Astronomy cast

Davoud:
Or, get a Mac.

Sam Wormley:
Some good reading for those that want to know more.

Mac OS X Malware Analysis:
http://www.sans.org/reading_room/whi...analysis_33178

Ok, but that paper starts from the false assertion that small market
share is the reason the Mac OS has never been penetrated (except by
persons who had unrestricted, physical access to the Mac). The most
famous "compromise" of a Mac was the announced wireless vulnerability,
in which the team that "discovered" the weakness had removed Apple's
802.11 hardware and replaced it with third-party hardware; in short,
even with access to the machine, they had to resort to fraud to
demonstrate a "vulnerability" in the Mac.

To say that low market share is the reason the Mac has not been
penetrated is to ignore who uses Macs. The Mac's visibility and
influence in the computer world are far out of proportion to its market
share because of high profile users. That paper is essentially saying
that hackers and malware writers have no interest in penetrating the
motion picture industry, the television industry, the Human Genome
Project, the book, magazine and newspaper publishing industries, the
National Security Apparatus, the JPL, the National Laboratories,
computer security firms, the advertising industry, the U.S. Armed
Forces, Microsoft's graphics department, the Microsoft Mac Business
Unit (about the only two units in MS that have _not_ been hacked!), or
Apple, Inc. itself. (I think it would a pretty big feather in one's cap
to change Apple's main page to read "Get the Wonderful Windows Vista,"
but sans.org would have me believe there is no one in the world who has
ever tried to do anything like that, because no one would notice. In
fact, apple.com is 10th in the list of the world's most visited web
sites. It is also the only one of the top 50 that has not been
penetrated.)

The market-share argument is specious. The fact is that Macs in
high-profile industries and government are attacked hundreds of
thousands of times per day, and have been since Macs first hit public
networks. I'm not saying that it will never happen; only that uncounted
millions of tries have failed, while we know the result with that other
OS. I defy anyone to examine the header of a spam or virus or malware
e-mail and find _one_ (is it billions that are sent every day?) that
came from a Mac.

If you have been running that other OS for 24 years on public networks
with no anti-anything software whatsoever and have never had a machine
penetrated, feel free to crow and/or flame. Otherwise, just think about
it. (Hint: the average time to penetrate an unprotected computer that
is running that other OS and that is connected to the Internet is
widely reported as 20 minutes. That does not compare favorably to 12.6
*10^6 minutes and counting for my Macs.) I've got work to do in my
Mac-based observatory
http://www.primordial-light.com/modified-pier.html and I probably
won't find time to respond to flames.

Davoud

What you might not know about Mac market sha It's close to 10
percent these days, except in laptops, where it's about 20 percent. In
high-end computers, those costing more than $1,000, it's 90 percent.

Before you compare prices, add the cost of gigabit Ethernet, FireWire
400 and 800, iPhoto, iMovie, iDVD, GarageBand, iWeb and lifetime
anti-everything subscriptions. Research Mac ROI and productivity of Mac
users vs. that other OS.

--
I agree with everything that you have said and everything that
you will say in your entire life.

usenet *at* davidillig dawt cawm

Macs are becoming less secure (for a variety of reasons- the OS is
becoming more complex, attacks using secondary apps are becoming more
widespread, there are enough of them in some environments to make them
an interesting target, Windows is getting to be a much more difficult
target, so hackers are looking wider), and Windows systems are becoming
more secure. Ultimately, I expect the two will converge somewhere, with
all systems being relatively secure, but all still having exploitable
vulnerabilities, occasionally serious.
_________________________________________________

Chris L Peterson
Cloudbait Observatory
http://www.cloudbait.com

On Sep 7, 11:34*am, Davoud wrote:

If you have been running that other OS for 24 years on public networks
with no anti-anything software whatsoever and have never had a machine
penetrated, feel free to crow and/or flame. Otherwise, just think about
it. (Hint: the average time to penetrate an unprotected computer that
is running that other OS and that is connected to the Internet is
widely reported as 20 minutes. That does not compare favorably to 12.6
*10^6 minutes and counting for my Macs.) I've got work to do in my
Mac-based observatory
http://www.primordial-light.com/modified-pier.html and I probably
won't find time to respond to flames.

Davoud

Davoud, if you are going to make a statement about the security of
Microsoft windows at least be accurate about how long an unprotected
windows based computer will remain uncompromised. The Internet Storm
center reports that the average uncompromised lifetime of a windows
computer between January 1, 2009 and September 6, 2009 is 5 minutes.
On August 31, 2009 the average survival time was UNDER ONE MINUTE.
They note this number is as HIGH AS IT IS because many ISPs
aggressively pre-filter packets to remove those with the common
malware/spyware/trojans and thus those windows computers using these
ISPs last longer than they would otherwise.

Chris, you are partly correct that as Mac-OSX and other Unix based
machines become more complex that there will be an increased risk of
attack, however, the design of WIndows is so bad that you cannot plug
all the holes. OpenBSD has had only two security holes discovered
since 1996, windows has had that many holes discovered in the last ten
minutes. Windows is just a bad joke.

Chris L Peterson wrote:
Macs are becoming less secure (for a variety of reasons- the OS is
becoming more complex,

The new version of the Mac OS, Snow Leopard, is simpler, less complex,
smaller, and more secure than the version it supplants. Installing Snow
Leopard last week added 13 GB of free space to to the HD on my15" and
11 GB to my 17" -- about twice the savings that Apple bandied about.

attacks using secondary apps are becoming more
widespread, there are enough of them in some environments to make them
an interesting target,

I wasn't aware of any successful attacks outside the lab environmentw.
I know of many successes in the labs of companies that are desperate to
sell anti-malware/anti virus utilities to Macheads. If I had to guess
where the first Mac malware/virus in the wild would come from, who
would I think of first? How would you like to be Mac marketing director
for such a company!?

Windows is getting to be a much more difficult
target,

Good one, but this is Labor Day, not April 1.

Ultimately, I expect the two will converge somewhere,

Are you saying that Apple is going to buy the maker of that other OS
and somehow fix the OS!? Seems unlikely, but who know?

with
all systems being relatively secure, but all still having exploitable
vulnerabilities, occasionally serious.

Let's see... this is the 21st century, by my count. By the time the Mac
"converges" with Windows in security terms it'll probably be the 121st
century, and I'm not taking many bets on what the world will be like at
that time. If I _had_ to guess, I would say orgcybes would be prevalent
(i.e., organism first, built-in computer second). There would be Mac
orgcybes and that-other-OS orgcybes. Mac orgcybes would need fewer
inoculations and would live longer, but that-other-OS orgcybes would
_still_ kick butt in video poker!

Davoud

--
I agree with everything that you have said and everything that
you will say in your entire life.

usenet *at* davidillig dawt cawm

On Mon, 7 Sep 2009 12:20:34 -0700 (PDT), yourmommycalled
wrote:

Chris, you are partly correct that as Mac-OSX and other Unix based
machines become more complex that there will be an increased risk of
attack, however, the design of WIndows is so bad that you cannot plug
all the holes. OpenBSD has had only two security holes discovered
since 1996, windows has had that many holes discovered in the last ten
minutes. Windows is just a bad joke.

I consider Windows XP, when properly set up, pretty near bulletproof. I
maintain a network of about 20 computers in a school setting, a handful
of computers at my home, and keep an eye on another handful for friends.
None of them use any security software at all, and none have ever had
any problems (except the school computers, until we blocked the use of
Internet Explorer a few years ago). I can't help but wonder what a
"compromised computer" means, or what its starting state was when
compromised.

The weakness in Windows isn't its design as such, but the fact that so
many people run it with high privileges and don't keep it updated.
That's a problem for sure, and it shouldn't really be one- but it's
getting better.

If you're running an up-to-date version of Windows XP or later, and know
what you're doing, you are not going to find your system compromised.
From an underlying design standpoint, I'll take Windows over any *nix
based system any day.
_________________________________________________

Chris L Peterson
Cloudbait Observatory
http://www.cloudbait.com

On Sep 7, 4:21*pm, Chris L Peterson wrote:
On Mon, 7 Sep 2009 12:20:34 -0700 (PDT), yourmommycalled

wrote:
Chris, you are partly correct that as Mac-OSX and other Unix based
machines become more complex that there will be an increased risk of
attack, however, the design of WIndows is so bad that you cannot plug
all the holes. OpenBSD has had only two security holes discovered
since 1996, windows has had that many holes discovered in the last ten
minutes. Windows is just a bad joke.

I consider Windows XP, when properly set up, pretty near bulletproof. I
maintain a network of about 20 computers in a school setting, a handful
of computers at my home, and keep an eye on another handful for friends.
None of them use any security software at all, and none have ever had
any problems (except the school computers, until we blocked the use of
Internet Explorer a few years ago). I can't help but wonder what a
"compromised computer" means, or what its starting state was when
compromised.

The weakness in Windows isn't its design as such, but the fact that so
many people run it with high privileges and don't keep it updated.
That's a problem for sure, and it shouldn't really be one- but it's
getting better.

If you're running an up-to-date version of Windows XP or later, and know
what you're doing, you are not going to find your system compromised.
From an underlying design standpoint, I'll take Windows over any *nix
based system any day.
_________________________________________________

Chris L Peterson
Cloudbait Observatoryhttp://www.cloudbait.com

On Sep 7, 4:21*pm, Chris L Peterson wrote:
On Mon, 7 Sep 2009 12:20:34 -0700 (PDT), yourmommycalled

wrote:
Chris, you are partly correct that as Mac-OSX and other Unix based
machines become more complex that there will be an increased risk of
attack, however, the design of WIndows is so bad that you cannot plug
all the holes. OpenBSD has had only two security holes discovered
since 1996, windows has had that many holes discovered in the last ten
minutes. Windows is just a bad joke.

I consider Windows XP, when properly set up, pretty near bulletproof. I
maintain a network of about 20 computers in a school setting, a handful
of computers at my home, and keep an eye on another handful for friends.
None of them use any security software at all, and none have ever had
any problems (except the school computers, until we blocked the use of
Internet Explorer a few years ago). I can't help but wonder what a
"compromised computer" means, or what its starting state was when
compromised.

The weakness in Windows isn't its design as such, but the fact that so
many people run it with high privileges and don't keep it updated.
That's a problem for sure, and it shouldn't really be one- but it's
getting better.

If you're running an up-to-date version of Windows XP or later, and know
what you're doing, you are not going to find your system compromised.
From an underlying design standpoint, I'll take Windows over any *nix
based system any day.
_________________________________________________

Chris L Peterson
Cloudbait Observatoryhttp://www.cloudbait.com

I suggest you look at www.isc.org. If windows is as bullet proof as
you claim then why even very locked down machines regularly have to be
scrubbed of cruft. If you think your machines haven't been
compromised then they are most probably spam bots. Every time a
windows "poweruser" tells me their machines are clean, a few minutes
with a network analyzer shows they are not.

On Sep 7, 4:21*pm, Chris L Peterson wrote:

If you're running an up-to-date version of Windows XP or later, and know
what you're doing, you are not going to find your system compromised.
From an underlying design standpoint, I'll take Windows over any *nix
based system any day.


Haven't spent much time looking at the internals of unix or windows
have you

"Sam Wormley" wrote in message
news:9Dgpm.41469$la3.26057@attbi_s22...
Davoud wrote:
Chris L Peterson wrote:
Macs are becoming less secure (for a variety of reasons- the OS is
becoming more complex,

The new version of the Mac OS, Snow Leopard, is simpler, less complex,
smaller, and more secure than the version it supplants. Installing Snow
Leopard last week added 13 GB of free space to to the HD on my15" and
11 GB to my 17" -- about twice the savings that Apple bandied about.

Less complex in that it doesn't have to support more than one
processor type.


attacks using secondary apps are becoming more
widespread, there are enough of them in some environments to make them
an interesting target,

I wasn't aware of any successful attacks outside the lab environmentw.

See: https://isc.sans.org/diary.html?storyid=5734
Those podcasts are drivel in Windows, Mac, or Linux

On Mon, 7 Sep 2009 16:10:42 -0700 (PDT), yourmommycalled
wrote:

Haven't spent much time looking at the internals of unix or windows
have you

Actually, I have. I develop for both. The underlying environment of
Windows provides more services, and the development tools available
under Windows are orders of magnitude better than anything that has been
created for any of the *nix operating systems.
_________________________________________________

Chris L Peterson
Cloudbait Observatory
http://www.cloudbait.com