Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Renepo worm targets Mac OS X users, Sophos reports


On 26 Oct, 2004, at 10:45, Bruce Toback wrote:

[...] Most of the security features have been added on -- and certainly all the hardening has been added on, and all of the security-consciousness. Such security as there was in the original Unix was designed mostly to prevent accidental data loss. [...]

It is interesting that so many think of security only in terms of firewalls, strong encryption, chroot jails, et cetera. We are quick to forget the simple things such as file and process permissions and account rights which prevent users from destroying each other's data and viruses from infecting critical OS files (as in the case in Windows).

The first worm that spread over the Internet was a Unix worm, in 1986 -- using a text editor that ran with super-user privileges. I've had one of our Linux systems penetrated successfully -- caught a few minutes after the penetration, so I got to watch the result on a network monitor. The fun part was calling the guy's ISP while the attack was in progress, and actually getting a Unix admin who could work with me to roll the guy up. But it was a Unix attack, not a Windows attack.

Right. Again, a worm is not a virus. Your Linux box was not infected with a virus; you were hacked. (Nice work nabbing the attacker though.)

Any of the social-engineering techniques that work to spread email worms on PCs will work on Macs, and probably better, since the Mac community hasn't been repeatedly challenged with such techniques. An email worm doesn't need admin privileges to spread. [...]

Okay, I will stop now, since this has simply become a squabble over semantics. In my first message I simply disagreed with a proposition that it is inevitable that OS X will be plagued with viruses. I should not have to defend that statement against arguments posed about every possible type of system and network security.

The fact is that there are no know viruses on the Mac OS X platform. That statement is a fact. To call this script (opener)--which must be installed, knowingly or unknowingly, by an administrative user--a virus is factually incorrect. Yes, OS X has and will be effected by bugs and security holes (every operating system is), but I contend that it will be a very long time before a true virus will make its way onto the platform.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden
References: 
 >Re: Renepo worm targets Mac OS X users, Sophos reports (From: David Schultz <email@hidden>)
 >Re: Renepo worm targets Mac OS X users, Sophos reports (From: email@hidden)
 >Re: Renepo worm targets Mac OS X users, Sophos reports (From: Bruce Toback <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.