Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Question about Mac OS X 10.4 Security
From: Paul Schmehl <pauls () utdallas edu>
Date: Tue, 28 Feb 2006 09:37:39 -0600

--On Tuesday, February 28, 2006 00:15:10 -0800 Stephen Johnson <maillists () thelonecoder com> wrote:

Mac's have always held the distinction of being more secure by, among
other things, not being a target.  -- Due to the lack of extensive use,
virus and mal ware writers have ignored taking the time to write virus
for Macs.

Simple philosophy -  Why climb the wall , when you can walk through the
door.

Windows is easier and more prolific, until that changes, we are not going
to see major attacks on the mac platform.

I think you're living in a fantasy world. The recent vulnerability, which allows the running of arbitrary code simply by clicking on a linked zip file will probably result in at least a handful of new viruses/worms for the Mac platform within the next week or two.

Apple has made the same stupid mistake Microsoft has been making for years - mixing code and data and trying to make things "easy" for the user (read auto-launch this widget so you don't have to save and open.) The end result will be disaster for the Mac, but, thankfully, not on the same scale as Windows because not every user is an admin, and it requires the use of sudo to perform administrative functions.

Still, the ignorance of Mac users, who believe their platform is somehow magically "secure" will contribute to the problem.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]