| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Mac OSX safe as houses not Windows | |
|
||
| Time: 08:23 EST/13:23 GMT | News Source: *Linked Within Post* | Posted By: John Quigley | ||
|
The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification. Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What's more, Mac users don't need to install firewalls and anti-virus software. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 163 Last | Next |
The time now is
7:15:37 PM
ET.
Any comment problems? E-mail us |
| #1 By 32132 (64.180.219.241) at 5/4/2006 12:18:29 PM |
|
http://www.us-cert.gov/cas/techalerts/TA06-053A.html
"Original release date: February 22, 2006 Last revised: March 3, 2006 Source: US-CERT Systems Affected Apple Safari running on Mac OS X Overview A file type determination vulnerability in Apple Safari could allow a remote attacker to execute arbitrary commands on a vulnerable system." This post was edited by NotParker on Thursday, May 04, 2006 at 12:22. |
| #2 By 32132 (64.180.219.241) at 5/4/2006 12:19:25 PM |
|
I could go on ... This post was edited by NotParker on Thursday, May 04, 2006 at 12:20. |
| #3 By 32132 (64.180.219.241) at 5/4/2006 12:22:05 PM |
|
http://www.us-cert.gov/cas/techalerts/TA06-062A.html
Apple Mac Products are Affected by Multiple Vulnerabilities Original release date: March 3, 2006 Last revised: March 3, 2006 Source: US-CERT Systems Affected Apple Mac OS X version 10.3.9 (Panther) and version 10.4.5 (Tiger) Apple Mac OS X Server version 10.3.9 and version 10.4.5 Apple Safari web browser Previous versions of Mac OS X may also be affected. Please see Apple Security Update 2006-001 for further information. Overview Apple has released Security Update 2006-001 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. |
| #4 By 32132 (64.180.219.241) at 5/4/2006 12:25:17 PM |
|
http://www.macworld.com/news/2006/05/01/sans/index.php
Just because you use a Macintosh, don’t think you’re any more secure than a Wintel user. A sharp increase in the number of flaws being discovered in Mac OS X suggests that the Apple operating system may soon be every bit as prone to malicious attacks as Windows systems, according to a report from the SANS Institute, a Bethesda, Md.-based security training and research firm. Mac OS X still remains safer than Windows because its relatively small installed base is a less attractive target for malicious hackers than Windows systems. But the number of flaws being discovered in the operating system is leaving its reputation as a secure alternative to Windows “in tatters,” according to the semiannual update to the SANS Top 20 list of Internet vulnerabilities. “Users often feel invincible when they have their shiny silver-colored Apple and they are surfing the Web with it,” said Ed Skodis, a director at SANS. That may be a mistake, he said, because “there’s a significant amount of research going on for security vulnerabilities in the Mac OS.” About 52 vulnerabilities were discovered in Mac OS X in 2005; 17 have been uncovered so far this year, said Amol Sarwate, manager of the vulnerability management lab at Qualys Inc., a Redwood Shores, Calif.-based security service provider. The number of vulnerabilities reported last year was more than twice the number from 2004, when 24 flaws were discovered, Sarwate said. Out the flaws uncovered last year and so far in 2006, at least a third were considered critical, Sarwate said. During the past few months, users of Apple’s Safari Web browser also faced their first zero-day attack, which is an attack targeted at unpatched vulnerabilities. |
| #5 By 46122 (68.237.250.245) at 5/4/2006 12:26:33 PM |
| I had a customer come in today and they brought their back apple computer in. I was infected with spyware and was deleting files out on him. Since I don't service any apple products I told him to go back to the apple store. |
| #6 By 15406 (216.191.227.68) at 5/4/2006 12:56:42 PM |
| If the user is running with a non-root account, which is typical in the *nix world, then any malware will have a very limited impact on the system. This is unlike Windows, where everyone runs with admin rights and any malware can do anything to the system. |
| #7 By 3746 (216.16.225.210) at 5/4/2006 1:25:51 PM |
|
Saying everyone runs as admin in the windows world is unfair. Yes the vast majority of home users do. But any business that is administered correctly shouldn't have users running as admins. If they are then you need a new admin. So to say that everyone is is false.
|
| #8 By 32132 (64.180.219.241) at 5/4/2006 1:25:58 PM |
|
#7 I can find a bunch examples where you are wrong.
http://blogs.zdnet.com/Ou/?p=198 Several unpatched exploits in Apple's Mac OS X were reported last Friday by Joris Evers, but SANS Internet Storm Center is also reporting that PoC (Proof-of-Concept) code was also posted along with details of the flaw. These sample exploits are capable of carrying out denial-of-service attacks or remote code execution which means it can potentially be used to root a Mac. ---------------------------------- Here is one from a few years ago: http://www.securemac.com/macosxsetuidroot.php Operating System: Max OS X Version Affected: up to 10.1 Security Risk: High Remote: No Fixed: 10.20.2001 see below About: Mac OS X over the past few months have started to spout security concerns, this being one of the first most publicized attacks on the operating system. Once logged into Mac OS X, any user can obtain a root shell by executing a few simple applications in specific order. Mac OS X is already on computers in every sort of nature, even after the administrator sets up multiple accounts with specific privileges keeping the user from hacking a root prompt is not that simple. Take a look at the vulnerability, afterwards we will describe how this actually happens. Vulnerability: 1. Open up the Terminal.app 2. Quit it. 3. Open up NetInfo Manager (leave it in the foreground) 4. Open up Terminal.app from the *RECENT ITEMS* list in the Apple Menu. You will now see a terminal logged in as root shown with the # prompt, this is because the application NetInfo Manager has root privileges and told to be executed by the user with the systems allowance. There is a misinterpretation of which user is logged in because a root privileged program is running, thus by opening the Terminal.app from the recent items you are brought to a root prompt. This post was edited by NotParker on Thursday, May 04, 2006 at 13:29. |
| #9 By 931 (24.99.3.86) at 5/4/2006 2:15:54 PM |
|
"If they are then you need a new admin."
Not usually the case, 90% of the time it's a management issue. Can't tell you how many times upper management has overruled restricting users to not be local admins for various reasons. XP and Vista have lowered this being the case, but it still happens. I've never met an admin that prefered to have his users run as local admins. |
| #10 By 15406 (216.191.227.68) at 5/4/2006 2:22:30 PM |
| #9: Some 'bunch'. Come back when you have something more substantial than 'potentially'. "Remote code execution" != root. Code running under the user context still needs to leverage another vulnerability to achieve root. |
| #11 By 3746 (216.16.225.210) at 5/4/2006 2:33:08 PM |
|
#10
I agree i have seen that happen too - but then it isn't an admin issue. You have to do what the bosses say. But then again when the shite hits the fan guess who will have the heat on them. |
| #12 By 32132 (64.180.219.241) at 5/4/2006 4:15:06 PM |
|
#11 Ok.
http://p2pnet.net/story/8574 Apple has released a Mac security update for a Java vulnerability that could allow, "Untrusted Java applications" to "obtain elevated privileges," says the company. "Elevated privileges" mean hackers could get into users' computers. "For example an application may grant itself permissions to read and write local files that are accessible to the user running the Java Web Start application," said Sun way back in February. |
| #13 By 3339 (68.122.226.85) at 5/4/2006 9:00:34 PM |
| And "COULD" means "POTENTIALLY", Parker. |
| #14 By 9589 (66.56.135.99) at 5/4/2006 11:08:39 PM |
|
Who really cares? Apple has gone from 3.5% to under 2% of the PCs sold worldwide in the space of just a couple of years. They are a bit player growing more irrelevant by the day.
Meanwhile, another misstep on the part joBS is the current TV ads. Negative ads do not work; joBS repeat after me . . . |
| #15 By 44670 (124.168.64.134) at 5/5/2006 3:53:56 AM |
|
Another article by Stan Beer, who only a few days ago ( http://www.itwire.com.au/content/view/4130/937/ ) wrote
'Given the nature of Vista - it is Microsoft's first 64-bit operating system - it is clear that the company is racing frantically to push the product onto the market!' Vista is Microsofts first 64 bit OS? What about Windows Server 2003 x64, or XP x64, or even the IA64 versions dating back to Windows Server 2000? |
| #16 By 32132 (64.180.219.241) at 5/5/2006 9:32:31 AM |
| #14 Yes. You could be compromised. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 163 Last | Next |
The time now is
7:15:38 PM
ET.
Any comment problems? E-mail us |
