On Wednesday, August 18, 2004, at 01:07 AM, Philip Stortz wrote:
definitely use ethernet.
also definitely, absolutely get a good hardware firewall, read the manual, and change the
default password on the thing!( there are now a number of exploits aimed at firewalls
rather than routers, particularly since the majority of them are still setup to use the
factory default password. not changing that number is like having 1-2-3 be the
combination to your briefcase, easy to remember, but stupid!). you definitely need a
firewall, despite what some may say, crackers do try to break into individual machines, in
fact there are email viruses designed to take over a machine so it can be used for
spamming, denial of service attacks, etc.
Only on PC's. And only because there are huge populations of PC's to be turned into zombies. If I can write a virus that gets me half a million systems that I can then 'rent' in the short period of time before it's discovered, why would I ever write one that may get me thousand systems before it's discovered. It's all about the volume.
Adding in a financial motivation merely ensures that the lowest common denominator will continue to be the target. I mean, it's not like they're having any problems continuing to attack Windows.
There is no e-mail viruses targeting the Mac OS. Only one, to my knowledge has ever been made, 'Simpsons' which targeted Outlook Express under OS 9. Wildly unsuccessful, as it would have to be.
A virus targeting only 5% of a population of computers is NOT going to spread that fast at all. Rapid spread depends on a high concentration of vulnerable hosts, whether you're talking email or cold viruses. Email cannot distinguish the recipient's host type.
Any Mac-specific virus is going to be caught quickly because so many non-vulnerable hosts are going to get a copy of the virus that the AV companies (and the IT world) will find out about it very quickly.
This is the crux of the existing problem. Our computing environment is largely a monoculture; Windows.
Like potatoes in Ireland in 1843, we're enormously vulnerable to viruses targeting Windows. Even if there *were* email viruses targeting Macs, the spread would of necessity be extremely slow simply because they wouldn't reach hosts that fast. My address book doesn't say who has a mac and who has a pc, does yours?
some of these things are also done without viruses.
Only on Windows, exploiting system shares with poor passwords or unpatched systems.
os x has had a major security hole in the past (all versions of bsd did, and it
was big enough to drive a truck through but quickly and easily fixed), translation,
despite what some people seem to think based on religious fervor, os x, like any and all
os's, does have significant security holes.
Then why aren't we seeing significant intrusion activity on Macs. All these fiendish blackhats aren't so good that no one's caught them yet...the biggest targets we're seeing are Windows followed by Linux. This is not religious fervor, it's looking at actual intrusion data. (yeah yeah yeah, most intrusions are never reported. That's because most are on corporate networks, which are usually 99-100% Windows.)
pc's may be the main target of crackers, but if someone knows of a mac hole, they'll use
it, and macs are becoming a more popular target because of their increasing popularity and
possibly also because many mac users are somewhat smug about the lack of vulnerabilities,
i would suggest that the emperor has no clothes...
I would suggest you're seeing monsters in the closets.
And the AV vendors are Monsters, Inc. making their living off of scaring you.
i'd also suggest actually looking at the firewall logs occasionally, sometimes if a
break-in is successful it will be obvious from the log- for instance there's an explorer
bug where a fake plugin, disguised as a picture in a popup ad actually sets it up so that
all of your keystrokes are sent to a sight in russia where they search the data for
passwords and credit card information. i've been unable to find any info on whether this
affects only pc's or pc and mac, but it could easily be both as most of the code is the
same, they are not 2 separate programs, just the same program compiled for 2 different
machines with a few minor changes necessitated by the os etc.
Sigh. These are PC-only attacks using X86 ActiveX only holes. Of course, if you DON'T USE I.E. there isn't a problem, now, is there?
(codewarrior for instance
makes it almost trivial to write one program that works on multiple machine types, and
this is a very common practice for any application that runs on more than one type of
machine, and usually that means any bugs and flaws will be on both versions).
Only if the flaws exists in the common libraries shared by both apps, and while Code Warrior is a wonderful tool, IE is not developed that way. IE on windows is far more closely tied with the OS, and dependent on its hooks deep within the OS to function.
IE on the Mac is a stand-alone application. IE on the PC is not. This is why all those IE-centric attacks work on PC's. That's why Microsoft has abandoned IE for the Mac. They're getting rid of the stand-alone browser, now it's just another part of the OS like windows and dialog boxes.
--
"Wherever you go, there you are." - B. Banzai, Ph.D. Bruce Johnson
-- G-List is sponsored by <http://lowendmac.com/> and...
Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! |
Support Low End Mac <http://lowendmac.com/lists/support.html>
G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/>
Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
