I DON'T WANT PEOPLE TO BE PARANOID, AS SOME SEEM TO IMPLY. I DON'T WANT THEM TO BE COMPLACENT AND UTTERLY, TOTALLY CARELESS EITHER, WHICH SEEMS TO BE THE POSITION ADVOCATED BY SOME. any security person will tell you that complacency will lead to problems, reasonable security measures should always be taken, but reasonable depends on the value of the data on your machine and what you do with it. if you do anything more important than play games on your mac, you should have a hardware firewall, they're cheap and offer a lot of protection. on the other hand you probably shouldn't hire a security management company that watches traffic to and from your machine, nor should you do nothing. engineering, security, and a reasonable life all require balance and trade offs to be considered. just because you use a mac and run os x does not mean that you are immune from all electronic evils! any one who says you are is a fool, or at best behaving as a fool. geez....
Bruce Johnson wrote: -------- > Any Mac-specific virus is going to be caught quickly because so many > non-vulnerable hosts are going to get a copy of the virus that the AV > companies (and the IT world) will find out about it very quickly. on the contrary, people with non-vulnerable host rarely notice a new virus and are very, very unlikely to care enough to report it. viruses usually only get attention when they do damage or a lot of people get infected by them and aren't sure what the damage is as they tend to assume the worst (when viruses often do little or no damage, at least some of the newer ones don't do much. it's been suggested that some of these may be the work of av companies since it always raises their stock value and increases sales...) ---------- > My address book doesn't say who > has a mac and who has a pc, does yours? there was in fact a recent virus that targeted a specific application only used by 21,000 people, it spread by probing randomly generated ip #'s, it had infected all machines running that system in less than 24 hours! the fact that there aren't many macs does not mean a mac virus couldn't/wouldn't spread quickly. this happened less than 2 months ago and it was a high end application. apparently it was targeted by a former employee or someone else with a grudge. the important thing, it randomly probed ip #'s from infected machines and got all 21,000 (a very, very small fraction of the net) infected within 24 hours! the fact that an address book doesn't say what type of machine people use makes the problem worse, not better as it means the virus will be sent to all and claim to be from any of them, wasting a lot more bandwidth etc. ---------- > > os x has had a major security hole in the past (all versions of bsd > > did, and it > > was big enough to drive a truck through but quickly and easily fixed), > > translation, > > despite what some people seem to think based on religious fervor, os > > x, like any and all > > os's, does have significant security holes. > > Then why aren't we seeing significant intrusion activity on Macs. All > these fiendish blackhats aren't so good that no one's caught them ------------ yes, again, faulty logic. my house hasn't been broken into so it must be impossible to pick my locks... WRONG! (and i'd better renew my volcano insurance, it's working...) the main reason we didn't see a large scale attack of os x is that the white hats found it before the black hats and it was quickly patched (the hole had existed for over a decade!)! it was even quickly patched on macs apparently, meaning that even targeting macs would be a low yield exercise (it was very quickly patched on the other versions of bsd, it was a very easy patch). another point, most of the viruses are written by amateurs, and most intrusion attacks are by amateurs. the pro's are in fact good enough not to be caught, that's what makes them pro's and allows them to develop advanced methods, i.e. being able to play without being caught. > > > > pc's may be the main target of crackers, but if someone knows of a mac > > hole, they'll use > > it, and macs are becoming a more popular target because of their > > increasing popularity and > > possibly also because many mac users are somewhat smug about the lack > > of vulnerabilities, > > i would suggest that the emperor has no clothes... > > I would suggest you're seeing monsters in the closets. hardly. i'm not saying every one WILL be hit, but when someone is it can be a big deal, so the easy measures should be taken. that's not to say you should spend huge amounts of time and effort securing your home machine, but you should spend some time doing the easy things. security is always a trade off, you should always do the easy things that are highly effective, it's rarely reasonable to do the more extreme things. it's a risk benefit analysis, meaning you should neither sit behind the door with a loaded shotgun all the time nor should you hide your head in the sand and do nothing. ---------- > > > > i'd also suggest actually looking at the firewall logs occasionally, > > sometimes if a > > break-in is successful it will be obvious from the log- for instance > > there's an explorer > > bug where a fake plugin, disguised as a picture in a popup ad actually > > sets it up so that > > all of your keystrokes are sent to a sight in russia where they search > > the data for > > passwords and credit card information. i've been unable to find any > > info on whether this > > affects only pc's or pc and mac, but it could easily be both as most > > of the code is the > > same, they are not 2 separate programs, just the same program compiled > > for 2 different > > machines with a few minor changes necessitated by the os etc. > > Sigh. These are PC-only attacks using X86 ActiveX only holes. Of > course, if you DON'T USE I.E. there isn't a problem, now, is there? the virus i mentioned, uses a hole in I.E., not in x86 or activex, I.E. does have holes all by itself you know... as far as bothering to look at logs, it's silly to have a tool and not use it or not even learn how to use it. ------- > > > (codewarrior for instance > > makes it almost trivial to write one program that works on multiple > > machine types, and ----------- > > Only if the flaws exists in the common libraries shared by both apps, > and while Code Warrior is a wonderful tool, IE is not developed that > way. IE on windows is far more closely tied with the OS, and dependent > on its hooks deep within the OS to function. and many flaws will exist in the common libraries, and any set of libraries will have some flaws, security and otherwise, even math libraries will have some math flaws. and besides the libraries there can and will be flaws in the code written for a specific application. again, the basic rule of writing programs is that they will all always have one more bug! in large applications there will always be many, many bugs, and some of those will have security implications. and that's assuming people are even trying to do everything right, very often good algorithms are poorly implemented and often poor algorithms are used in the first place. > IE on the Mac is a stand-alone application. IE on the PC is not. This > is why all those IE-centric attacks work on PC's. That's why Microsoft > has abandoned IE for the Mac. They're getting rid of the stand-alone > browser, now it's just another part of the OS like windows and dialog > boxes. no, that's why some of them work. some of them do not require any dependence on being linked closely with the os. besides, any and all properly written applications make use of many, many system calls (hooks), that's the way you are supposed to write code for compatibility with future os versions and across different machines (even across different macs). IE is not a "stand alone" application on the mac, nothing is. it makes extensive use of various system calls relating to memory and drive storage, not to mention many routines for user interface (and other things). any of those routines can be a point of attack. a flaw in IE itself can create a security hole that the os doesn't stop. and again, like all programs, os x does have flaws, that's one of the main reasons for new versions of it and for patches, they aren't just to add new features! -- <http://www.informationclearinghouse.info/article3267.htm> proof that the U.S. media is now state controlled! Ask your' local tv station why the hell they aren't airing the news any more! Our system of government requires an informed public, with their eyes open. -- G-List is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
