lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Mar  1 20:23:03 2006
From: davek_throwaway at hotmail.com (Dave Korn)
Subject: Re: Question about Mac OS X 10.4 Security

Stef wrote:
> On 2/28/06, Paul Schmehl <pauls@...allas.edu> wrote:
> <snip>
>>
>> Still, the ignorance of Mac users, who believe their platform is
>> somehow magically "secure" will contribute to the problem.

> I am sorry, Paul, but I have to take you up on this, especially with
> your tendency of generalizing everything.
> original migration. As a repository of security and network tools, I
> have thrown at this baby everything I can possible think of, and still
> haven't found a way to break it ...

  Never mistake a lack of imagination for an insight into necessity.  I 
guess you didn't think of writing a virus, renaming it to "funny_game.exe", 
and emailing it to yourself with an email body saying "Hi!  Here's that 
flash game we were chatting about the other day!" ?

  The point I'm making is that the vast majority of windows virus infections 
aren't delivered by remote network exploit, they're delivered by people 
double-clicking on executables attached to email, and that would work on 
Macs just as it does on windows.  There's nothing about the Mac that would 
make Mac users less vulnerable to social engineering than windows users, and 
as long as the attitude persists that Macs are somehow special and secure, 
then uneducated Mac users will be even /more/ likely to open an executable 
attachment, because they won't believe it can harm them, because they've 
been told over and over how their Mac is "secure" and all those viruses are 
only a problem on windows.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ