Mac OS X security myth exposed

Techworld ^ | 24 June 2004 | Matthew Broersma, Techworld

[Bush2000]

you're an agent of Satan?

[Bush2000]

How about instead of whining about Hal9k's assertion, you provide two documented cases of affected MAC users?

Because I don't bear that burden. You certainly don't show me individual users who are supposedly affected by any of the IE exploits. But HAL has said unequivocally that these exploits haven't affected anybody: I'd say that bears a higher burden of proof. So either put up or shut up.

[Bush2000]

Let's see. WHO posted this out-of-date and self-serving article attacking other people's OS??? Hmmmmmm... the name of the poster seems to be Bush2000. Does that make YOU someone an average person would believe is "full of shite"? I leave that determination to the average reader of this thread.

People can draw their own conclusions. I'm just providing them a balanced perspectives, which really pisses you Mac zealots off because it interferes with your reality distortion field. So what. Deal with it.

I have seen NO ONE CLAIM that OSX is "bug-free".

And yet you relentlessly bash Windows for security exploits and downplay the severity of bugs in OSX. If you and HAL were the sole arbiters of information about Windows, the average user here on FR would get the impression that Macs are bug-free.

Now, exactly WHERE ARE THE EXPLOITS???

Read this article -- then go to Secunia. The Mac exploits are very real and, as the article states, OS X had the highest percentage of critical vulnerabilities. Try spinning that away, fan boy.

[Bush2000]

Yet you use "they patched that" as a defense when Microsoft has its weekly exploit.

Clue phone for you: IE isn't the Windows kernel. Stop calling "app bugs" as "OS bugs".

[Bush2000]

I suspect that for most Mac users, they are the same thing.

Well, since you don't speak for "most Mac users", I'll file your comments under "anecdotal BS".

Why? Because (A) my mother-in-law, who is by no means computer savvy, told me that she's just been patching the iMac I left with her whenever it asks her to, which is within a week of any patch becoming available

Windows Auto Update, anybody?

...and (B) Mac users don't fear Apple's patches the way Windows users fear Microsoft's patches. They just clock "OK" and install it without worry. I applied the recommended Windows 2000 patches to my work desktop and the IT guy not only looked at me like I was insane but suggested that I don't do that in the future and don't use any patch until it's been well tested by other first adopters.

The IT guy didn't want you to install the patch because he's not sure of the impact on your company's applications -- and they like to move all of the company's platforms at once, not dribble them in or have people applying their own patches. Apple doesn't have that burden because companies simply don't use Macs.

[antiRepublicrat]

Clue phone for you: IE isn't the Windows kernel. Stop calling "app bugs" as "OS bugs".

Last I remember, Microsoft was stating under oath that IE functionality is an integral part of the Windows operating system.

[cyborg]

*lol*

[HAL9000]

Read this article -- then go to Secunia.

No thanks. You'll just have to keep Sucenia yourself.

[Question_Assumptions]

Well, since you don't speak for "most Mac users", I'll file your comments under "anecdotal BS".

Oh, and you do? So it's OK for you to support your opinions on unproven assertions but not anyone else, right? How do you know that most Macs aren't patched? Your assumption is one step below "anecdotal BS". It's called, "I'm going to assume reality supports my position without any evidence."

Windows Auto Update, anybody?

Yes. I tried using that at work and had the IT person tell me not to. And, no, he wasn't concerned about our standardized platform (we're too small to have one) nor was he concerned about the impact on my company's applications (we don't have any custom applications). He was worried that it would screw up the standard Microsoft suite of applications. Next?

The IT guy didn't want you to install the patch because he's not sure of the impact on your company's applications -- and they like to move all of the company's platforms at once, not dribble them in or have people applying their own patches. Apple doesn't have that burden because companies simply don't use Macs.

Apple doesn't have that burden because Apple doesn't have that problem. Like I said, Windows trains its users well to assume that if Windows has a certain problem, everyone else must, too.

[Bush2000]

You had to search long and hard for this piece of crap article.... It made me laugh.

CC, this article is hardly a "piece of crap". It's merely stating conclusions by Secunia -- and, if you consider Secunia to be a "piece of crap", you need an attitude adjustment. Secunia is one of the most highly regarded security organizations in the industry.

[zeugma]

Your excuses are truely pathetic. I'm still getting hit hourly by windows boxes that have been compromized by various worms. It has been demonstrated many times that an unpatched windows box will last less than half an hour on the net intact because of all the zombies out there continually trying to infect their neighbors.

I've yet to see a single example of a MAC worm that affects OS X in the wild.

I can understand why you wouldn't want to respond to this though given the abysmal results windows has shown in protecting their users thus far.

I don't even use OSX, but I recognise that they've done a really good job of protecting their users from malicious folks on the internet.

[Bush2000]

Oh, and you do?

No, and I never claimed to. What I said is that providing a patch doesn't equate to that patch being applied on all affected boxes.

How do you know that most Macs aren't patched?

Where did I say that?

Apple doesn't have that burden because Apple doesn't have that problem.

Right, companies don't use Macs. Hence... figure it out. Apple would looooooooove to have the problem of companies applying patches -- because that would mean that companies actually using Macs. But that's just a Mac bigot's pipe dream.

[Bush2000]

Last I remember, Microsoft was stating under oath that IE functionality is an integral part of the Windows operating system.

The sword cuts both ways: the court disagreed. Nice try.

[Bush2000]

Your excuses are truely pathetic. I'm still getting hit hourly by windows boxes that have been compromized by various worms. It has been demonstrated many times that an unpatched windows box will last less than half an hour on the net intact because of all the zombies out there continually trying to infect their neighbors.

So what. That's meaningless. Unpatched Mac boxes are just as readily exploited. I've yet to see a single example of a MAC worm that affects OS X in the wild.

There are practically no Macs in the wild.

[antiRepublicrat]

The sword cuts both ways: the court disagreed. Nice try.

A special master was able to remove IE from Windows 95 and 98, but Microsoft learned from that. IE in XP is inseparable from the operating system without cutting non-browsing functionality, which is why they are following the rules of the settlement by only allowing removal of the links to IE. Go to remove Windows components, click to remove IE, and you'll see that you don't save any disk space.

[antiRepublicrat]

There are practically no Macs in the wild.

14 million may be a small percentage of the 700 million or so Windows boxes out there, but it's still 14 million, a lot of boxes to be compromised. 150,000 people dying in the tsunami was only about .0025% of the world's population, so it's no big deal, right?

[antiRepublicrat]

Unpatched Mac boxes are just as readily exploited.

Not quite. Many exploits required the user to have root enabled and be running in root, and that is rarely the case in OS X.

[Bush2000]

Microsoft learned from that. IE in XP is inseparable from the operating system without cutting non-browsing functionality, which is why they are following the rules of the settlement by only allowing removal of the links to IE.

Ridiculous tripe. Go to http://www.litepc.com/ieradicator.html

[Bush2000]

14 million may be a small percentage of the 700 million or so Windows boxes out there, but it's still 14 million, a lot of boxes to be compromised. 150,000 people dying in the tsunami was only about .0025% of the world's population, so it's no big deal, right?

They're not all the same version, too. When you figure in all of the crappy old Macs that comprise that number, it's much smaller.