Re: [Full-disclosure] Question about Mac OS X 10.4 Security



If you look at the [very, very] specific paragraph I was referring to,
from Paul's email, then I hope you will agree with me that what I was
trying to convey was the need to avoid generalizing categorization of
users ... having said that, the implications are that a much higher
awareness, and - in turn - possibility of addressing and/preventing
issues related to vulnerabilities exists in the Mac community, vs. the
Windows one, for example.

Stef

P.S. Sorry for top-posting, but going back to the end would have made
this a mess ...

On 2/28/06, Steven Rakick <stevenrakick@xxxxxxxxx> wrote:
Ok, first of all, the fact that you even mention
Blackhat, SANS or Cisco Networkers makes me question
if I should even respond...I will anyway.

Yes, it's true a lot of folks, particularly in the
security realm use Macs, myself included. The reason I
use it has nothing to do with an imaginary belief in
security supremacy, but rather that the tools I use on
a daily basis run natively along side software like MS
office. Previously, like many others, I would have
been forced to run a kludgy dual boot or VMware based
solution to solve this. OSX was the perfect solution.

-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On
Behalf Of Stef
Sent: Tuesday, February 28, 2006 11:14 AM
To: Untitled
Subject: Re: [Full-disclosure] Question about Mac OS X
10.4 Security

On 2/28/06, Paul Schmehl <pauls@xxxxxxxxxxxx> wrote:
<snip>

Still, the ignorance of Mac users, who believe their
platform is
somehow magically "secure" will contribute to the
problem.

Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/


I am sorry, Paul, but I have to take you up on this,
especially with your tendency of generalizing
everything. I have used *nix in the past, for all my
network and security tools, until MacOSX presented
itself as an opportunity for migration, when I had a
need for a new laptop (over two years ago). At that
time the 2.6 kernel and available modules weren't up
to the tasks of the latest hardware capabilities of
x86 laptops, so - on an advice from a friend of mine -
I have tried an iBook. I have been able to compile and
port all my tools just fine, especially with the help
of the underlying "like-BSD" infrastructure (long live
fink and Darwin-ports). All I can tell you is that -
ever since - I never looked back at other choices
(w/the exception of Windows, which was never
considered among choices, anyway, due to limitations
in cygwin, not talking about the many other obvious
reasons for the OS, itself ;)), and have recently got
myself the latest still-PPC Powerbook, which just
confirmed the rightness of the original migration. As
a repository of security and network tools, I have
thrown at this baby everything I can possible think
of, and still haven't found a way to break it ...

... so the Mac users are not [only] the bunch of
idiots/ignorants whom you tend to describe - I would
just invite you to attend a blackhat or shmoocon, or
even SANS or Cisco networkers, and let me know how
many Mac users you can count there ... and then ask
yourself why ... but then, again, I may be wrong ;>

Stef
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: [Full-disclosure] Question about Mac OS X 10.4 Security
    ... SANS or Cisco Networkers makes me question ... security realm use Macs, myself included. ... Still, the ignorance of Mac users, who believe their ...
    (Full-Disclosure)
  • Re: Infected XP computers unpatched
    ... Apples security was as good as Microsofts, ... And yet the practical fact of the matter is that Mac users do not have ... The risks for Windoze users are so high that unless you are using ...
    (uk.comp.sys.mac)
  • Re: [Full-disclosure] Question about Mac OS X 10.4 Security
    ... Still, the ignorance of Mac users, who believe their platform is somehow ... Paul Schmehl ... Adjunct Information Security Officer ... As a repository of security and network tools, ...
    (Full-Disclosure)
  • Re: Mac OS X Security - Not Quite as Strong as you Thought
    ... But does not this also work on Mac users? ... to stop you opening "Anna Nicole Smith does O.J.". ... But from a security standpoint they stink. ... I agree with your assessment of Apple. ...
    (comp.sys.mac.advocacy)
  • Re: Domain Password Policies
    ... Everytime I create a new user,I have to try different passwords due to ... changing the Domain Security policy. ... MAC users and PDA users too. ...
    (microsoft.public.windows.server.active_directory)