To: Maneesh
That's not true. I'm on CERT's mailing list for work, as well as a multistate information security initiative, and I just found 68 bulletins issued by ISAC that affected OSX in 2007 and 2008.
Granted, Mac has a much better track record, but it's not the answer to malicious code writers. OpenBSD is the answer to that, but until Theo DeRadt pulls his head from his butt and mingles with the "mere mortals", nobody's going to use his OS on any great scale.
40 posted on
03/02/2008 7:28:28 PM PST by
hiredhand
(Check my "about" page. I'm the Prophet of Doom!)
To: hiredhand
How many of those bulletins were actually for the same handful of impractically difficult exploits that are user-initiated?
75 posted on
03/02/2008 7:52:42 PM PST by
TheBattman
(LORD God, please give us a Christian Patriot with a backbone for President in 08, Amen.)
To: hiredhand; Maneesh
>
That's not true. I'm on CERT's mailing list for work, as well as a multistate information security initiative, and I just found 68 bulletins issued by ISAC that affected OSX in 2007 and 2008. Granted, Mac has a much better track record, but it's not the answer to malicious code writers. OpenBSD is the answer to that, but until Theo DeRadt pulls his head from his butt and mingles with the "mere mortals", nobody's going to use his OS on any great scale. Let me respectfully query on a few points.
I run a network of NetBSD, OSX-Server, Windows Server2003/2008, Solaris, Linux; my users have WinXP, Macs, and a couple copies of Vista. So I'd value your thoughts on the following:
- Can you please differentiate between issues affecting the operating system, as opposed to the applications running on it? That is, a vulnerability in a cross-platform app that has been ported to OSX is a fundamentally different beast than one in the underlying OS itself.
- Where is the Mac OSX malware? I'm unaware of any Mac viruses running wild. There are a small number (less than 10) laboratory curiosities created by researchers, but the only thing I've heard of released to the wild has gone nowhere.
There are 30+million Macs running OSX, almost NONE of which have any sort of 3rd-party anti-malware protection, and most users run with administrative privilege enabled.
Given that it only takes 10-20,000 machines to make a very useful botnet, how come none of the vulnerabilities listed in the 68 bulletins you mention have been exploited successfully?
- OpenBSD is wonderful (I'm a Unix-head from 1985, BTW, and use NetBSD daily), but it's really not for everyone. The only way Unix makes headway into the public userbase is hidden beneath a great GUI, as in OSX. Do you really believe the main obstacle to Unix acceptance by the popular mass of users is Theo DeRadt?
I think in Unix. If not for CygWin I'd lost my mind. My Macs run with more xterms open than GUI windows, most of the time. But I'm a Sys Admin, not Joe User.
101 posted on
03/02/2008 8:21:50 PM PST by
dayglored
(Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
To: hiredhand
OpenBSD is the answer to that,OpenBSD is pretty secure, right out of the box, but it's NOT for everyone... In fact, somewhere around here, I still have my mad-cow t-shirt! Mark
153 posted on
03/02/2008 11:14:28 PM PST by
MarkL
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson