Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] Question about Mac OS X 10.4 Security
From: Paul Schmehl (paulsutdallas.edu)
Date: Tue Feb 28 2006 - 09:37:39 CST
--On Tuesday, February 28, 2006 00:15:10 -0800 Stephen Johnson
> Mac's have always held the distinction of being more secure by, among
> other things, not being a target. -- Due to the lack of extensive use,
> virus and mal ware writers have ignored taking the time to write virus
> for Macs.
> Simple philosophy - Why climb the wall , when you can walk through the
> Windows is easier and more prolific, until that changes, we are not going
> to see major attacks on the mac platform.
I think you're living in a fantasy world. The recent vulnerability, which
allows the running of arbitrary code simply by clicking on a linked zip
file will probably result in at least a handful of new viruses/worms for
the Mac platform within the next week or two.
Apple has made the same stupid mistake Microsoft has been making for years
- mixing code and data and trying to make things "easy" for the user (read
auto-launch this widget so you don't have to save and open.) The end
result will be disaster for the Mac, but, thankfully, not on the same scale
as Windows because not every user is an admin, and it requires the use of
sudo to perform administrative functions.
Still, the ignorance of Mac users, who believe their platform is somehow
magically "secure" will contribute to the problem.
Paul Schmehl (paulsutdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/