So we can exclude trojans from Windows consideration, too? Gee. An exploit that delivers personal information, passwords, etc. to others. No worries to you, I guess. Can we then ignore all trojans and viruses that infect your computer through user action? That is to say, a box just sitting on the web has to be successfully, externally attacked? I’d say that’s unrealistic, computers are used and exploits that result from use should be “fair game” for consideration.
You said it’s “…fact that there are essentially zero current exploits for OS X,”
…and I proved you wrong. There’s plenty of exploits, the number is on par with Vista, in fact.
You offered that “I’ll challange you to a little contest: I’ll pay you $1,000 for each example of a currently circulating Mac OS X attack you can find, if you pay me $10 for each Windows attack I find.”
and I found proof that there is a current attack, in multiple forms, circulating today. But now you say that trojans don’t count. Well, if that’s the case then the current “downadup” can be ignored since its neither virus or trojan, it’s a worm. It’s infecting computers through a bug patched over three months ago so it proves Kinthalis correct about firewalls and me correct with I say a well-patched system (and there’s an automatic process for this) would have been safe.
Here’s more…
Here’s one that bypassed the email “quarantine system” - part of what makes OS-X “invulnerable”. Of course, the user had to open an email so that may not pass your test for hands-off infection.
Article Exploit: OSX.Exploit.MetaData.B
Discovered: November 20, 2007
Description: Mac OS X 10.5, Leopard, provides a “quarantine” system that alerts users when they attempt to open applications that arrived via Mail, Safari or iChat, or that came in disk images via these programs. It also alerts users the first time they launch any other application they have installed or manually added to their Applications folder. This system should inform users of all cases when such executable files are being opened, but a bug in the quarantine system, discovered by Heise Security on November 20, 2007, can allow users to launch attachments, which may be malicious, from Mail.
The principle behind this system is Leopard’s LaunchServices database, which records all applications or executable files that are added to a user’s Mac. However, when some executable attachments arrive by e-mail, this protection does not operate correctly.
…here’s one that exploited a hole in Adobe flash:
Adobe Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.
…but again you had to surf to a webpage with infected contect so the “hands-off” rule is broken again.
Here’s a hole in Safari that allows shell access…
Article MacBook hacked in security contest
One of two “honeypot” MacBook Pros at the CanSecWest security conference has been successfully hacked, according to officials. The Vancouver, British Columbia event had established a contest to try and gain user-level shell access in Mac OS X over a wireless network, which was successfully accomplished after contest hosts eased rules and allowed security experts to attack through code sent through malicious websites instead of directly compromising the OS itself.
…here’s one that exploited a flaw in Quicktime to steal passwords (no worries there for anybody, right)…
[indent]Article A Trojan horse exploiting a flaw in Apple’s QuickTime that was patched two weeks ago is infecting MySpace.com users’ computers, collecting confidential information, including passwords, several security companies said on Monday.
Look - I don’t have anything against OS-X. I like Unix, really I do. I was an early user of NeXT on which OS-X is based. It’s pretty nifty, really. But it’s obviously a pet peeve of mine to hear the fanboys rave about how invulnerable it is when it’s no more invulnerable than nearly any other operating system you can name, Windows included.
A well-patched, firewalled system is very resistant to infection. It’s better when combined with a knowledgeable user. A difference, though, is that Apple welds the covers closed and tells the users that they can be stupidly optimistic about their risks and creates a false sense of security. The fanboys wank-off to their altars to Steve Jobs and then get surprised when something bad happens. Like the devoted faithful, though, they sweep the issue aside with a boastful, “Well, at least we’re better then those damned Windows users.”.
I see the same thing out of the Linux devotees all the time. A coworker spent months getting a copy of Evolution working in Linux, all the time saying how much better he was but in the next breath complaining about he couldn’t share calendars with the rest of us Exchange users.
It goes back to what I said earlier. Use what works for you. Use what runs the programs you want to run. But don’t pretend that “think different” is “thinking better”.