Re: Recent Mac/Win interop threads

From: 'ken'@FTU
Date: 12/29/01 

Date: Fri, 28 Dec 2001 19:28:30 -0500
From: "'ken'@FTU" <franklin_tech_bulletins@yahoo.com>
To: Brad Judy <judy@colorado.edu>

Brad,

Here I think you co-mingle two points:

1. Users do not lend much though to security.
2. lack of Mac security is not due to popularity concerns

  True: users do not give much throught to security, but what about the
admin? Do not admins of Mac networks and Mac/Win/*nix networks care
about security?

The majority of businesses run IBM desktops with Windows and *nix or
windows based servers. The exception is the departments that deal with
some form of graphic (think jpeg, not porn ..lol) content. "Artistic"
departments tend to use Macs. The public's, as well as security admins,
primary concern stems from sheer numbers of boxes they need to deal
with, obsecurity has little to do with this.

I believe you are correct that the introduction of a BSD-based platform
will now align Mac security with *nix security. In fact I'm
dissappointed Apple made this decision. I used Macs until I graduated
college and was forced into the IBM/Intel world. Mac security was
unprecidented due to a small fact: the Mac OSes never gave the user a
command line that reached behind the GUI. This is somewhat far reaching
when you think about it. It means the user could not reach anywhere
Apple's GUI did not want you to reach. It means the user must have
special tools to access other parts of the box. For example, a user with
a compiler could write software that would allow access into other parts
of the machine not allowed by the GUI.With the new Mac OS X, it is not
the case. They give the user a command line and thus thrust the Macs
into the *nix security model (since it BSD-based).

I'm confident you will see more Mac security discussion in the future.
But I do not see Mac as a rising platform that will compete with the M$
desktop market. Perhaps I'm mistaken. I'd be glad to be so.

'ken'

Brad Judy wrote:

> While obscurity may stifle AS/400 discussions, I disagree that lack of
> security discussion in Mac/Win interop is related to popularity of the
> Macintosh platform. It was, however, inaccurate of me to say it was due to
> the rift between the communities. It largely is due to the focus on the
> consumer market share for Macintosh products (both by Apple and Microsoft)
> and the historic tendency of consumers not to lend much thought to computing
> security.
>
> With both MS and Apple producing products capable of rather secure computing
> (Win2K and OS X respectively) one would hope that secure interoperability
> would be readily possible. The migration of Mac OS to a BSD-based platform
> only opens the doors more to enhancing interoperability security by
> generalizing the issue to Win32/Unix interop. A much greater audience now
> stands to benefit, and contribute, to these issues.
>
> This potential, combined with the greater attention given to security by
> corporations and consumers of late, will hopefully result in more secure
> computing both within a platform and between them.
>
> Time to come down from my soapbox.
>
> Brad Judy
>
> Information Technology Services
> University of Colorado at Boulder
>
>
>>-----Original Message-----
>>From: 'ken'@FTU [mailto:franklin_tech_bulletins@yahoo.com]
>>Sent: Thursday, December 27, 2001 1:36 PM
>>To: Brad Judy
>>Cc: focus-ms@securityfocus.com
>>Subject: Re: Recent Mac/Win interop threads
>>
>>
>>I think it is overlooked because the Mac platform is not as popluar as
>>other platforms. I find the same problem with AS/400 security, not as
>>popular, not as much discussion.
>>
>>'ken'
>>
>>
>>
>>>I feel Mac/Win interop security is largely overlooked probably
>>>
>>due to the
>>
>>>rift between the Windows and Macintosh communities. There are
>>>
>>many people
>>
>>>working to remedy this situation, but it requires the efforts of both
>>>communities.
>>>
>>>Brad Judy
>>>
>>>Information Technology Services
>>>University of Colorado at Boulder
>>>
>>>
>>>
>>
>>
>

Relevant Pages

  • >>> MAC SECURITY <<<
    ... mac home security ... free security software for mac ... internet security for mac ...
    (rec.equestrian)
  • Re: the exploit that wasnt
    ... The other Mac Book Pro? ... brought Microsoft into a security discussion about Mac OS X. ... The number of security patches, ... if you were to scan random machines on the internet for a week, ...
    (comp.sys.mac.advocacy)
  • Re: 13 MASSIVE holes found in Safari...
    ... And yet Apple releases monthly security updates. ... But most malware use the normal http port, ... that it's OK because he's on a Mac and Macs are 100% safe). ...
    (comp.sys.mac.advocacy)
  • Re: [Full-Disclosure] Anti-MS drivel
    ... News ... Apple released Security Update 2003-12-19 described to offer numerious ... Apple released 10.3.2 accessable via the software update pane in Mac OS X. ...
    (Full-Disclosure)
  • Re: Mac OS X hacked under 30 minutes
    ... a Swedish Mac fan posted a web site that challenged all ... updated it to Mac OS X 10.4.5 and fixed some security issues. ... As there was no cash prize associated with the contest, ... The hacker, known only as "gwerdna," explained what he ...
    (comp.sys.mac.advocacy)