Interesting People mailing list archives
more on mac viruses and quote and apple pie
From: David Farber <dave () farber net>
Date: Sat, 21 May 2005 14:37:38 -0400
Begin forwarded message: From: Rodney Joffe <rjoffe () centergate com> Date: May 21, 2005 12:30:27 PM EDT To: David Farber <dave () farber net> Subject: Re: [IP] mac viruses and quote and apple pie Hello Dave, On 5/21/05 4:29 AM, "David Farber" <dave () farber net> wrote:
Please do
You have had a number of readers who have responded providing some of the
details of the vulnerabilities of Mac OS-X already.The overall impression is one of "There are easier targets, like Windows, and the exploits are very quickly identified and patched, and Mac OS- X is a much better option". All very true. I run OS-X on all my personal machines
for just that reason.But to contend that there are no known exploits in the wild, and the only virii that were UNIX specific were ten years ago is disingenuous at best.
As an opener, here is a Techworld article from earlier this month.: http://www.techworld.com/security/news/index.cfm?NewsID=3598 Just a small excerpt:" The flaws patched this week are more serious than those addressed by the
April patch, with some of the new bugs allowing remote attackers to runmalicious code on a user's system. A buffer overflow in Apache's htdigest
program could be triggered via a CGI application to allow remote system compromise, Apple said.An integer overflow in AppKit could allow for malicious code execution via
malformed TIFF images; two flaws in the libXpm library could allow codeexecution via another image format, XPM, although Apple noted that libXpm
isn't installed by default. A bug in the Foundation framework's handling of an environment variable could result in a buffer overflow, allowing the execution of code, Apple said. Help Viewer could be commandeered by remote attackers to run Javascript without the usual security restrictions. A buffer overflow in NetInfo's Setup Tool (NeST) could also allow remote code execution." That is covered in just one patch.But the claim that Mac OS-X is not vulnerable to virii, which is the fallacy some folks are perpetuating, is best put to bed by a little contest "almost" taking place through the folks at DVForge. It seems odd that there would be
such an outcry if there was no risk. No? http://www.dvforge.com/virus.shtml Another interesting article describing some of the fundamental issues:http://news.com.com/Darwin+flaws+survive+in+Apples+Mac+OS+X/ 2100-1002_3-5540
955.htmlTo understand more of the vulnerabilities, and how to patch them, above and beyond waiting for problems to be found and patched by Apple and OS-X app
vendors, a good start is at http://www.bastille-linux.org/ There is no doubt that Mac OS is a better choice. The OS is better, thevendor is far more reactive, and the users are far better informed, so they share information quicker. But *don't* believe for a moment that because you use a Mac, you have nothing to worry about. As I said in my original post, I
deal with compromised machines almost every day that are part of largerbotnets, and that are running Mac OS-X, with the owners believing that they
were secure. HTH Regards, Rodney Joffe CenterGate Research Group, LLC http://www.centergate.com "Technology so advanced, even WE don't understand it"(R) ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on mac viruses and quote and apple pie David Farber (May 21)