Posted on 06/09/2010 4:02:59 PM PDT by KevinDavis
Apple has suffered another embarrassment. A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians. They—and every other buyer of the cellular-enabled tablet—could be vulnerable to spam marketing and malicious hacking.
The breach, which comes just weeks after an Apple employee lost an iPhone prototype in a bar, exposed the most exclusive email list on the planet, a collection of early-adopter iPad 3G subscribers that includes thousands of A-listers in finance, politics and media, from New York Times Co. CEO Janet Robinson to Diane Sawyer of ABC News to film mogul Harvey Weinstein to Mayor Michael Bloomberg. It even appears that White House Chief of Staff Rahm Emanuel's information was compromised.
(Excerpt) Read more at gawker.com ...
We agree then. Mac currently enjoys security by obscurity something I get blasted for saying from the macbots.
And those infested PCs are typically self inflicted wounds. Either people aren’t patching them or they are installing crap they shouldn’t (which everyone agrees is can happen to anyone).
Security by obscurity isn’t security at all though. I’m glad you admit that, but I think some of the macbots will be on here to cry over your admission.
I have never seen that. I agree with aruanan that you are projecting. To prove we are in denial will you please refer us to some examples of what you are talking about. If you can't find any now just do it the next time you see an example.
You clearly don’t have a clue as to what you’re talking about and the slammer vulnerability. And the numbers you are just making up...really defy logic.
Also since when did FREE become expensive: http://www.microsoft.com/sqlserver/2005/en/us/express.aspx
This happens all the time. Just search for windows security issues threads on the Internet and you’ll find them. It’s not hard, but personally I’m tired of proving that point. It’s kind of like trying to prove 2+2=4. Either you understand that by now or you are just being obtuse.
Apparently a low tolerance for BS, if you had read.
Like I said they had to bring .NET (WINDOWS) into this.
.NET is incidental to the main claim, which was about corprate software support. If someone is complaining about his insurance company not paying up after someone rear-ended his Mustang, that person is not complaining about Ford just because he happened to mention what was involved in his claim. He is complaining about the insurance company.
But who knows, some overly-sensitive, Ford-loving paranoid person out there may think he's complaining about Ford.
Don’t you ever wonder why, with the widespread hate from some segments of the PC community, particularly the immature PC hackers, that none of them ever target the Mac “just to show them”?
I think it is likely most of them simply aren’t smart enough to do so, or too lazy.
I also wonder, what does that say about the tens of millions of Mac users out there, many of whom are very talented and knowledgable in IT, that they apparently don’t write viruses and malware to target the Mac?
Certainly you could write something, or I could with a little effort.
If it is security through obscurity only, then I presume we would see something. Anything. But we don’t, and I have always found that interesting.
I'll write this slowly just for you: SQL Slammer hit in 2003. You referenced SQL Server 2005 Express Edition. Got it? Microsoft even tried to make it easy for you by naming products after their release year, but you didn't get it.
Before SQL Server 2005 Express Edition the free version of SQL Server was known as MSDE. MSDE, that sounds familiar. Oh yeah, that's what I referred to in my post!
Now who doesn't have a clue again?
To prove it's projection, please provide examples to the contrary,
I have provided every bit as much evidence to support my opinion as the post it was in reply to. If you want to play that game, then let's see the examples to back up your own arguments:
My 2 cents: Those who can build their won computers and write their own programs resent us who can't, or don't care to, and are willing to pay more to not have to. The fact that we also get a superior product is an additional thorn in their side. They usually respond by saying how they could have built a much better machine for much less money and call us Mac users gay for good measure.
In short, they sound like girly boys and act like liberals, and, as you say, over an inanimate object, although it does seem to come alive at times.
Please quit misuing that term. Security through obscurity does not mean a system being so unknown as to not be attacked. Interestingly, OS X relies far less on security by obscurity than does Windows. How? That's easy if you know the meaning of the term. Security through obscurity means purposely hiding portions of your system in order to gain security by the hiding itself. If the hidden means is discovered, that means of security has been bypassed. OS X is built on BSD, so much of the security of the system has already been widely published. Microsoft doesn't release the Windows source code to the public.
You are really thinking of security through minority, the effectiveness of which is quite debatable, especially in this case. 50,000,000 installed base means quite enough to not be called rare. My previous examples have shown that is more than enough systems to support a fast self-propagating worm. Apple is quite famous, so the unknown aspect doesn't apply. The first successful OS X worm or virus would make a hacker very famous, and people keep hacking the system for these contests, so the interest is definitely there. Monetary incentive is there since on average Mac owners have more disposable income than PC owners, so compromising the systems would rake in the money.
As you yourself noted, warnings of Apple's growing popularity leading to security problems have been sounded in the press for years. I'm still waiting....
Security by obscurity isn’t security at all though.
Actually, it is for an overall system. It's called defense-in-depth. You don't rely on the obscurity for all of your security, but it is nevertheless one more layer in your defense.
Note this does not apply to encryption algorithms. If you screw up your implementation in a closed-source program, the leaking of that source completely destroys your secruity. A good example would be WiFi. Don't broadcast your SSID. Sure, a decent hacker can discover it even if you don't, but it serves to up the ante a bit for the hacking of your system, thus overall increasing your security. Do you rely on it? No. But why not use it as one layer of your defense assuming you're already not using DHCP, you are using WPA2, you filter MAC addresses, and if you're corporate you have a firewall and IDS between your wireless and wired networks? Even MAC addresses can be spoofed to bypass the filtering, but again, that's just another layer.
Oh man...I was about to flame you pretty hard on that projection and come to find out it was a quote from a macbot.
Too funny.
Take it up with the guy that was agreeing with you. He’s the one that said real world fact is Apple isn’t being attacked because of it’s limited use. I was just agreeing with him.
Since you claim Mac now has a big enough footprint to get hacked why is it so easy to hack when paid money and contests have it hacked first? If it were truly secure this wouldn’t be happening.
I’ll put it to you...where is the self propagating windows 7 virus that is fully patched with the firewall on vulnerable to the attack you claim is the only one that counts? I haven’t researched this one bit so there may be several, but I would suspect I would have been hit by one if it were true.
Let me get this straight. I said that I had never seen posts like the ones you described and aruanan and I suggested you were projecting your own thoughts onto what was said and that those things were actually never said. Now you want me to prove they were never said, right? I am afraid that is beyond my ability,
I think one thing that gives people the false impression of Mac users is the popularity of the Mac vs PC television commercials. They think all Mac users are like the Mac character in the ad and that we think all PC users are like the PC character. That is totally wrong! In my opinion, the TV characters represent Bill Gates and Steve Jobs, not users.
The only thing I ever see Mac users say on FR is how much they like their Macs and if someone is having a particular problem with a Windows based PC they point out that those problems rarely exist on Macs. They frequently say, "Get a Mac."
From that you guys go off the deep end.
I still stick with my post at #62.
Accusing someone of "projection" means you think they're accusing you of what they've been doing themselves. If you think that's true, show me those posts.
For that matter, you can start by showing me the posts demonstrating the people who can build their own computers, or write their own programs resent people who can't. I don't recall ever seeing those, and that was the first accusation made so let's start there, shall we?
It was not an easy hack. The hackers in question spent weeks devising a hack in advance, and simply unleashed it at the conference. Even then the first round didn't work, and they won when the Safari browser was pointed to their custom malicious web site. In fact, what they did was irresponsible since they found a new exploit, and instead of being responsible and notifying the company, they saved it for the conference so they could win.
where is the self propagating windows 7 virus that is fully patched with the firewall on vulnerable to the attack you claim is the only one that counts?
No idea. However, if there are none, it shows the great strides Microsoft has made in the security of Windows that's it's finally near that of OS X. Microsoft did switch around the permissions for a lot of internal Windows functions to not require admin, and that's good for keeping people from always running as admin because "I can't do X without admin." That right there helped massively. Microsoft was very smart to hire Mark Russinovich, one of the main people responsible for completely refactoring the permissions levels in Windows.
Unfortunately many of the means of making admin-assuming apps work as non-admin used some serious workarounds, and that worries me. It was necessary to maintain backwards compatibility while protecting the OS, and done as well as it could have been probably, but it still shouldn't have been done. OS X doesn't have this problem since Apple ditched compatibility with the previous, highly insecure, operating system architecture.
What proof do you have that it hasn't surpassed OS X? By your standard an self propagating virus is the ultimate in security. Since windows 7 (or Vista for that matter) hasn't had one then I'd say it's more secure since they have a larger install base.
But also you once again dismiss an exploit that occurred when someone was willing to make it worth someone's time and effort to exploit it. In fact at this years pawn2own wasn't Mac the first one exploited? And didn't Windows7 give them a harder time? Once again it looks like you should be trumpeting the fact that Windows 7 is harder to crack than mac.
Not me... I was repeating, and remarking on the absurdity of what someone else said.
The reading comprehension on this thread is... depressing...
LOL We are... errr might be, running several of our servers as VMs covertly. The app vendors never know the difference, as they always remote in for support. Of course, they could easily tell if they looked around at certain things within the OS. The network adapters make it a dead giveaway.
Even the "viruses" demonstrated in the labs have failed to work. A Trojan is NOT a self-replicating, self-transmitting, self-installing computer virus. It is merely a computer program that does something malicious. . . that is installed by socially persuading the user through trickery. So, rlmorel, I challenge your assertion that OSX viruses "are out there," and they certainly not in the wild.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.