Security flaw in Macs

[michaelab]

http://news.bbc.co.uk/2/hi/technology/3741871.stm

You see...it's not just PCs and Microsoft. Now that Macs are becoming more popular again I expect this kind of thing to increase.

The response that Apple gave could have been copied straight from any of Microsoft's recent press releases concerning security issues

Michael.

 

[RDD]

And about bloody time :JOEL:

I was getting fed up with smug Mac users grinding down PC users recently It's true what you say, as Mac's get popular again and the users insist on baiting the hackers by coming across all superior, this kind of thing will be on the increase.

 

[Slaphead]

All OS's have security flaws. The Mac so far has had pretty good security but only by obscurity. However to give apple their dues they had the patch available at the start of the week.

I expect this kind of thing to increase.

Given the now constantly online culture that broadband has brought us I agree. We all have to watch out.

Incidently I saw an example of this exploit and it was scary. It enabled the help viewer via a web browser (not just safari - it worked equally as well in explorer) to execute any command via the terminal. Just imagine if it was "rm -rf *.*" and you were logged in as root, that would be the last time you saw your machine working untill you'd reinstalled your system and recovered from your backup (assuming you had one)

 

[michaelab]

Originally posted by Slaphead
However to give apple their dues they had the patch available at the start of the week.

In all the Microsoft security scares, the patch has usually been available for weeks, sometimes months, before people try and exploit it or it becomes a BBC News item. Unfortunately very few people keep their PCs up to date with the latest security patches.

A week before the Sasser worm hit the headlines recently my PC was already protected

Michael.

 

[Sgt Rock]

Originally posted by Slaphead
All OS's have security flaws. The Mac so far has had pretty good security but only by obscurity. However to give apple their dues they had the patch available at the start of the week.



Given the now constantly online culture that broadband has brought us I agree. We all have to watch out.

Incidently I saw an example of this exploit and it was scary. It enabled the help viewer via a web browser (not just safari - it worked equally as well in explorer) to execute any command via the terminal. Just imagine if it was "rm -rf *.*" and you were logged in as root, that would be the last time you saw your machine working untill you'd reinstalled your system and recovered from your backup (assuming you had one)

Reminds me of my time as a Unix tech support bod, one college that had my companies equipment was in the habit of creating a very large root partition and putting the users home accounts in there.

Guess what happend when bev left, the mupeits did an rm -rf /dev lol

 

[garyi]

You would have to be a muppet to be logged in as root. And in fairnes to apple, it takes a fair amount to get in as a root user, you need to use software in the utilities folder or the treminal. So although there is a risk (is there not always?) its still a lot more secure. If I want to install anything on my computer I have to get past a password.

BTW We are in Sonoma wine country just above san francisco. I am chilling in a cafe with a coffee. Very nice too!