Re: Macs don't have viruses?

From: Rossz (NOSPAMrossz_at_vamos-wentworth.org)
Date: 09/22/03


Date: Mon, 22 Sep 2003 07:12:16 GMT

chris@nospam.com wrote in
news:o7csmvk0l9tc6a1j2r1o6d3j9c8rnubqct@4ax.com:

> It's simply that the virus writers don't seem to be
> targetting them as heavily.

They probably aren't interested because the Open Source community will have
a patch out within hours of an exploit being discovered. Linux and BSD
people tend to stay on top of security - the exception being people new
these operating systems - so patches happen pretty damn fast.

Unfortunately, there are a lot of rooted linux boxes out there because
there are a lot of people still getting the hang of the basics. I'll bet
nearly all of these "owned" boxes were exploited through security holes
that were patched months if not years ago.

Security doesn't magically happen, no matter how good the OS.

-- 
Rossz
Remove 'NOSPAM' from my email address to reply directly


Relevant Pages

  • RE: Releasing patches is bad for security
    ... The new patch model for longhorn will not require reboots. ... functionality over security. ... Current patches are getting smaller as with large enterprises bandwidth can ... > MS posted a patch and some 300ish days later the worm hit. ...
    (Incidents)
  • RE: Releasing patches is bad for security
    ... posted a patch and some 300ish days later the worm hit. ... The problem then is how to release patches ... specifically focused on finding security flaws in all of their software. ... Releasing patches is bad for security ...
    (Incidents)
  • Re: [Full-Disclosure] Gates: You dont need perfect code for good security
    ... the blaster worm preceded the patch so this argument is DOA ... you do not have to pay for RHN to get redhat patches. ... I run Astaro Security Linux here at the house..blaster ...
    (Full-Disclosure)
  • Re: [Full-Disclosure] DCOM RPC exploit (dcom.c)
    ... But you'd still patch either way, ... of home users who don't even know what a security patch *IS*, ... But how many organisations firewall off internal servers from ... administrators have the time to watch the IDS given the number of patches they ...
    (Full-Disclosure)
  • Re: [Full-Disclosure] Re: Re: <to various comments>EEYE: Microsoft ASN.1 ...
    ... My personal prejudice is that I subscribe to the school of "security by ... I said why release them all on day 0 of the patch release. ... We use the details to create signatures for our vulnerability ... >>these signatures and use them to check for patches or to protect systems ...
    (Full-Disclosure)