Apple in danger of becoming the new Microsoft

orangepeel

orangepeel

Messages
177
Edit My Images
Yes
Apple in danger of becoming the new Microsoft
Full of holes that are slow to patch
By Nick Farrell: Monday 01 May 2006, 06:33

APPLE USERS long running feeling of invulnerably to viruses is starting to take a battering, and the outfit is proving that it is at least as bad as Microsoft in dealing with them.

Security researcher Tom Ferris has blown the whistle on Apple's slow reaction to patching saying that he gave the Cappuccino based outfit notice of several serious security bugs in January and they failed to patch them.

Read More...
 
Tom Ferris sounds a bit like another Steve Gibson :cautious:

So he 'found' seven vulnerabilities - with just a couple of people who had been 'caught'. What does that mean? A vulnerability does not equal an exploit and as no hackers/morons were exploiting these so called 'vulnerabilities' that he discovered, why does he feel it necessary to publicise them. Because he's a self-publicising drama-queen maybe? The real danger is nerks like him telling the hackers/morons where to look for possible vulnerabilities.
 
:LOL:

Dear Apple
I guess you should install an espresso machine in a bid to catch up.

Regards
A gloating Microsoft user.

----

I was always under the impression OB that it’s not really the manufactures 'fault' ...more, how large is the army of hackers trying to discredit you?

I use firefox as a browser and even that seems to have grown vulnerable recently. I guess the hackers have decided there are other fish to fry after all.
 
2blue4u said:
Tom Ferris sounds a bit like another Steve Gibson :cautious:

So he 'found' seven vulnerabilities - with just a couple of people who had been 'caught'. What does that mean? A vulnerability does not equal an exploit and as no hackers/morons were exploiting these so called 'vulnerabilities' that he discovered, why does he feel it necessary to publicise them. Because he's a self-publicising drama-queen maybe? The real danger is nerks like him telling the hackers/morons where to look for possible vulnerabilities.
Click to expand...

Easy tiger... don't have a go at the messenger.

How many times did u laugh/groan (depends on the side of the fence u r on) when a white hat hacker published an exploit coz MS was slow to fix it?

You actually sound like an MS propagandist. Security through obscurity has NEVER worked. Watching the joke that is MS Security should tell u that.

The answer is to fix any vuln's quickly and efficiently. Not to scream at the person who found em.
 
Both MS and Apple issue bug-fixes periodically, batching together a collection of various fixes and improvements. Only the most serious problems are fixed by way of an immediate interim update. These 'vulnerabilities' did not warrant such action and Apple already had these fixes for these 'vulnerabilities' scheduled for the next update and Tom Ferris knew this.
 
Well if you think having known holes in your system for 3 months is OK then who am I to judge.
 
orangepeel said:
Well if you think having known holes in your system for 3 months is OK then who am I to judge.
Click to expand...
Did I say this?

More to the point. Where are the real attacks? Where are the real exploits? Where are the real viruses? Nope, can't see them :) These are 'vulnerabilities' which a security researcher has found but haven't been exploited. I wonder why he's doing this - who is funding him?

It wouldn't suprise me if Tom Ferris is in the employ of some anti-virus software company who are peeved at the increasing installed base for OS-X who have no need for their products :LOL:
 
Who's funding him? Well, MS maybe?!
 
2blue4u said:
Did I say this?

More to the point. Where are the real attacks? Where are the real exploits? Where are the real viruses? Nope, can't see them :) These are 'vulnerabilities' which a security researcher has found but haven't been exploited. I wonder why he's doing this - who is funding him?

It wouldn't suprise me if Tom Ferris is in the employ of some anti-virus software company who are peeved at the increasing installed base for OS-X who have no need for their products :LOL:
Click to expand...

m8, no offense but you seriously need to wake up.

Security researchers do it for many reasons, some coz they like to make a company look inept, some because it's their job and others because they enjoy it. Many do it because it's an excellent way to get a very VERY well paid job as a consultant for companies. I'm sure there are many other, not quite so pure reasons.

Just because they found flaws doesn't mean they are biased in some way. It means there was a flaw in the thing they where researching. Why does it matter their background? The flaw exists and is unpatched. You need to shout at the vendor for not fixing this sooner rather than getting all personal on the researcher.


p.s. I acknoledge that not all vulnerabilities are exploited (or even exploitable) however the longer they are left unpatched the greater the chance of an exploit.

The Windows crowd has learned this the hard way. You can take something from those lessons or you can keep you head covered and pretend there is no problem and it's everyone elses fault. Your choice.
 
orangepeel said:
m8, no offense but you seriously need to wake up.
Click to expand...

Not me guv.

No offense but.... :( :( :bang:

No offense but ... you can't see the wood for the trees - the trees being the forest of viruses/trojans that inhabit the MS world.

a flaw DOES NOT EQUAL an exploit DOES NOT EQUAL a valid virus

Show me one virus/trojan for OSX other than one written as a test-bed that involved multiple input from the user INCLUDING his security password - lol

I say it's scaremongering by the anti-viral 'security' industry frightened by the lack of REAL exploits in OSX. You say it's a real 'flaw' that we should be worried about. Let's agree to disagree.

Those trees look nice.
 
Mac's have always had viruses. There have been OSX exploits before and Apple have patched them. Safari used to simply download files and open them, but now it asks. There was a well known exploit in the dashboard too that was patched. Its not really anything new. I'm not going start running a firewall and Norton Bloatware just incase.
 
I would guess that the reason fewer exploits have been found/abused is the smaller scriptkiddy user base of the mac o/s? likewise Linux.
 
i never mentioned viruses but, hey ho. if you are 100% secure then cool, all kudos to u.
 
Geez you're being very argumentative about this. In your opening post you said;

APPLE USERS long running feeling of invulnerably to viruses is starting to take a battering, and the outfit is proving that it is at least as bad as Microsoft in dealing with them.
Click to expand...

Then in the article linked the title is;

Macs no longer immune to viruses, experts say
Click to expand...

The whole thing is about exploits, viruses, trojans, vulnerabilities, etc.
 
erm. those are not my words. those are from the article i quoted.

jeez u apple users sure are touchy. I didn't think I was being argumentative. I just was doing a public service letting you know about potential problems. I didn't realise macs where perfect and had no flaws or that daring to question st. jobs of cupertino was a hanging offense.

guess we live and learn.
 
Not touchy at all. But the whole thread is based on an article about Macs being vulnerable to viruses. Thats why we're talking about viruses. You started it! *throws handbag*
 
actually, I'd say it's about cupertinos slow reaction to vulns... viruses where mentioned in the first sentence and not again. the rest of the article is about apple being slow to patch.

As for all the touchyness. I'm guessing some of you didn't actually bother reading, in that case I draw your attention to the closing statements..

"It is possible, however, that even with only a five per cent market share, hackers have suddenly woken up to the fact that there are a lot of easy marks running around without any protection because they believe that they are invulnerable."


Feel free to heed the warnings us windows users have had to endure for years or continue walking around with your fingers in your ears shouting "lalalalalalalala" to your latest iTunes download.
 
if your going to have an argument, can you keep it civil please gents?
 
Matty said:
if your going to have an argument, can you keep it civil please gents?
Click to expand...
Sorry boss :) I wonder if Orangepeel would be suprised to know that I'm running Windows, without a firewall or av on my laptop. Fresh install though :D I don't run a firewall on my desktop PC either. I do run NOD32 on it though. I've been a PC user for about 13 years. What ever made you think I was an Apple fanboy? I know all about security issues, vulnerabilites, l33t hax0rs n stuff. I'm not worried at all. Never had an issue with my PCs. Bring it! Common sense > *
 
Fact remains any computer regardless of OS is much like a chain, only as strong as the weakest link, and in many cases that will be the user, or the way they use their machine.

I would never assume an Apple to more secure, or less vulnerable to viruses, trojans, or other hacks, that would be a sure way to become a victim.

Most machines I have to fix with problems related to this thread tend to be 90% user related, either they are using their machines for dubious pruposed;) which means accessing suspect sites or software, or they just dont acknowledge or consider simple prompts that popup, and so find themselves pretty much clicking "yes" to everything.

As Petemc says the best defence is common sense, I still use firewalls and virus checkers though:)
 
Warspite said:
Most machines I have to fix with problems related to this thread tend to be 90% user related, either they are using their machines for dubious pruposed;) which means accessing suspect sites or software, or they just dont acknowledge or consider simple prompts that popup, and so find themselves pretty much clicking "yes" to everything.

As Petemc says the best defence is common sense, I still use firewalls and virus checkers though:)
Click to expand...

Yer exactly. On my Dad's PC with the same protection as me, he gets viruses. Um how!?! Simple. He's just not as aware of the problem as I am. I am going to get him to switch to a Mac simply because its less of an issue with them. For now anyway :)
 
well given the replies, that makes this thread even more pertinent.

Those who don't practice safe computing because they believe they are already safe or are ignorant of the dangers are invariably the first to fall. But the whole point is as much as you can blame ignorant users, apple dragging their feet on releasing patches can't possibly help the situation.
 
tis true, my colleague at work gets all kinds on his pc as he opens every email he gets!
 
Matty said:
tis true, my colleague at work gets all kinds on his pc as he opens every email he gets!
Click to expand...


Dear Matty,

What's his email address?

Yours,

Dr. Inchumbigumballs, Lagos.
 
Marcel said:
Dear Matty,

What's his email address?

Yours,

Dr. Inchumbigumballs, Lagos.
Click to expand...

dont tell me, you are a nigerian banker and happen to have £200squillian that you want to share with me?:puke:
 
your all forgetting a fundamental difference in windows and OS X.

OS X is Unix based, which simply means that it runs the user in a non-admin account. This basically means that whatever vulnerabilities it has, the kernel won't let anything happen until the user enters their password. Yes, you could probably format the system, screw up the GUI, but the base system will never be affected without the system password in the way that windows is.

Leo
 
although better than nothing, that only secures the system itself, not the user and their data.

most windows attacks are designed to gather either personal info, zombie the machine or something similar. having user level access doesn't stop any of this as the hostile code has the exact same rights as the user. So if the user can use the internet, so can the hostile code. If the user can email then so can the hostile code.
 
And there's more: -

Sharp increase in Mac OS X flaws detected
Apple's reputation for security in tatters
By Nick Farrell: Tuesday 02 May 2006, 08:06

INSECURITY EXPERTS at the SANS Institute have noticed that there have been a sharp number of flaws being discovered in the Mac OS X.

While the outfit confirms that the Mac machines are still safer than those running Windows, it says that is only because there are so few of them, hackers can't be bothered.

However, according to SANS semi-annual update, "The number of flaws being discovered in the operating system is leaving its reputation as a secure alternative to Windows in tatters,"

A spokesSANS said that Apple users felt invincible when they have their shiny silver-colored Apple and they are surfing the Web, but that was a mistake, because "there’s a significant amount of research going on for security vulnerabilities in the Mac OS."

Read More...
 
orangepeel said:
dullards at the SANS Institute have noticed that there have been a sharp number of flaws being discovered in the Mac OS X.
Click to expand...
this is simply the result of more people devoting more time to looking. Give it a rest :bang:
 
we HAD a room but I got kicked out coz of yet another story...


Unix, Linux and Apple flawed, says Homeland Security
Critical vulnerability
By Nick Farrell: Wednesday 03 May 2006, 09:26

THE US DEPARTMENT of Homeland Security has flagged a critical vulnerability in Unix and Linux OSX operating systems.

The flaw is in the X Window System, which is a toolkit used to build Unix, Linux and OSX GUIs. BUg-sniffing firm Coverity, which has been hired by Homeland Security under a under a $1.25 million grant to find critical bugs, said the flaw was the "biggest security vulnerability" found in the X Window System code since 2000.

Read More...


However given this is from the american govm't, I'll concede it's probably a multifarious ploy by that bastion of the american way, st. billy of redmond to murder death kill that commie lefty <grandma edit> st jobs of cupertino.
 
You must log in or register to reply here.
Back
Top