Interesting article

Status
Not open for further replies.
Joined
Mar 5, 2003
Messages
8,461
Location
Colorado
There is an interesting article at the website 'The Mac Sucks!' entitled 'Charlie Miller Talks Mac Security.' The guy who took control of a Mac computer in about 10 seconds discusses Mac OS X security, or perhaps I should say lack of security based on what the guy said in the article.

In the comments about the article (when you go to that website) a guy quoted a British security firm that did a study and found out that Linux servers are attacked online more than any other kind of server. That was a surprise for me.

I attended some training recently and in one of the classes the woman who is the head of out IT department gave a class on internet security. This woman is flat out brillant-she developed herself some of the software we use. Complex software every bit as good as from any software company. She said that certain entire nations are now blocked from assessing out network at work. It is almost a cottage industry in certain countries to develop Trojan Horse programs, exploits, identify theft, phishing, etc.

I did not read the article or buy the magazine but in either the Popular Science Magazine or the Popular Mechanics Magazine there is an article that major cyper attacks will probably be coming soon from a certain country in Asia.
 
Originally Posted By: Mystic
In the comments about the article (when you go to that website) a guy quoted a British security firm that did a study and found out that Linux servers are attacked online more than any other kind of server. That was a surprise for me.

Maybe because Linux is free (or cheap), and thus more likely to be used by small companies who don't have the resources for very robust security? Just a slightly off-topic thought.
 
Attacked or attacked successfully?

Attacked is a pretty vague word. I don't doubt what she is saying. I'm just not clear on the details.

A more interesting figure is the number or percentage of SUCCESSFUL attacks.

Citing a raw number of attacks is meaningless. Citing how frequently attacks on a specific O/S is successful is more telling.

Linux boxen may be more exposed on the internet today, doing things like DNS, MTA, etc, and more suspect to attack.

Something acting as an MTA probably gets millions of spam e-mails or folks trying to use the MTA for spam.

So I what I'm saying is as you've phrased this, it's very vague.
 
Originally Posted By: d00df00d
Originally Posted By: Mystic
In the comments about the article (when you go to that website) a guy quoted a British security firm that did a study and found out that Linux servers are attacked online more than any other kind of server. That was a surprise for me.

Maybe because Linux is free (or cheap), and thus more likely to be used by small companies who don't have the resources for very robust security? Just a slightly off-topic thought.


Further to that, a Linux web server, for example, may be hosting (several dozen shared) sites that run LAMP stacks and feature insecurely coded PHP scripts (I speak from experience).

The democratic nature of a LAMP stack makes it easy for less experienced people to become web site admins without having a darn clue about locking their site down. There are a whole lot of online stores, message forums (like this one), blogs and such "run" by non technical people, and scanning those sites, mostly hosted on LAMP servers, is easy, fast and relatively risk free for evildoers.

I wonder, then, whether or not the equivalent of walking up to your house and giving the doorknob a quick shake to see if it's unlocked qualifies as an "attack"; and then I wonder how far these numbers get fudged to bolster claims and FUD.

EDIT: Here is the article's URL, by the way:

http://themacsucks.com/2009/04/charlie-miller-talks-mac-security/

It should be noted that this, and other "break-ins" into Macs are done almost exclusively through Safari (the default web browser) or Firefox. In almost all cases, attackers have only user privileges.

It might also be noted that most of the press for these exploits comes from PWN2OWN and other public hacking contests, where no one can hack Ubuntu: http://www.efluxmedia.com/news_Linux_Unhackable_At_TippingPoint_Contest_15743.html
 
Well, before anybody decides to attack me I did not do the study. The article about Charlie Miller is actually at ZDNet. I went to that website and in the comments I discovered that somebody was talking about Mac OS X servers being different than Mac OS X desktops. It was there that it was mentioned that a British security firm (http://mi2g.com) had done the study about the security of servers. Anybody who wants to argue with the British security firms results you can contact them. They did the study. By the way the most secure servers were BSD and Mac OS X servers. Don't argue with me. I did not do the study and I was surprised myself about Linux servers not being so secure.
 
Originally Posted By: Mystic
I did not do the study and I was surprised myself about Linux servers not being so secure.


I did not see anywhere a reference to Linux-based servers being less secure; only that they were a target of more attacks. Most web, DNS, email, etc. servers run Linux, so that only stands to reason.
 
My IT lady did not discuss the security of Linux servers or Mac OS X being cracked in 10 seconds. She talked about internet security and she said that the network we use at work now blocks some entire nations from accessing out network. As things get worse probably more websites and countries will be blocked from access. 'She' said nothing about Linux servers.

The guy who runs 'The Mac Sucks' found the article about Charlie Miller at ZDNet. Charlie Miller cracked into an Apple Computer and had root access or superuser access in about 10 seconds.

If you go to ZDNet and check out the article about Charlie Miller there are comments at the bottom. I clicked on a comment about Mac OS X not being Mac OS X server. That is where I found the information about the British security firm doing a study and that Linux servers were found to be attacked more than other kinds of servers; especially online but also at British government websites.
 
The figures for the attacks online were 80% Linux, 12% Windows. The figures for government sites were 57% Linux and 35% Windows. All of this according to the results of the British security firm's study.

I think that Windows servers make up more than 12% of all servers. I don't know what the percentage of Windows servers there are compared to Linux but I would guess that Windows servers are at least 40%. In fact I remember somewhere hearing that Linux servers are something like 20% to 30% of servers. It would be interesting hearing some ACCURATE figures.

Getting back to Mac OS X it appears that some various kinds of exploits can apparently be relatively easily developed for Mac OS X. You don't necessarily have to make use of malware. At least this Charlie Miller guy was able to develop an exploit.
 
It was Popular Science Magazine out now that has the article on possible upcoming cyper attacks on the internet from an Asian country. If you disagree with the article you can write to PS.

Personally I think there is something to a lot of Linux servers not being setup properly. I have read two security books where the authors bascially said the same thing. In one book the guy wrote about how to secure Windows and Linux computers. He was very pro-Linux and suggested in the book that people switch to Linux. He said that a Linux computer must be setup properly. The other book was written by a man and woman involved in investigating identify theft, phishing, etc. They said in their book that a lot of Linux computers are not as secure as the owners think because of not being setup properly.

Regardless of how secure Linux may or may not be, if there are a lot of Linux servers out there not properly setup then those computers are major security problems. And judging from the British study there are a lot of Linux servers not setup properly.
 
Originally Posted By: uc50ic4more
This is correct: There is simply no such thing as a fool-proof OS or server.


Yes there is, the ones that you cannot use directly and has no interface for you to adjust.
 
Originally Posted By: PandaBear
Originally Posted By: uc50ic4more
This is correct: There is simply no such thing as a fool-proof OS or server.


Yes there is, the ones that you cannot use directly and has no interface for you to adjust.


Oops! Forgot about DOS.
whistle.gif
 
Status
Not open for further replies.
Back
Top