Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Security Firm: Apple Has More Security Holes Than Microsoft
PC World ^ | 22 Jul 2010 | Preston Gralla

Posted on 07/22/2010 7:40:23 AM PDT by for-q-clinton

Here's another blow to those insist that Apple products are rock solid and unhackable: The security company Secunia reports that Apple products have more vulnerabilities than those of any other company. Oracle came in second place, with Microsoft in third.

Secunia just issued a report that covers vulnerabilities for the first half of 2010, and it's not good news for Apple. The report (which you can download here) shows that Apple last had the most vulnerabilities of all vendors in 2005, before Oracle took over the top spot. And now Apple is on top again. You can see the chart, below.

The chart shows that Apple products consistently have more vulnerabilities than do Microsoft ones.

...

However, there will certainly be one surprise for those who believe that Microsoft products are particularly vulnerable --- Secunia reports that they're not. The primary vulnerabilities on PCs are not due to Microsoft programs, but rather third-party programs, it says:

...

The report then concludes:

Users and businesses must change their perception that Microsoft products pose the largest threat in order to allocate security resources effectively. General awareness on the risk of 3rd party programs must be established.

(Excerpt) Read more at pcworld.com ...


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: apple; ilovebillgates; iwanthim; iwanthimbad; mac; microsoftfanboys; osx; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-216 next last
To: LeGrande; for-q-clinton

My, so mature with the name-calling! That’s the refuge of those who cannot substantiate their position.

I POSTED a hard link to a serious security hole, one that is open from a bone-stock Mac. Point your browser to a website and lose your personal information.

Sorry, you’re simply wrong, and proven so...


181 posted on 07/23/2010 2:11:02 AM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 168 | View Replies]

To: Swordmaker

So your sample of one user trumps that of a known and respected security researcher. Sorry, Swordmaker, your apologetics fall short. It’s been confirmed, and shown to happen. Read the link, read the comments - others confirm it as well.

Just because you might not have the problem (which I do not believe, you’re probably lying about your configuration), others do, and provably so. It’s a hole whether you like it or not.


182 posted on 07/23/2010 2:13:01 AM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 171 | View Replies]

To: Swordmaker
Now you are just exaggerating

See the link. Addresses, names, etc. are all pre-populated and exposed.

Even if the exploit were working, which it is not,

LIAR! You simply cannot admit that your precious Apple has a hole. Sorry, it's proven independently of a fanboi like you, confirmed by others, and it exists. You're lying through your teeth, but that never stopped you before...

it will not give up It will not give up numerical data, such your phone numbers, as Apple will not allow numbers because of the real possibility of grabbing social security numbers, credit card numbers, address, account numbers, phone numbers, etc.

Only if those are NUMERIC fields. If they are alphanumeric fields, then you're hosed. You know, fields that allow you to enter dashes, for example. Alphanumeric fields can be harvested.

You are such a lying cheerleader for Stevie and Apple...

183 posted on 07/23/2010 2:18:10 AM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 176 | View Replies]

To: PugetSoundSoldier
LIAR! You simply cannot admit that your precious Apple has a hole. Sorry, it's proven independently of a fanboi like you, confirmed by others, and it exists. You're lying through your teeth, but that never stopped you before...

"Liar" am I? Strange.

My teeth have nothing to do with it, Puget. It does not work on the three Macs I've tried it on. I'm going to try it on more tomorrow. I've gone to the link with the script in the article you posted and nothing is populated. Zip. Nada. Nil. Nothing. Auto-fill was turned on for all three of them.

Only if those are NUMERIC fields. If they are alphanumeric fields, then you're hosed. You know, fields that allow you to enter dashes, for example. Alphanumeric fields can be harvested.

Do you even bother to read your own linked articles, Puget? I doubt it. You usually are hoist on your own petard. This time is no different than all the others—you are hoist again—because this one, in referring to this so-called exploit, explicitly denies what you just claimed.

Fortunately any AutoFill data starting with a number, such as phone numbers or street addresses, could not be obtained because for some reason the data would not populate in the text field.

184 posted on 07/23/2010 3:05:18 AM PDT by Swordmaker (Remember, the proper pronunciation of IE is AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 183 | View Replies]

To: Swordmaker

Yes, liar. You take your example of one person and pronounce it the end-all-be-all. Liar.

This is proven, and reported to Apple. It’s been replicated - read the link. You lie, Swordmaker, continually.

As far as the fields, I read them and my statement is correct. If it’s an alphanumeric field, it can start with a letter and it can come through. You seem to think that the world starts and stops at the US border - how amazingly provincial in your thinking! Go to Asia, South America, or the EU sometime and you’ll see it’s STANDARD to start a phone number with “+” - to indicate country code.

For example, I’m sitting in the Shenzhen airport right now, in SE China, and here you would do your cell phone number like “+86 12345678901” when filling out a form. Over in HK it would be “+852 1234 5678”. In Thailand it would be “+66 123 456 7890”. See something there? All start with a CHARACTER, not a number. Oops.

You’re wrong, Swordmaker, and you’re rather myopic in your thinking, too...


185 posted on 07/23/2010 3:23:27 AM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 184 | View Replies]

To: PugetSoundSoldier; RachelFaith; antiRepublicrat
BS. You're lying about me, and it's rather tiresome. I posted a link SHOWING that Safari is losing market share, and is now 4th behind IE, Firefox, and Chrome. Prove otherwise. It's losing marketshare, plain and simple, and your protestations to the contrary are simply out-and-out wrong.

That is a flat out lie, Puget. Your post did not say that. Your post said something entirely different. . . Your post distorted and lied about the facts. Here is what you said, verbatim:

Oh, but in all honesty I should add the following disclaimer:

This latest security hole in Safari really isn't an issue since the number of users affected is rapidly diminishing as people drop Safari, even in preference for Chrome, Firefox, or IE.

Perhaps Apple is just relying upon a dying user base to make the impetus to solve this problem moot?

Your assertion was not to "market share," a percentage metric, at all but to a "rapidly diminishing" "number" of "users." You further compounded your lie into the claim that Safari had a "dying user base," with no facts to base that assertion upon! Those claims are blatant falsehoods, made up by you, on the fly, not supported at all by the "evidence" you linked to, both are demonstrably contrary to the growing-faster-than-industry Macintosh segment of the computer market where Safari is the primary browser, and completely contrary to the commentary attached to that linked article rebutting its assertions about Chrome's growth, showing far larger Safari usage from other sources than the article's limited sample indicated.

This is just more of your changing what you said to weasel out of a lie. But what you said is here for everyone to read. You twist and distort things to make them look bad for Apple. Why is that, Puget?

186 posted on 07/23/2010 4:01:03 AM PDT by Swordmaker (Remember, the proper pronunciation of IE is AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 180 | View Replies]

To: for-q-clinton

Now you’re trying to go on a tangent from a tangent. Whether the network guys like it because it screws up something is irrelevant. What is relevant is that it is an example, along with MAC filtering, of security through obscurity that is commonly accepted today.

That you do not understand the concepts of defense in depth, low-hanging fruit, and drive-by really shows you need an education on this subject.


187 posted on 07/23/2010 5:56:15 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 127 | View Replies]

To: for-q-clinton

You keep bringing up an irrelevant differentiator, trying to recategorize things, in order to keep your flawed theory alive.

Question: Does the Mac have a high-enough population to attract the efforts of malware writers, thus eliminating claims of “security by obscurity”?

Answer: Absolutely yes. Even smaller populations have attracted them.


188 posted on 07/23/2010 6:03:00 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 131 | View Replies]

To: Swordmaker
Insane. Certifiable! That only works for the first hits. Now find the REST of the hits. It DOESN'T WORK to hide hits as you were claiming”

Naaaaah.
It's you and your Applebot pals who are very well known for being statk ravingt nuts. Everyone knows how crazy Applebots are and have been for DECADES. YUour total insanity when it comes to Apple maters on FR is well kinow to everybody. It's not exacty a secret is it?
The Bush “miserable failure” gaming of Google went on for TWO YEARS!
Search Engine Land:
Google Kills Bush’s Miserable Failure Search & Other Google Bombs
Jan 25, 2007 at 11:00pm ET by Danny Sullivan

After just over two years, Google has finally defused the “Google Bomb” that has returned US President George W. Bush at the top of its results in a search on miserable failure. The move wasn’t a post-State Of The Union Address gift for Bush. Instead, it’s part of an overall algorithm change designed to stop such mass link pranks from working.”
http://searchengineland.com/google-kills-bushs-miserable-failure-search-other-google-bombs-10363

Stop lying, and while you are about it, get help.

189 posted on 07/23/2010 6:25:44 AM PDT by SmokingJoe
[ Post Reply | Private Reply | To 154 | View Replies]

To: for-q-clinton

So far you’ve claimed Apple didn’t patch the exploited vulnerabilities, FALSE. You’ve claimed Apple knew about these vulnerabilities before the contest. FALSE. You still haven’t given evidence for your claim that Miller told Apple about these 20 or so exploits he’s ready to use in future contests.

This year Windows 7 64-bit with IE8 was compromised by bypassing the security features of DEP and ASLR.
Hey, you do realize that ASLR is security through obscurity, right? It randomizes the start addresses of processes (=obscures them) to make it harder to leverage buffer overflows. Do you suggest Microsoft dump it because it’s not “real” security?


190 posted on 07/23/2010 6:31:58 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 124 | View Replies]

To: RachelFaith
It must be that those 5% Mac users are just so more advanced than the 95% PC users.

You don't even need a macbot population of 5% of computer users be nuts in order to game search engine results to push an Applebot agenda. All you need is a few thousand Applebot crazies to do it. Further, for the most part, Applebots I have met are not what I'd call exactly normal in the head. For the most part, Aploebots are funny in the head, define themselves by the Apple products they use, instead of considering the products as just just a tools to get a job done, and are inevitably viciuosly anti-Microsoft and will jump through fire to defend Steve Jobs from the most egregious behavior. A good example is the recent iPhone4 fiasco, whereby Jobs is selling a clearly defective product, and is STILL being fanatically defended by the very Applebots that he is screwing. That's as insane as you can get.

191 posted on 07/23/2010 6:35:39 AM PDT by SmokingJoe
[ Post Reply | Private Reply | To 156 | View Replies]

To: esoxmagnum; PA Engineer
I am sorry that us not using our Mac offends you in some way.

Mac/PC/whatever, if it's usable, it's a good idea to donate. Check your church, Salvation Army store, etc., for people who may need a computer but don't have enough money to buy one.

192 posted on 07/23/2010 6:45:35 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 142 | View Replies]

To: PugetSoundSoldier; for-q-clinton
I POSTED a hard link to a serious security hole, one that is open from a bone-stock Mac. Point your browser to a website and lose your personal information.

I went to http://ha.ckers.org/weird/safari_autofill.html

I went to the site and it failed at even getting my name.

Sorry, you’re simply wrong, and proven so...

Actually you are the one proven wrong, my gullible reprobate. How does it feel getting pwned by your fellow Mac haters? You have been used like a tool, I would say what kind, but I will let you guess.

I am curious. Are you a masochist?

193 posted on 07/23/2010 6:49:20 AM PDT by LeGrande (Yes, I am an agent of Satan, but my duties are largely ceremonial.)
[ Post Reply | Private Reply | To 181 | View Replies]

To: esoxmagnum
1) I like to customize our computers, upgrade them whenever this or that component is on sale from NewEgg or wherever.

PCs definitely lend themselves better to hobbyist tinkering. It's a valid reason to go PC. However, contrary to popular assumption, you can tinker and upgrade on Macs. You can even replace the hard drive on an iMac. It takes a bit more tinkering than on a PC, but it's still pretty easy to do.

2) Cost, because we build our own machines

Budget is always an important factor. If you love tinkering and fixing computers, you negate a major advantage of Macs, which is that on average you will save money by not having to pay someone to keep up your computer.

3) Software and accepted compatability. Fine, I can get an office suite for the mac, but none of my proprietary software runs very well on our mac.

Software is also a good reason to pick a specific platform. A lot of people need Macs because their software isn't there for the PC. But they have the option of also running Windows on their Mac through dual-boot or VM.

4) Forms. My forms for state and city bids are submitted in the latest excel or docs format.

Compatibility is also important, and you shouldn't have to spend any more than necessary to maintain it. OTOH, this points to a big pet peeve of mine -- open formats. The government needs to use open formats, not proprietary ones like Excel.

I have had a buddy tell me the new macs are also problematic in that regard (sharing Microsoft networks) unless you are willing to learn about Macs.

Switch Mac and PC and it still applies. But I have networked PCs, and networked Macs in a PC environment, and the Macs work just fine. In fact, some things are much easier to do on the Mac. Their zero-config networking, Bonjour, is awesome. It wasn't quite this good in the days prior to OS X, when Macs played well with each other, but nobody else.

6) I worked for years in the graphics arts field (a previous life) and Mac was the way to go.

Windows has closed that gap quite a bit. Mac is still better, but not that much better.

7) As previously mentioned, Games.

That's why I use consoles. I got tired of constantly upgrading computers to play the latest games. Now I can buy a console and know I have years of gaming ahead of me on the same unmodified box.

You see the pattern though. As you said, use what fits your needs, and PC obviously does. Unfortunately, there are too many myths and misconceptions out there about the Mac, so people too often make that needs decision based on bad information. That goes both ways too, since they don't need to be quite so scared about running Windows 7 as the record of past Windows versions would suggest.

194 posted on 07/23/2010 7:05:38 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 150 | View Replies]

To: SmokingJoe

Reminds me of the earlier days of Microsoft’s search engine, where searching for “Linux” would return mostly sites that encourage you to switch to Windows, or that showed Microsoft-paid studies of how much better Windows was. IIRC, there was about one actual Linux link on the first page of results.


195 posted on 07/23/2010 7:09:00 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 151 | View Replies]

To: antiRepublicrat
That would just prove my point that search engine results are regularly gamed by one side or the other on any sharply divisive issue. It's not exactly new is it?

196 posted on 07/23/2010 7:27:23 AM PDT by SmokingJoe
[ Post Reply | Private Reply | To 195 | View Replies]

To: SmokingJoe
That would just prove my point that search engine results are regularly gamed by one side or the other on any sharply divisive issue.

This was Microsoft itself manually ranking sites in order to steer people away from Linux. It's quite different from users trying to steer a search engine's results in a certain direction.

197 posted on 07/23/2010 7:39:47 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 196 | View Replies]

To: esoxmagnum
and I could tinker with them, build them from scratch, and get all the software I needed, I would switch.

Johnny Cash built his own Cadillac back in the 50's, or so his song went.

It is a new world, and simple content machines like the iPad, are a mystery to geeks, but older users and kids love them. Get ready for a bunch of cheap knockoffs, then you will love the iPad devices, made by, fill in the _________blank.

198 posted on 07/23/2010 9:27:21 AM PDT by itsahoot (Republican leadership got us here, only God can get us out.)
[ Post Reply | Private Reply | To 32 | View Replies]

To: dayglored

True.


199 posted on 07/23/2010 11:00:22 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 173 | View Replies]

To: antiRepublicrat

You can keep trying to talk down to me, but you are still failing that the serious security experts all laugh at your assertion that hiding the SID is any layer of security.

So keep on thinking you’re extra secure by hiding behind a hidden SID. It goes well with your belief that the mac is uncrackable.


200 posted on 07/23/2010 11:11:40 AM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 187 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 141-160161-180181-200201-216 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson