[Yossarian]

This is just too easy:

How many Mac platforms run data bases that store credit card info, run secure web sites that transact sensitive information, make money transfers, centrally store secrete information,

OK, up until this comma, this is a fair question with an easy answer (see below). But then you continue in your inane rambling....

fall victim to script kiddies, become bots in a network, or become magnets for fast spreading viruses, worms, or Trojans?

Now why do you suppose the other, more wide spread platforms do? Now you tell me why when Macs are the superior platform, why all the dummies are still using those other platforms?

Mmmm....maybe because they made the mistake of hiring you for security consulting?

Now to answer the top, coherent part of your rambling question/statement/certification-of-your-lack-of-thinking-skills:

See this?

That's a big well-encased farm of xServes (Apple's 1U server platform, then PowerPC based) from Apple's developer conference a little over 10 months ago.

It's installed at a "eBureau" (was "xTech"), one of America's largest processors of credit card data, as well as other financial and security systems. In the company's own words:

"eBureau provides a suite of precision marketing, credit risk management, fraud prevention and receivables management solutions to direct marketers, financial services companies, Internet retailers and agencies"

eBureau calls this installation the "Aquarium". It runs Mac OS X Server.

For a "Computer Security Pro", you're quite the ignorant chump, aren't you?

[GovernmentIsTheProblem]

“eBureau calls this installation the “Aquarium”. It runs Mac OS X Server.”

I run a business that performs penetration testing for large ecommerce and fortune 1000 customers and have never seen a single production application environment running on OSX. You pointed out one - that doesn’t make the other poster ignorant. It’s one - the exception, not the rule.

[rightwingextremist1776]

Let me know when you have finished your first class in computer basics. I’ll be more then happy to school you from there. Until then I would keep your mouth shut, it only puts your complete lack of knowledge on display for the whole world to see. You completely missed the point of my post. You haven't a clue.

[rightwingextremist1776]

Oh, and just in case you missed it;
6.0 (U) Technical Overview for IT Professional: Multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server have been discovered. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.

6.1 (U) ColorSync CVE-2007-0719
Viewing a maliciously-crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. A stack buffer overflow exists in the handling of embedded ColorSync profiles. By enticing a user to open a maliciously-crafted image, an attacker can trigger the overflow, which may lead to an unexpected application termination or arbitrary code execution.

6.2 (U) CoreGraphics
Viewing a malformed PDF Document may lead to an application hang.

6.3 (U) Crash Reporter CVE-2007-0467
Crash Reporter may allow a local admin user to obtain system privileges. Crash Reporter uses an admin-writable system directory to store logs of processes that have been unexpectedly terminated. A malicious process running as an admin can cause these logs to be written to arbitrary files as root, which could result in the execution of commands with elevated privileges.

6.4 (U) CUPS CVE-2007-0720
Remote attackers may cause a denial of service during SSL negotiation. A partially-negotiated SSL connection with the CUPS service may prevent other requests from being served until the connection is closed.

6.5 (U) Disk Images CVE-2007-0721
Mounting a maliciously-crafted disk image may lead to an unexpected application termination or arbitrary code execution. A memory corruption vulnerability exists in diskimages-helper. By enticing a user to open a maliciously-crafted compressed disk image, an attacker could trigger this issue which may lead to an unexpected application termination or arbitrary code execution.

6.6 (U) Disk Images CVE-2007-0722
Mounting a maliciously-crafted AppleSingleEncoding disk image may lead to an unexpected application termination or arbitrary code execution. An integer overflow vulnerability exists in the handler for AppleSingleEncoding disk images. By enticing a local user to open a maliciously-crafted disk image, an attacker could trigger the overflow which may lead to an unexpected application termination or arbitrary code execution.

6.7 (U) Disk Images CVE-2006-6061, CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267, CVE-2007-0299 Downloading a maliciously-crafted disk image may lead to an unexpected system shutdown or arbitrary code execution. Several vulnerabilities exist in the processing of disk images that may lead to an unexpected termination of system operations or arbitrary code execution. Since a disk image may be automatically mounted when visiting web sites, this allows a malicious web site to cause a denial of service. This update addresses the issue by performing additional validation of downloaded disk images prior to mounting them.

6.8 (U) DS Plug-Ins CVE-2007-0723
Unprivileged LDAP users may be able to change the local root password. An implementation flaw in DirectoryService allows an unprivileged LDAP user to change the local root password.

6.9 (U) Flash Player CVE-2006-5330
Playing maliciously-crafted Flash content could allow an HTTP request splitting attack. Adobe Flash Player is updated to version 9.0.28.0 to fix a potential vulnerability that could allow HTTP request splitting attacks.

6.10 (U) GNU Tar CVE-2006-0300, CVE-2006-6097 Multiple vulnerabilities in GNU Tar, the most serious of which is arbitrary code execution. GNU Tar is updated from version 1.14 to 1.16.1.

6.11 (U) HFS CVE-2007-0318
Removing a file from a maliciously-crafted mounted filesystem may lead to a denial of service. An HFS+ filesystem in a mounted disk image can be constructed to trigger a kernel panic when attempting to remove a file from a mounted filesystem.

6.12 (U) HID Family CVE-2007-0724
Console keyboard events are exposed to other users on the local system. Insufficient controls in the IOKit HID interface allow any logged in user to capture console keystrokes, including passwords and other sensitive information.

6.13 (U) ImageIO CVE-2007-1071
Viewing a maliciously-crafted GIF file may lead to an unexpected application termination or arbitrary code execution. An integer overflow vulnerability exists in the process of handling GIF files. By enticing a user to open a maliciously-crafted image, an attacker can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of GIF files. This issue does not affect systems prior to Mac OS X v10.4.

6.14 (U) ImageIO CVE-2007-0733
Viewing a maliciously-crafted RAW Image may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue exists in the process of handling RAW images. By enticing a user to open a maliciously-crafted image, an attacker can trigger the issue which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of RAW images. This issue does not affect systems prior to Mac OS X v10.4.

6.15 (U) Kernel CVE-2006-5836
Malicious local users may be able to cause a denial of service. Using the fpathconf() system call on certain file types will result in a kernel panic.

6.16 (U) Kernel CVE-2006-6129
Executing a maliciously-crafted Universal Mach-O binary may lead to an unexpected termination of system operations or arbitrary code execution with elevated privileges. An integer overflow vulnerability exists in the loading of Universal Mach-O binaries. This could allow a malicious local user to cause a kernel panic or to obtain system privileges.

6.17 (U) Kernel CVE-2006-6173
Executing a maliciously-crafted program may lead to a system hang. The shared_region_make_private_np() system call allows a program to request a large allocation of kernel memory. This could allow a malicious local user to cause a system hang. This issue does not allow an integer overflow to occur, and it cannot lead to arbitrary code execution.

6.18 (U) MySQL Server CVE-2006-1516, CVE-2006-1517, CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226, CVE-2006-3469 Multiple vulnerabilities in MySQL, the most serious of which is arbitrary code execution.

6.19 (U) Networking CVE-2006-6130
Malicious local users may be able to cause an unexpected termination of system operations or execute arbitrary code with elevated privileges. A memory corruption issue exists in the AppleTalk protocol handler. This could allow a malicious local user to cause a kernel panic or gain system privileges.

6.20 (U) Networking CVE-2007-0236
Maliciously-crafted AppleTalk requests may lead to a local denial of service or arbitrary code execution. A heap buffer overflow vulnerability exists in the AppleTalk protocol handler. By sending a maliciously-crafted request, a local user can trigger the overflow which may lead to a denial of service or arbitrary code execution.

6.21 (U) OpenSSH CVE-2007-0726
A remote attacker can destroy established trust between SSH hosts by causing SSH Keys to be regenerated. SSH keys are created on a server when the first SSH connection is established. An attacker connecting to the server before SSH has finished creating the keys could force the keys then to be recreated. This could result in a denial of service against processes that rely on a trust relationship with the server. Systems that already have SSH enabled and have rebooted at least once are not vulnerable to this issue. This issue is addressed by improving the SSH key generation process. This issue is specific to the Apple implementation of OpenSSH.

6.22 (U) OpenSSH CVE-2006-0225, CVE-2006-4924, CVE-2006-5051, CVE-2006-5052 Multiple vulnerabilities in OpenSSH, the most serious of which is arbitrary code execution. OpenSSH is updated to version 4.5.

6.23 (U) Printing CVE-2007-0728
An unprivileged local user can overwrite arbitrary files with system privileges. Insecure file operations may occur during the initialization of a USB printer. An attacker may leverage this issue to create or overwrite arbitrary files on the system. This update addresses the issue by improving the printer initialization process.

6.24 (U) QuickDraw Manager CVE-2007-0588 Opening a maliciously-crafted PICT image may lead to an unexpected application termination or arbitrary code execution. A heap buffer overflow vulnerability exists in QuickDraw’s PICT image processing. By enticing a user to open a maliciously-crafted image, an attacker can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT files.

6.25 (U) QuickDraw Manager
Opening a malformed PICT image may lead to an unexpected application termination. This issue can not lead to arbitrary code execution.

6.26 (U) Servermgrd CVE-2007-0730
Remote attackers may be able to access Server Manager without valid credentials. An issue in Server Manager’s validation of authentication credentials could allow a remote attacker to alter the system configuration.

6.27 (U) SMB File Server CVE-2007-0731
A user with write access to an SMB share may be able to cause a denial of service or arbitrary code execution. A stack buffer overflow vulnerability exists in an Apple-specific Samba module. A file with an overly-long ACL could trigger the overflow, which may lead to a denial of service or arbitary code execution. This issue does not affect systems prior to Mac OS X v10.4.

6.28 (U) Software Update CVE-2007-0463
Opening a maliciously-crafted Software Update Catalog file may lead to an unexpected application termination or arbitrary code execution. A format string vulnerability exists in the Software Update application. By enticing a user to download and open a Software Update Catalog file, an attacker can trigger the vulnerability which may lead to an unexpected application termination or arbitrary code execution. This issue does not affect systems prior to Mac OS X v10.4.

6.29 (U) Sudo CVE-2005-2959
A local user with sudo access to a bash script can run arbitrary commands with elevated privileges. A user-modified sudo configuration could allow environment variables to be passed through to the program running as a privileged user. If sudo is configured to allow an otherwise unprivileged user to execute a given bash script with elevated privileges, the user may be able to execute arbitrary code with elevated privileges. Systems with the default sudo configuration are not vulnerable to this issue. This issue has been addressed by updating sudo to 1.6.8p12.

6.30 (U) WebLog CVE-2006-4829
A remote attacker can conduct cross-site scripting attacks through Blojsom. A cross-site scripting vulnerability exists in Blojsom. This allows remote attackers to inject JavaScript into blog content that will execute in the domain of the Blojsom server. This issue does not affect systems prior to Mac OS X v10.4.

PS...I saved you the effort of actually having to look this up...I knew you wouldn’t be able to handle that task.