Mac Security - Gone 10 Seconds.

There's nothing new on that link that contradicts what's been said elsewhere on the thread. Macs are insecure, but there's no market for the malware. It's simple security through obscurity. Mac lacks much of the layered protection now built into Vista/Windows 7 which shouldn't be the case as it's built on BSD.

The case still stands though, it took hours to crack Windows compared to Macs, this shows how much more secure the standard Windows installation is, also M$ responded within 24 hours of the security issue. Whilst that doesn't seem important, remember they was holding a exhibition and launching IE 8.

Apple really needs to step up to the plate and deal with security now rather than do a Microsoft and ignore it till it became a issue. This is what happened to XP and was one of the reasons Vista took so long to come. Microsoft learned the hard way and needed to re-prioritise it's security model.

Faolan, though I tend to agree about Apple being slow to deal with the issue I think they are in no hurry because there does not seem to be a credible threat at the moment. Typically, human beings are slow to be preemptive in all categories of their lives. There is one part that is new (that I saw) - where he stated he still recommended them.

I still think Snow Leopard is going to elevate Mac security to the next level. Apple (I would think) is likely getting tired of being the first down at these little dog & pony shows. It doesn't matter that it took many long hours of research and programing to find and implement and exploit the so called '10 second' glitch and took longer on other platforms. The stigma is still there even though it is an illusion of Windows security. I think what we should take away from this is that every OS/Browser is vulnerable and could, with little effort, be cracked by a professional and that only through education and vigilance will we be able to gain back some security in our online lives.

Maxxum, it's little different with Windows, you don't think they can crack Windows at a drop of a hat? Hackers have all the time in the world to find one flaw and all the incentive to do so. The security measures in place for Vista and Win 7 are far more robust and makes Windows less of a target these days compared to when Win XP came out. Even that article said as much. Win x64 takes this a stage further with further kernel hardening.

The main problem for Mac isn't security or flaws, it's more the case when it's been hacked you have little or no warning that your system is comprimised. There aren't that many InfoSec tools for a Mac (in some ways justified) but the ethos of InfoSec it's better to lock the system down instead of letting the horse bolt free. There wasn't a credible threat to XP when it came out initially, that came after. Just look at the various Service Packs and the security measures they had to be backported to lock the OS down.

This dog and pony show, as you call it, serves a important need to highlight security. Without it people wouldn't be aware that you still need to take precautions. The ignorance shown in this thread highlights this starkly. No offence to any member but this is simple fact. Most members here rely on their OS and have little or no understanding of what an attack vector is let alone preventing one. Bill (wlescall) posted a guide to security OS X but who is going to read a massive document like that let alone understand it? This is the problem Microsoft faced, and still faces especially in the corporate sector.

I still think you are overstating Vista's capabilities and it is a dog and pony show. There have been plenty of these shows (DES, Black Hat, etc...). That is not to mean they don't have their purpose. They can be pretty informative - but we personally don't learn much because to do so we would have to go over ton's of white papers. To defeat this flaw all one has to do is run noscript and not go to sights outside the safe beltway. The way he describes it is it's a minefield out there for Vista users!

In any case, it's highly unlikely I will be hit as I'm hardened (OS X & Vista). I'm so geeky that I will actually sit down and watch a packet sniffer on my home and work LAN just trying to see if I can spot and name all the ports/protocols being sent

MaxxuM wrote in post #7611874
In any case, it's highly unlikely I will be hit as I'm hardened (OS X & Vista). I'm so geeky that I will actually sit down and watch a packet sniffer on my home and work LAN just trying to see if I can spot and name all the ports/protocols being sent

me too

MaxxuM wrote in post #7611874
I'm so geeky that I will actually sit down and watch a packet sniffer on my home and work LAN just trying to see if I can spot and name all the ports/protocols being sent

Ethereal, Ettercap or something else? Just curious...