Another argument ..
.. to use OpenOffice/LibreOffice instead of Microsoft's idea of *cough* productivity *cough*..
A security hole in Microsoft Office for Mac OS X is being exploited to hack and spy on Asian activists at odds with the Chinese government. In the past few days, spear-phishing emails - highly targeted booby-trapped messages - were sent to Apple users in the Uyghur community, which is an ethnic group of people mostly (but not …
Or another argument to patch software more frequently than once every 3 1/2 years.
There is a buoyant market in zero days - it makes patching important, but not the all out protection against malware. Avoiding Microsoft and Adobe products, however, appears to be a good step to take..
My apologies if that makes it appear I agree with Eadon :)
It's not about being immune, it's about being less vulnerable due to having diversity...
If there's a monoculture then you know exactly what software your targets will be running, and what vulnerabilities that software has.
Diversity is the main reason that drive by attacks against browsers have started targeting ubiquitous plugins (java, flash etc) rather than the browsers themselves.
Joe Montana - that is incorrect because it implies that security by obscurity works. It does not.
On what planet does diversity equal security through obscurity? Joe is correct: a diverse systems base means you cannot create a domino effect, the primary reasons especially larger companies don't have them is because it requires diverse knowledge bases to maintain. So, good from a security and anti-vendor lock in point of view, complicated from an operational point of view.
The ONLY way to be safe from attacks is to have a secure system in the first place, and one that is accountable - i.e. you can check the source code - ie open source.
BS. There are plenty other ways to secure an environment, it depends on what you determine the risk to be. The problem with a complex, very secure system is that it takes a lot of work to manage. Be honest: how many people do you know yourself who adjust SE Linux as tight as it can go - actually, step back and ask first who CAN? How many people go for process precision in their firewall rules per box?
In addition, having the source cade makes it POSSIBLE to review security, it does not imply by default that a product is actually secure. "Many eyes" is a nice idea, but it's by no stretch a guarantee.
A Mac can become infected, if the user messes up and puts something from Microsoft on it. (The story proves that)
Getting close to buying my first Mac as Microsoft is rapidly becoming the McDonald's of the computer world. Trying to do so many things, they can't do a single thing right.
An OS vulnerability is different to an application vulnerability.
Most OSes tend to attempt to stop bad things being installed or executed. But if the hack is via some tool you already have installed then how on earth is the OS going to guard against it?
All software has bugs, lots of software does too.
"Most OSes tend to attempt to stop bad things being installed or executed. But if the hack is via some tool you already have installed then how on earth is the OS going to guard against it?"
Why would an OS allow an application like MS Office the privilege escalation necessary to install some remote control/spying software?
Not really fair.
Much of the vulnerabilities in Windows were due to a culture of providing lots of features and power to software developers. But at the same time not thinking about how to restrict this power to those who would misuse it.
ActiveX in the browser, active desktops and so on.
OSX having been built on top of a Unix underpinning has had the security model escalation there from day one.
I'll give you that one. Though I have never used Mac OS X so can't speak for its security model I have spent quite a lot of time using BSD and can't argue that it was way ahead of Windows (and even Linux, at least up to a few years ago) when it came to security.
That said the Mac OS X and Unix (This was originally a Unix backdoor) security methods didn't seem to help in this instance, that may be more down to user error though.
It may be worth pointing out that the OSX platform wasn't the issue - it was the mistake of installing Microsoft products on it. That proves conclusively that the virus problems on Windows are a Microsoft problem - the moment you port something from that environment on another platform you introduce the same risks there. I'm pretty sure that if there was an MS Office for Linux you'd have the problem there too.
In general, it's fairly easy to keep a Mac clean: no Microsoft, no Adobe and keep a lid on online Java use.
Now, try to keep a Windows box clean without taking it offline altogether..
Biting the hand that feeds IT © 1998–2019