Security of Macs?

[user098123]

http://gizmodo.com/373109/who-will-get-hacked-first-vista-osx-or-linux-place-your-bets-here

pwned! Mac OSX hacked in under 2 mins, and everyone always raves about the security of their Macs..

Seriously though, I was surprised. I expected it to go Vista, OSX, Linux. But apparantly people claim that OSX is less secure since they haven't been in the public eye, not nearly as many attacks against macs as against Vista. Linux is so secure because its open source, that makes sense. Surprising though, but makes sense when you think about it.

 

[Schmidnj]

It isnt the security people are talking about, its the fact that there are very few attacks that are focused on macs. Attacks are focused where there are more computers to attack, ie any windows format.

 

[user098123]

Well, that was what I was getting at. The lack of attacks against Macs is directly related to their lack of security. They don't know where their problems are if people aren't trying to exploit them. Whereas with Windows, so many people try to exploit and hack windows that they have covered many doors.

Essentially it leaves Mac users open to some sinister crap if anyone decides to target them.

 

[Dick_Squandel]

i agree this is a little surprising, but it also says no one even tried to hack network based mac's, and when the hack was made it was done through safari and i believe, and if im wrong someone correct me apple just released a new version of safari to correct some of these problem.

 

[Grove_Street]

cool beans!

 

[user098123]

It was on the new Safari that this happened. And no one tried to hack any of the platforms over the network.

 

[Snowcase]

I thought everyone knew macs sucked?

 

[St.Steezy]

over a network it is virtually impossible...

And this isn't really hard to believe. I've been a mac user all my life and they've only been considered more "secure" because they were never targeted. But I would say, pretty safely, that os x was more secure then xp's initial release..

I can crack a 10.1/10.2 (10.3 is a little more tricky) hash in mins-days. It only depends on the difficulty of the password. But on xp, its pretty damn difficult to get ahold of an unencrypted password hash, which then has to still be cracked. I've written an applescript, yes applescript, that exploits the log out function of osx. Basically once opened it kicks the user right off, without any consent. I can also implement a terminal script that creates a hidden admin user without any consent, you can only see it if you actually use keychain. So really, if you have knowledge of computers (you'll need alot!) its always possible to exploit a given plantform.