Comments on: Yes, Macs are Vulnerable Too. http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/ A Member of the Gartner Blog Network Thu, 09 Feb 2012 23:32:29 +0000 hourly 1 http://wordpress.org/?v=3.0.4 By: Neil MacDonald http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-744 Neil MacDonald Fri, 09 Oct 2009 19:25:11 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-744 @BS, Take a look at the posts again. This is not a Windows versus Apple discussion. The question any Mac user should ask is "Is Apple doing all it can to produce secure code?" . The data shows that the number of vulnerabilities is real. It doesn't matter whether its Windows, Linux, Mac or any other OS. If its written by human beings and is operated by end-users that download and install arbitrary code, are tricked into clicking on links they shouldn't and so on, the system is vulnerable and will be attacked. The fact that most users run as standard user on a Mac helps, but as I pointed out, this doesn't protect from financially motivated and targeted attacks that go after user data. Take a look at this interesting article: http://www.threatpost.com/blogs/apple-malware-bounty-infect-mac-earn-043-125 @BS,

Take a look at the posts again. This is not a Windows versus Apple discussion. The question any Mac user should ask is “Is Apple doing all it can to produce secure code?” . The data shows that the number of vulnerabilities is real.

It doesn’t matter whether its Windows, Linux, Mac or any other OS. If its written by human beings and is operated by end-users that download and install arbitrary code, are tricked into clicking on links they shouldn’t and so on, the system is vulnerable and will be attacked.

The fact that most users run as standard user on a Mac helps, but as I pointed out, this doesn’t protect from financially motivated and targeted attacks that go after user data.

Take a look at this interesting article:
http://www.threatpost.com/blogs/apple-malware-bounty-infect-mac-earn-043-125

]]> By: BS http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-723 BS Sat, 03 Oct 2009 13:09:10 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-723 --Sigh-- Yet another security "expert" who uses flawed logic to defend his pet OS -- Windows -- for its inherent shortcomings in the security department. Fist of all, how many of these vulnerabilities listed are rated Critical by SANS? I will guarantee M$ has more critical vulns every year than OS X and Linux. Secondly, how many of these vulns are a result of third party applications that come bundled with OS X and Linux? I would bet a significant portion of them. As we all know Windows doesn't come bundled with much of anything. Thirdly, I wonder how many vulnerabilities in Windows we never hear about? That is, vulnerabilities that M$ does not release to the public that are found in house? I would bet many. Fourthly, I wonder how quickly M$ patches their vulns on average compared to Linux? I KNOW the answer to this question -- Linux smokes M$ is this department. (I can't speak for Apple). Fifthly, and most importantly, if OS X and Linux are just as prone to viruses, then the salient question we must ask is "Where are they?" Linux has been around 17 years and OS X, for what, a decade? Why do we not even see a few viruses out in the wild spreading around? Just one? Where are they? OS X is 10% of the desktop market and Linux DOMINATES the server market, yet we still don't see any viruses in the wild. –Sigh– Yet another security “expert” who uses flawed logic to defend his pet OS — Windows — for its inherent shortcomings in the security department.

Fist of all, how many of these vulnerabilities listed are rated Critical by SANS? I will guarantee M$ has more critical vulns every year than OS X and Linux.

Secondly, how many of these vulns are a result of third party applications that come bundled with OS X and Linux? I would bet a significant portion of them. As we all know Windows doesn’t come bundled with much of anything.

Thirdly, I wonder how many vulnerabilities in Windows we never hear about? That is, vulnerabilities that M$ does not release to the public that are found in house? I would bet many.

Fourthly, I wonder how quickly M$ patches their vulns on average compared to Linux? I KNOW the answer to this question — Linux smokes M$ is this department. (I can’t speak for Apple).

Fifthly, and most importantly, if OS X and Linux are just as prone to viruses, then the salient question we must ask is “Where are they?” Linux has been around 17 years and OS X, for what, a decade? Why do we not even see a few viruses out in the wild spreading around? Just one? Where are they? OS X is 10% of the desktop market and Linux DOMINATES the server market, yet we still don’t see any viruses in the wild.

]]> By: [gartner] Yes, Macs are Vulnerable Too. - Overclock.net - Overclocking.net http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-722 [gartner] Yes, Macs are Vulnerable Too. - Overclock.net - Overclocking.net Sat, 03 Oct 2009 12:11:42 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-722 [...] as to not attract too many trolls. I just wanted to share this with the security-minded. source: http://blogs.gartner.com/neil_macdon...ulnerable-too/ September 25th, 2009 [...] [...] as to not attract too many trolls. I just wanted to share this with the security-minded. source: http://blogs.gartner.com/neil_macdon…ulnerable-too/ September 25th, 2009 [...]

]]> By: Three Things for Thursday: A Big Week http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-713 Three Things for Thursday: A Big Week Fri, 02 Oct 2009 00:16:31 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-713 [...] ← Yes, Macs are Vulnerable Too. [...] [...] ← Yes, Macs are Vulnerable Too. [...]

]]> By: Yes, Macs are Vulnerable Too. | I AM OSX http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-701 Yes, Macs are Vulnerable Too. | I AM OSX Sat, 26 Sep 2009 02:28:46 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-701 [...] See original here: Yes, Macs are Vulnerable Too. [...] [...] See original here: Yes, Macs are Vulnerable Too. [...]

]]> By: Scott Olson http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/comment-page-1/#comment-700 Scott Olson Fri, 25 Sep 2009 15:54:47 +0000 http://blogs.gartner.com/neil_macdonald/2009/09/25/yes-macs-are-vulnerable-too/#comment-700 Good article Neil. This is actually one of my main concerns with my Macs. The big problem is that there isn't really a viable security solution for Macs yet. Given the lack of a viable business market for the anti-virus vendors with Macs and their already diminishing effectiveness at protecting against new attacks, I am left with hoping for the best and patching every time Apple has a new update. Until there is a viable Mac security solution I still get nervous every time I click on a shortened URL or my machine runs slow. Good article Neil. This is actually one of my main concerns with my Macs. The big problem is that there isn’t really a viable security solution for Macs yet.

Given the lack of a viable business market for the anti-virus vendors with Macs and their already diminishing effectiveness at protecting against new attacks, I am left with hoping for the best and patching every time Apple has a new update.

Until there is a viable Mac security solution I still get nervous every time I click on a shortened URL or my machine runs slow.

]]>