On 2010-04-07 06:22 , Godfrey DiGiorgi wrote:
However, all of the citations you posted, and steve posted, are not citations of actual incidents. They are reports of professional investigators finding malware, not actual incidents of malware affecting users.
my post wasn't about malware, it was about zero-day exploits, which are descriptions of exploitable methods that were published before the "hole" had been patched; some had enough detail to be exploited by even "dumb" black-hats; i didn't claim any of these had been used against someone, the point is to show a non-zero level of risk exists and that many vectors are *not* patched by Apple soon enough to negate specific risks
i think it's also important to realize, as highlighted by the prevalence of PDF exploits, and of web-based exploits which work with any browser, that OS-specific malware and viruses are now in the minority among all threats; i'm sure Mac users have been victims of cross-site-scripting and other web-based exploits
even if it were possible to prove "nothing's been exploited yet", that wouldn't be evidence of security; at best you can say that the risk on Mac OS X is somewhat less than on Windows; keeping software up-to-date is worth doing, but it's not a complete security solution
I have seen other issues like Larry's crop up from time to time ... not the specific one he's experiencing ... and in every case they had nothing to do with malware or virus attacks on the system.
and to be clear, i wasn't suggesting Larry's problem was due to a security exploit
-- PDML Pentax-Discuss Mail List [email protected] http://pdml.net/mailman/listinfo/pdml_pdml.net to UNSUBSCRIBE from the PDML, please visit the link directly above and follow the directions.
