Hi all,

AFAIK there are very few, if any, virus/trojans/spyware for Mac. Do you think Apple switching to Intel platform will make Macs more vulnerable to virus/trojans/spyware? Or all of these dangers only take advantage at OS level, therefore Macs will still remain secure?

Comments.


Cheers,
J

what the hardware platform has with malware?
Following that concept, the number of malware for x86 *nix should be the same as for Windows....

Not because of the hardware itself... but because switching platforms will bring in more users.

Switching platforms might reduce the cost of Macs. The cost is a major reason why most people buy a windows PC instead of a Mac. Especially if Dell and Gateway and others start shipping boxes with Mac at a reasonable price. If more and more people start using Macs, then malware writers will start to target those users too.

Malware writers normally focus on the platforms with the most users. Higher infection rate, etc.

I think that this "Mac security" thing is a myth. They are not intrinsically more secure, it is just that there are fewer of them, so it is "security through obscurity" which cannot be relied upon.

The processor has nothing to do with security, as already stated, unless the malware is ASM based, in which case some will not run on some processors.

I think that we have to see what kind of market penetration it achieves? If there is a significant increase in machines that solely boot Mac OS then that will decrease the obscurity factor. However, I suspect that a lot will dual boot, which would suggest that the traditional Windows attack vectors will continue to be used.

I really don't anticipate a massive shift to PCs running the Mac OS as it is not significantly cheaper than Windows. I really think that if OS cost is the factor people would go for Linux.

Anyway, the real reason for the price difference between an Apple and a PC is Apple's pricing and marketing policy. They could actually do themselves some serious damage with this venture?



:)

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845409) by johnnymier
Do you think Apple switching to Intel platform will make Macs more vulnerable to virus/trojans/spyware? Or all of these dangers only take advantage at OS level, therefore Macs will still remain secure?
Umm, well, for one thing, I've seen absolutely nothing to indicate that Apple will be switching architectures, merely suppliers. This may surprise you, but Intel makes much more than just Pentium and Itanium processors. They have the production capacity to easily add Apple's loads to their facilities, even if it involved developing a new Apple-specific architecture, or producing G5s. There are a lot of things Apple isn't just going to abandon (like Altivec, etc), not to mention the expense of converting applications to a new architecture if these misunderstandings were indeed the case.

Even apart from all of that, assuming they WERE switching to x86, it would not matter, as Spyware, Trojans, etc., are all written for the OS.

Edit: To clarify, everything I've seen mentioned has been vague, indicating "Intel's chips", but I can find nothing on Apple's site to indicate a specific line. For all we know it could mean Itanium (it's certainly within Apple's normal price range :P).

AFAIK there are very few, if any, virus/trojans/spyware for Mac. Do you think Apple switching to Intel platform will make Macs more vulnerable to virus/trojans/spyware? Or all of these dangers only take advantage at OS level, therefore Macs will still remain secure?

All the s/w are OS specific and i don't think that a change in architecture will hurt the security of mac because as nihil said MAC pc's are "security through obscurity"

I think that this "Mac security" thing is a myth. They are not intrinsically more secure, it is just that there are fewer of them, so it is "security through obscurity" which cannot be relied upon


I couldn't agree with you more nihil. In fact I have been trying to tell everyone this for quite some time. Everytime one of those stupid threads pop up (Windows vs mac vs linux) and the same stupid people spouting off about how windows sucks and how it's so insecure... I'm always saying the same damn thing... "Windows only SEEMS less insecure because there's A LOT MORE computers running windows...


there are very few, if any, virus/trojans/spyware for Mac


Beleive me... they're out there...

Windows only SEEMS less insecure because there's A LOT MORE computers running windows...

Exactly, The Duck and I would expand that argument to say that Joe Public goes into a store and asks for "a computer" they will be sold a PC with Windows. If a guy goes into a store and buys a Mac or a *nix box, there is a very good chance that they know what they are doing.

So what I am adding to your argument is not only does Windows present a far greater number of targets, it also presents a disproportionally higher proportion of "soft user" targets?

It is very difficult to find any of these comparisons that I would call "level playing field". Like you get the OSes and have them configured by "hard users" then do the comparisons.

Catch has argued very eloquently along these lines in several posts.

:)

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845547) by The Duck
I couldn't agree with you more nihil. In fact I have been trying to tell everyone this for quite some time. Everytime one of those stupid threads pop up (Windows vs mac vs linux) and the same stupid people spouting off about how windows sucks and how it's so insecure... I'm always saying the same damn thing... "Windows only SEEMS less insecure because there's A LOT MORE computers running windows.
How many vulnerabilities have been discovered in IIS over the years vs Apache? Apache is used far more than IIS is. Your argument only holds so much water. When you examine the track records of various pieces of software, you begin to see that the number of vulnerabilities far outweighs the proportion of users.
While not directly affecting the desktop, it does indicate that for a long time Microsoft's development practices left something to be desired. They seem to have gotten their act together with Win2K3 server (finally) and XP SP2 was a good step in the right direction, but only time will tell.

It's all well and good to be the armchair theorycraft security hobbiest/researcher/whatever and make wildly baseless claims, but until you start finding vulnerabilities your ideas are still in the realm of theory.

In other news,
Micheal Dell would like to ship Mac OSX. What do you recon the chances of Apple licencing there OS to Dell are :D

http://www.theregister.co.uk/2005/06/16/dell_eyes_apple/

How many vulnerabilities have been discovered in IIS over the years vs Apache? Apache is used far more than IIS is. Your argument only holds so much water. When you examine the track records of various pieces of software, you begin to see that the number of vulnerabilities far outweighs the proportion of users.

Where is your evidence for this statement?................Apache is:

1. Something you have to buy separately
2. Something that you run deliberately.
3. Something that you have to set up.

I have a Windows2000 Professional box I built a couple of years ago..............IIS runs by default unless you turn it off so I think that your assertion about Apache is badly flawed. People have been running IIS by default and without knowing it.............that makes them "soft users" (sure, it is an MS failing, but it is compounded by users)

It's all well and good to be the armchair theorycraft security hobbiest/researcher/whatever and make wildly baseless claims, but until you start finding vulnerabilities your ideas are still in the realm of theory.

Well don't you fall into that category yourself? "Vulnerabilities" are irrelevant............."Exploits" are what do the damage. ;)

Anyway, the theme of the thread was geared towards OPERATING SYSTEMS, rather than specific elements of them?

:D

the same stupid people spouting off about how windows sucks and how it's so insecure... I'm always saying the same damn thing... "Windows only SEEMS less insecure because there's A LOT MORE computers running windows...

Well, only time will tell, bit IMO windows is a lot less secure because it SUCKS.
Or to put it more technically, the M'soft business plan has always been to
make it easier for things to "work" with less inconvenience. And security
is a big time inconvenience. The browser comes totally promiscuous with
javascript enabled so that "everything will work". You wouldn't want the
dancing hamsters on some fairy website to fail to dance...

Apple is very authoritarian with its system, only wanting their own approved
software to be installed. It isn't their philosophy to provide as many convenient
ways for just anyone out there to do a "drive by install" of malware just from surfing
a website. It's not just that there are fewer Macs around, but that the design
makes them a less tempting target.

Microsoft could do the same thing, but users would complain if it was harder to
get software installed and working, or if the latest gizmos on the web didn't
work properly. They walk a fine line between "security" and "convenience"
and lean more toward "convenience".

BTW, even though Apple is choosing (apparently) an x86 chip, there's no
reason to assume they'll use a PC compatible BIOS, or other characteristics
of the PC. So don't think that Windows, or Windows software (including malware)
will automatically run on an Apple x86. They've already said they don't want
to make Mac OS available to run on PCs.
:cool:

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845517) by chsh
Umm, well, for one thing, I've seen absolutely nothing to indicate that Apple will be switching architectures, merely suppliers.

You should watch the World Wide Develepor Conference keynote address where the switch was announced. Steve Jobs is using Mac OSX during the presentation for his slides, iTunes, and other example applications. After he announces they will be switching to Intel processors, he shoes the Mac system properties, where it clearly shows an x86 processor is being used.
There are a lot of things Apple isn't just going to abandon (like Altivec, etc), not to mention the expense of converting applications to a new architecture if these misunderstandings were indeed the case.
Again, in the keynote speech at WWDC, Steve Jobs announces that the Mac OS and a huge majority of its applications have been in developement for x86 processors for over 5 years. The example proving this? The fact that he ran through all the programs commonly used on Mac OSX during the presentation, on his x86 Apple computer.
Even apart from all of that, assuming they WERE switching to x86, it would not matter, as Spyware, Trojans, etc., are all written for the OS.
This is the first true thing you've mentioned in this post. I still do not believe Mac users will have a lot to worry about initially, given both the nature of BSD and the fact that Mac users aren't automatically escalated to 'root' or 'admin' accounts by default.

Robert Peaslee

Well, only time will tell, bit IMO windows is a lot less secure because it SUCKS.
Or to put it more technically, the M'soft business plan has always been to
make it easier for things to "work" with less inconvenience. And security
is a big time inconvenience. The browser comes totally promiscuous with
javascript enabled so that "everything will work". You wouldn't want the
dancing hamsters on some fairy website to fail to dance...


I'll repeat nihil again...


not only does Windows present a far greater number of targets, it also presents a disproportionally higher proportion of "soft user" targets


It might surprise everyone to know how easy it is to disable things like javascript and active x in IE... Or better yet, how easy it is to download firefox... Which reminds me... Wasn't firefox known as the SECURE browser? And then everyone started switching and now look at it, vulnerabilities are being found left and right. Granted, I still beleive firefox is much more secure then IE, but isn't it kind of funny?

an OS is only as good as the user. I like *nix, but I can sure as hell lock down a windows box better than I can a *nix box so for me, at this point in time, windows is far more secure. And it will remain this way until I have the time to actually get as familiar with nix as I am with windows. this holds true for everyone.

Well, only time will tell, bit IMO windows is a lot less secure because it SUCKS.


if its true that customers purchase what they like than apparently more than 90 percent of computer users disagree with you.

Yikes! It is amazing to me how ignorant PC/Non-Mac users can be about Apple. Instead of just guessing and speculating about what will happen, and pulling rumors out of the air and believing them, why don't you just watch the *****ing webcast?

http://stream.apple.akadns.net/

Okay, for those that don't seem to have the latest rev. of clue...

1) The underlying OS for Mac OS X is Darwin, which is a port of FreeBSD with some extra stuff from NeXTStep, Mach-O, OSF1, and some really neat memory protection schemas. You can think of Mac OS X as a modified FreeBSD with a super-spiffy desktop; that's basically what it is. top, bash, ksh, vi, emacs, ps, nc, nmap, snort, gcc, gdb, strace, perl, Apache, python, MySQL, , it's all there or easy to get with guess what, the 'Ports Collection'.

2) It (OS X) started out life way back in the early 90s as NeXTStep. Google image search NeXTStep (http://images.google.com/images?hl=en&lr=&q=NeXTStep&btnG=Search). Hmmm, looks remarkably like WindowMaker doesn't it? Guess what... :)

3) Mac OS X, a.k.a Darwin, the desktop/video/audio engine (Quartz), the window manager (Aqua), and all of the Apple-produced apps have been compiled and tested on both Intel and PowerPC from the very beginning. Intel binary versions of all of these apps exist internally at Apple.

3) Apple releases secuity updates much faster than any other commercial vendor that I know of; on rival or better with any Open Source OS.

4) PowerPC is owned by IBM, which is loosing interest in further development. The search for another CPU/arch was a necessity.

5) Yes, the switch to Intel means that Macs will run the same core hardware hardware as PCs, but not necessarily be the entirely the same as your Dell PC.

6) Apple has flirted with using Intel CPUs on and off since the mid-90s, this time they had to commit due to the upcoming end-of-life of PowerPC.

7) Like it or not, Mac OS X is secure because it was designed to be that way. Not because of some fantasy that nobody uses it or anything silly like that. Apple has the #2 market share for the desktop OS market, yes ahead of Linux. The firewall is FreeBSD's 'ipfw', which is pretty damn good, and Apple solved/thwarted the kind of memory abuse problems that have plagued UNIX for it's 30+ year history by simply making all memory read-only to other processes; plus some other spiffyness.

8) I don't have a problem with Windows in general. Yeah, I wouldn't use it, but I can see why people do. Now to the point of 90% of the market share. Do you really think it is that way because every PC user make a decision that 'Yes, I want to run Windows intead of these other OSes for the Intel platform'. No, it is because up until a year ago you could not buy a factory built PC without Windows already installed. That is the only reason. Lots of folks like Windows that's true. But the 90% reflects a very wise strategy by Microsoft rather than the 'will of the people'. Have you every seen a card next to a PC in BestBuy stating 'Choose from these Operating Systems: ...'. Of course not.


Please, if you don't like Apple for some personal reason that's fine. Just don't be yet another clueless PC user who just makes shit up about Macs/Apple with ignorance and blind prejudice. It just makes you look stupid.

-- spurious

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845557) by nihil
Where is your evidence for this statement?................Apache is:

1. Something you have to buy separately
2. Something that you run deliberately.
3. Something that you have to set up.
Not on a whole host of common linux distributions.

I have a Windows2000 Professional box I built a couple of years ago..............IIS runs by default unless you turn it off so I think that your assertion about Apache is badly flawed. People have been running IIS by default and without knowing it.............that makes them "soft users" (sure, it is an MS failing, but it is compounded by users)
Redhat circa the same ancient (in computing terms) years you are mentioning came with Apache and WuFTPd running by default. Compare like systems if you're going to bring out old service-packless operating systems.

Well don't you fall into that category yourself? "Vulnerabilities" are irrelevant............."Exploits" are what do the damage. ;)
No, I'm asking for proof instead of wild speculation. That you don't understand the difference is rather plain and quite obvious.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845597) by PeasleeR
You should watch the World Wide Develepor Conference keynote address where the switch was announced. Steve Jobs is using Mac OSX during the presentation for his slides, iTunes, and other example applications. After he announces they will be switching to Intel processors, he shoes the Mac system properties, where it clearly shows an x86 processor is being used.
You're right, I probably should. I haven't seen any WWDC coverage, only the news reports, none of which explicitly stated this.

This is the first true thing you've mentioned in this post. I still do not believe Mac users will have a lot to worry about initially, given both the nature of BSD and the fact that Mac users aren't automatically escalated to 'root' or 'admin' accounts by default.
Actually, it is not the first true thing I mentioned in my post. Suggesting I am lying simply because I haven't seen the specific footage you have is stupid. Everything I wrote in that post was true, hence why it was not categorical, and was experiential ("Everything I've seen" vs "This is the way it is").

Actually, it is not the first true thing I mentioned in my post. Suggesting I am lying simply because I haven't seen the specific footage you have is stupid. Everything I wrote in that post was true, hence why it was not categorical, and was experiential ("Everything I've seen" vs "This is the way it is").

Easy, tiger. I didn't mean it to suggest you were lying, only that I was in agreement.

What's with the hostility?

Compare like systems if you're going to bring out old service-packless operating systems.

Where did you get that erroneous assumption from? It is actually at SP4 and still tries to run IIS by default (OK IIS has been patched somewhat). My point is that users have been exposed to IIS running by default for a considerable period of time

My objection to MS is that they release things running by default that are not required neccessarily. The user should be prompted to select or reject these before installation.

Not on a whole host of common linux distributions.

We are not talking about linux distributions here? so what is the relevance of this comment?

No, I'm asking for proof instead of wild speculation. That you don't understand the difference is rather plain and quite obvious.

I would have thought the issue was whether you understood the difference between an "exploit" and a "vulnerability" . A vulnerability is only a problem if:

1. You actually use that stuff (remember I have noted that you may be doing so unwittingly with MS)
2. Somebody has written an EXPLOIT that actually works.
3. You have NOT applied the appropriate patches, assuming that they are available.

Now, let me explain a few realities to you ;) there are in this World, a large number of people who do nothing other than search for vulnerabilities in Microsoft Operating Systems........that is how they earn their living or hope to gain glory. Some even go to the lengths of producing POCs.............so, you have unwittingly produced another flaw in your own argument....... :D

A lot of what they publish is pure theory, so "vulnerabilities" become even less relevant.

There are a lot more of them looking at MS products than others, so you are bound to get more results.

I really do wonder what would happen if the same attention was given to another OS?

A bit like the old military dialogue "very pretty, but can they fight?".....MS have been in the "front line" for years. No-one else has, in terms of being attacked.

If you do not believe me, please take a trip on the "dark side"........they do not leave MAC and *nix alone because they are too difficult they do it because they do not consider it worth the effort........at this moment in time :eek:

Finally, you have chosen not to answer my question as to why you introduced an IIS vs Novell argument into a thread that was patently about OPERATING SYSTEMS ...........you are aware that neither of those are operating systems?

And yes, I can read, so I do not need to learn.......perhaps you should consider some brushing up of analytical thought processes?

Yikes! It is amazing to me how ignorant PC/Non-Mac users can be about Apple


I did not mean to be ignorant, in fact I am sick of the ignorance of Mac/linux users towards windows... But let's not get linux into this...


Redhat circa the same ancient (in computing terms) years you are mentioning came with Apache and WuFTPd running by default.


People running Redhat are not soft users... Most of them know about those services running by default and will turn it off if they don't need it... But let's keep on topic here...


No, I'm asking for proof instead of wild speculation. That you don't understand the difference is rather plain and quite obvious.


If you've never heard that windows is attacked more because there is more windows computers... Then you have to get out of that rock your hiding under... You think we're pulling this out of thin air?? That is rather humorous if you ask me. I will find the PC world magazine where they put up a locked down linux box VS a locked down windows box VS a locked down mac box... They even measured the average amount of time a patch is available for a vulnerability... Windows had the least amount of vulnerabilities... But I admit they had the slowest average patching time but that's besides the point...

When I find that magazine I will scan the pages and send them to you, hell you might be able to find the article on their site.

I guess by now we are way OT... :) But this has turned into a semi-productive discussion in spite of itself.

Okay, I believe you when you say that there is an article in a magazine that says something positive about Windows security. I am a bit jaded about things like the validity of what some tech writer says in a magazine. Magazines tend to spin everything in a very positive light for the 'theme' that the magazine is about. You say 'PC Magazine', and I think 'Pro-Windows'; but maybe I'm wrong.

It also matters which version we are talking about since there have been 10.1 (Cheetah), 10.2 (Jaguar), 10.3 (Panther), and now 10.4 (Tiger). Don't get me wrong, I am not saying the OS X is perfect; no OS configured to be this easy to use can be truly 'secure'. But comparing Mac OS X to Windows, Solaris, Linux (especially Gentoo), FreeBSD; I'd have to say that it has a pretty good security record so far for being an OS that doesn't 'require' the user to know sh*t about computers.

XP/2003 is something I have never even used, so any comment about it's security from me is strictly a prepetuation of the ugly rumors about it on sites like this one and others on the internet. Yes, I am guilty of spreading fear, uncertainty, and doubt about an OS I have barely any knowledge of; it's true. :)

-- spurious

Hey spurious_inode ,

Haven't heard from you in a while.........everything OK I hope?

You are right................I guess that at the moment an Apple is more secure than a Windows box

OFF THE SHELF however, with skill the difference will diminish? Hey, I have an Acorn Archimedes that only has 114 known malwares in the World.......it does run rather slow though (12Mhz) :D

That has been my argument about level playing fields and fair comparisons all along?

I have nothing against Apples.......actually I must find it again(moved house syndrome :D ) It has a Pentium I 75 Mhz and a RISC (Motorola/IBM?) chip which I guess is about 90Mhz, and DUAL BOOTS Mac OS 7? and Windows 95. I think that it has 48Mb of RAM. Now that was an innovation in its time?

Cheers

Johnno

I guess by now we are way OT... But this has turned into a semi-productive discussion in spite of itself.


Indeed it has :D.


Okay, I believe you when you say that there is an article in a magazine that says something positive about Windows security. I am a bit jaded about things like the validity of what some tech writer says in a magazine. Magazines tend to spin everything in a very positive light for the 'theme' that the magazine is about. You say 'PC Magazine', and I think 'Pro-Windows'; but maybe I'm wrong.


I know exactly what your talking about and I to am often sceptical over how legit articles on this subject actually are. You sound as if you havn't heard of this magazine before, here's a link to there site for more info on them... http://www.pcworld.com

A big reason why I think this article is legit though is because windows took a bagging from them for their lack of speed when it comes to making patches, and apple got praise from them for their speedy times in making patches. Obviously that is a huge win for Mac against windows and a big loss for windows, but that wasn't the topic of our 'debate'.

I didn't mean for it to sound as though I was degrading the Mac OS, I was just trying to stick up for windows which often takes a beating here at AO... That and chsh's personal attacks on Nihil and I got me all angry and offensive.


You are right................I guess that at the moment an Apple is more secure than a Windows box

OFF THE SHELF however, with skill the difference will diminish


That's pretty much sums it all up, that and the FACT that windows is more of a target because the OS is on 90% of computers. And we're not pulling it out of our ass's as chsh suggested.

It was nice to meet you spurious_inode, and again I apolagize if I sounded ignorant, I really didn't mean to sound that way at all :D...

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845733) by nihil
Where did you get that erroneous assumption from? It is actually at SP4 and still tries to run IIS by default (OK IIS has been patched somewhat). My point is that users have been exposed to IIS running by default for a considerable period of time
Win2K Pro SP4? It's only a major OS release out of date. Perhaps it was rather assumptive to say Service-packless (but then, that brings to my mind the question of whether or not your "built up default install" is actually a default install anymore), however my principal point about comparing like systems still stands.

My objection to MS is that they release things running by default that are not required neccessarily. The user should be prompted to select or reject these before installation.
Actually, quite a few other people do this as well. Microsoft is learning too. Does IIS come with XP Pro turned on by default? Judging a piece of software's present by its past is a fruitless effort.

We are not talking about linux distributions here? so what is the relevance of this comment?
Your statements were about what OSes do as a default install. For a long time RedHat was a prime example of a corporate linux with a horrid security record because of its on by default policy.

I would have thought the issue was whether you understood the difference between an [B]"exploit" and a "vulnerability" . A vulnerability is only a problem if:
1. You actually use that stuff (remember I have noted that you may be doing so unwittingly with MS)
Again, in OLD operating systems. Let's dredge up NT's problems and claim Microsoft's stuff now is utter crap why don't we? I mean, that's what you are doing. I have a suggestion for you. Try actually using these newer versions of operating systems before you start slagging a company for being shitty security wise.

Now, let me explain a few realities to you ;) there are in this World, a large number of people who do nothing other than search for vulnerabilities in Microsoft Operating Systems........that is how they earn their living or hope to gain glory. Some even go to the lengths of producing POCs.............so, you have unwittingly produced another flaw in your own argument....... :D
These security firms ALSO research vulnerabilities in other operating systems such as Linux, MacOS, etc... The concept that it can't be more secure because it doesn't have as large an audience fails when you compare the facts. Windows is attacked a larger percentage of the time than it has market share, almost to the exclusion of other operating systems. IIS was attacked FAR more (hundreds of times so) than it had market share, and it sits in the minority in webserver market share. Following your flawed line of thinking, Apache should have far more vulnerabilities in it than IIS should, and yet since 2003 (IIS6) both have had decent records. IIS 5 had its issues, and as a result was attacked still far more. If there are already industry examples where your argument fails, how can you reliably say it will apply to another example -- in this case, current MacOS vs current Win2K3?

I'm sorry, but *that* is called pulling stuff outta your ass.

I really do wonder what would happen if the same attention was given to another OS?
You'd probably find the disparity isn't what you assume, and that other operating systems are more secure through design. I think MacOS is perfectly capable of being a decent, hardened desktop operating system.

A bit like the old military dialogue "very pretty, but can they fight?".....MS have been in the "front line" for years. No-one else has, in terms of being attacked.
That's entirely debatable.

If you do not believe me, please take a trip on the "dark side"........they do not leave MAC and *nix alone because they are too difficult they do it because they do not consider it worth the effort........at this moment in time :eek:
Now that's a good laugh.

Finally, you have chosen not to answer my question as to why you introduced an IIS vs Novell argument into a thread that was patently about OPERATING SYSTEMS ...........you are aware that neither of those are operating systems?

And yes, I can read, so I do not need to learn.......perhaps you should consider some brushing up of analytical thought processes?
You know nihil, you are a funny guy. Not sure where the hell you got Novell from, but maybe you should rethink whether you need to learn to read.

As for why I brought APACHE into this thread, it was for the simple purpose of pointing out there are already industry examples of software that has dominant market share and yet has far fewer vulnerabilities than another smaller contender (IIS). This can translate into quite an obvious commentary on how flawed it is to assume that MacOS has as many or more vulnerabilities simply because it has smaller market share.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845739) by The Duck
People running Redhat are not soft users... Most of them know about those services running by default and will turn it off if they don't need it... But let's keep on topic here...
Sweeping generalizations that are assumed to be 100% true are always good to fall back on eh?
The fact of the matter is that that was FAR from true at the time. It was actually due to clueless Redhat users that a quasi-infamous linux worm got to spread.

If you've never heard that windows is attacked more because there is more windows computers... Then you have to get out of that rock your hiding under... You think we're pulling this out of thin air??
I've heard the concept, and frankly think it's BS. I think you are pulling it out of your ass that MacOS will prove to be as or more vulnerable (as in, not anymore secure) than Windows 2003 or Windows XP (depending on Server or Desktop versions).

Sweeping generalizations that are assumed to be 100% true are always good to fall back on eh?
The fact of the matter is that that was FAR from true at the time. It was actually due to clueless Redhat users that a quasi-infamous linux worm got to spread.


Yes, I admit, it is an assumption, but it's a damn good assumption if you ask me. And I know YOU KNOW that MOST linux users know what they're doing and don't USUALLY fall into the category of "soft users".


As for why I brought APACHE into this thread, it was for the simple purpose of pointing out there are already industry examples of software that has dominant market share and yet has far fewer vulnerabilities than another smaller contender (IIS). This can translate into quite an obvious commentary on how flawed it is to assume that MacOS has as many or more vulnerabilities simply because it has smaller market share.


Earlier in the thread I brought up firefox and what happened with that, so your point with apache and my point with firefox cancel each other out. You really can't compare any other situation with this one because windows has tested time and time again to be more secure then Mac and linux (regardless of what you THINK of like comparisons), which brings up the probable theory that windows is only being attacked more because it owns such a HUGE share of the market therefore making it a bigger target.



I think you are pulling it out of your ass that MacOS will prove to be as or more vulnerable (as in, not anymore secure) than Windows 2003 or Windows XP (depending on Server or Desktop versions).


Ok, I'll admit, I suppose it is a theory, but like I said, it's a probable theory. And you have yet to prove that mac will be more secure then windows if or when the time comes that Mac has a big share of the market. So your thoughts on this subject is theory as well, wether you like it or not. With that said, we will have to wait and see what happens...

Chris if you sat back and thought about it, you would see that we mostly agree? :D

Win2K Pro SP4? It's only a major OS release out of date. Perhaps it was rather assumptive to say Service-packless (but then, that brings to my mind the question of whether or not your "built up default install" is actually a default install anymore)

Well, it is default plus default updates.............I guess you have to follow through?

Now, "out of date".............OK I will go with that..............but half the World must be using out of date stuff? It is reality we are talking about?



Judging a piece of software's present by its past is a fruitless effort.

Now that does mark you as college rather than reality.............the past is the present if the corporation will not pay for the updates? You are quite correct, however :D

For a long time RedHat was a prime example of a corporate linux with a horrid security record because of its on by default policy.

We are two choir boys singing from the same hymn sheet here? Default installation + weak system = big problems?

These security firms ALSO research vulnerabilities in other operating systems such as Linux, MacOS, etc...

Chris, please join me on Planet Earth for a moment................these guys do it for MONEY , and as 90% is Microsoft......................please go figure :)

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845891) by The Duck
Yes, I admit, it is an assumption, but it's a damn good assumption if you ask me. And I know YOU KNOW that MOST linux users know what they're doing and don't USUALLY fall into the category of "soft users".
I'm not foolish enough to say that. Sure, I would like to see the linux crowd as being generally more tech and internet savvy, however, I don't make that assumption. I've run into a lot of people who don't even know how to setup a chroot environment, which I consider kind of an important thing in terms of securing a box.

Earlier in the thread I brought up firefox and what happened with that, so your point with apache and my point with firefox cancel each other out. You really can't compare any other situation with this one because windows has tested time and time again to be more secure then Mac and linux (regardless of what you THINK of like comparisons), which brings up the probable theory that windows is only being attacked more because it owns such a HUGE share of the market therefore making it a bigger target.
Umm, time and time again it's been tested and proven to be more secure than MacOS and Linux? Errr, oooookkkayyyyy. Put the pipe down buddy.

Ok, I'll admit, I suppose it is a theory, but like I said, it's a probable theory. And you have yet to prove that mac will be more secure then windows if or when the time comes that Mac has a big share of the market. So your thoughts on this subject is theory as well, wether you like it or not. With that said, we will have to wait and see what happens...
My point is not that MacOS will be more secure, but rather that your concept of "it hasn't got the market share so it must be less secure" is completely nonsensical theorycraft. This is why I suggested you go find vulnerabilities, rather than using wild speculation to make your point.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=268825#post845984) by nihil Now, "out of date".............OK I will go with that..............but half the World must be using out of date stuff? It is reality we are talking about?
Right, you still aren't getting the point. You compared Windows of an earlier era to things NOW. All I'm saying is draw proper contemporary comparisons.

I have three computers. 1 windows, one linux, and one MAC OSX. All are equally secure. Why?

none are on the internet and are powered off and burried in ten feet of concrete. See they are all equal. YAY!


but seriously. this argument will never end. no one will ever prove why one is better than the other without somone else trying to argue (wether they are right or not) Security depends on the user. If you have a mac expert, a nix guru, and a windows expert all with specialties in security they can all make their boxes secure to a point where any better wont matter. It iwll be done in different ways but the end result is the same.

Windows does not have more exploits soley becasue of its user base. This is a huge factor but its not the only reason. They also push out code before it is ready and set incredible deadlines that they strive to reach and usually cut corners to do so...which sucks. but thats business and the fact of the matter is that it costs them less to cut corners and have an OS a with a few more holes per uer than then the compitition then it would to drag out testing and other QA processes. Aside from that, MAC osX has been around longer (atleast at its core) its had more time to develop, and to work the bugs out. So yes it probably would be more secure out of the box then another OS and it probably would take a little less work to make it fully secure then a windows one would, but now we are not talking about how secure something is, we are discussing the users willingness to work for security.

Hmm a good discussion indeed.. it will be interesting project for those people to do testing exploits on intel (mac osx).

Btw Mac OSX 10.4 Tiger developer kit ~x86 look sexy..on intel :) http://img98.echo.cx/img98/1449/dsc93098ce.jpg

Hi all,

First of all thanks for all the feedback.

I would like to add, are there many ASM based vulnerabilities that are intended for Intel, and therefore Apple's switch means a less secure platform? How will this change affect Macs securitywise? How easy will it be to port malware coded for wintel to this new platform?


Regarding current malware that affects Macs

Originally posted by the Duck
Beleive me... they're out there...


Please tell me which ones?


Cheers,

J

Hi johnny~

I would like to add, are there many ASM based vulnerabilities that are intended for Intel, and therefore Apple's switch means a less secure platform?

1. They are not "vulnerabilities" as such. Vulnerabilities belong to the operating system and applications that you run.

2. Yes there is a lot of ASM malware that would only run in an intel/windows environment. However it is all very old, and Apple are retaining their operating system. I would say there is nothing to worry about.

The two dangers are that Apples suddenly become very cheap (which I doubt) and the market gets flooded with them :D

There is a very slight possibility that it might making cross-platform viruses slightly easier to write, but I don't really believe this, as I am sure Apple will get Intel to build the chips to their specification. I am also sure that they will use their own microcode, which is what matters.

:)