SANS Institute: 'Mac OS X is Not Entirely Free of Troubles' | News

SANS Institute: ‘Mac OS X is Not Entirely Free of Troubles’

News

Brad Cook

2:00 PM, Nov. 28th ET, 2005

Articles by Author Brad Cook on Twitter Contact Author Bio

Comments (0)

The SANS Institute last week issued its list of the Top 20 vulnerabilities across all operating systems, including details of what it considers to be critical vulnerabilities in Mac OS X. The company wrote: "Although Mac OS X has security features implemented out of the box such as built-in personal firewall, un-necessary services turned off by default and easy ways to increase the OS security, the user still faces many vulnerabilities."

The SANS Institute also took Apple to task for not being more specific when issuing patches, thus keeping them from identifying which parts of the operating system are most vulnerable. The firm noted that the Safari Web browser contains "multiple vulnerabilities ... and in certain cases exploit code has also been posted publicly."

Rohit Dhamankar, who is the security architect for 3Comis TippingPoint and is the Top 20 list editor for SANS, told Robert Lemos of SecurityFocus: "There are some people that feel that, if they are running Mac OS X, then all is well. That is no longer true." As Mr. Lemos points out in his article, anti-virus software maker Symantec owns SecurityFocus.

Mr. Lemos wrote that "highlighting vulnerabilities in Mac OS X was intended as a wake up call" by SANS. While Mr. Dhamankar acknowledged that he was not "saying you have to worry about the entire operating system," he did want to make it clear that, in SANSi view, "Mac OS X is not entirely free of troubles."

While Mac OS X has yet to suffer from the widespread Trojan Horse, spyware and virus attacks seen in the Windows world, SecureMac.com CEO Nicholas Raba told Mr. Lemos: "Mac OS X is currently more secure than Linux or Windows only for the fact that the shares of users is smaller thus the (number of) researchers discovering the flaws is smaller."

Open Source Vulnerability Database content editor Brian Martin added that Microsoft has issued 89 OS patches so far in 2005, while Apple has released 81 such fixes. Mr. Martin said: "A lot of the people who do vulnerability research started with Unix, and a lot of hackers have moved to Apple Mac OS X because it is cool and they can do anything they could do on Unix."

The SANS Institute recommends keep Mac OS Xis firewall on and running Software Update at least once a week to keep the system current. Its Top 20 list also features links to sources where users can obtain more information about Mac security.

Post A Comment or Log-in. Need an account? Register here.

Recent Headlines - Updated May 27th

Sat, 10:00 AM: MacOS KenDensed - MacOS KenDensed: Apple’s Patent Lawsuit & Antitrust Shuffle
Fri, 5:58 PM: News - Sotheby’s to Auction Steve Jobs Atari Memo (Photo Gallery)
5:42 PM: Free on iTunes - 3 Free iOS Apps for News Hounds
3:00 PM: Rumor - Nest Thermostat Reportedly Coming to Apple Retail Stores
2:40 PM: Particle Debris - The TV Industry’s Dreadful Little Secret
2:33 PM: News - Mobile Devices Account for 20% of Web Traffic in US, Canada
12:49 PM: News - Apple Now Offering “Free App of the Week” for iOS
12:21 PM: News - Tim Cook Declines $75 Million Dividend Payout
11:25 AM: News - Absinthe 2.0 Provides Untethered Jailbreak for iOS 5.1.1
11:09 AM: Quick Look Review - F18 Carrier Landing (iOS) is a Boatload of Fun
10:51 AM: TMO Appearances - Jeff Gamet talks Cool Apps & Accessories on Not Another Mac Podcast
10:12 AM: Hot Forum Topic - Forum Poll: Which is Your Favorite Photo Sharing Service?

The Mac Observer Reader Specials

Macsales.com for the Right Mac Memory. Most Popular: 16GB from $128; 8GB from $50. MacBook Pro & Mac mini Kits up to 16GB. iMac up to 32GB & Mac Pro now up to 128GB. - Macsales.com
Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
If you're using a Mac, then you've gotta check out PokerOnAMac.com. Online casinos and poker rooms are literally giving away cash and the casino sites at Poker on a Mac do the unthinkable, they actually reward! Join today, the download is free!
Looking to find online casinos for mac? We can help you find the best real money casino sites where you can play your favorite casino games including blackjack and slots.

Buy Stuff, Support TMO via Apple or Amazon
Deals from DealBrothers.com
Reader Specials
Read TMO on Kindle
TMO on Twitter and FaceBook:

Apple Stock Quote (AAPL)

Last trade: $---.-- $---.--
Market cap: $---.--
Discuss in our Apple Finance Board

Quotes are delayed. Currency in USD

Hot Topics

What's the buzz? These articles have TMO readers talking.

Samsung: Apple’s Trial Experts Are “Slavish” Fanboys - 19 Comments
Forrester: Maybe Apple’s TV Isn’t a TV - 9 Comments
The TV Industry’s Dreadful Little Secret - 8 Comments
Analyst: Apple to Offer iPhone 3GS as Pre-Paid Option - 8 Comments
Jonathan Ive Calls Apple’s Current Project the “Most Important” - 7 Comments
Estimated Apple TV Sales to Date: 6.3 Million - 7 Comments

TMO Express

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday. Find out more!

Top Deals From DealBrothers.com

Recent Features

Get the latest installments of TMO Columns, Podcasts, & Blogs.

© The Mac Observer, Inc. -- All rights reserved. All information presented on this site is copyrighted by The Mac Observer, Inc. except where otherwise noted. No portion of this site may be copied without express written consent. Other sites are invited to link to any aspect of this site provided that all content is presented in its original form and is not placed within another frame. The Mac Observer is an independent publication and has not been authorized, sponsored, or otherwise approved by Apple, Inc.