January 11, 2009 Open Source Security 0

CHR.DarkFiles.US » Blog Archive » Apple Arrogant or Secure.

Their arrogance is partially justified due to superior design.  The Unix system they use is multi-user by design…unlike windows which is not truly multi user.  90% of everything a user is going to do in  Unix system is done inside userspace..so unless the user intentionally runs as root(which mac does not make easy) then the virus can really only damage your user space.  Criminals will go after the easiest target..right now even with vista’s design improvements it’s still based on 20 year old NT code which has some serious deficiencies that make it a very easy traget.  The biggest and the one that continues to get leveraged is IE via ActiveX.    The fact it has the largest installed base doesn’t hurt either.  The author mentions the worm found for Macs. It doesn’t compromise the entire system and is relatively harmless.  The fearmongering of sophos is quite evident in their posting about this worm.  It’s a low grade threat that does contact harvesting.  No big deal.  Let me give you an example.  Do you know what the largest installed base across Linux and windows is for web servers….Apache.  It’s open source, modular and designed with security in mind.  Getting apache to compromise apache..that happens yes it does..but it’s typically limited to apache’s userspace because apache doesn’t run as root.  IIS runs as SYSTEM in many cases which is a lower level of access than administrator.  For apache..you compromise apache it’s mostly only apache that’s hosed..you compromise IIS you have a direct conduit to the kernel via system most times..same for IE.  Apple and the Unix guys have a good reason for their smugness.  They don’t rely on patched up 20 year old code that tries to masquerade as a secure multi-user operating system..they actually do run one that’s designed that way from the beginning.