Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

Three Reasons (At Least) Why Mac Users Need to Cool the Smugness and Condescension
BizzyBlog ^ | August 21, 2005 | BizzyBlog

Posted on 08/21/2005 5:35:07 PM PDT by bizzyblog

As a 20-year Macintosh user going back to when the machines didn't even have hard drives, I confess to being a big fan of Apple and the Mac OS.

I also confess to being a nearly-insufferable Mac evangelist (some would say "delete 'nearly'") until about seven years ago, when, as a result of Windows 98, the differences between Windows and the Mac as a platform for the average user became so small that they didn't matter. Those differences remain small, despite the exceptionally cool advances in the Mac OS through Jaguar, Panther, and Tiger.

(snip)

Also cooling my ardor for the Mac is the remarkable air of condescension still present in "the Mac community," which is pretty amazing considering Apple's puny market share. I believe that the attitudes of too many current Mac users prevent a lot of those who might consider ditching Windows from doing so, simply because they don't want to be seen as joining what has almost become a cult (some would say "delete 'almost'").

So, in the interest of knocking Mac users down a peg or two, I offer three reasons, based on news of the past week or so, that we in "the Mac community" should cool it on the arrogance. At the same time, I'll knock down three myths about the Mac and its users (bolds are mine in all three reasons).

REASON 1--Exploding the myth that Mac users are so much more civilized than the rabble who use PCs:

Seventeen injured during used laptop sale

(Excerpt) Read more at bizzyblog.com ...


TOPICS: Computers/Internet
KEYWORDS: anythingforhits; apple; arrogance; community; cult; getmetraffic; helloanybodyhome; laptop; lookatme; mac; macintosh; patch; security; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 181-200201-220221-240241-247 last
To: for-q-clinton
Actually ALL Macs will be able to download the trojan IF any computer on the network is spoofing the Apple download site.

No, For-q, that is where you are wrong... if that were the case, there would be no need for the "victim software package" to change the System files.

This is just not a case of a spoofed server on the network as the DHCP vulnerability was... it requires a change in ROOT level system files to force the victim machine to connect to the spoofed server instead of the secure Apple server.

241 posted on 08/25/2005 5:17:32 PM PDT by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 239 | View Replies]

To: Swordmaker

Did you even read the link? Here's a snippet from the web page describing the exploit. Any further denials on your part will need to go ignored as you obviously haven't read the site or don't understand it and I can't explain it any better than I have already done numerous times.

Maybe one of your Mac buddies will say it so you can understand. Or ask someone else that has participated on this thread to explain it to you.

Normal Operation:

When SoftwareUpdate runs (weekly by default), it connects via HTTP to swscan.apple.com and sends a simple "GET" request for /scanningpoints/ scanningpointX.xml. This returns a list of software and current versions for OS X to check. After the check, OS X sends a list of it's currently installed software to /WebObjects/SoftwareUpdatesServer at swquery.apple.com via a HTTP POST. If new software is available, the SoftwareUpdatesServer responds with the location of the software, size, and a brief description. If not, the server sends a blank page with the comment "No Updates"

Impersonating the Server:

As you can see, with no authentication, it is trivial to impersonate the Apple servers. The software provides two programs useful in impersonating the server, arpspoof and dnsspoof. Dnsspoof, written by Dug Song, has been customized for carrying out this attack. To run it, simply open up the terminal, and type "sudo dnsspoof &" It will begin listening for DNS queries for swscan/swquery.apple.com. when it recieves them, it will reply with spoofed packets re-routing them to your computer. Arpspoof is needed for carrying out this attack on a switched network. For usage, and information on arp spoofing read Sean Whalen's Introduction to ARP Spoofing.


242 posted on 08/25/2005 5:21:38 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 241 | View Replies]

To: Swordmaker; antiRepublicrat; N3WBI3; Question_Assumptions
Swordmaker is having an issue understanding the exploit at this link. I've been unable to explain it (I guess I'm not a good teacher). Can one of you try to explain it if you have some free time?

The main issue I'm having a hard time explaining is that nothing has to be installed to execute this exploit. The only thing required is for the user to launch the apple updates (which can automagically happen). The user will think he's installing an approved update.

http://www.cunap.com/~hardingr/projects/osx/exploit.html

243 posted on 08/25/2005 5:28:19 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 241 | View Replies]

To: for-q-clinton
For-q-clinton,

Regardless of this vulnerability, the point should be made that OSX is based on open source programing, This and several other vulnerabilities were discovered by people who work on open source programing to improve it. That is what Russell was doing. He found a vulnerability, notified Apple, and it was closed very shortly thereafter by requiring authentication from the server.

At worst, this was an unexploited spoofed server vulnerability... exactly the same type attack that brought down Microsoft's update websites for several days to be security hardened about two years ago. This is a minor blip in the open source development process that results in safer, more secure code.

Apple did something stupid with their automatic downloading of Widgets in OSX.4.0 (thie boo-boo merely automatically downloaded new Widgets to the Widget directory of the Library... still couldn't install them, the user still had to do that)... which they quickly fixed in less than five days after 4.0's release in OSX.4.1. I personally found, reported and was credited for finding a security hole in Tiger's initial release that was also fixed in OSX.4.1 having to do with Spotlight's search routines returning hits in other user's supposedly secure files. None of this has been hidden because it is open source.

In my first reply to this thread I pointed out that we Mac users are aware one should not update the OS until at least the .1 revision of any major release, yet you claimed I have been touting Apple's "perfection". I suggest you re-read everyone of my comments and see if I, anywhere, even suggested that... you won't find it.

You've claimed that I have said a virus is "impossible" but you won't find that statement from me anywhere on this thread or on FreeRepublic, because I never said it. Instead I told you that on a scale of 1 to 10, writing a Mac virus is a 9... that is not impossible, just very difficult. Experts in the field have pointed out that it takes a much higher degree of sophistication to write a virus for any flavor of Unix than it does for Windows. This is published opinions of people who would be qualified to testify in court as expert witnesses, not just my unsupported opinion.

244 posted on 08/25/2005 6:58:52 PM PDT by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 243 | View Replies]

To: for-q-clinton
http://www.cunap.com/~hardingr/projects/osx/exploit.html

According to the first paragraph in the article - "This problem has been addressed in Security Update 7-18-02. Security Update 7-18-02 delivers a more secure Software Update service, as well as an updated Software Update command line tool, to verify that future updates originate from Apple."

Mac Software Updates have been cryptographically signed for over three years. There are zero reports of anyone in the real world being affected by the vulnerability during its brief existence.

245 posted on 08/25/2005 9:31:26 PM PDT by HAL9000 (Get a Mac - The Ultimate FReeping Machine)
[ Post Reply | Private Reply | To 243 | View Replies]

To: for-q-clinton; Swordmaker
The main issue I'm having a hard time explaining is that nothing has to be installed to execute this exploit.

It is a dangerous exploit, but one that can only theoretically be turned into a virus. If one existed, a user wouldn't have to allow any unusual programs to run (it slides in with the user approving an update), so I'd call it a virus. But even then the spread of the virus would be limited to the local network. It would require another breach of network security and individual attacker effort to be put on any other network.

In any case, if I'd thought of it, under my list of possible bet terms I'd have put "Scope of replicability: Internet-wide," which would have disqualified this as a virus according to the bet.

Of course, we're all talking theoretical. It hasn't been done and isn't in the wild, thus proving Swordmaker's point.

246 posted on 08/26/2005 6:44:59 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 243 | View Replies]

To: Swordmaker
According to Microsoft, Internet Explorer IS an integral part of the OS...

Since when did you care or believe what MS says? The courts ruled that IE is "bolted on" to the OS. It ain't "integrated".
247 posted on 08/26/2005 6:16:55 PM PDT by Bush2000 (Linux -- You Get What You Pay For ... (tm)
[ Post Reply | Private Reply | To 40 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 181-200201-220221-240241-247 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson