[latimesblogs.latimes.com]

Doomed again.

---

A man who is of "sound mind" is one who keeps the inner madman under lock and key.
(Paul Valery)

this happens on a fairly regular basis

---

I don't want to sound condescending, but I'm tempted to say this guy's an idiot...most of the hackers and security experts I've heard talk about the subject suggest the opposite (Macs inherently more secure).

The guy in the article probably has a point that is somewhat obscured by the reporter.

It has been demonstrated that out-of-the-box Macs are actually much less secure from certain kinds of attacks by hackers than similarly configured Windows PCs. A lot of it has to do with the fact that the firewall is off by default and both Safari and QuickTime have major security issues. Firefox may be less secure than Safari (without add-ons like NoScript).

But it's a lot harder to get a virus or trojan propagating on and taking control of Macs. Additionally, the goal of many -- if not most -- virus writers is to have the target PC become part of an automated botnet and considering how many PCs are wide open to such attacks it's just not economical to make the effort to go after Macs.

So, if you are being targeted by a hacker then you may be in trouble. If it's impersonal viruses that you're worried about, you're probably still okay.

---

Sometimes I wonder, "What would Hodor say in this situation?" - Jim Gaffigan

Where I work, the majority of the thousands of PCs and Macs we support are not behind firewalls. Direct high speed connection to the Interwebs. In the 9+ years I've been supporting Macs, we have had 4 successfully hacked Macs I've known about, all 4 times from Romania. In all 4 cases, Remote logon (SSH) was enabled by a user (thinking it would be good but with no actual use for it) with an easy to guess username and password. This is like living in Manhattan and just having the one lock on the doorknob with a hairpin taped to the wall next to it. Technically protected, but in reality just waiting to be compromised.

No other viruses or any other remote exploits, and ~2500 Macs are bought here every year. In fairness, the PCs are never hacked remotely so the Macs are technically less secure but this does require a user with unusual ignorance. However a number of PCs get spyware/ransomware/viruses every day, so many that the network people made a web tool for us to query blocked MAC addresses so we can separate the infections from real network issues.

I think this is a pretty representative comparison of the real world security problems that the 2 platforms have.

Quote
Lew Zealand
Where I work, the majority of the thousands of PCs and Macs we support are not behind firewalls. Direct high speed connection to the Interwebs.

Lew.. dear god, WHY ? I mean, I have hardware and software firewalls running on my whole network at home ! At work we have like four layers of defense. Why would you do that ? Or are you running a malware honey trap ?

Don't know where LZ works, but it sounds just about like where I work. University professors and research assistants get cranky about firewalls interfering with their network and research activity. So specific servers and groups are behind firewalls, but not the university as a whole. Individuals can run their own firewall software on their Mac or PC, but most are semi-clueless about doing so.

Now where I used to work on campus the system admins did have the ability to block or filter specific activity once a compromised machine was detected. Similar capability is available to the main network system admins for the whole campus. But keeping an active campus wide firewall for all traffic was and is not politically possible.

As far as I can tell, the huge flaw in Windows is the ease of installing programs. It's pretty much automatic; click on an installer and in it goes. With Unix based operating systems, like OSX, the user must approve the installation of a program that gets into the system by providing their password.

There are one-off vulnerabilities in every operating system but those can be fixed with security updates and the problem is gone.

In the biological world, if we had to give our permission for a virus to infect us, there wouldn't be very many viruses.



Edited 1 time(s). Last edit at 04/17/2010 12:18PM by JEBB.

Bunk.

How does a Windows PC, running XP SP3, with Symantec Antivirus scanning constantly, and limited-rights user account, get infected with spyware inside a corporate firewalled environment?

The other 75% of computers in the same environment are Macs running 10.4 and 10.5. The 10.4 Macs have SAV installed, but not scanning. The 10.5 Macs have no AV software. Both have limited-rights user accounts.

The ONLY Mac infections I've seen in 2 years is the old Word macro virus that only affects Office 2004, since 2008 no longer supports macros.

[www.macworld.com]

You won't convince me that Macs are less secure. I'm not blind, but I deal with this all week as part of my job. I can't tell you how many PCs need additional anti-spyware scans run to remove what Norton/Symantec cannot.

Again: These are PCs where users can't install their own software, even ActiveX plugins.

---

---