http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits/ Comments on Ask MetaFilter post Currnet Macintosh OS X vulnerabilities or exploits? Sun, 03 Feb 2008 16:08:21 -0800 Sun, 03 Feb 2008 16:08:21 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits What is the current state of the art in Macintosh OS X vulnerabilities, exploits and other remote security issues? <br /><br /> I'm a recent convert to OS X, and I'm fairly familiar with Unix/Linux/BSD - however, my primary work and IT experience is with Windows.<br> <br> As such, I like to stay informed of these issues - and I also like experimenting with my own machines - and I like to feel more secure about the machines I use by knowing what is and isn't possible.<br> <br> What's new? What should I be aware of as an IT consultant and support tech? What can I experiment with at home?<br> <br> I'm particularly interested in buffer overflow exploits, pings-o-death and other remote DoS or TCP/IP stack attacks. post:ask.metafilter.com,2008:site.82719 Sun, 03 Feb 2008 15:36:01 -0800 loquacious Macintosh OSX hack hacking blackhat whitehat exploit vulnerability http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits#1225324 <a href="http://secunia.com/vendor/17/">http://secunia.com/vendor/17/</a><br> <br> There aren't tons of known unpatched vulnerabilities, and most of those are local vulnerabilities, not remote. That's good. As far as the non-Apple software that ships with Mac OS X (Apache, PHP, etc), you have basically a similar same state as other major Unix variants.<br> <br> There may be a DNS hijack trojan in the wild that pretends to be a QuickTime codec:<br> <br> <a href="http://arstechnica.com/news.ars/post/20071101-rsplug-a-mac-os-x-trojan-a-new-threat-but-the-sky-is-not-falling.html">http://arstechnica.com/news.ars/post/20071101-rsplug-a-mac-os-x-trojan-a-new-threat-but-the-sky-is-not-falling.html</a><br> <br> Low-threat, not based on a vulnerability in the system:<br> <br> <blockquote>"One important thing to keep in mind is that this trojan does not exploit any Mac OS X weakness, relying instead on social engineering to deliver the payload. The user is asked for the administrator password, the disk image is mounted, and the malware installed."</blockquote><br> <br> Overall, the state of Mac OS X is pretty good. Browse the Secunia database for Apple if you're really interested in knowing more. comment:ask.metafilter.com,2008:site.82719-1225324 Sun, 03 Feb 2008 16:08:21 -0800 Mikey-San http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits#1225509 If users turn on (largely open-source) services in OS X, this can sometimes open up the workstation to attack. <a href="http://milw0rm.com/">http://milw0rm.com/</a> and <a href="http://www.rootsecure.net/">http://www.rootsecure.net/</a> have lots of script kiddie stuff. There are lots of other sites. But on the whole, out of the box, OS X is pretty secure for a consumer OS. comment:ask.metafilter.com,2008:site.82719-1225509 Sun, 03 Feb 2008 20:15:37 -0800 Blazecock Pileon http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits#1225590 it's pretty darn secure compared to a real modern OS.<br> <br> compared to windows, it's like the difference between a bank vault and a soggy cardboard cigar box. comment:ask.metafilter.com,2008:site.82719-1225590 Sun, 03 Feb 2008 21:26:39 -0800 KenManiac http://ask.metafilter.com/82719/Currnet-Macintosh-OS-X-vulnerabilities-or-exploits#1225665 The NSA has a <a href="http://www.nsa.gov/snac/os/applemac/I731-006R-2007.pdf">171 page guide</a> on hardening OS X. The tips are summarized in <a href="http://blogs.zdnet.com/BTL/?p=4706">this article.</a> comment:ask.metafilter.com,2008:site.82719-1225665 Sun, 03 Feb 2008 23:50:23 -0800 sharkfu