Posted on 08/21/2005 5:35:07 PM PDT by bizzyblog
Of course not, that's not an authorized reseller, and security patches aren't still being released like they are for Windows 2000.
If you had any sense, you'd realize you lost this argument a month ago when you first started it. Like I said, IF.
Hey! For-Q! How about my challenge? (For those of you just tuning in, For-Q is a member of a supremacist cult known as The Windowsians. For the most part they are harmless, but their passive-aggressive nature compels them to desire world domination through lies, innuendo, and obfuscation, all the while denying their true motives. For-Q has been challenged to apologize for his smug and condescending comments on this very forum. The stakes are high as For-Q tries to ignore his way out this challenge. Two months of exile in which he must don a ball cap announcing his wicked behavior. Let's see how he's doing.) I understand you've located, The Doomsday Virus. (In an amazing turn of events, For-Q had played a card no one actually knew existed, The Doomsday Virus. This was no ordinary virus, for The Doomsday Virus possesses the power to eliminate an entire race of humanoids known as, The Mac Heads. Coy For-Q began to hedge. Yes he possessed The Virus; no it was a link to The Virus; wait, a link to a story about the virus. Ah, a simple story about The Virus. Can we believe For-Q? Has he simply hidden The Virus away to be used at another, more opportune time? We know The Virus still exists, but where will it surface next? Will For-Q be able to control The Virus or will it spread maliciously from its intended to the world of The Bill, the world of...The Windowsians.)
Linux loonie n3wbie is the world record holder for lies, he's fired off several in this one thread alone. Check his history for tons more, you won't have to go far.
ROTFLMAO... now we get down to it. In exactly what way is a "Man in the Middle" spoof a virus? How is it self propagating or self-replicating?
IS IT A VIRUS?
No, it isn't; it is a spoofed server.
IS IT AN EXPLOIT?
No. No example of this occuring to any OS X user has been reported.
This DHCP vulnerability that was fixed 12/19/2003 and never exploited! Of course this one cannot install applications (including malware) on the client unless the client is operating in ROOT... which is turned off by default in the OSX distribution. It can mine data.
Incidentally, the malicious server has to be on the LOCAL network... it didn't work over the internet.
Or perhaps it is the "Phantom Update" MITM concept created by Russell Harding... in which he postulated in 2002 that a malware COULD POSSIBLY be installed on a Mac OSX computer to spoof the SoftwareUpdate routines into connecting to a fraudulent Apple download site to further install software. Of course someone would have to install (at the ROOT level, with ROOT permissions) alterations to the SYSTEM update routines to connect to the spoofed "Apple" download site.
This ancient proof-of-concept, unexploited vulnerability was addressed in Apple OSX Security Update 07-18-2002 by instituting methods to validate the connection is with Apple's website. This vulnerability does not affect any OSX after 10.2.1.
Security Update 7-18-02 (2002-07-18)
Software Update: Contains Software Update client 1.4.7 which adds cryptographic signature verification to the softwareupdate command line tool. This provides an additional means to perform software updates in a secure manner, along with the existing Software Update capability contained in System Preferences.
It was shortly after this that someone spoofed Microsoft's Windows Update website...
BWAAAAHAAAAAAHAAAAA!
I guess I could say the same about OS 9. Why do I have to upgrade to OS X for support?
Is that something like Interior Decorators and Hairdressers?
GE you need to ignore Leonard. He's smoking crack and just making up stuff that no one has ever said on this thread. It's annoying, but what the heck it's a public forum so you get those types.
Wow you finally foudn it, but now you change your tune. Now it's ok if the exploit if fixed before it's ever exploited. But for M$ that doesn't count. Go back to our very first posts where I called you out on this circular logic.
Right, Suuuure.
From the Russell Harding Website:
The victim downloads a software package masquerading as a security update. In truth, it contains a backdoored copy of the Secure Shell Server Daemon, sshd. This version of sshd includes all the functions of the stock sshd, except the following: You can log in to any account on the system with the secret password "URhacked!". After logging in through this method, no logging of the connection is employed. In fact, you do not show up in the list of current users!This "Proof-of-concept" was never in the wild... and it is not a virus. It meets the definition of a "Trojan". It is neither self-replicating or self-propagating and has no vector beyond the user downloading and installing it, which requires the user to somehow download a spoofed "security update" from a non-Apple site so that the spoofed file can redirect future downloads to a non-Apple site. Right. Suuuure. Virus, your ass.
Apple has since fixed the issue; however, it does exist with a build of OS X that is/was in the wild.
Apple has since fixed the issue that allowed the 113 virus variations that infected the previous OS as well... it released OS X. In this instance Apple released an update to OSX.2.1. And so what if the OSX build was in the wild... that is NOT the criterion for a virus.
Great popcorn thread...
Do you understand how it works? The user just goes to update his Mac and unknown to him he's installing a malicious update. That isn't anytthing special--unless you consider updating your computer a special operation.
As the person who maintains and pings the Mac Ping list, I have posted more information about the vulnerabilities and potential exploits of OS X than any other person on Freerepublic.
I challenge you to show where I have used the word "impossible" in reference to the topic at hand in ANY post of mine about the Macintosh.
It is your inability to read and comprehend what you read that leads you to your erroneous conclusions.
Finally, For-q, my Freeper name is "Swordmaker", thank you, not "Swordswallower".
I beginning to think you are a reincarnation of a previously banned person who used the same brand of ad hominem when he could not argue with facts. He also made specious demands for "bets" on areas he claimed expertise... for example he posted similar demands and called me the same name when I challenged his assertion "as an expert" that there was no iron in stainless steel. Incidentally, he got banned over that kind of activity.
Because OS9 is no longer supported who is saying it was?
RW, haven't we gone around the barn on this before? Aren't you still using OS9 at work? Maybe that was another freeper.
In any case, OSX has the Dock... which shows every open application... and Command-Tab will bring up a taskbar with all tasks which you can tab through... Since OSX Panther it has Expose' which is far better than any task bar. F9 displays all windows currently active in thumbnails and allows you to click on your choice to change focus and bring it to the front. F10 does the same thing for all open windows in the currently focussed application. F11 Clears all programs from the screen to reveal the desktop to access Finder.
OS9 had the Task Menu item on the menu bar at the right that allowed changing focus to all running apps... or hiding specific tasks. All very quick and very intuitive. Since I use all three platforms, I can tell you that the Apple method is far easier to find a specific windows than is the Windows approach.
As for speed of opening windows, I have 15 applications running right now... new windows open instantaneously.
Might I suggest that your Macintosh experience is extremely dated?
>> dollars poorer in security software subcriptions and Rube-Goldberg security layers<<
Never spent a dime on security, and my desktop and server systems are just as, if not more, secure than your's.
It doesn't have a vector... it requires the user to download an app that will do a modification to the Syystem and install and run it. Even installing updates requires an Administrator Name and Password. At worst it is a trojan, not a virus. After the trojan is run, it then becomes a hack. Nope, not a virus.
Besides, it was never in the wild.
I love my Mac, and there is no reason that I would switch to PC.
You keep elevating your level of ignorance about the Mac...
I'm a 20-year Mac user, and I don't plan to switch either (except when forced to use someone else's PC at another company).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.