Man...you'd think with the obscene amount of money that Herr Gates makes that he could actually afford a decent security audit of his company's crapware.
It is obvious that you are a MS basher and that you did NOT read the article. It said no machines with SP2 (available for some months) was hacked. It also said that Linux and Mac were equally vulnerable but that they weren't directly attacked because the attackers were looking for Windows systems. Read the quotes below. YOUR MAC is vulnerable without a firewall. MORE vulnerable than XP SP2!
"Windows XP SP1 with the for-free ZoneAlarm firewall, however, as well as Windows XP SP2, fared much better. Although both configurations were probed by attackers, neither was compromised during the two weeks.
"The automated bot/worm attackers were exclusively using Windows-based attacks," said Colombano, so Mac and Linux machines are safe. For now. "[But] it would have been very vulnerable had code been written to compromise its system," he added.
That conclusion is unsupported. It doesn't say that Macs are "vulnerable", only that they weren't targeted. As far as I know there are *no* remote exploits against Mac OS X in its default configuration (which has very few ports open).
"[But] it would have been very vulnerable had code been written to compromise its system," he added.
Well yeah, but that's a meaningless statement. Any system is vulnerable if code is written to compromise it.
Having said that, everyone should have a hardware firewall regardless of OS.
"No SP2 machines were hacked"
True, but they weren't being used either. Nobody was cruising the net, reading and writing emails, or downloading any software. OSX and other unix OS's are inherently less vulnerable to attacks that come from these activities. For example, it is very difficult for even a legitimate user to gain root access under OSX, which makes system level exploits extremely difficult.
Having said that, I use an XP box for my engineering work and recently upgraded to SP2, and am very happy with it (just don't do email on it).
"The automated bot/worm attackers were exclusively using Windows-based attacks," said Colombano, so Mac and Linux machines are safe. For now. "[But] it would have been very vulnerable had code been written to compromise its system," he added.
We are now going on FOUR YEARS experience with OSX and, despite the glory that would be given in the hacker world to a hacker who penetrated the Mac's vaunted security, IT HAS NOT HAPPENED! There have been a couple of trojans that rely on tricking the user into installing them, and a couple of proofs of concept that demonstrated some security holes... but these holes were quickly closed. ONE proof of concept proved that an OSX system could be tricked into downloading and executing an executable on a disk image, That was patched very quickly and is no longer possible. ALL newly installed programs required the user to approve their first execution before they can run. Users who fell prey to the trojans could probably be counted on the fingers of two people.
Authors of studies such as this keep claiming that the Mac is "just as (or more) vulnerable as Windows", but, to date, they CANNOT and HAVE NOT shown ANY Self Propogating code that WILL compromise a Mac OSX.3 system... Until they do, I am not worried. The mere declaration that it would happen shows they are ignorant of the security built into Unix based systems... the requirement to have an administrator password to install executables. It is probably just wishful thinking.
Before OSX, there WERE viruses and worms that were written to invade the even smaller number of OS9 and lower operating systems on the Mac. They were rare, but fairly regularly, hackers would come up with a new variety. Mac users of those OSs also had to buy and use Norton AntiVirus just as Windows users have to.
There are now over 14 million OSX users... and NO VIRUSES. NO SPYWARE. NO ADWARE. NO HIJACKERS. NO WORMS.