Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Security Firm: Apple Has More Security Holes Than Microsoft
PC World ^ | 22 Jul 2010 | Preston Gralla

Posted on 07/22/2010 7:40:23 AM PDT by for-q-clinton

Here's another blow to those insist that Apple products are rock solid and unhackable: The security company Secunia reports that Apple products have more vulnerabilities than those of any other company. Oracle came in second place, with Microsoft in third.

Secunia just issued a report that covers vulnerabilities for the first half of 2010, and it's not good news for Apple. The report (which you can download here) shows that Apple last had the most vulnerabilities of all vendors in 2005, before Oracle took over the top spot. And now Apple is on top again. You can see the chart, below.

The chart shows that Apple products consistently have more vulnerabilities than do Microsoft ones.

...

However, there will certainly be one surprise for those who believe that Microsoft products are particularly vulnerable --- Secunia reports that they're not. The primary vulnerabilities on PCs are not due to Microsoft programs, but rather third-party programs, it says:

...

The report then concludes:

Users and businesses must change their perception that Microsoft products pose the largest threat in order to allocate security resources effectively. General awareness on the risk of 3rd party programs must be established.

(Excerpt) Read more at pcworld.com ...


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: apple; ilovebillgates; iwanthim; iwanthimbad; mac; microsoftfanboys; osx; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 201-216 next last
To: for-q-clinton
Actually you are the one that used obscurity in first.

I used the word obscure. I did not misuse the security concept known as "security through obscurity" as you did. I know the anti-Mac crowd does misuse it in this way, as this isn't the first time I've had to smack down this false claim.

In any case, your use of the concept was incorrect, whatever word was used. Minority doesn't necessarily mean safer, and obscurity is used in valid ways in security. Nobody would laugh as you claim.

101 posted on 07/22/2010 1:21:58 PM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 87 | View Replies]

To: max americana
Ive been hearing from Mac Freepers all these years that Apple is God’s machine

Maybe not God but certainly to those to whom He loans talent.


102 posted on 07/22/2010 1:22:47 PM PDT by Tribune7 (The Democrat Party is not a political organization but a religious cult.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: for-q-clinton; LoneStarGI

What color is a sky on your world?

The old Apple is too small to be noticed by hackers is a BUSTED MYTH.

Because Apple is the 200% larger than Android in the smartphone OS and as we all know, ZERO viruses on iPhone and THOUSANDS for Android. This was a thread 2 weeks ago beaten to death. And here we go again.

If PC and PC phones are better and safer than Apple products why do ALL the PC products have and NEED antivirus and why are there 10s of thousands of known actual real world working viruses for them and ZERO, ABSOLUTELY NONE for Apple?

Size... yeah... Well, iOS has been out now for 4 years and STILL ZERO while closing in on the #1 spot! So Size of market is meaningless.

Now, this won’t stop the FUD... you will post another article JUST LIKE THIS next week, after this one has 400 posts and you know the result?

ZERO VIRUSES NEXT WEEK....


103 posted on 07/22/2010 1:30:20 PM PDT by RachelFaith (2010 is going to be a 100 seat Tsunami - Unless the GOP Senate ruins it all...)
[ Post Reply | Private Reply | To 10 | View Replies]

To: for-q-clinton

Wow!!!! I must have dodged a bullet and won the lotto with this apparent one of a kind iMac. This is my first Mac that I have had for over 2 years. Not once has it froze and not once has it been infected.

Here is the really big surprise... Not once, as in never, have I had ANY problems with this one of a kind Mac.

Now with all that information and my nearly 3 years of complete satisfaction, I finally know that I am the only guy in the world with a perfect computer.

When I bought this thing I paid quite a bundle, but that is pocket change for what I should be able to get for it now!!!

If anyone want’s to buy the only known perfect iMac, I now have it for sale, for the quick sale price of $20,000 cash. My price is firm as this is a collectors item, the last and only one of it’s kind.

This very Mac, that is more rare than planets with known life, can be yours.

All other Mac’s suck, make you a lib and turn you into a gay... mine is the only one that is safe.

I’ll wait for your calls at 1-800- MORE B/S. Hurry, call now.... this won’t last long.


104 posted on 07/22/2010 1:44:20 PM PDT by Gator113 (God save the Republic.....)
[ Post Reply | Private Reply | To 1 | View Replies]

To: RachelFaith

You can’t fix what isn’t tested.


105 posted on 07/22/2010 1:56:13 PM PDT by BenKenobi (We cannot do everything at once, but we can do something at once. -Silent Cal)
[ Post Reply | Private Reply | To 6 | View Replies]

To: RachelFaith

LOL I can’t use a iPhone in my area because they just won’t work, until they contract with Verizon.

So, I bought an Android X 4 days ago. I immediately had to download virus protection. The phone has locked up 3 times. This first time it hung, I called the tech at the store and was told to take the battery out while it was on, wait a few seconds and put it back in. Here we go all over again.

My iMac has me spoiled.


106 posted on 07/22/2010 1:56:58 PM PDT by Gator113 (God save the Republic.....)
[ Post Reply | Private Reply | To 103 | View Replies]

To: kevkrom; for-q-clinton
Yawn. We've been over this before, but let me point out again, the number of "vulnerabilities" is a meaningless metric. It is the severity of each vulnerability and the difference between whether it is a potential or actual vulnerability that matters.

I'd agree in general; however, Apple released a patch just a few weeks ago that contained something like 35 arbitrary code execution vulnerabilities in their Safari browser. ACE holes are particularly nasty, as the hacker can end up doing anything they want. And with those holes being in Safari, it means simply browsing to a website could compromise your entire system.

107 posted on 07/22/2010 2:11:16 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 24 | View Replies]

To: for-q-clinton
Security of Mac has been proven time and time again (3 years in a row) that it was the easiest/quickest to hack and gain full access to it at the Pawn2own contest.

And we've pointed out, time and time again, three years running, backed up by statements by the winning hacker, Charlie Miller, that it was not "quickest" or "easiest," but actually took weeks of preliminary work by a world class security expert and two other ex-NSA computer security experts and was merely rapidly executed at the Pawn2Own contest because it was ready. Miller came prepared... the other hackers were not prepared with their hacks of the other platforms. Your repetition of this, in light of your "easiest/quickest" assertion after having being repeatedly disproved by links to the facts, makes your posting of it again a lie, since you cannot claim ignorance of the facts.

108 posted on 07/22/2010 2:21:37 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: for-q-clinton
Basically laughs at the idea of hiding the SID is any level of security what-so-ever.

Googled up the concept, did you? I checked, that source comes up first for "security hide ssid" in Google. I'm glad you're learning something. As I said, and as your source confirms, both can easily be bypassed by an expert. But look at more sources. Both are still commonly accepted security practice.

True, it only takes a little extra effort by an expert to bypass SSID hiding and MAC filtering. But it's a good thing to force more effort upon your attacker. It quickly eliminates those going for the low-hanging fruit in your neighborhood, or just those who are less talented. It slows drive-bys and generally makes you the least attractive target of the 10 more open WiFi networks available from that spot in your neighborhood.

A dedicated hacker with resources can quickly bypass WPA2 encryption using a rainbow table attack if you didn't change the SSID (assuming average password length). But changing the SSID only slows him down in that same scenario, as a brute force attack can still be done with GPUs. Does that mean you shouldn't change the SSID from the default? No, changing the SSID is recommended because it slows the attacker down.

Defense in depth. Learn the concept. Removing even layers you know can be bypassed still lowers your depth.

If you want to talk counter-effective security measures, think of the Club (steering wheel lock) in modern cars. The thief quickly cuts through the steering wheel with a small hack saw to take the Club off. At that point, what is the Club to him? What you just left in your car for the thief to use is a hardened-steel bar that he can use to gain great mechanical advantage against the steering wheel to break the internal steering wheel lock. The Club is actually a benefit for the thief because it saves him from having to suspiciously walk around with a long leverage bar. In this scenario, the Club actually makes your car MORE attractive to the thief and likely to get stolen.

But even that negative scenario assumes a pro is going after your car. An amateur looking for a joyride is likely to pass over your car and go for your neighbor's if you have a Club.

109 posted on 07/22/2010 2:36:49 PM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 90 | View Replies]

To: for-q-clinton
> I don’t see their Mac product. Everything appears to be targeting windows or am I not undestanding their product?

You'll see them produce a Mac product when the Mac becomes a profitable platform for the virus writers, and viruses begin to appear.

For now, they're just spreading FUD, trying to break down the common assumption that Macs don't need anti-virus software. That's a correct assumption for the time being, because it's so much harder to write a virus for the Mac. Of course the Mac has vulnerabilities, all complex software does, but it's damn difficult to EXPLOIT them, which is why the virus writers avoid the Mac as a target. It's too much hard work!

But that won't last forever -- Windows 7 is pretty damn secure, and people are migrating off the old Win2K/XP platforms. So it will eventually become harder to use Windows for the botnets and so forth.

At that point, the Mac will start to look attractive as a virus target, despite the much greater difficulty of exploiting its vulnerabilities.

And then you will see Mac anti-virus software begin to take hold. Until then, the companies have to stick mainly to Windows, because that's where the profit is. To do otherwise would be stupid business.

110 posted on 07/22/2010 2:47:45 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 98 | View Replies]

To: for-q-clinton
But but but OSX is really Unix so this can't be. /sarcasm

How about posting cases rather than acting like a hyperventilating mo.
111 posted on 07/22/2010 2:51:36 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: LeGrande
At this point I can only conclude that you are completely dishonest.

...and gay. ;-)
112 posted on 07/22/2010 2:53:02 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: LoneStarGI
Now that Macs are becoming more ‘common’ in the market place, they are getting more ‘attention’ from hackers, which is beginning to expose the security flaws in their software.

Could you post what those flaws are "in the wild"?
113 posted on 07/22/2010 2:54:20 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: for-q-clinton
Why bother when there are way more windows users. That's WHY you don't see much malware on OSX.

Why did they bother expending resources to go after ISS and SQL Server/MSDE? Why expend resources for OS 9? You're trying to redefine and move the goalposts so your theory will work, but you're left with the basic fact that hackers ARE interested not only in OS X, but have been interested in software with a far smaller target population.

I do grant that, all else being equal, a larger target population makes it likely that a larger number of hackers will go after it, and that a relatively larger number of exploits will be found and utilized to spread malware. But with over 100,000 distinct, effective bits of malware floating around for NT, I'd expect a decent number of successful OS X malware in the wild if the inherent security of the systems were the same. Yet here we are, nine years running, almost nothing.

Malware getting installed by dumb users is a lot more involved and take a lot more time to hit many users especially when you are targeting only 5% of the computer market.

The aforementioned OS 9 virus required the user to 1) put an untrusted disk in his machine without antivirus protection while knowing there were already disk-based viruses out there, and 2) leave QuickTime autorun on. In short, it required dumb users.

It's even easier to target the smaller populations these days, since spam bots can easily send out billions of links to infected sites. Most of them go to the already well worked over Windows world. Given that there's little to no cost in sending this spam, there's no good reason not to go after an UNTAPPED 50+ million machines.

114 posted on 07/22/2010 2:54:50 PM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 96 | View Replies]

To: downwdims
However if I sit with you in starbucks for 10 min i’ll flip your display 180 and be logging keystrokes or redirecting you to a phishing site.

Tell us how you would do that? In other words put up or shut up. You can claim anything you want, but the burden of proof is on you. I figured blowhards like you type would hang out at starbucks.
115 posted on 07/22/2010 2:56:20 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: for-q-clinton
I ask the same of you. Where can I go to have my win7 box taken over? It's put up or shut-up time for you.

No. You put up or shut up. You posted this unsubstantiated crap. Quit acting gay.
116 posted on 07/22/2010 2:58:34 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: for-q-clinton
I know experience has told me that all Systems are vulnerable

Ok. Share with us you experience with Apple. You know, machine type, system...or are you going to be gay and lie about it?
117 posted on 07/22/2010 3:01:58 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 21 | View Replies]

To: antiRepublicrat
Real world: There has not been one successful self-replicating pice of malware in the wild for nine years of OS X. There have been many attempts, but the best we've seen is supposedly pirated software downloaded from P2P sites that contained malware that required the user's permission to run.

Be careful. The mo types don't like it when you confuse them with the facts.
118 posted on 07/22/2010 3:03:27 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 40 | View Replies]

To: antiRepublicrat
I used the word obscure

Care to explain this Here is where the word OBSCURITY was first used by you

119 posted on 07/22/2010 3:03:36 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 101 | View Replies]

To: max americana
How is this possible...Ive been hearing from Mac Freepers all these years that Apple is God’s machine (sarc/)

Maybe because you are a troll and gay. I repeat myself.
120 posted on 07/22/2010 3:05:54 PM PDT by PA Engineer (Liberate America from the occupation media.)
[ Post Reply | Private Reply | To 28 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140 ... 201-216 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson