Re: Question about Mac OS X 10.4 Security

[Paul Schmehl <pauls () utdallas edu>]

--On Tuesday, February 28, 2006 11:03:12 -0600 Stef <stefmit () gmail com> 
wrote:

> If you look at the [very, very] specific paragraph I was referring to,
> from Paul's email, then I hope you will agree with me that what I was
> trying to convey was the need to avoid generalizing categorization of
> users ... having said that, the implications are that a much higher
> awareness, and - in turn - possibility of addressing and/preventing
> issues related to vulnerabilities exists in the Mac community, vs. the
> Windows one, for example.
Let's see.  I use Windows XP, Mac OS 10.3.9 and FreeBSD 5.4 SECURITY daily. 
Therefore all three platforms obviously have a much higher awareness of 
security issues, right?

At least that *seems* to be your logic.

The fact is, as a community, Mac users have the belief that their system is 
"secure" - that they have nothing to worry about.  *Of course* there are 
Mac users that are astute and fully understand the risks.  Just as there 
are Windows users who are the same way.

Just because the geeks have taken to the Mac OS doesn't mean its community 
has raised its level of awareness more than a nanometer or two.  In fact, 
when I sent a campus-wide announcement about the recent shell 
vulnerability, the *majority* of comments that I got from users *within* IT 
was, "You're spreadying FUD.  Mac's are not anywhere near as risky as using 
Windows."  Professors and others emailed me asking, "What do I need to do 
to be safe?"

If you think the Mac you're using is secure, I encourage you to go try to 
run the poc that Secureiteam posted.  Just be sure to bring a clean pair of 
drawers with you.

I've used Windows since it first came out.  I've never had a single virus 
infection, never had a single machine hacked, never had an incident of any 
kind.  Does that mean Windows is "secure"?  Of course not!  The idea that, 
because you are using a Mac, you have less to worry about, is just as silly 
as the idea that, because you're using Unix, you have less to worry about.

Guess which platform get's hacked the most here?  (Hint - it ain't Windows.)

In *general*, the hosts that are the most risk are the ones that are the 
most poorly maintained (if they're maintained at all), and the OS they are 
running is irrelevant.  There's only one OS that I know of, on this campus, 
that has never been hacked, and it has nothing to do with the OS and 
everything to do with how it's maintained and how it's protected (and no, I 
ain't telling you what it is.)

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/