Reply With Quote
i think i'll get it.
http://www.dailytech.com/Hacker+Appl...ticle16273.htm
What do you all think?
Memory protections in Snow Leopard are still too weak, though it shows other improvements
Apple has been bragging about the security of its new operating system, OS X 10.6 "Snow Leopard". Leaping from Leopard to Snow Leopard, Apple gives its users limited antivirus/anti-malware protection (the feature currently only detects two signatures out of a handful of known OS X malware signatures).
Still, security experts aren't so hot on Snow Leopard, criticizing the operating system's default firewall setting of "off", its lack of fully automatic updates, and weak anti-phishing efforts for Safari. They also weren't impressed that Apple shipped with a vulnerable version of Flash, which downgrade users from the safer current version.
Now one prominent Mac hacker has pointed out a significant difference that makes Snow Leopard less secure than the upcoming Microsoft OS, Windows
Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests is about as experienced as OS X hackers come. He recently criticized Snow Leopard, stating, "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."
ASLR is address space layout randomization, a security technology that randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions. According to Mr. Miller, unlike Windows
Still Mr. Miller offered some praise for Apple. They rewrote QuickTime X, their video player, largely from scratch fixing many holes and insecurities in the process -- including an exploit Mr. Miller had been saving. He states, "Apple rewrote a bunch of QuickTime, which was really smart, since it's been the source of lots of bugs in the past. They've shaken out hundreds of bugs in QuickTime over the years, but it was still really smart of them to rewrite it. [Still] I'd reduce the number of file formats from 200 or so to 50, and reduce the attack surface. I don't think anyone would miss them."
He also praises Apple's relatively effective implementation of DEP (data execution prevention), another memory protection scheme that Windows 7 also has. DEP is also present in Windows XP Service Pack 2 (SP2) and Windows Vista. Still without ASLR, DEP is only so good he says. He states, "Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7. When Apple has both [in place], that's when I'll stop complaining about Apple's security."
So why aren't Macs being exploited left and right and why can Apple still air commercials claiming superior security? Mr. Miller states, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."
i think i'll get it.
until i get hit with some dumbass popups and mywebsearch.com bar i won't give 2 s less about said article.
shocking!
When (nearly) every company in the world runs Mac OSX, you'll get your wish.
When Mac OSX is on 90%+ of home computers, you'll get your wish.
Until that day, youre relegated to self-identifying with a character this actor portrays:
hi, i'm a mac!
ps: don't give a ... yeah yeah... don't give a ! what'a what! don't give a ... yeah yeah... i don't in' care.
psps: you people should had just slit my throat by now because that's how wide my smile is when i am laughing at all the bs i read here about pc and mac . ear to ear brotha! time for da'hash.
and to you too.
When (nearly) every company in the world runs Mac OSX, you'll get your wish.
When Mac OSX is on 90%+ of home computers, you'll get your wish.
Until that day, youre relegated to self-identifying with a character this actor portrays:
the media's twisting what a hacker is...
This is a hacker (named Richard Stallman)
These are crackers
HACKER
CRACKER
The internet practically runs on Linux, *BSD, and other UNIX variants (which also make up the core of OSX). A cracker could do a lot more damage by hitting UNIX servers than hitting people's home computers. The idea that there's no motivation to hit these non-Windows operating systems is just dead-wrong.When (nearly) every company in the world runs Mac OSX, you'll get your wish.
When Mac OSX is on 90%+ of home computers, you'll get your wish.
Until that day, youre relegated to self-identifying with a character this actor portrays:
Actually, that's the character that Apple assigned to PC. The PC market didn't suddenly decide to describe themselves as a bland 20 something who's trying to be hip.
yep just trying to be hip... that's it! good job sir!Actually, that's the character that Apple assigned to PC. The PC market didn't suddenly decide to describe themselves as a bland 20 something who's trying to be hip.
Why would hackers want to attack their own machines or their own gateways to the internet? They wouldn't even be able to brag about their own virus because they'd shut down their own network!
The primary target of hackers are businesses/home computers. Most businesses still run on Windows for their office computers. Most home computers run on Windows. This is the discrepancy being accounted for. Hackers most certainly don't want to destroy the internet, so this is why there has never been a widespread attack against Linux/unix. So actually, the logic is fine here, you just have to understand the motivation of the specific hacker you're talking about.
Last edited by Cry Havoc; 09-23-2009 at 03:07 AM.
I fully realize that and I am sure there are hundreds if not thousands of reasons why people would be interested in infiltrating a UNIX system.
First and foremost, I dont give a about Mac vs PC....like at all.
My point was/is this, MacOSX does not comprise the numbers I listed above.
Mac is not as widely used or exposed. When some coder writes a keylogging trojan, I sincerely doubt theyre writing it for the 90th percentile as that only reduces their programs probable targets and success rate.
Moreover, is Windows less secure? I'd say it is...I think the reasons are two-fold. One, its not the most secure code out there from what I read. But most importantly, its less secure because there is more incentive to cir vent it based on the number of users there are worldwide.
Thats my point in my comment to koriwhat. Its not that I dont like Mac (i think theyre pretty sweet, my buddy uses one as a graphic artist and I see the HUGE difference in performance in Photoshop, I own an iPhone), its that I dont like any fanboys, period.
People that actually side with companies of any sort based on some misguided loyalty or they just plain dont like something thats popular.
Point stands, Windows has penetrated, impregnated and divorced the market 3x over, whereas Mac has finally got his hand up her shirt.
this fanboy le is thrown around so loosely by those who stand up if not moreso then i do for their ty winOS systems. that's what's crackin' me up.
on top of that you sit here and say, "some misguided loyalty", which is even more amusing. loyalty? i bought 1 mac, 1, not 2 not 3 not 4 not an iphone, not an ipod, nothing more then 1 mac. and why did i buy it? because i was sick of the ty performance of my pc over 15 yrs when dealing with my graphics progams and now... now? no problems thus far with my mac.
as for "they just plain dont like something thats popular" is somewhat silly to me. i don't like vista or windows7 because it's popular? no, you got me all wrong, i don't like MICROSOFT products because they are lousy and have been for more then 15 yrs. take me back to 3.1! haha. trust me popular things are all good and well with me and if i had the money i'd probably would buy most things but i don't. you're getting your "fanboy" loyalty get in the way of clear thinking here... MICROSOFT has put out a ty product for yrs upon yrs and just like DELTA AIRLINES, i ain't buying the !
go ahead and buy your popular ty stuff and i'll just buy what helps me be more productive in my every day life. i don't buy computers or build them to brag about how their specs line up with some other nerds specs. i buy them for productivity and thus far my mac has out performed every pos PC i have ever had. it's no nasa system but when i can actually work in an environment not bogged down by bs 99% of the time then yes it's productive to me.
i love how you keep on with this "fanboy" ... it's hilarious especially coming from you, someone who's been called out for his own fanboy ways in another thread about the PS3. keep talking kettle.
btw, i don't own a hoodie except my pullover spurs one. i don't have anything from american apparel, i haven't bought jeans since the if i can remember, and my shoes are floss'n. i don't wear vans, i wear duncans! !
The Mac Guy is the biggest tool known to man. I'll probably never buy a Mac solely due to him.
Fair enough, but you sure seem to constantly berate anything PC all while sucking-off Mac. This isnt the first time and judging by your history, certainly not the last.
Just let it go, man...you got the message out. The check is in the mail.
i constantly, like yall calling me fanboy, joke though my sarcastic nature is hard to decipher on the net. i really could care less if you want to buy or use a PC with winOS. it's your choice but just like any forum out there, opinions are going to pop up. me saying, "buy a mac", has nothing to do with me really trying to tell someone how to spend their money and more so to do with me just wanting a good laugh out of what comes from saying such words.
Go Spurs Go!
A bunch of 360 owners calling me a fanboy is hardly valid evidence. But if it makes you feel better to think that, more power to you.
A bunch of winOS owners calling me a fanboy is hardly valid evidence. But if it makes you feel better to think that, more power to you.
Just installed Snow Leo today... Safari 4 got a nice speed bump with it, along with fixing the sig issue.
No viruses yet...
What would be a better way to steal credit card numbers? Find a buffer overrun in IE and use it to install a rootkit on anyone who goes to your site with ActiveX turned on or runs an executable from tainted torrent you post to isohunt? Or find one in *BSD so you could install a rootkit to a *BSD server running an online store where you can steal thousands of numbers at once? If Russian and Chinese crackers could break into the UNIX-based operating systems as easily as they can compromise Windows, they would be much better targets for them.
....annnnnnnnnd right over my head....
I am just going to go ahead and say I was wrong and that you were/are right.
There are hundreds of millions of individual computers in the world, usually with only one user on it, who typically has little knowledge of what's happening to his or her computer. The number of individual servers in the world is smaller by several factors. Most mainframes have their own personnel monitoring net traffic and ensuring that they are secure.
So basically, you try to hack a PC, you probably can.
If you try to hack a server, there is a much greater chance that you will be unsuccessful and traced.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
