Posted on 07/22/2010 7:40:23 AM PDT by for-q-clinton
Here's another blow to those insist that Apple products are rock solid and unhackable: The security company Secunia reports that Apple products have more vulnerabilities than those of any other company. Oracle came in second place, with Microsoft in third.
Secunia just issued a report that covers vulnerabilities for the first half of 2010, and it's not good news for Apple. The report (which you can download here) shows that Apple last had the most vulnerabilities of all vendors in 2005, before Oracle took over the top spot. And now Apple is on top again. You can see the chart, below.
The chart shows that Apple products consistently have more vulnerabilities than do Microsoft ones.
...
However, there will certainly be one surprise for those who believe that Microsoft products are particularly vulnerable --- Secunia reports that they're not. The primary vulnerabilities on PCs are not due to Microsoft programs, but rather third-party programs, it says:
...
The report then concludes:
Users and businesses must change their perception that Microsoft products pose the largest threat in order to allocate security resources effectively. General awareness on the risk of 3rd party programs must be established.
(Excerpt) Read more at pcworld.com ...
My, so mature with the name-calling! That’s the refuge of those who cannot substantiate their position.
I POSTED a hard link to a serious security hole, one that is open from a bone-stock Mac. Point your browser to a website and lose your personal information.
Sorry, you’re simply wrong, and proven so...
So your sample of one user trumps that of a known and respected security researcher. Sorry, Swordmaker, your apologetics fall short. It’s been confirmed, and shown to happen. Read the link, read the comments - others confirm it as well.
Just because you might not have the problem (which I do not believe, you’re probably lying about your configuration), others do, and provably so. It’s a hole whether you like it or not.
See the link. Addresses, names, etc. are all pre-populated and exposed.
Even if the exploit were working, which it is not,
LIAR! You simply cannot admit that your precious Apple has a hole. Sorry, it's proven independently of a fanboi like you, confirmed by others, and it exists. You're lying through your teeth, but that never stopped you before...
it will not give up It will not give up numerical data, such your phone numbers, as Apple will not allow numbers because of the real possibility of grabbing social security numbers, credit card numbers, address, account numbers, phone numbers, etc.
Only if those are NUMERIC fields. If they are alphanumeric fields, then you're hosed. You know, fields that allow you to enter dashes, for example. Alphanumeric fields can be harvested.
You are such a lying cheerleader for Stevie and Apple...
"Liar" am I? Strange.
My teeth have nothing to do with it, Puget. It does not work on the three Macs I've tried it on. I'm going to try it on more tomorrow. I've gone to the link with the script in the article you posted and nothing is populated. Zip. Nada. Nil. Nothing. Auto-fill was turned on for all three of them.
Only if those are NUMERIC fields. If they are alphanumeric fields, then you're hosed. You know, fields that allow you to enter dashes, for example. Alphanumeric fields can be harvested.
Do you even bother to read your own linked articles, Puget? I doubt it. You usually are hoist on your own petard. This time is no different than all the others—you are hoist again—because this one, in referring to this so-called exploit, explicitly denies what you just claimed.
Fortunately any AutoFill data starting with a number, such as phone numbers or street addresses, could not be obtained because for some reason the data would not populate in the text field.
Yes, liar. You take your example of one person and pronounce it the end-all-be-all. Liar.
This is proven, and reported to Apple. It’s been replicated - read the link. You lie, Swordmaker, continually.
As far as the fields, I read them and my statement is correct. If it’s an alphanumeric field, it can start with a letter and it can come through. You seem to think that the world starts and stops at the US border - how amazingly provincial in your thinking! Go to Asia, South America, or the EU sometime and you’ll see it’s STANDARD to start a phone number with “+” - to indicate country code.
For example, I’m sitting in the Shenzhen airport right now, in SE China, and here you would do your cell phone number like “+86 12345678901” when filling out a form. Over in HK it would be “+852 1234 5678”. In Thailand it would be “+66 123 456 7890”. See something there? All start with a CHARACTER, not a number. Oops.
You’re wrong, Swordmaker, and you’re rather myopic in your thinking, too...
That is a flat out lie, Puget. Your post did not say that. Your post said something entirely different. . . Your post distorted and lied about the facts. Here is what you said, verbatim:
Oh, but in all honesty I should add the following disclaimer:This latest security hole in Safari really isn't an issue since the number of users affected is rapidly diminishing as people drop Safari, even in preference for Chrome, Firefox, or IE.
Perhaps Apple is just relying upon a dying user base to make the impetus to solve this problem moot?
Your assertion was not to "market share," a percentage metric, at all but to a "rapidly diminishing" "number" of "users." You further compounded your lie into the claim that Safari had a "dying user base," with no facts to base that assertion upon! Those claims are blatant falsehoods, made up by you, on the fly, not supported at all by the "evidence" you linked to, both are demonstrably contrary to the growing-faster-than-industry Macintosh segment of the computer market where Safari is the primary browser, and completely contrary to the commentary attached to that linked article rebutting its assertions about Chrome's growth, showing far larger Safari usage from other sources than the article's limited sample indicated.
This is just more of your changing what you said to weasel out of a lie. But what you said is here for everyone to read. You twist and distort things to make them look bad for Apple. Why is that, Puget?
Now you’re trying to go on a tangent from a tangent. Whether the network guys like it because it screws up something is irrelevant. What is relevant is that it is an example, along with MAC filtering, of security through obscurity that is commonly accepted today.
That you do not understand the concepts of defense in depth, low-hanging fruit, and drive-by really shows you need an education on this subject.
You keep bringing up an irrelevant differentiator, trying to recategorize things, in order to keep your flawed theory alive.
Question: Does the Mac have a high-enough population to attract the efforts of malware writers, thus eliminating claims of “security by obscurity”?
Answer: Absolutely yes. Even smaller populations have attracted them.
Naaaaah.
It's you and your Applebot pals who are very well known for being statk ravingt nuts. Everyone knows how crazy Applebots are and have been for DECADES. YUour total insanity when it comes to Apple maters on FR is well kinow to everybody. It's not exacty a secret is it?
The Bush “miserable failure” gaming of Google went on for TWO YEARS!
Search Engine Land:
“Google Kills Bush’s Miserable Failure Search & Other Google Bombs
Jan 25, 2007 at 11:00pm ET by Danny Sullivan
After just over two years, Google has finally defused the “Google Bomb” that has returned US President George W. Bush at the top of its results in a search on miserable failure. The move wasn’t a post-State Of The Union Address gift for Bush. Instead, it’s part of an overall algorithm change designed to stop such mass link pranks from working.”
http://searchengineland.com/google-kills-bushs-miserable-failure-search-other-google-bombs-10363
Stop lying, and while you are about it, get help.
So far you’ve claimed Apple didn’t patch the exploited vulnerabilities, FALSE. You’ve claimed Apple knew about these vulnerabilities before the contest. FALSE. You still haven’t given evidence for your claim that Miller told Apple about these 20 or so exploits he’s ready to use in future contests.
This year Windows 7 64-bit with IE8 was compromised by bypassing the security features of DEP and ASLR.
Hey, you do realize that ASLR is security through obscurity, right? It randomizes the start addresses of processes (=obscures them) to make it harder to leverage buffer overflows. Do you suggest Microsoft dump it because it’s not “real” security?
You don't even need a macbot population of 5% of computer users be nuts in order to game search engine results to push an Applebot agenda. All you need is a few thousand Applebot crazies to do it. Further, for the most part, Applebots I have met are not what I'd call exactly normal in the head. For the most part, Aploebots are funny in the head, define themselves by the Apple products they use, instead of considering the products as just just a tools to get a job done, and are inevitably viciuosly anti-Microsoft and will jump through fire to defend Steve Jobs from the most egregious behavior. A good example is the recent iPhone4 fiasco, whereby Jobs is selling a clearly defective product, and is STILL being fanatically defended by the very Applebots that he is screwing. That's as insane as you can get.
Mac/PC/whatever, if it's usable, it's a good idea to donate. Check your church, Salvation Army store, etc., for people who may need a computer but don't have enough money to buy one.
I went to http://ha.ckers.org/weird/safari_autofill.html
I went to the site and it failed at even getting my name.
Sorry, you’re simply wrong, and proven so...
Actually you are the one proven wrong, my gullible reprobate. How does it feel getting pwned by your fellow Mac haters? You have been used like a tool, I would say what kind, but I will let you guess.
I am curious. Are you a masochist?
PCs definitely lend themselves better to hobbyist tinkering. It's a valid reason to go PC. However, contrary to popular assumption, you can tinker and upgrade on Macs. You can even replace the hard drive on an iMac. It takes a bit more tinkering than on a PC, but it's still pretty easy to do.
2) Cost, because we build our own machines
Budget is always an important factor. If you love tinkering and fixing computers, you negate a major advantage of Macs, which is that on average you will save money by not having to pay someone to keep up your computer.
3) Software and accepted compatability. Fine, I can get an office suite for the mac, but none of my proprietary software runs very well on our mac.
Software is also a good reason to pick a specific platform. A lot of people need Macs because their software isn't there for the PC. But they have the option of also running Windows on their Mac through dual-boot or VM.
4) Forms. My forms for state and city bids are submitted in the latest excel or docs format.
Compatibility is also important, and you shouldn't have to spend any more than necessary to maintain it. OTOH, this points to a big pet peeve of mine -- open formats. The government needs to use open formats, not proprietary ones like Excel.
I have had a buddy tell me the new macs are also problematic in that regard (sharing Microsoft networks) unless you are willing to learn about Macs.
Switch Mac and PC and it still applies. But I have networked PCs, and networked Macs in a PC environment, and the Macs work just fine. In fact, some things are much easier to do on the Mac. Their zero-config networking, Bonjour, is awesome. It wasn't quite this good in the days prior to OS X, when Macs played well with each other, but nobody else.
6) I worked for years in the graphics arts field (a previous life) and Mac was the way to go.
Windows has closed that gap quite a bit. Mac is still better, but not that much better.
7) As previously mentioned, Games.
That's why I use consoles. I got tired of constantly upgrading computers to play the latest games. Now I can buy a console and know I have years of gaming ahead of me on the same unmodified box.
You see the pattern though. As you said, use what fits your needs, and PC obviously does. Unfortunately, there are too many myths and misconceptions out there about the Mac, so people too often make that needs decision based on bad information. That goes both ways too, since they don't need to be quite so scared about running Windows 7 as the record of past Windows versions would suggest.
Reminds me of the earlier days of Microsoft’s search engine, where searching for “Linux” would return mostly sites that encourage you to switch to Windows, or that showed Microsoft-paid studies of how much better Windows was. IIRC, there was about one actual Linux link on the first page of results.
This was Microsoft itself manually ranking sites in order to steer people away from Linux. It's quite different from users trying to steer a search engine's results in a certain direction.
Johnny Cash built his own Cadillac back in the 50's, or so his song went.
It is a new world, and simple content machines like the iPad, are a mystery to geeks, but older users and kids love them. Get ready for a bunch of cheap knockoffs, then you will love the iPad devices, made by, fill in the _________blank.
True.
You can keep trying to talk down to me, but you are still failing that the serious security experts all laugh at your assertion that hiding the SID is any layer of security.
So keep on thinking you’re extra secure by hiding behind a hidden SID. It goes well with your belief that the mac is uncrackable.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.