[Coco] Re: OS Vulnerabilities (Was: Paypal )

David Hazelton davehazelton at access-4-free.com
Sat Feb 28 13:15:13 EST 2004 

KnudsenMJ at aol.com wrote:

> In a message dated 2/28/04 8:23:15 AM Eastern Standard Time, 
> bathory at maltedmedia.com writes:
> 
> 
>>There have been Unix and Mac exploits, but these get little publicity
>> (although a recent Linux exploit was severe; Linux runs our cable modem
>> system in our town, and my stepson -- the system designer -- was doing some
>> fast patching).
> 
> 
> Well, it's about time -- time to put an end to the bragging about how 
> invulnerable Linux and Mac are.
> Unix/Linux has the advantage of decades of evolving protections in college 
> environments, where hackers thrive.  By now such trivial holes as buffer 
> overruns have been patched up (we hope).
> 
> A disadvantage of Linux is the open source code -- a hacker can look in there 
> for holes.  Though I suspect the hackerz community has good disassemblies of 
> Windows versions, though not all of it (wouldn't fit in a barn).
> 
> 
>> The difference is desirability. Why waste your time creating a virus for an
>> OS few people actually use or, more importantly, will get little publicity?
> 
> 
> Yep, I still figure that if Macs ever stage a real comeback or Linux catches 
> on (and lots of foreign governments are getting on board, meaning hackerz can 
> go for real gain instead of just hobbyist glory), there will be plenty of 
> hacks.
> 
> 
>> I think that anybody with tech smarts, tools and experience who can't
>> exploit an OS isn't really trying. Either that or it's not a true,
>> multi-purpose OS.
> 
> 
> Especially with the source code in front of them.
> --Mike K.
> 
> 
> 
Now that the Mac is Unix based, It will fall into the Unix/Linux realm 
of virus and worms.  As more Companies and countries are going toward 
open source, Patches to the OS will be as fluid as Virus definition 
files.  I rather upgrade or patch the problem at the system level than 
have a application just scan and quarintene it.

Luckily Linux can be patched on the fly without a reboot and one doesn't 
have to wait to the second Tuesday of the Month to patch 500+ machines.

~my 2 cents worth.

~David Hazelton

More information about the Coco mailing list