From: Toby Hutton (tobyhutton_at_mac.com)
Date: Fri Aug 12 2005 - 03:34:59 PDT
On 12/08/2005, at 3:31 PM, okto wrote:
> A large part of our virus immunity in the OS X era is the fac that all
> the potentially-vulnerable layers of our OS (the ones below the GUI,
> below Cocoa and Carbon), are Unix, and nearly thirty years of
> thousands
> of people's lives has been spent making Unix securable. The holes
> have
> already been found and plugged. Certainly that's not to say we are
> immune, but if you secure your system well, few things are going to
> get
> in that you don't want getting in.
Sorry, but that's mostly a crock. These days there are very few
actual viruses infecting Windows users - it's the worms that are
doing all the damage.
Most email or IM worms don't have to bother exploiting a hole in the
OS. All they have to do is say 'click here for Britney nude!!!1!'
and the average users invariably do, hence infecting themselves and
everyone in their addressbook. It's true that the worms that do the
most damage DO exploit some hole, but that hole is often at the
application level, or just below in the high level services. This is
where the 'potentially-vulnerable' layers are. Having a secure unix
layer underneath doesn't help when you can exploit Mail.app or
Safari's behaviour.
Look at the trouble Apple was in last year with the help:// and other
URL exploits that could run arbitrary shell scripts. ( http://
secunia.com/advisories/11622/ ) Also, Cocoa is inherently insecure
since you can just put some code in the Input Manager directory and
you can override the behaviour of any old application you like, much
like extensions on the Newton. It's too easy.
Toby
-- This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries Official Newton FAQ: http://www.chuma.org/newton/faq/ WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/
This archive was generated by hypermail 2.1.5 : Fri Aug 12 2005 - 09:00:04 PDT