[Solaran_X]

http://tech.yahoo.co...ogs/null/117188

After all those years of claiming how Macs are more secure than PCs, apparently someone got bored and decided to shatter their illusion of safety by writing a malware program and distributing it online to infect 20,000 Macs worldwide.

Props to the author(s) of the malware for knocking Mac down a notch or two in their ego ladder.

[Cybercat]

The mac is probably way more secure than windows, but there's a risk in that too. Users will be less careful when it comes to installing stuff, downloading, using antivirus software... after all, they're using a "safe" mac.

I use IE under windows and I've not had a virus in a long time. Why? Because I know the risks and take proper precautions. The first big mac virus will probably make lots of victims, but hopefully this will raise the awareness in people that nothing is 100% safe so they should always think before they act.

[Shluey]

The mac is probably way more secure than windows

Do you have any basis for this assumption? Market share dictates that the number of exploitable vulnerabilities found is just a measure of the popularity of windows. If anything I would say windows is more secure because there are so many more people looking and trying to exploit vulnerabilities.

[Evil Pig]

there was a CAD or Penny-Arcade where the two were talking about this very issue and it ended with

"Mac: Nobody gives a fuck"

[J_A_X]

The mac is probably way more secure than windows

Do you have any basis for this assumption? Market share dictates that the number of exploitable vulnerabilities found is just a measure of the popularity of windows. If anything I would say windows is more secure because there are so many more people looking and trying to exploit vulnerabilities.

I can pretty much say that mac is more secure than windows because of two facts:

-Windows is horrible at software design. To actually make IE an integral part of their operating system (it's essentially windows explorer) leaves it open to lots of possible exploits
-Macs are based on the linux kernel, hence the design of the whole system is a lot more tiered and secure (just like linux)

I just see it has bad decisions made by Windows. I doubt we'd be in the same predicament if a linux distro was distributed with all computers instead of windows.

[Solar]

JAX I gotta disagree. There was a contest a few years ago called "hack the mac" in which pentagon officials offered a reward if someone could hack their this new (Secured) mac network. 7 hours after news conference it was done.

It really has to do with popularity. With windows running most of the stuff out there people want to exploit it, as mac gets more people more people will care about it, but right now it's just not a big deal.

VMS hacks were common back in the 80's & 90's but you don't hear about them too much any more... cause no one cares about VMS.

[Joe Dalton]

The mac is in fact more secure (also you have your timeline mixed up linux is based off the unix kernel).

Not in fact because windows sucks at programming lolololol!!111!!!!111 roflmao etc etc. But because of priorities. Windows is made for the general user, this means it needs to be far more open in what it allows. Which is why games and such are often created on the Windows platform. This has the drawback that it also has to be more open to attacks.

Unix has an entirely different setup which caters more to scripters which allows for a far safer enviroment. However nowadays the average mac user and thus unix user has no idea why they buy mac other than, "It's made for a different audience, ergo I am cool if I buy it too."

They are just different operating systems, with different goals. Or at least in basic principle, the MAC is actually moving further and further from the unix operating system in change for a more open enviroment for the general user as well.
Not because unix isn't a great system, but because they want to make more money, and there are far more average users out there than anything else.

Probably the closest OS to the original idea of unix is now the open source software Linux. Which runs on both PC and mac.
I.E. is, or was, certainly an unsafe browser, but alternative browsers have pretty much always been available. I can't speak for current incarnations of I.E. as I haven't used them.

[linuxelf]

The big problem with IE, though, is as J_A_X pointed out, it runs as part of the operating system. If you knock over Firefox, you can execute arbitrary code in the same user context as the user running Firefox. So, if you're logged in as a non-administrative user (you do log in as a non-administrative user, right people??) then it's much more difficult for an exploit do do real damage. However, if you knock over IE, you're now running the exploit code in a system context, capable of doing pretty much anything you want it to do.

The relatively small number of Mac installs (compared to Windows installs) does help shield it from attacks, but it's difficult to compare this malware with, say the downadup worm that's burning up Windows machines currently at an alarming rate. The malware mentioned above for the mac spreads by people downloading illegal copies of commercial software, and running it. It will ask for authentication to raise privileges to allow the installation, then it'll deploy its payload. The majority of Windows vulnerabilities lately affect Windows machines that are just sitting there, doing nothing wrong. The mere act of having the machine on a network is enough for it to get compromised. Until we see a widespread Mac worm that spreads like that, I have to contend that currently Macs are considerably more safe than Windows.

[Cybercat]

you do log in as a non-administrative user, right people??

I don't even *have* a non-administrative user on any of my windows computers. Nor firefox or opera. And yet, I'm still here. Odd, isn't it?

[Shluey]

The big problem with IE, though, is as J_A_X pointed out, it runs as part of the operating system. If you knock over Firefox, you can execute arbitrary code in the same user context as the user running Firefox. So, if you're logged in as a non-administrative user (you do log in as a non-administrative user, right people??) then it's much more difficult for an exploit do do real damage. However, if you knock over IE, you're now running the exploit code in a system context, capable of doing pretty much anything you want it to do.

This is not true, IE is integrated into the operating system but does not run with any sort of elevated permissions. The problem is almost everybody runs everything as an administrator. What windows needs is sudo, so that it's actually not an enourmous pain in the ass to work as a normal user. Software developers are also notorious for writing third party software that requires elevated permissions to work properly, MS cannot be blamed for that... on my vista machine I have to run many games as an admin or they don't function, how ridiculous is that?

The mere act of having the machine on a network is enough for it to get compromised. Until we see a widespread Mac worm that spreads like that, I have to contend that currently Macs are considerably more safe than Windows.

Actually the most recent stuff is caused by loading a web page in the browser (as a permissioned user, mentioned above). A good worm that gets into a windows system without user interaction hasn't come around in a long time. Look at the results of the numerous "hacker challenges" that go on. Typically OS only installs never get broken into, and systems get broken into once "commonly installed applications" are installed... and, in fact, safari is typically broken more quickly than IE in these challenges.

[J_A_X]

Well, we know who's the windows fanboy here...

[Shluey]

If calling windows an "enormous pain in the ass" makes me a fanboy I'd be curious what you'd call me when I talk about something I actually like.

[linuxelf]

I'm pretty sure that MSIE does indeed have privs higher than those of the user. This is why whenever you install a patch for MSIE you need to reboot the system. Ever notice you don't need to reboot the system when you patch Firefox? However, since I cannot immediately find documentation supporting this, I'll concede that I could be mistaken on that point.

However, you may want to look up the attack vectors of the more dangerous and quite common Microsoft worms. The big one circulating now is downadup. It exploits a vulnerability (referenced by Microsoft as MS08-067) in the RPC code. A machine sitting on a network, with no one currently logged into it, is vulnerable to infection. This is just the latest of a series of worms attacking Microsoft's RPC code.

[Shluey]

Yeah I really don't keep up with all the worms, it's just been a really long time since I've heard anybody get in a tizzy about one. Google searching that one does seem to indicated it'll pop up a "Do you want to execute this?" box under Vista, however.

[Maelgwyn]

My two cents

I personally like Macs. I dont own one but I run one from time to time.

I use Windows because I kinda have to. Otherwise my work software will no longer work. I have lost a lot of Windows boxes from malware and the like over the years. And as CC said - being vigilant can be the best deterrant for MOST problems. And a good hardware firewall. And a good software firewall.

Maelgwyn