lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <p06230900c02bd1cfb5c2@[192.168.0.2]>
Date: Wed Mar  1 22:43:04 2006
From: mz4ph0d at gmail.com (mz4ph0d@...il.com)
Subject: Re: Question about Mac OS X 10.4 Security

At 4:20 PM -0600 1/3/06, Paul Schmehl wrote:
>So, Apple hasn't fully addressed this problem yet.  (Trust me, I've 
>tested it.) 
>If you are responsible for Macs and you haven't read this yet, you need to:


Safari and Mail. Sure, agreed, but they do move quickly to fix problems
publicly known, and I'm very confident that they'll shortly also release
a fix for the filetype/app problem (what could be considered the main
problem I guess).

Apple actually *do* tend to position security over functionality, unlike
Microsoft (do?/has?), when the way something that was introduced as
a feature is shown to be insecure, they change it to make it more
secure, rather than saying "It's what our users want! It's a feature,
not a bug."

Granted though, users feeling more secure can certainly lead to lapses
in security through complacency, that's the same on any platform.


Z.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ