That canard of "Security by Obscurity" has little to do with it, Sun. Apple will soon top 60,000,000 OS X systems in the wild. What exactly is the number of systems—99% of which are running bare naked to the Internet, not protected in any way except for a built-in Trojan horse identifier—before hackers, crackers, and other assorted malware writers suddenly gain an interest in computers that are owned by people who demographically have more disposable income, who have a reputation (wrongly) of being naive about computer protection, and who (under the Windows standard) should be considered "sitting ducks" to be invaded and taken over?
When a 2000 unit BotNet is worth $50,000 on the blackmarket for a mere TWO WEEK window of operation, where are the Mac OSX botnets that should be sprouting up everywhere among all these so-called "totally vulnerable", unprotected OSX Macs, if every OS were equally easy to penetrate? So far, there are THOUSANDS of Windows botnets and not ONE Apple Mac OSX botnet spreading malware. Not one.
(In the interests of full disclosure: in April 2009, two Symantec security specialists published an article in The Virus Bulletin, an independent $150 a month hacker journal, that they had identified a 20,000 member Mac OSX botnet in the wild spreading Trojans OSX.Iservice and OSX.Iservice.B malware in Europe. However, no other anti-malware company, including Symantec {!} or other researcher, anywhere, ever found even one member of this botnet. The two Symantec employees had not even reported their find to Symantec... something that did not go over well with Symantec, who after investigation, fired both of them. To date, no example of either the botnet, or OSX.Iservice and OSX.Iservice.B, have ever been seen in the wild. Never-the-less, this "botnet" was a three-day-wonder in the technical media... until it died and ignominious death of back page retractions and red-faced non-apologies.)
OS X has been in the wild for ten years now and there are still ZERO self-propagating, self-installing, self-transmitting viruses for OSX in the wild. There have been less than a dozen known proof-of-concept candidates for such viruses... and NOT ONE OF THEM WORKED! There are currently 17 known Trojans in three distinct families in the wild for OS X... and everyone of those families is identified BY THE OS, which warns the user they are downloading or installing a known Trojan. These Trojans are easy to remove if the user does install one. There is no "registry" to get corrupted on a Mac... and the ROOT files are protected. Data and heap overflow vulnerabilities are not so much of a problem on Macs because the data is loaded into NON-EXECUTABLE memory locations... usually, the worst thing that can happen is the app using that data crashes, resulting in a Denial of Service condition until the app is restarted. Any malicious code hidden in the overflow can do no harm because it cannot execute in that memory location.
The real reason that Windows is such a target is that it is a swiss cheese operating system that was not built from the ground up with multiple users and the access from the outside in mind. UNIX™ and it's derivative Linux were.
In addition, many of the "black box" test equipment devices such as these aircraft plug in status boxes, while they may seem ultra-modern, are using older non-updated versions of Windows. The operational theory being that they are never intended to connect to the internet and so need no stinkin' updates... "Don't fix what ain't broken." I have seen in-house dedicated computers running Windows95 and 98, and even a few MEs, some even without service packs... plugging away, perfectly operational. All it takes, with one of these, is a single time connected to the internet (or perhaps someone bringing in an unauthorized disk, flashdrive, etc.,) without protection and WHAM! infected. I would not be surprised to see that is the case with this situation. It is unlikely that a test equipment computer would be connected to the internet.
On the other hand, there may be a LAN network of test computers... all of which are not connected to the WAN. All it takes for that to be compromised is for ONE to be connected. I've seen that happen when a newby IT guy is brought in who is unfamiliar with the REASON the LAN is not connected to the Internet, and he decides "Wouldn't it be cool for the Service Manager to be able to connect to the LAN and monitor the reports from home... or his cell phone"... and hooks it up. WHAM! again... what once was an island of security has had its doors opened to the world without proper defenses put in place. It is REALLY hard to put the camel out side again, once he's gotten in.
“That canard of “Security by Obscurity” has little to do with it, Sun. Apple will soon top 60,000,000 OS X systems in the wild. What exactly is the number of systems—99% of which are running bare naked to the Internet, not protected in any way except for a built-in Trojan horse identifier”
We’ve already seen Apple admit that certain vulnerabilities will allow a hacker to run any code they want on certain OS versions. That was announced in an Apple notification.
100,000 new malware signatures are created every single day mostly targeted at Windows systems. Apple makes up less than 5% of the desktop market. We’ve already seen some new malware targeted at Apple.
But perhaps you missed the thread that OS fights weren’t acceptable on FR anymore. So why are you doing it?
I blame Bill Gates switching NT midstream from a modernized version of VMS (one of the most solid OSs in history) with a newly-designed modern API to a 32-bit version of Windows 3.x. It ended up only being designed to support small workgroups, nothing more. When I think of what Windows NT could have been...
a swiss cheese operating system that was not built from the ground up with multiple users and the access from the outside in mind
Exactly.
No matter which way you slice it or dice it, Windows is still Dos 1.1 underneath. With a vector table at 0:0000
I’ve never examined the vector table on an x86 machine running under Windows and compared it to one running barebones Dos, but I am willing to bet there are a few interrupts that Windows doesn’t front-end.
And even if they do protect the hardware interrupts, Windows wanted to make itself a one size fits all OS where stuff like Java and Flash can come along and do spiffy things. Spiffy and sometimes very malicious.
As a systems guy, I would never let ANYBODY tweak what happens when the boot process happens. I would NEVER let anybody mod anything on the system packs! (mainframes rule!!!)