Macs as targets?

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Macs as targets?

Steffan A. Cline
http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html






Thanks

Steffan

---------------------------------------------------------------
T E L  6 0 2 . 5 7 9 . 4 2 3 0 | F A X  6 0 2 . 9 7 1 . 1 6 9 4
Steffan A. Cline
[hidden email]                             Phoenix, Az
http://www.ExecuChoice.net                                  USA
AIM : SteffanC          ICQ : 57234309
The Executive's Choice in Lasso driven Internet Applications
                                  Lasso Partner Alliance Member
---------------------------------------------------------------




------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

John May-2
>http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html


FUD.  Anyone who opens a file that they aren't sure of the source of
gets what they deserve...

        - John

--

-------------------------------------------------------------------
John May : President                  <http://www.pointinspace.com>
Point In Space Internet Solutions             [hidden email]

       Professional Lasso / PHP / MySQL / FileMaker Pro Hosting


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Marc Pinnell-3
In reply to this post by Steffan A. Cline
I love this line:

"He and at least one other person who clicked on the links were  
infected..."

Gee two dumb people and apple makes the front page of CNN (and many  
print newspapers who also ran this article). In the print version of  
this article they also mentioned that the guy was running as 'root'  
user.

Marc


On May 1, 2006, at 3:54 AM, John May wrote:

>> http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html
>
>
> FUD.  Anyone who opens a file that they aren't sure of the source  
> of gets what they deserve...
>
> - John
>
> --
>
> -------------------------------------------------------------------
> John May : President                  <http://www.pointinspace.com>
> Point In Space Internet Solutions             [hidden email]
>
>       Professional Lasso / PHP / MySQL / FileMaker Pro Hosting
>
>
> ------------------------------
> Lasso Support: http://support.omnipilot.com/
> Search the list archives: http://www.listsearch.com/lassotalk.lasso
> Manage your list subscription:  http://www.listsearch.com/ 
> lassotalk.lasso?manage

--
Marc Pinnell
1027 Consulting
web << DESIGN >> print
PO Box 990872; Redding, CA 96099-0872
www.1027Consulting.com



------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Anatoli
In reply to this post by Steffan A. Cline
IMHO -- the only difference between PC and Macs is, that Macs are still
smaller target for attacks. But John is 100% right.

Anatoli

John May wrote:

>> http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html
>
>
>
> FUD.  Anyone who opens a file that they aren't sure of the source of
> gets what they deserve...
>
>     - John
>


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

John May-2
In reply to this post by Steffan A. Cline
OS X is based on BSD, a MUCH more secure operating system than Windows.

        - John


>IMHO -- the only difference between PC and Macs is, that Macs are
>still smaller target for attacks. But John is 100% right.
>
>Anatoli
>
>John May wrote:
>
>>>http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html
>>
>>
>>
>>FUD.  Anyone who opens a file that they aren't sure of the source
>>of gets what they deserve...
>>
>>     - John

--

-------------------------------------------------------------------
John May : President                  <http://www.pointinspace.com>
Point In Space Internet Solutions             [hidden email]

       Professional Lasso / PHP / MySQL / FileMaker Pro Hosting


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Bil Corry
In reply to this post by Steffan A. Cline
John May wrote:
> FUD.  Anyone who opens a file that they aren't sure of the source of
> gets what they deserve...

When someone knocks on your door, do you answer it?  Do you open letters from people you don't know?  Do you answer the phone if you don't know the caller?  People who are not strong with computers use *those* skills for determining the risk of opening files or clicking links -- indeed it's the only skills they have to draw upon.  Not everyone runs an ISP.

And remember, many of the attacks today are part virus, part social engineering  --  so they send their payload posing as the person currently infected, distributing itself to all of the infected hosts' contacts, adding legitimacy to the file.

Since you blame the victim for not being educated enough to avoid opening suspicious files/links, *and* you blame the article as spreading "FUD" - how exactly do you propose to educate these novice computer users?  You can't have it both ways, either you allow for uneducated novice computer users who will fall victim to a virus OR you allow for articles that educate them about the dangers of those viruses.


- Bil



------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

John May-2
In reply to this post by Steffan A. Cline
>John May wrote:
>>FUD.  Anyone who opens a file that they aren't sure of the source
>>of gets what they deserve...
>
>When someone knocks on your door, do you answer it?  Do you open
>letters from people you don't know?  Do you answer the phone if you
>don't know the caller?  People who are not strong with computers use
>*those* skills for determining the risk of opening files or clicking
>links -- indeed it's the only skills they have to draw upon.  Not
>everyone runs an ISP.
>
>And remember, many of the attacks today are part virus, part social
>engineering  --  so they send their payload posing as the person
>currently infected, distributing itself to all of the infected
>hosts' contacts, adding legitimacy to the file.
>
>Since you blame the victim for not being educated enough to avoid
>opening suspicious files/links, *and* you blame the article as
>spreading "FUD" - how exactly do you propose to educate these novice
>computer users?  You can't have it both ways, either you allow for
>uneducated novice computer users who will fall victim to a virus OR
>you allow for articles that educate them about the dangers of those
>viruses.
>
>- Bil


Sure, nothing's going to be able to prevent a user from being stupid.
I'm pointing out that the sky is not falling because somebody falls
victim to a Trojan Horse.

These are far from the Virus issues that plague Windows.  The average
Windows box is on the internet 45 minutes before being riddled with
viruses - all WITHOUT the user having to execute squat.

        - John

--

-------------------------------------------------------------------
John May : President                  <http://www.pointinspace.com>
Point In Space Internet Solutions             [hidden email]

       Professional Lasso / PHP / MySQL / FileMaker Pro Hosting


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Marc Pope
In reply to this post by Steffan A. Cline
I think the article's "tone" is spreading the wrong message. The title alone
makes it sound like virii are spreading rampant on Mac OS X.

There has never been a virus on the Mac that say, automatically downloads,
installs, emails everyone in your address book and spreads itself while
making your mac into a fully open SMTP server to send spam for some dude in
China.

Or how about this one, this is a Classic (just this year):
http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx

"If a user is logged on with administrative user rights, an attacker who
successfully exploited this vulnerability could take complete control of an
affected system. An attacker could then install programs; view, change, or
delete data; or create new accounts with full user rights. Users whose
accounts are configured to have fewer user rights on the system could be
less impacted than users who operate with administrative user rights."

I would never trust Winblows as my primary OS. I'd rather use Linux and deal
with having limited software choices.

Marc



On 5/1/06 1:29 PM, "Bil Corry" <[hidden email]> wrote:

> John May wrote:
>> FUD.  Anyone who opens a file that they aren't sure of the source of
>> gets what they deserve...
>
> When someone knocks on your door, do you answer it?  Do you open letters from
> people you don't know?  Do you answer the phone if you don't know the caller?
> People who are not strong with computers use *those* skills for determining
> the risk of opening files or clicking links -- indeed it's the only skills
> they have to draw upon.  Not everyone runs an ISP.
>
> And remember, many of the attacks today are part virus, part social
> engineering  --  so they send their payload posing as the person currently
> infected, distributing itself to all of the infected hosts' contacts, adding
> legitimacy to the file.
>
> Since you blame the victim for not being educated enough to avoid opening
> suspicious files/links, *and* you blame the article as spreading "FUD" - how
> exactly do you propose to educate these novice computer users?  You can't have
> it both ways, either you allow for uneducated novice computer users who will
> fall victim to a virus OR you allow for articles that educate them about the
> dangers of those viruses.
>
>
> - Bil
>
>
>
> ------------------------------
> Lasso Support: http://support.omnipilot.com/
> Search the list archives: http://www.listsearch.com/lassotalk.lasso
> Manage your list subscription:
> http://www.listsearch.com/lassotalk.lasso?manage



------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Greg Hemphill
In reply to this post by Steffan A. Cline
ok, so you go to a non-Apple website to get an unreleased version of  
a OS update (which I suspect is illegal)... and you are surprised  
that your security is less than stellar??  wow

Greg


On May 1, 2006, at 2:54 AM, Steffan A. Cline wrote:

> http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html
>
>
> Thanks
>
> Steffan
>
> ---------------------------------------------------------------
> T E L  6 0 2 . 5 7 9 . 4 2 3 0 | F A X  6 0 2 . 9 7 1 . 1 6 9 4
> Steffan A. Cline
> [hidden email]                             Phoenix, Az
> http://www.ExecuChoice.net                                  USA
> AIM : SteffanC          ICQ : 57234309
> The Executive's Choice in Lasso driven Internet Applications
>                                   Lasso Partner Alliance Member
> ---------------------------------------------------------------
>
>
>
>
> ------------------------------
> Lasso Support: http://support.omnipilot.com/
> Search the list archives: http://www.listsearch.com/lassotalk.lasso
> Manage your list subscription:
> http://www.listsearch.com/lassotalk.lasso?manage


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Anatoli
In reply to this post by Steffan A. Cline
Yes I know. I was more referring to the silliness of users clicking on
various unknown URL's :)
Anatoli

John May wrote:

> OS X is based on BSD, a MUCH more secure operating system than Windows.
>
>     - John
>
>
>> IMHO -- the only difference between PC and Macs is, that Macs are
>> still smaller target for attacks. But John is 100% right.
>>
>> Anatoli
>>
>> John May wrote:
>>
>>>> http://edition.cnn.com/2006/TECH/04/30/apple.security.ap/index.html
>>>
>>>
>>>
>>>
>>> FUD.  Anyone who opens a file that they aren't sure of the source of
>>> gets what they deserve...
>>>
>>>     - John
>>
>


------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage
Reply | Threaded
Open this post in threaded view
|

Re: Macs as targets?

Bil Corry
In reply to this post by Steffan A. Cline
Marc Pope wrote:
> I think the article's "tone" is spreading the wrong message. The title alone
> makes it sound like virii are spreading rampant on Mac OS X.

What is the "wrong message" the article is spreading?  It was highlighting the debate within the security community regarding OS X as a target.  Do you not believe there is a debate?


> There has never been a virus on the Mac that say, automatically downloads,
> installs, emails everyone in your address book and spreads itself while
> making your mac into a fully open SMTP server to send spam for some dude in
> China.

The article didn't claim there was.  Again, it was highlighting the debate within the security community regarding OS X as a target.


> Or how about this one, this is a Classic (just this year):
> http://www.microsoft.com/technet/security/Bulletin/MS06-001.mspx
>
> "If a user is logged on with administrative user rights, an attacker who
> successfully exploited this vulnerability could take complete control of an
> affected system. An attacker could then install programs; view, change, or
> delete data; or create new accounts with full user rights. Users whose
> accounts are configured to have fewer user rights on the system could be
> less impacted than users who operate with administrative user rights."

Your quote is from the executive summary of the WMF patch -- notice that MS jumps right in and warns you what will happen if you don't install the patch.  Good job Microsoft.  If you want to read how the exploit is taken advantage of, you have to dig down a bit deeper under "Vulnerability Details":

  "An attacker could exploit the vulnerability by constructing a specially
  crafted WMF image that could potentially allow remote code execution if
  a user visited a malicious Web site or opened a specially crafted
  attachment in e-mail. An attacker who successfully exploited this
  vulnerability could take complete control of an affected system."


Now compare it to Apple's description of their patch for Mail:

  "By preparing a specially-crafted email message with attachments,
  and enticing a user to double-click on that attachment within Mail,
  an attacker may trigger a buffer overflow. This could result in the
  execution of arbitrary code with the privileges of the user running
  Mail."

  http://docs.info.apple.com/article.html?artnum=303453

Notice the difference?  They both are exploited the same way and they both allow the attacker to do the *exact* same things!  Yet if you read Apple's advisory, it doesn't sound nearly as bad as Microsoft's.  I think Microsoft is doing a better job of saying, "hey, bad stuff can happen, let's get you patched."


- Bil



------------------------------
Lasso Support: http://support.omnipilot.com/
Search the list archives: http://www.listsearch.com/lassotalk.lasso
Manage your list subscription:  
http://www.listsearch.com/lassotalk.lasso?manage