Security threats Toolkit
Story: Outrage at Symantec's OS X claims
Posted by: Peter (Tuesday 22 March 2005, 8:43 PM)
And the Mac whiners come out of the wood work...
Let's discuss some terminology. A "Vulnerability" is a bug in code. It could be used by an outsider to crash an important system. It could be used by an outsider to execute code. It could be used by an outsider to gain access to files on the system. It depends on the vulnerability and this is why vulnerabilities are usually ranked based upon what could be done.
Yes, Mac OS X has vulnerabilities. That's why Apple sends out those "Security Updates" every month or so. Some of the stuff in these security updates are fixes for open source code that Apple includes with Mac OS X, such as the Apache web server. Some of it is for Apple's own code, such as QuickTime, ColorSync, and AFP (to name three from last year).
To draw an analogy, a vulnerability is like an unlocked door to your house. Just because you leave the door unlocked to your house does not mean you will be burgled. At least in my neighborhood, it's not like there's some villain who comes around to my house everyday and checks to see if I've left a door unlocked. But if one did, he could clean out my house.
An "exploit" is code that takes advantage of a vulnerability. Some of these are "proof of concept" things which are developed by security firms, such as Symantec, to demonstrate the problem. Yes, I've seen a an exploit for Mac OS X running around the web. They don't do anything nasty, they're more to show that it can be done. IT Professionals will sometimes use these exploits to determine whether whatever safeguards they put in place solve the problem.
To draw on the above analogy, it's sort of the equivalent of a person walking through your front door and leaving you a note to remind you to lock your door.
So, yes, there were easily 37 vulnerabilities found in Mac OS X last year. Think of it this way: there were probably at least 12 updates last year (one per month) and each one easily patched 3 things. That's 36 right there.
The only exploit I saw was the one for AFP. That said, I don't devote lots of time, effort, or energy to looking for them. There may have been some others. But I would bet that I could count the number of exploits on both hands.
How an exploit becomes a virus/trojan/whatever usually comes about from some malicious person finding the exploit code and taking advantage of it. I have never seen that and that's what Mac users crow about. There are a bunch of good reasons for this, including better security in Mac OS X as well as the marketshare myth.
Full Talkback thread
Story: Outrage at Symantec's OS X claims
-
This is inline with ISS reporting a vulnerability... Anonymous -
I just tested my Mac with Symantec's own onli... Wilfred Hildonen -
We have had a very involved and expensive security... Anonymous
-
When liars try to cover their asses they write art... Anonymous
-
And the Mac whiners come out of the wood work... Peter -
THE SKY IS FALLING!!!!!
By my Super Hard Hats at a... pHHHHHHtowindozs
-
"People should not be scared, but they should make... Anonymous
-
What I really would like to know from Symatec is,... Anonymous
-
Since the Mac installed base is significantly... Anonymous
-
I think that Symantec is correct. The user base fo... Jay Weiss
-
Symatec have also stated that due to the incr... Anonymous
-
No OS is 100% secure!
Obviously with a Window... Matty C.
-
There has been linkage (in the security industry)... B. Smith
-
All these sayings about the fact that MacOSX has n... Anonymous
-
The next time somebody who is in the business... David Alan Gregory
-
As the Mac becomes more popular it will become a t... Anonymous
-
well itīs quite obvious that the threats to the OS... Juan Eduardo De Magalhaes-Calvet
-
I use both Windows and Mac OS X, Mac OS X being my... Bob Kerstetter
-
These people must serously be retarded. It would t... bob
Back to: Outrage at Symantec's OS X claims
