Re: Mac X-Server Security Questions...

[Javier Blanque <javier () blanque com ar>]

I agree with you about securing by mixing platforms and adding layers 
of complexity (even if it complicates our existence).
But I don't agree about everyone being the same thing, there are guys 
that are corporate "kids" more prone to add functionality to their 
systems, and people that think about security from the design. OpenBSD 
is not the same as Windows, I probably wouldn't install a Windows based 
firewall for network protection of a corporation, but I could use 
OpenBSD for the task. May be there are good firewalls for Windows, but 
their task is more difficult because of the size of the os 
(functionality and generations of work without security as a priority). 
Mac OS X is a secure OS, of course comparing it to the rest. Not as 
good as OpenBSD but better than Windows or Linux, still not without 
bugs; and we nedd to remember: a bad platform well administered is 
better than a good platform without care, from a security vision.
Apple helps you with security matters more or less the same as other 
propietary platforms, it always depends on knowing the right persons. 
The problem is reaching those persons.
Best regards,
Javier Blanque

El 06/04/2005, a las 23:07, Brad Berson escribió:

> Thank you Javier, you gave me many good sources of information.
>
> Does Apple walk you through forensics if you think you're a zero-day
> victim?
>
> Not much point arguing quantity or criticality - my suspicion is that
> every OS and their respective increasing number of layered bits and
> pieces have more or less as many holes, and it's just a matter of how
> many people are willing to devote their time and energy finding them.
> Unfortunately it seems like hackers with mischievous intent are very
> energetic indeed.  A rootable exploit on one OS is just as critical as 
> a
> rootable exploit on another, and being victim of a zero-day is costly
> and alarming, be it public or otherwise.
>
> I think I'm encountering something of a conundrum now.  Best security
> practices dictate the use of multiple platforms to limit the extent of
> hacking damage through diversity.  But the same diversity results in
> much more work necessary to track vulnerabilities and patches on those
> extra platforms.
>
> -Brad


---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals.  Norwich University is fulfilling this demand with its MS in
Information Security offered online.  Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------