Posted on 01/03/2007 11:04:31 AM PST by newgeezer
Hackers are cowards and no way do they want every news agency in the world looking for them so justice could be served. They'll continue to hack Windows for fun or profit and maintain their pathetic obscurity.
In the case of Apple, which I know *you* are specifically referring to, I agree. AntiRepublican and HAL are constantly trying to claim many of the same benefits Apple users enjoy automoatically apply to Linux as well, you see them trying to lump the two together constantly. It doesn't work that way, OSX from Apple and Linux from Red Hat for example are completey different products, install methods, and upgrade processes. Linux, unlike Apple, rarely comes preinstalled, and often patches for Linux have to come from the original vendor, not typically being modular or directly available from 3rd parties. So in your case with regard to most Apple, I agree, but when AR tries to claim that holes aren't in a linux distribution, he is wrong as a patch for that specific distribution is often required.
I think you'd probably admit in retrospect that was a broad generality that isn't accurate or justified.
Are you talking about that ancient "Man in the middle" vulnerability that was never exploited and patched in the summer of 2002 ? Yep, you are. You called it a virus back when you frothing about N3WBI3 or I going away for 30 days. As far as I know, N3WBI3 did not lose to you. I will repeat what I told you back then.
Or perhaps it is the "Phantom Update" MITM concept created by Russell Harding... in which he postulated in 2002 that a malware COULD POSSIBLY be installed on a Mac OSX computer to spoof the SoftwareUpdate routines into connecting to a fraudulent Apple download site to further install software. Of course someone would have to install (at the ROOT level, with ROOT permissions) alterations to the SYSTEM update routines to connect to the spoofed "Apple" download site.This ancient proof-of-concept, unexploited vulnerability was addressed in Apple OSX Security Update 07-18-2002 by instituting methods to validate the connection is with Apple's website. This vulnerability does not affect any OSX after 10.2.1. - Original FR reply post.
. . .
From the Russell Harding Website:
The victim downloads a software package masquerading as a security update. In truth, it contains a backdoored copy of the Secure Shell Server Daemon, sshd. This version of sshd includes all the functions of the stock sshd, except the following: You can log in to any account on the system with the secret password "URhacked!". After logging in through this method, no logging of the connection is employed. In fact, you do not show up in the list of current users!This "Proof-of-concept" was never in the wild... and it is not a virus. It meets the definition of a "Trojan". It is neither self-replicating or self-propagating and has no vector beyond the user downloading and installing it, which requires the user to somehow download a spoofed "security update" from a non-Apple site so that the spoofed file can redirect future downloads to a non-Apple site. Right. Suuuure. Virus, your ass. - Original FR reply post.
There are other comments relating to this "challenge" but interested users can use this link to read the entire thread if they are so inclined. What it will show is that YOU are just as irritating and unreasonable now as you were then. This is the last time I will respond to your tripe on this thread. YOU are waste of time.
No, its not. However, the Windows virus came about because a Windows machine that was being used at the contract manufacturer to place the Windows software on the iPod was infected. IIRC Fewer than 2000 iPods with the virus were apparently shipped before it was caught and stomped on.
I will retract it because that is no longer the case. WindowsXP since service pack 2 has been FAR better at avoiding drive by downloads. Let's just say that for-q is an irritating *#^%*@ and using his own hyperbole against him might be slightly justifiable.
Just goes to show, nobody's perfect.
Thank you.
using his own hyperbole against him might be slightly justifiable.
Stick with the facts, they always win in the end.
And it was in the wild infecting Macs exactly when?
For all I can tell, you must have stock in antivirus companies. You take theoretical and in-the-lab exploits and FUD them up to scare everybody into thinking they're in great immediate danger.
You just perfectly described Macs.
Few people use Linux on a large scale because it sucks to manage, not the other way around.
Revisiting Largo, how is it that they run their Linux infrastructure on a staff of six, which is far fewer than is normally needed for a comparable Windows setup? Microsoft even came in and tried to woo them back to Windows, but had to admit that Windows couldn't cut it.
Office for Mac wouldn't be the top selling software for the platform if it was already complete, besides he was making a bogus claim about Linux anyway. And FYI Largo isn't a large scale, it's a small city in Florida.
I'm going to accept your response as a legitimate topic of discussion. I am not really interested in perusing hacker sites so I'll have to take your word that this is a RECENT phenomenon. I am interested in how you may have come to this conclusion however. Do hacker sites have archives which go back six years that you have diligently researched? If so, I hope that you'll find a way to share the results of your research with us at some point.
I have no argument with you about the interest of hackers in the Mac OS. In fact, you will find few if any who would disagree. We only differ on the date. You insist it is recent, I believe it is ongoing.
Your posts chide Mac users for being smug about security issues, but youve also claimed that the Mac OS is inherently more secure than Windows. You cant have it both ways. If we say the Mac is more secure, you call us smug. Worse, we have enraged the hacker community. What are we to do?
Any time that any software is going to be installed on my Mac, I have to enter an administrators password to allow the continuation. Thats simple enough isnt it? Yet yesterday, with all anti-virus software on alert, a client plugged a thumb drive into the Windows box. Once the open window was cleared, I noticed a dialog box that claimed that Windows had installed something and asked if I wanted to restart. You cant install anything on my Mac without my permission. Why can you install something on Windows without my permission? I have no idea what it was. I said no, crossed my fingers and went on with my work. Im still worried about it. That kind of stuff never happens on my Mac. Might it some day? Sure, but it hasnt happened in six years? We like that.
I used Mac anti-virus software on OS 7 and 8. I will use it again if it becomes necessary. I dont now. Not tryin to be smug.
I can't? Why not? Begging your pardon, I most certainly can, and do have it both ways. More secure doesn't mean impervious to attack, and while you will certainly get no argument from me about OS X being a more secure platform, the attitude that it cannot possibly be exploited is wrong headed. I am interested in how you may have come to this conclusion however. Do hacker sites have archives which go back six years that you have diligently researched? If so, I hope that you'll find a way to share the results of your research with us at some point.
I won't be sharing any results, and my information about the timing and nature of collaborative macking come from others in the field that have been in this game much longer than I have. I guess you'll just have to take my word for it. Or not. It matters not to me. You cant install anything on my Mac without my permission. Why can you install something on Windows without my permission?
Set up a non-administrator account, then deny permission for modifying the registry in the mandatory profile you set up to do day to day tasks on the machine and let your worries end. Windows default security is pretty light, but it's there if you want it.
That makes no sense. Acrobat wouldn't be the top-selling portable document tools if Windows were complete. See? Doesn't make sense.
And FYI Largo isn't a large scale, it's a small city in Florida.
Large enough to get a good idea of how much labor it takes to maintain a Linux network. Large enough that Microsoft took notice and sent someone to try to switch them back.
Makes perfect sense, the top selling software apps for Windows don't come from their #1 competitor. Unfortunately Microsoft probably makes as much profit off many Apples out there as Apple. Apple should have protected the "Apple Works" software and market a lot better than they did.
Large enough
Tiny, Chicago would have been a better example, you can't even score your own points.
Zealotry, Leonard. Look it up. And leave me alone.
Do you even read your stuff before you post? You did not claim PERSONAL experience. You claimed that you spoke to OTHERS who had knowledge of a NEW concerted effort in the hacker community to target the Mac. And not because they were simply malicious, but because Mac users are smug.
I have a flawed devotion to only one. I have displayed devotion in my posts to no other. Do you really believe that tossing out insults constitutes enlightened debate? You make overreaching statements, attack Mac users with silly name calling and then refuse to respond to the substance of my simple questions. What in the world do you call that?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.