It seems Mac OS X is coming under a bit of fire lately - I think scrutiny is good. In my opinion it’s good to question, poke and prod. Not only does it further knowledge, it helps to fix bugs and right assumptions. I also think it’s great that either 1) more people are using OS X and finding these items, or 2) some companies are getting afraid and trying to spread a little FUD around. Either way, it means OS X is getting more play, which I dig because that means I’ll get to use it more often when it’s adopted more.
However, The bloggers that are pointing out some of their findings are acting in an alarmist fashion. I’d like to point out a few things from some of the resent reports - whose post titles almost always contain one or more exclamation points.
The main issue I have with these reports is they seem like they are being used in a “See OS X is just as bad as Windows” or “Well, if OS X has flaws then you might as well stay with windows” kind of thing. Color
me paranoid, but that’s the spin I am hearing from people who read and write these reports - that is a grossly incorrect and misleading conclusion.
This one was pretty bad in my opinion, but you know what - it’s patched. Reported around February 21, 2006 and patched March 3, 2006. There was a work around the day it was made light of and it was fixed like a week later. Pretty good if you ask me. Some other OSs vulnerabilities don’t get patched for years - yes, years.
There were some spin offs of this one that were totally stupid and over blown. You’d double click, say, a picture file and it would ask you for your password (the image file was really an executable). If you’re not
savvy enough to know that a picture file would never need your password, then I don’t know what to tell you. On windows, this kind of exploit is bad because it wont ask for your password, it’ll often just run the exploit.
Bluetooth worm targets Mac OS X
While I don’t want my OS to have flaws like this, I don’t care about this one, and there are very few who do. Who has bluetooth on all the time - raise your hand? You using it on the train? I mean you have to be within this far (holds up hands) to even use this exploit - and, again, I think it required you to type your password.
Heck even the article itself says, “It is quite unlikely that Inqtana would be any kind of threat”. Ok, so then why the big hub bub? Was this just trying to jump on the alarmist band wagon?
Mac
OS X hacked under 30 minutes
Leaving out that it was setup by a “Mac enthusiast” - not a net admin, they seem to kind of breeze over the fact that the box was setup as a server with SSH on and remote account creation enabled. The odds of you
having this on your Powerbook G4 or your workstation are quite small to nil. In other words, this is being layed like every Mac box on the net can be hacked in 30 minutes - which has not been proved at all by this
article or experiment. Hell, I can setup the most hardened Unix box so badly that it’ll get hacked in less than one second - so what?
What is this article trying to prove? If it was Mac in it’s default configuration gets hacked in 30 minutes, that would concern me a bit. Write that article, not this misleading fodder.
And if you want to go tit for tat, the BBC reported that WindowsXP gets hacked in 8 seconds.
One last thing I’d like to point out. The “hacker” that broke into the OS X box said:
Mac OS X is easy pickings for bug finders. That said, it doesn’t have the market share to really interest most serious bug finders
Take this or leave it, but no hacker I’ve ever met in my life would say “That said”. Almost every business person I’ve ever met can’t say it enough times. And the reason he gives for OS X not having interest to
the … ahem … hacker community is that it doesn’t have enough market share - a very tired, and false, talking point used over and over by people who are not “hackers”.
No OS is totally secure. I doubt one will ever exists that is totally secure, but if you look at some stats:
There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory.
The Register Let’s go to work
And follow Secunia
(http://secunia.com/) - you’ll pretty easily see the light.
I like OS X, no doubt, but I’d like the “news” organizations out there to take some pride in their craft and try to report some facts - not paid advert spin. I like to think of myself as a thinking man, and if you can prove that X is better than Y, I’ll use and pay for it. But out right lying and misleading is pretty lame.
I think people have the innate ability to know when they are being lied to, but sometimes they choose to ignore it for a short while.
I need to start my own media company.
« WebDU: Back From OZ | Home | Simple CSS Tip »