Bruce Johnson wrote: > > On Sunday, February 22, 2004, at 03:01 AM, Philip Stortz wrote: > > > > > classic, unfortunately is run on top of os x, and indeed does not load --------- > Yes it does! If you click the little reveal arrow of the window that > comes up while Classic is booting you will see the old OS 9 boot > screen, complete with marching extensions...
no, it doesn't really, at least not in the same way os 9 does by itself. yes, the icons show up, and they are "installed" under classic, sort of. what really happens is that os x sits between the hardware and classic and emulates the hardware so that the extensions can have access through os x, but it is not direct and doesn't always work correctly since they are dealing with a hardware abstraction layer in os x that mearly simulates the hardware while the os x drivers are the ones that really access peripherals and system resources. ----------- > 1) Out of the box, OS X is very secure. Nothing is turned on; it > doesn't have the myriad of weird little services running you can get in > a poorly set-up Linux box, for example. Telnet, FTP, heck even logging > in via ssh is turned off. ---------- no, in fact, until the "mremap" vulnerabilities are fixed it's terribly insecure, see: <http://www.openwall.com/linux/>, the same vulnerabilities exist in all versions of bsd, which do have a patch based on the linux fix. i checked apples software updates and couldn't find this fix for os x, and this is a huge, huge bug in that an intruder could take over your machine completely and access anything on it. it's similar to a recently discovered windows bug. what's worse is that it was found over a year ago and most linux and bsd versions didn't incorporate it because not enough people were aware of it. if apple has released a patch for the mremap vulnerabilities i'd like to know, i want to use os x, though hopefully a hardware firewall running a patched os would protect os x from this hole it's best to have it closed on all systems that are web connected. secondly, of course more services running means more potential security problems, however, you always have the os running and tcp, (and at least one client or server) all of which can have bugs and very often it is tcp (and it's many parts) that is attacked by people trying to break in. there is only anecdotal evidence that os x is reasonably secure, that doesn't mean that it is, just that the holes aren't widely known, or at least not known to many. that's why there are always security updates to any os, new bugs are always being found and some of them will be major security holes no matter what os is being discussed. ----------- > 2) What spyware or virus problems? There are NO OS X viruses, and no > spyware I've yet to find being sent around (you can indeed have > programs that function as spyware, but they don't get installed because > you think you're installing a pop-up blocker in IE... actually, that's frequently exactly how spyware gets installed, by installing an application that does something useful but also has spyware in it. again, the fact that you or the mac community aren't aware of any spyware or viruses doesn't mean they aren't out there. spy ware (and viruses) aren't supposed to be obvious and works best before any one discovers a particular piece of spy war (or virus). also, spy ware (and viruses) doesn't have to run directly under os x, it can be java for example in which case it's more dependent on the browser than the os. spy ware can also run at the other end or take the form of cookies or "one pixel icons" which are commonly used to track surfers. yahoo has announced it's intention to have such a web beacon (aka one pixel icons) on every internet connected machine. many applications have a scripting language, and there are viruses for many of them, i.e. there are viruses that propagate through word and through adobe acrobat. often these scripting viruses are passed on to any other document that's opened. > > 3) Software vs. Hardware firewalls are not much different, as hardware > firewalls are merely specialized computers doing the same thing that a > software firewall does, with no resources used on the protected > computers. ---------- the major difference is that they are setup and mostly left alone, users aren't adding programs that may break the firewall, and often parts of the os like a graphical environment aren't included, eliminating the associated vulnerabilities. also, in many hardware firewalls the code is in eeprom and can't easily be changed by an attacker, unlike a users machine where it will live in ram and on a hard drive, both of which are more easily corrupted by accident or deliberately. --------- > > i use a software firewall now, and even on a dialup line with a > > dynamic ip i get an amazing number of incursion attempts, which often > > create a denial of > > service effect just because of the number of attempts from different > > machines or from an > > aggressive machine, and i've run into some pretty obnoxious and > > rapidly repeated incursion > > attempts that just tie up all the bandwidth. > > A hardware firewall is not going to do diddly to help this. If you're > on a *dial* up system and this is eating your bandwidth complain to > your ISP, or get a different one. i don't expect a hardware or software firewall to solve bandwidth poisoning problems from rapid and repeated incursion attacks, i mentioned that simply to explain how prevalent break in attempts can be. i don't expect or want my isp to block these attacks as i want to decide what ports and ip addresses can talk to me and that i can talk to and with which port numbers and protocols. ------------ > Also, what software firewall are you running? Some of those, when > mis-configured, do a dandy job of DOS'ing themselves though > over-reporting. Some will let you monitor every bit of TCP/IP traffic > to and from your computer, turning them into packet sniffers as well. of course, again you are right. any poorly configured software can slow things down. however, what constitutes misconfiguration depends on the specific application. further, packet logging of break in attempts is something that i want so i can determine what attack it is and spot new ones, hopefully before they manage to get in or at least before they get in a second time. however, yes, it's rarely necessary to log all of the traffic (at least it's not necessary to log all of the packets, logging all of the connections on the other hand is a good thing). it doesn't hurt to have hardware and software firewalls running, multiple perimeters are usually more secure in that what one firewall misses the other may catch and it creates a situation where the attacker usually has to defeat both systems, not just one and they have to break the hardware firewall before they can break the software firewall, usually. ------------------ security is mess, i'm on and regularly read a number of security list, and the number and scope of problems are far more severe than most people realize. fortunately, when holes are reported they are usually patched quickly, but not always. many software makers just don't care about security, and it's very hard to make an application (i.e. a client or server) secure if security wasn't taken into consideration when it was written. this is one of the problems with windows in particular. you can call me paranoid, but there are a lot of people trying to break in out there. remember, only the paranoids expect the spanish inquisition. obviously no net connected machine can ever be completely safe, but that doesn't mean you shouldn't do what you can to secure your' machine (within reason). obviously it also depends on the value of what's in a given machine or on a given network. if it's business information it's worth a lot more trouble to protect it than if it only runs game software or plays music and video's or is only used to surf casually. in my case, i will eventually have some valuable data on my machine that i'll want to protect. -- G-List is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
