" I mean, when you cannot even run Outlook without elevated permissions, it becomes kind of pointless (based on Outlook 2003 not working as a regular user)."
What? We have 1000's of non-admin Outlook users. Going back a couple of versions. -sc > -----Original Message----- > From: Mayo, Bill [mailto:[email protected]] > Sent: Wednesday, April 28, 2010 1:03 PM > To: NT System Admin Issues > Subject: RE: WTF? Fake AV > > That one sent me to Google. The quote is accurate, but I thought the stated > reason was interesting as well. As I interpet it, he says that in most any > browser it is easy to find bugs (in which he can place things into memory), > but that the actual exploit is easier in Mac OS because "I put the code into a > process and I know exactly where it's going to be". I have to assume that is a > browser issue, not an OS issue, because Mac OS X has been using "system > library randomization" > for a while now. (I understand that the OS needs to control/limit what the > application does.) As I have said before on this forum, you can say what you > will about the reasons why there is an extremely minimal amount of malware > on the Mac as compared to Windows (70,000 new per day!), but the fact > remains that you are much "safer" running Mac OS X today than you are > Windows. Mac OS X does have some issues that need to be addressed, and I > think you will see more of that real soon now, as they have recently had > some high profile hires in that area. > > That said, I still think the original statement that the "security model is > better" is something of a different animal. The security model to me is more > of a general philosophy of how the user relates to the operating system. > Mac OS X, which is based on BSD Unix, uses the multi-user, least-privilege > model and has since day 1. Whether designed for it or not, that has not been > the model in use in the Windows world until relatively recently. I mean, > when you cannot even run Outlook without elevated permissions, it > becomes kind of pointless (based on Outlook > 2003 not working as a regular user). > > Bill Mayo > > -----Original Message----- > From: Angus Scott-Fleming [mailto:[email protected]] > Sent: Wednesday, April 28, 2010 12:27 PM > To: NT System Admin Issues > Subject: Re: WTF? Fake AV > > On 28 Apr 2010 at 11:00, Steven M. Caesare wrote: > > > > While I am not a huge fan of MACS, their security model is obviously > > > > much > > better than Windows > > > > I'd suggest that's an ill-drawn conclusion. > > +1. Charlie Miller, the Pwn20wn champ three years running, hacks Macs > +by > choice over Windows because he says they're easier to hack. > > -- > Angus Scott-Fleming > GeoApps, Tucson, Arizona > 1-520-290-5038 > Security Blog: http://geoapps.com/ > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
