Author |
Message |
   
Tom Reingold
Supporter Username: Noglider
Post Number: 12132 Registered: 1-2003

| Posted on Saturday, January 28, 2006 - 12:22 am: |    |
http://tinyurl.com/cj62k Mac OS is not invulnerable. The most important thing for an attack to occur is for someone to want to do it.
"This is the only thing my signature says." |
   
Dave
Supporter Username: Dave
Post Number: 8505 Registered: 4-1997

| Posted on Saturday, January 28, 2006 - 1:14 am: |    |
Most of those expoits seem to require the hacker to log into the system. How would he do that exactly? |
   
Tom Reingold
Supporter Username: Noglider
Post Number: 12134 Registered: 1-2003

| Posted on Saturday, January 28, 2006 - 7:24 am: |    |
First, it's silly to assume that because the front door is locked, no one can get in. 1. It might not be locked, and 2. there are other entry points. Two other entry points that pop to mind: 1. downloaded programs, and 2. input data streams on the network that invoke programs on the system.
"This is the only thing my signature says." |
   
Eponymous
Citizen Username: Eponymous
Post Number: 40 Registered: 6-2004
| Posted on Saturday, January 28, 2006 - 11:53 am: |    |
No OS is 100% secure, but even in this article, 2 of 3 of the mentioned vulnerabilities had already been fixed and the third is said to be worked on now. It wouldn't surprise me that Apple is less forthcoming than other OS companies (though surely not MS), but this strikes me as a story looking for a reason to be printed. More relevant is that there have been "in the wild" attacks on OS X so far. (Apple ships OS X with most, if not all, network ports disabled, and it's not so easy to invoke a program that way. I think these vulnerabilities work in other ways.) |
   
JMF
Citizen Username: Jmf
Post Number: 234 Registered: 9-2004
| Posted on Sunday, January 29, 2006 - 10:46 am: |    |
"The most important thing for an attack to occur is for someone to want to do it. " That is alsmot implying that no one has waned to make a mac virus... There was even a challenge a while back for someone to crate one, and there was a prize involved. That was eventually shut down because it condoned illegal activity, but no one ever did. No OS will ever be completly invulnerable. That is the nature of the beast. Someone can write code to run on a computer. If they find a way in, or send it through e-mail, they can create a mallicious code. OSX has been around for 5 years now? and there have been zero outbreaks.
|
   
Tom Reingold
Supporter Username: Noglider
Post Number: 12175 Registered: 1-2003

| Posted on Sunday, January 29, 2006 - 10:55 am: |    |
Yes, I am saying that almost no one has wanted to create a mac virus. Virus writers want a perverse form of fame and glory, so they go for the big targets. I believe your story which shows that writing malware for MacOS is harder. And yes, it's true that no OS is totally invulnerable. My warning is for those who believe or claim that MacOS is invulnerable. You were not one of them. I'm on the bugtraq mailing list. It comes out several times a week, with vulnerabilities in all flavors of unix. I expect the bugs that apply to freebsd also apply to macos in some cases, since the latter is based on the former.
"This is the only thing my signature says." |
   
monster
Supporter Username: Monster
Post Number: 1966 Registered: 7-2002

| Posted on Sunday, January 29, 2006 - 6:21 pm: |    |
Here's a link to a paper by Marion Bates at Dartmouth University that you might like. http://www.ists.dartmouth.edu/classroom/macintosh-security/index.htm
Quote:Macintosh Security Basics - Presentation Notes Presentation for ENGS 69: Engineering Secure Computer Systems Thayer School of Engineering, Dartmouth College Winter 2002-2003 Marion Bates Investigative Research for Infrastructure Assurance Overview Macintosh Security Basics What we’ll cover: Basic system security for MacOS (mainly v. 9.x) and Mac OS X, including: • File Sharing (from both client and server perspectives) • Network/Internet client security (“safe surfing”) • Firewalls, viruses, email • OS X basics, bonuses, and pitfalls We’ll start with MacOS 9, since OS X inherits from 9. 2 INDEX Page 1 A little bit of history | There can be only one | Macs can serve | Ok, so what’s Timbuktu? | General Security implications | Unique is good | Unique but still pretty versitile | Versitile in not so nice ways | What to do | Physical Security | Physical Security Solutions | File Sharing | Password Encryption | OS 9 on Both Ends | OS 9 to old server | Os 9 to OS X | What if it IS clear text? | Done with client, now: Server FS | The point of diversification Page 2 Configuring a File Sharing server | File Sharing control panel | Security Through Obscurity | Owner is Omnipotent | File Sharing over TCP | Apps over the net and Program Linking | Recommended initial setup | Other users | Creating accounts | Users and Groups | User Identity | User Sharing | Groups | Page 3 Guest | On to the Files | Example | We can do this | Set the permissions | Control-click | Specify Access for each Joe | Page 4 The Joes’ read-only folder | Drop Box | The MP3’s folder | Check for Leaks | File Sharing Wrap-up | More File Sharing Wrap-up | Page 5 Personal Web Sharing | PWS Features | PWS Caveats and Wrap-up | Remote Access | Moving on: “Safer Surfing” | Web browsing | Ok, now I can’t use the web at all | FTP | What you can do | Page 6 Fetch gets teeth | Fetch security options | Page 7 Fetch security options 2 | E-Mail | PGP | Attachments (“Enclosures”) | More on email at Dartmouth | BlitzMail’s brethren | Viruses! | Countermeasures | Firewalls | Page 8 Test it | MAC OS X | MAC OS X Continued | Macs and Unix | There can be many | Users and Folders | Users and Apps | BSD File Security | Classic | Classiconfusion | More on Classic/X | OS X Security “out of the box” | What is THAT port? | More on ports and services | Logs | Unix and Mac can collide | Apache vulnerability! | Ease of Use | Page 9 OS X 10.2 Sharing pane | File Sharing | Connecting to other servers | Page 10 Connecting with 10.2 | Connecting to other servers | Firewalling on OS X | Page 11 Firewalling on OS X - Part 2 | Useful Tools - Network Utility | Useful Tools - Keychain | Useful Tools - Process Viewer | Page 12 Useful Tools - NetInfo Manager | Useful Tools - Terminal | Useful Tools - tcpdump | Useful Tools - MacSniffer | Useful Tools - MacJanitor | Useful Tools - CheckMate | Page 13 Useful Tools - CheckMate - Part 2 | GPG Mac | MacSFTP Carbon | Surfing Differences | Patches | Patching 3rd Party Software | Conclusions | Appendix A - URLs and sources | Appendix B - Supplemental Info
|
   
monster
Supporter Username: Monster
Post Number: 1967 Registered: 7-2002

| Posted on Sunday, January 29, 2006 - 9:00 pm: |    |
For an architectural overview of OS X, http://developer.apple.com/documentation/MacOSX/Conceptual/OSX_Technology_Overvi ew/index.html then, to learn more about the security architecture of OS X, go here, http://developer.apple.com/documentation/Security/Conceptual/Security_Overview/i ndex.html And now for a site that is all about security for the Mac, http://www.securemac.com/ |
   
JMF
Citizen Username: Jmf
Post Number: 235 Registered: 9-2004
| Posted on Monday, January 30, 2006 - 10:19 am: |    |
"Virus writers want a perverse form of fame and glory, so they go for the big targets. " Wouldn't the first ever widespread Mac virus bring some kind of fame and glory? There is also a fair amount of PC users who HATE the mac... I would figure there are some hackers who would love to get mac users, just because they hate macs. I don't know... I am honstly just fairly suprised that there has never been a major mac virus. |
   
Dave
Supporter Username: Dave
Post Number: 8511 Registered: 4-1997

| Posted on Tuesday, January 31, 2006 - 8:28 am: |    |
I'm sure it's not because they haven't tried. |
   
Tom Reingold
Supporter Username: Noglider
Post Number: 12215 Registered: 1-2003

| Posted on Tuesday, January 31, 2006 - 8:56 am: |    |
Dave, it would be naive to think it won't or can't happen. Subscribe to bugtraq. At the least, you should not promote a warm and fuzzy feeling.
"This is the only thing my signature says." |
   
TomD
Citizen Username: Tomd
Post Number: 358 Registered: 5-2005

| Posted on Tuesday, January 31, 2006 - 9:16 am: |    |
There are mac viruses, but not as many as exist for Windows machines; not even close. Macs certainly ship with more secure default settings than Windows. Virus writers have a harder time writing viruses for macs but part of the reason mac viruses haven't been a huge problem is that there just aren't as many macs and most macs don't run mission critical corporate apps. In the corporate world a pc virus can hit thousands of PCs and critical servers. A mac virus might interrupt a couple of graphic designers and if the the designer's mac gets hosed it just isn't a critical corporate event. |