The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Mac OSX safe as houses not Windows
Time: 08:23 EST/13:23 GMT | News Source: *Linked Within Post* | Posted By: John Quigley

The recent ruckus about the claimed growing vulnerability of Mac OSX from certain sources has caused an indignant outcry from Mac advocates who claim the stories are mostly media hype. According to an expert in Unix and Linux systems, the outcry is not without justification. Con Zymaris has been working with Unix systems for nearly three decades and for the past 15 years has been running a consultancy on open source software implementation. Zymaris says that, while it is true that a Mac can get infected with a virus, it is not easy and it is not likely to cause much damage. What's more, Mac users don't need to install firewalls and anti-virus software.

Write Comment
Return to News

  Displaying 1 through 25 of 320
Last | Next
  The time now is 7:27:52 AM ET.
Any comment problems? E-mail us
#1 By 32132 (64.180.219.241) at 5/4/2006 12:18:29 PM
http://www.us-cert.gov/cas/techalerts/TA06-053A.html

"Original release date: February 22, 2006
Last revised: March 3, 2006
Source: US-CERT

Systems Affected
Apple Safari running on Mac OS X

Overview
A file type determination vulnerability in Apple Safari could allow a remote attacker to execute arbitrary commands on a vulnerable system."



This post was edited by NotParker on Thursday, May 04, 2006 at 12:22.

#2 By 32132 (64.180.219.241) at 5/4/2006 12:19:25 PM
I could go on ...

This post was edited by NotParker on Thursday, May 04, 2006 at 12:20.

#3 By 32132 (64.180.219.241) at 5/4/2006 12:22:05 PM
http://www.us-cert.gov/cas/techalerts/TA06-062A.html

Apple Mac Products are Affected by Multiple Vulnerabilities
Original release date: March 3, 2006
Last revised: March 3, 2006
Source: US-CERT

Systems Affected

Apple Mac OS X version 10.3.9 (Panther) and version 10.4.5 (Tiger)
Apple Mac OS X Server version 10.3.9 and version 10.4.5
Apple Safari web browser
Previous versions of Mac OS X may also be affected. Please see Apple Security Update 2006-001 for further information.

Overview
Apple has released Security Update 2006-001 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code.

#4 By 32132 (64.180.219.241) at 5/4/2006 12:25:17 PM
http://www.macworld.com/news/2006/05/01/sans/index.php

Just because you use a Macintosh, don’t think you’re any more secure than a Wintel user.

A sharp increase in the number of flaws being discovered in Mac OS X suggests that the Apple operating system may soon be every bit as prone to malicious attacks as Windows systems, according to a report from the SANS Institute, a Bethesda, Md.-based security training and research firm.

Mac OS X still remains safer than Windows because its relatively small installed base is a less attractive target for malicious hackers than Windows systems. But the number of flaws being discovered in the operating system is leaving its reputation as a secure alternative to Windows “in tatters,” according to the semiannual update to the SANS Top 20 list of Internet vulnerabilities.

“Users often feel invincible when they have their shiny silver-colored Apple and they are surfing the Web with it,” said Ed Skodis, a director at SANS. That may be a mistake, he said, because “there’s a significant amount of research going on for security vulnerabilities in the Mac OS.”

About 52 vulnerabilities were discovered in Mac OS X in 2005; 17 have been uncovered so far this year, said Amol Sarwate, manager of the vulnerability management lab at Qualys Inc., a Redwood Shores, Calif.-based security service provider.

The number of vulnerabilities reported last year was more than twice the number from 2004, when 24 flaws were discovered, Sarwate said. Out the flaws uncovered last year and so far in 2006, at least a third were considered critical, Sarwate said. During the past few months, users of Apple’s Safari Web browser also faced their first zero-day attack, which is an attack targeted at unpatched vulnerabilities.


#5 By 46122 (68.237.250.245) at 5/4/2006 12:26:33 PM
I had a customer come in today and they brought their back apple computer in. I was infected with spyware and was deleting files out on him. Since I don't service any apple products I told him to go back to the apple store.

#6 By 15406 (216.191.227.68) at 5/4/2006 12:56:42 PM
If the user is running with a non-root account, which is typical in the *nix world, then any malware will have a very limited impact on the system. This is unlike Windows, where everyone runs with admin rights and any malware can do anything to the system.

#7 By 3746 (216.16.225.210) at 5/4/2006 1:25:51 PM
Saying everyone runs as admin in the windows world is unfair. Yes the vast majority of home users do. But any business that is administered correctly shouldn't have users running as admins. If they are then you need a new admin. So to say that everyone is is false.


#8 By 32132 (64.180.219.241) at 5/4/2006 1:25:58 PM
#7 I can find a bunch examples where you are wrong.

http://blogs.zdnet.com/Ou/?p=198

Several unpatched exploits in Apple's Mac OS X were reported last Friday by Joris Evers, but SANS Internet Storm Center is also reporting that PoC (Proof-of-Concept) code was also posted along with details of the flaw. These sample exploits are capable of carrying out denial-of-service attacks or remote code execution which means it can potentially be used to root a Mac.

----------------------------------

Here is one from a few years ago:

http://www.securemac.com/macosxsetuidroot.php


Operating System: Max OS X Version Affected: up to 10.1

Security Risk: High
Remote: No
Fixed: 10.20.2001 see below

About:
Mac OS X over the past few months have started to spout security concerns, this being one of the first most publicized attacks on the operating system. Once logged into Mac OS X, any user can obtain a root shell by executing a few simple applications in specific order.

Mac OS X is already on computers in every sort of nature, even after the administrator sets up multiple accounts with specific privileges keeping the user from hacking a root prompt is not that simple.

Take a look at the vulnerability, afterwards we will describe how this actually happens.

Vulnerability:

1. Open up the Terminal.app
2. Quit it.
3. Open up NetInfo Manager (leave it in the foreground)
4. Open up Terminal.app from the *RECENT ITEMS* list in the Apple Menu.

You will now see a terminal logged in as root shown with the # prompt, this is because the application NetInfo Manager has root privileges and told to be executed by the user with the systems allowance. There is a misinterpretation of which user is logged in because a root privileged program is running, thus by opening the Terminal.app from the recent items you are brought to a root prompt.


This post was edited by NotParker on Thursday, May 04, 2006 at 13:29.

#9 By 931 (24.99.3.86) at 5/4/2006 2:15:54 PM
"If they are then you need a new admin."

Not usually the case, 90% of the time it's a management issue. Can't tell you how many times upper management has overruled restricting users to not be local admins for various reasons.

XP and Vista have lowered this being the case, but it still happens. I've never met an admin that prefered to have his users run as local admins.

#10 By 15406 (216.191.227.68) at 5/4/2006 2:22:30 PM
#9: Some 'bunch'. Come back when you have something more substantial than 'potentially'. "Remote code execution" != root. Code running under the user context still needs to leverage another vulnerability to achieve root.

#11 By 3746 (216.16.225.210) at 5/4/2006 2:33:08 PM
#10

I agree i have seen that happen too - but then it isn't an admin issue. You have to do what the bosses say. But then again when the shite hits the fan guess who will have the heat on them.

#12 By 32132 (64.180.219.241) at 5/4/2006 4:15:06 PM
#11 Ok.

http://p2pnet.net/story/8574

Apple has released a Mac security update for a Java vulnerability that could allow, "Untrusted Java applications" to "obtain elevated privileges," says the company.


"Elevated privileges" mean hackers could get into users' computers.


"For example an application may grant itself permissions to read and write local files that are accessible to the user running the Java Web Start application," said Sun way back in February.

#13 By 3339 (68.122.226.85) at 5/4/2006 9:00:34 PM
And "COULD" means "POTENTIALLY", Parker.

#14 By 9589 (66.56.135.99) at 5/4/2006 11:08:39 PM
Who really cares? Apple has gone from 3.5% to under 2% of the PCs sold worldwide in the space of just a couple of years. They are a bit player growing more irrelevant by the day.

Meanwhile, another misstep on the part joBS is the current TV ads. Negative ads do not work; joBS repeat after me . . .

#15 By 44670 (124.168.64.134) at 5/5/2006 3:53:56 AM
Another article by Stan Beer, who only a few days ago ( http://www.itwire.com.au/content/view/4130/937/ ) wrote

'Given the nature of Vista - it is Microsoft's first 64-bit operating system - it is clear that the company is racing frantically to push the product onto the market!'

Vista is Microsofts first 64 bit OS?

What about Windows Server 2003 x64, or XP x64, or even the IA64 versions dating back to Windows Server 2000?

#16 By 32132 (64.180.219.241) at 5/5/2006 9:32:31 AM
#14 Yes. You could be compromised.

#17 By 4240821 (213.139.195.162) at 10/27/2023 12:03:48 AM
https://sexonly.top/get/b767/b767ajnkfpkkvxanmik.php
https://sexonly.top/get/b473/b473oiedyvwamrqoexe.php
https://sexonly.top/get/b613/b613zugqqvolafdfspg.php
https://sexonly.top/get/b207/b207tykimgeqszawwbb.php
https://sexonly.top/get/b881/b881obaluplxhvonnbn.php
https://sexonly.top/get/b901/b901khcemyectfbemll.php
https://sexonly.top/get/b72/b72qrwfhizqmwkxkju.php
https://sexonly.top/get/b838/b838cixkcgaqulbiutl.php
https://sexonly.top/get/b936/b936ltvsrhltxysgsow.php
https://sexonly.top/get/b145/b145arlsrsosfghzytp.php
https://sexonly.top/get/b174/b174hsqzgzpodqhljwq.php
https://sexonly.top/get/b881/b881wpkrzqbvvljgwzt.php
https://sexonly.top/get/b252/b252joqybwwryyttyvz.php
https://sexonly.top/get/b12/b12nmjqdqrudunjpcf.php
https://sexonly.top/get/b230/b230rmuakesctxznstt.php
https://sexonly.top/get/b65/b65ixsscprpkjziqxx.php
https://sexonly.top/get/b791/b791rkymaguzyhuxbkd.php
https://sexonly.top/get/b214/b214tovplnrtufsyreu.php
https://sexonly.top/get/b581/b581durtqibwwioimgy.php
https://sexonly.top/get/b151/b151prkqdztwinhtmne.php
https://sexonly.top/get/b898/b898vziniuwodrtfpeg.php
https://sexonly.top/get/b811/b811siqccngwurilygy.php
https://sexonly.top/get/b308/b308obhkhqmpelfihfz.php
https://sexonly.top/get/b155/b155hqcuyazametovyp.php
https://sexonly.top/get/b42/b42cekijwvsjrsqopc.php
https://sexonly.top/get/b852/b852mkaganknnfyfqsg.php
https://sexonly.top/get/b111/b111cmgukyfeksokjxt.php
https://sexonly.top/get/b808/b808jvgrycchzaqxncv.php
https://sexonly.top/get/b394/b394kzakzpakjojgkbp.php
https://sexonly.top/get/b676/b676butmkmpvodflaef.php
https://sexonly.top/get/b975/b975juggakkyayhbagl.php
https://sexonly.top/get/b201/b201zralejstpugemgh.php
https://sexonly.top/get/b845/b845iednioxmvcwzkfe.php
https://sexonly.top/get/b506/b506ovszfvgorkouqza.php
https://sexonly.top/get/b224/b224uqhkkesunmgkfrr.php
https://sexonly.top/get/b735/b735cljkigyzywnglih.php
https://sexonly.top/get/b948/b948krmpcgcmfpgcqzg.php
https://sexonly.top/get/b261/b261ufhlrkifuzzucvp.php
https://sexonly.top/get/b15/b15acavufwusvtfwkv.php
https://sexonly.top/get/b991/b991srezjjhqpkpzlvn.php
https://sexonly.top/get/b768/b768kykwopcetyqkkti.php
https://sexonly.top/get/b987/b987jlvozkrrsvvvcbg.php
https://sexonly.top/get/b322/b322yosrrthdikzcicc.php
https://sexonly.top/get/b483/b483hkrboxvugztckhr.php
https://sexonly.top/get/b937/b937kvyzrowiayykijz.php
https://sexonly.top/get/b968/b968aryorpkrrdsxmxw.php
https://sexonly.top/get/b361/b361garlkvmlnezeizb.php
https://sexonly.top/get/b581/b581pujcvbbpnimzgql.php
https://sexonly.top/get/b75/b75pvrpudwstezvtxf.php
https://sexonly.top/get/b952/b952yllymtlacdlrucv.php

#18 By 4240821 (103.151.103.150) at 10/30/2023 1:44:48 PM
https://www.quora.com/profile/DerrickCody896/mollynicols-Eliteladyrose-Little-Bexley-camila_costa-whitebigtittygirl12-Crazynbed-YourAngel-NaomiVerified
https://www.quora.com/profile/BrendaJamison129/Lanaandpierre-PrincessKitten-Purrs-ariana-diamond-Wicked-Ashlynn-venusss_model-AmeliaxJade-Slutwifecpl-Tok
https://www.quora.com/profile/BruceKrull145/Taty_30-NastyRubii-aldana_colins-Lexxiblakk-iamcatberg-Itsdestinybitch-Melissa-Grey-venus-hills-Pink-Ros
https://www.quora.com/profile/ErinDufour142/BeautysRelease-Thickthigh_xx-zukeym-jenesisrossi-AlYei-Jessicacjmz-Maria-lopez-Cindi-Loo-Yourwish-Lauh
https://www.quora.com/profile/RaymondStarling127/Mia_Mayhem-TheAliceBell-Alice_Moore-Sweet-isabela-Succubish-springflower380-Chellelovesu-nofacelayla-lud
https://www.quora.com/profile/AshleyMathews930/stevie-kaye-Rick-And-Cristy-Kasenbluey-TheBadWitch-layla-redd-1-Kodakswisher-PinkBrandy420-thenaughty1baby
https://www.quora.com/profile/ChrisKemp702/LaylaC-Emy-Demon-Babypillows-ceriann-Sxmxndemon-brooke-skye-MelaniaSexy-karo_mor-yolanda-garcia-lilyel
https://www.quora.com/profile/PhilipJacobson429/Adel-Morel-dominique-pleasures-SluttyCheri-zestfulthickems-Lita-Laze-LongStrokeJody-Mardybvm-onlyhotwife
https://www.quora.com/profile/SheilaHolfeltz749/elena-smesharik-angel-cash-amber-4-vabaddie97-aubrey-snow-Barefoothippy-bumbleknee-lovedontlive-Klissa-K
https://www.quora.com/profile/AustinHutchinson261/MissAmanda-Penelope-Black-Diamond-Pretty-Ashley-Abby-Paradise-VixenCurious-Kaye15-Ursula17-clarafoot_sg

#19 By 4240821 (103.152.17.80) at 10/31/2023 9:20:21 AM
https://app.socie.com.br/Superfrydayoxclementinexo
https://app.socie.com.br/read-blog/97211
https://app.socie.com.br/KalicygirlTheRoxRoom
https://app.socie.com.br/read-blog/98296
https://app.socie.com.br/read-blog/97182
https://app.socie.com.br/FeetGoddess2023sagelavandula
https://app.socie.com.br/ToriBabelillexy
https://app.socie.com.br/RedBelleLovely_lola007
https://app.socie.com.br/read-blog/98268
https://app.socie.com.br/APrettyRebelMistressLolaFilms

#20 By 4240821 (103.151.103.150) at 10/31/2023 5:55:12 PM
https://app.socie.com.br/read-blog/97439
https://app.socie.com.br/read-blog/98912
https://app.socie.com.br/AnastasiaHopeoksana5
https://app.socie.com.br/kitanasroseeeAnyaalexandrovna
https://app.socie.com.br/read-blog/98027
https://app.socie.com.br/read-blog/98304
https://app.socie.com.br/killermaeSofiaRemy
https://app.socie.com.br/Curvygirl1HazelX
https://app.socie.com.br/SalviaDreambunnyislewd
https://app.socie.com.br/read-blog/98803

#21 By 4240821 (62.76.146.75) at 11/1/2023 5:08:51 PM
http://activewin.com/mac/comments.asp?ThreadIndex=72727&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=3795&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=16092&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=77637&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=54324&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=33929&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84210&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=35286&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24605&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=7930&Group=Last

#22 By 4240821 (109.94.218.82) at 11/2/2023 12:32:25 PM
http://activewin.com/mac/comments.asp?ThreadIndex=14530&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=18587&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=83439&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=84510&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=53641&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=18568&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=23790&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=13502&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=64989&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=25060&Group=Last

#23 By 4240821 (212.193.138.10) at 11/3/2023 8:14:11 AM
http://activewin.com/mac/comments.asp?ThreadIndex=1495&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=13736&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=39882&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=65869&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=33726&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=67418&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=67000&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=40400&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=17337&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=2424&Group=Last

#24 By 4240821 (109.94.216.41) at 11/4/2023 9:31:20 PM
https://hotslutss.bdsmlr.com/post/655748151
https://hotslutss.bdsmlr.com/post/656143121
https://hotslutss.bdsmlr.com/post/654674757
https://hotslutss.bdsmlr.com/post/661434160
https://hotslutss.bdsmlr.com/post/654972736
https://hotslutss.bdsmlr.com/post/652153805
https://hotslutss.bdsmlr.com/post/665780334
https://hotslutss.bdsmlr.com/post/653600129
https://hotslutss.bdsmlr.com/post/652059679
https://hotslutss.bdsmlr.com/post/652043205

#25 By 4240821 (92.119.163.194) at 11/6/2023 1:40:05 AM
https://printable-calendar.mn.co/members/19895496
https://printable-calendar.mn.co/members/19917267
https://printable-calendar.mn.co/members/19913890
https://printable-calendar.mn.co/members/19893379
https://printable-calendar.mn.co/members/19893255
https://printable-calendar.mn.co/members/19893968
https://printable-calendar.mn.co/members/19895496
https://printable-calendar.mn.co/members/19892989
https://printable-calendar.mn.co/members/19912335
https://printable-calendar.mn.co/members/19893532

Write Comment
Return to News
  Displaying 1 through 25 of 320
Last | Next
  The time now is 7:27:52 AM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *