
...there is no denying OSX is the most secure operating system to date.

OpenBSD is better.

OS X the most secure operating system? I think that would be OpenBSD.

Yeah, OpenBSD might be best, especially with the initial install security.

Apple Myths & The Cult of Apple

MAC OSX IS LINUX + GNOME tweaked a bit..... OH YES IT IS......

Dash board gadgets started off life ON THE PC. The original app to develop gadgets/widgets was Konfabulator (now owned by yahoo). It started off life on the PC then got ported to Mac OS where apple spotted it and ‘adopted’ it into their OS.

Inspiration for lots of the things in OS X came from......

The original Windows Longhorn spec........

APPLE Paid someone else to design the iPod GUI

Contrary to popular Mac fan boy opinion Apple DID NOT create touch plates

Apple’s are more secure..... No they’re less secure (see next note and the end).

Apple’s don’t get virii, this is true but this isn’t because MAC OS X is more secure it’s because Apple have such a small global share that virus/malware programmers and spammers can’t be bothered to attack it. And anyone who thinks differently is just plain wrong. It’s a simple work/reward ratio there’d be too much work for too little reward. I hope one day that Apple reach 10% market share (although that would mean that there would be loads more pious people to avoid) because then the serious criminal community will take notice of you and boy will that be one rude awakening....

MODERN VIRUS WRITERS ARE IN IT FOR THE PROFIT NOT THEIR EGOS


The author of this article is clearly just trying to wind people up as he say that MS had the chance to dump Win32 and they didn't.... That's easy to say but hard to do when your customer base is 95% of the world PC using population and you don't want to upset them. Apple change direction when the companies computer section was in the toilet and they had nothing to loose....

Note Firefox suffered from very very few attacks until it reached 10% market share and then malware writers started to attack it.

If you want to see what Apples next innovation will be take a look at what Microsoft is doing or more likely what the main Linux distro’s are up too they all take from each other constantly, Apple innovates 'ahem' here, MS does it there and Linux does it somewhere else but they all look at what each other is doing... Apple have a smaller user base/code base and compatibility issue due to fixed hardware so they can react faster to new stuff that doesn't mean they innovate or create new ideas it just means that they can get what the see to market quicker because theyre smaller.

Time machine - Vista’s previous versions?
Spaces - Any decent Windows GFX card driver will do this in XP
There was an XP Power Toy to do
this
Any Linux distro will do it
(Ubuntu for example)
Spotlight - Windows Live Search
Core - Remind you of any Aero demo’s
anyone??? If you want to see an
AWESOME gui check out Sun’s
Looking Glass..... OMG

Now don’t get me wrong I think Apple are great I just can’t take anymore pious bull from Apple fan boys who don’t know what they were talking about. A couple of years ago a friend of mine played me a video of an apple expo that he’s been too and Steve J was giving a talk and his talk was about new fade and wipes in iphoto or some such app.... The crowed were whooping and cheering as if he had a line of strippers behind him, my friend was grinning like an idiot watching it until I pointed out that if you turned up to a pc expo and did that they would run you out of the building and very rightly so. I then showed him the key note Bill Gates did for Mix06 I think it was the web development expo where they demoed vista, mobile tracking and interconnectivity along with tv over the web from the BBC now that’s a key note.....

To date every Apple keynote seems to consist of the same format something new that’s only a minor innovation or update to something existing (the launch of the ORIGINAL iPod and OS X being the only exceptions to that) followed by lots of whooping and cheering that always leave me scratching my head and wondering if apple have spiked all of the drink with E’s or something...

Anyway Apple fan boys please note us Windows/Linux fan boys don’t hate Apple we just hate the cult of Apple and how it’s brainwashed you all into blinkered slaves to the cult.

Aren't there countless reports online now about how many security vulnearbilites each OS gets and how fast theyre fixed and doesn't windows have less than Linux OR OSX and aren't they fixed on average faster.........