MAC, the Linux Desktop?

security stuff moab

Apple is very very secure. The links below are about the same dozen things, which are proof of concept or lab attacks not in the wild.

http://www.youtube.com/watch?v=pdV1S6M299o  Video for creating a MAC Admin password

As with Pacemakers so to the MAC, a team of researchers has proven that with enough time, energy, and expertise a pacemaker can be hacked, though there is currently little to no risk for patients with pacemakers.

Trojan Horses and Virus are yesterdays news. It is the browser MAC security it is not about the MAC anymore

"For those who do not have their computers set to check for updates on a regular basis should do so, and those who have it set to less frequently may consider having it check for updates more often. " www.securemac.com

I had a email exchange with a MACtavist recently who monitors three MAC's 24x7 and works on a campus with 8,000 MACs that has two other campuses of similar size. The conversation has challenged several of my assumptions. The links I researched as part of the conversation are on the security2 page. Two posible responses I've considered are one start with the oldest flaws and post one at a time giving chance for responding and then keep going to the new MAC airbook flaw. Two stat from positive perspective about how MAC has no flaws what so ever it is perfect. Example these MAC breakins only happen in contests. The MAC world demonstration was only a hoax and shouldn't be counted. Only detractors would count the following as flaws. What happens on porn sites doesn't affect the real world. It is really windows computers on the internet that are being targeted. When these scams occur on a MAC it only happens because they meant to target windows users. Apple responds to fixes in their open source BSD code so these flaws are safe. 0 day exploits are not fair because if they had told Apple about the problem it would have been fixed. This information is meaningless because it detracts from the fact that MAC is the best. MACs are secure because none of these exploits are used by real bad people, they are performed only by people who want attention and are probably MAC detractors anyway. These threats are nothing compared to the multitudnous threats to Windows users.

One except for Ubuntu it appears that Linux on the desktop is an idea whose time has failed Ubuntu history Many thought in 2002 that Linux on desktop was over. In 2004 we have ubuntu. Another article suggested that Linux users are CHEAP. I've been accused of over spending especially with a large organizations budget, in reaching out to my students who don't have my goodies, I've looked at affordable and realistic.

The apeal to me is in the server system and XAMPP. The fact that you can run it as a desktop means it is more approachable to computer science students. So my focus is on servers and potential developers with an affordable and realistic budget for moving into this proven and working environment

Reasons to go to IIS7. Also [LAMP vs. WISA] Linux vs Windows.

I've learned that mach kernal is the core of MAC OS and that Free BSD is the user interface although MAC OS is referred to as the fifth FBSD. BSD A fork in Unix for a family of Unix like operating systems. OS X a BSD descendant NeXT NEXTSTEP and OPENSTEP, based on the Mach kernel and 4BSD; the ancestor of Mac OS X

There is a network engineer working at MAC who is a major player in BSD, which backs up MACs claim to be the best.

MAC release its OS to open source and has a sourceforge download. I've read that the download is buggy and very difficult, better to get a MAC.

I'm very understanding of the Windows vs. MAC debate. I feel that the contest overshadows the idea of an affordable development environment for computer science students.

• MAC hacked in two minutes Open Source Software Flaws in MAC through back porting

   

• More from DarkReading

   

• Just for Fun MAC virus with other links? 0 day wi fi mac exploit?

   

• Hack that iphone

   

• Four new exploits uncovered in MAC kernal code from BSD When Apple grows up they will be just like MS windows

   

• Immunity Sec Detractors? Isn't that what a unethical hacker is?

   

• Month of Apple bugs Jan 2007 chided for not releaseing to Apple. Dino Dai Zovi MOAB Hackers

   

• Disk Images to take over Mac US CERT

   

• Quick time expoit for mac

   

• Month of Kernal Bugs MOKB, Month of Apple Bugs (MOAB)

   

  2008 Article about MAC Virus as MACs market share increases warning

   

• MacWorld rogueware MACSweeper, http://www.infoworld.com/article/08/01/15/Mac-security-program-scares-users-into-buying_1.html | Infoworld take on MAC sweeper]

   

  Zero day exploits. Apples denial of reality could be leading to the zero day exploits. Apple demonstrated its williness to bend the truth on a monitor flaw in which they deny monitor flaw is a manufacturer defect.

   

  Apple Guru Combats Month of Bugs Landon Fuller

   

   

• sudo buffer overflow, and other stuff at securemac.com

   

• MAC vs. Windows vulnerability stats for 2007

   

   

   

• <http://news.cnet.com/8301-10789_3-9949527-57.html|ical hit] Doesn't matter because most users are on 10.5.2 and 10.5.3 is in testing. (the CET apple is 10.4.11 a possible target)Apple ical hit a no go as not important. May 21 2008

   

• <http://news.cnet.com/8301-10789_3-9949507-57.html| itunes phising scam] not important. Most web users are on Windows and it is old news from ebay, and paypal and banks. Apple users don't supply their credit card numbers online.

   

• Tipping point 0 day flaws are unimportant because hackers are paid to discover them and they are not used by hackers in the wild. Four IMs hacked

   

• Echo boom hackers are after money and so they target Windows users, instead of MAC users who tend to have more money. Echo boomer hackers part 1

   

• MAC criminal hackers only have a few attacks directed at MAC users and OSX/RSPlug Trojan has already been reported by www.macworld.com. Reports from VNUNET that the Trojan is being used increasingly in 2008 by criminal hackers is a small matter affect few users.

   

• More on OSX trojan 11 macworld readers gave it the thumbs up.

   

• MAC users to smart for scareware quicktime fix 7.x

   

• Mac users are probably on 7.4.5 with itunes

   

• MAC World Opinion Security 2006 by a guy who double clicks on a MAC.

   

• Rogue ware for MAC Imunizor and MAC Sweep

   

• Major Mfg ready for MAC virus outbreak and waiting and waiting...

   

• Proof of concept virus' from 2004

   

• itunes phishing

   

• Paypal says steer clear of Safari and ranks IE7+ and Firefox 2, 3 as safer for the internet. Safari is used on the MAC and the iphone.

   

• Tired of waiting on Apple, Core Security release bugs to net MAC World users rated this as 22 yes vote. Popular articles have 902 spike and average below 300 votes.

   

• Apple pushing safari on Windows users Microsoft does this to windows users and the google toolbar comes with some upgrades. Apple joins questionable practice, at least. Plus Paypal article says safari is less secure. With the pride of Apple security to then inflict a potential threat to Windows users who are swimming in virus'.

   

• 07 Researcher finds security flaw with Safari on Windows during month of Apple bugs Aviv Raf, It was intended to challenge Apple's security record. He took the company's boasting about Safari's security as a personal challenge.

   

• Spoofing Security flaw in Safari 3.1.1

   

  Malicious crafted web page cause kernal panick that crashes the iphone

   

• [http://www.ipodobserver.com/story/34567 | Mobile Safari on iphone
• WSJ: Do hackers threaten iPhones

   

• 22million OSX users 0 virus, 16% of computer market

   

• LEAP worm and more on MACs first malware or is it Death Threats drive researcher underground

   

   

• Sophos list of Mac virus' on the right side

   

  Spoofing, Phishing, 0 day attacks,

  reporting flaws and then publishing