Rich Bright wrote to assuage my fears;
OS 9 is very secure! It is not immune from compromising software infections, but they are extremely rare.My experience at using and protecting networked computers is long and varied. At home, I run multiple Windows boxes, OS 9 with Norton and bare OS 9 as well, OS X boxes and an occasional Linux box. My main email machine is a beige G3 on OS 9 with Eudora because it just plain works and is not a security risk as compared with the other alternatives. I run a real hardware firewall (Sonicwall TZ 170), syslog, and frequently run packetsniffers on my networks. If something bad was happening on my network, I'd know it. As far as I can tell, nobody in Russia knows anything about my OS 9 boxes. We won't talk about my Windows boxes, they are the reason I run all the other crap so I know what is happening. In my previous life (back when OS 9 was hot) I spent 7 years as a professor of computer science and managed 4 networked labs of PCs and Macs ( 110 boxes total) in addition to teaching programming and network administration. Pre OS X Macs have always been very reliable and almost immune to internet attack. I have never seen an OS 9 box get busted from an internet attack. I have seen machines compromised, but it was a local attack which required someone to have physical access to machine. If you care to (pointlessly) argue with your friends you might use these points. Compromising a host requires four things. 1) An means of establishing a connection to the computer. 2) A means of taking control of a connected process. 3) A means of executing the program code to permanently infect the target. 4) A means of communicating back out after compromise. OS 9 and earlier make items 1-3 much more difficult than alternative operating systems. You must have launched software to listen to a TCP port on a Mac to open the door to connection. You can do this by double clicking or adding aliases to the Startup Items, control panels or extensions. Because OS 9 (unlike OS X and Windows) lacks a command line interface, this is almost impossible to do this remotely in "normal" configurations. That is, they have little way of starting a ftp server to upload the infection. Assuming someone accomplishes items 1 and 2 above, the lack of a command line interface again makes is almost impossible to accomplish item 3 above. If someone does get control of your machine, that control is likely to disappear with the next reboot. Windows, Linux and OS X all present number of open ports by default. Each of these is subject to exploitation. They also have a command line available to execute other files which have been loaded onto you machine OSX and Linux at least offer better implementation of execution privileges so you must at least give permission to run a rogue program by entering an admin password. Windows on the other hand has a command line and frequently default administrator privileges. The combination makes Windows inherently more difficult to protect. Application level attacks through plugins etc are possible but I have not seen them in the wild. I'd be interested to hear if anyone has different experiences or opinions.
___________________________________________________ Thanks Rich for the most incisive posting yet on this thread. I really appreciate your taking the time to lay it out in an understandable way. -- Adrian -- PCI-PowerMacs is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- Sonnet & PowerLogix Upgrades - start at $169 | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> PCI-PowerMacs list info: <http://lowendmac.com/lists/pci-powermacs.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[email protected]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive:<http://www.mail-archive.com/pci-powermacs%40mail.maclaunch.com/> iPod Accessories for Less at 1-800-iPOD.COM Fast Delivery, Low Price, Good Deal www.1800ipod.com
