backtop


Print 63 comment(s) - last by crystal clear.. on Mar 27 at 3:52 AM

"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

The battle between Microsoft and Apple in the computing market has raged on for decades. While Microsoft has a commanding lead in the operating system market with Windows, Apple isn't exactly backing down with OS X -- in fact, the Cupertino-based company continues to grab market share and a large portion of the $1,000+ computing market.

When Windows and OS X users get into arguments on the web, Windows users often point to OS X's tiny market share while OS X users point to how vulnerable Windows operating systems have been in the past to exploits. However, according to security guru Charlie Miller, OS X users should subscribe to the idea that "people in glass houses shouldn't throw stones".

Miller claims to have found no less than 20 zero-day exploits within OS X. Miller will present the exploits at CanSecWest next week in Vancouver, British Columbia.

Miller told Heise Security, "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

"They sell lots of computers and nobody [shies away from] Apple computers because of a perceived lack of security," Miller added. "So in their minds, they don't have a security problem until it affects their bottom line, which hasn't been the case, yet"

OS X has made the news plenty of times over the past year for security holes. Last June, Apple finally fixed a Java exploit which went unpatched for nearly a year. In late August, Apple shipped Snow Leopard with a version of Flash that was susceptible to outside attacks.

Miller also took Apple to task last year saying that security protections in OS X weren't quite up to par with Windows 7. He noted, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

WTF Apple??
By Smilin on 3/19/2010 11:17:11 AM , Rating: 2
So 20 vulnerabilities while not good isn't the most horrific thing to happen in the computer world but the way they were discovered is frightening.

quote:
Miller discovered the new vulnerabilities by fuzzing

This is just a basic automated way of checking for obvious problems. Microsoft and many others do this as a routine part of normal development.

WTF is Apple doing over there?




RE: WTF Apple??
By amanojaku on 3/19/2010 12:31:59 PM , Rating: 2
Fleecing it's customers, what else?<sarcasm> Why spend money on QA when you all you need to do is release a new product? People will blindly buy the new device and its "security through obscurity" and hackers will have to work on the next set of exploits.</sarcasm>


RE: WTF Apple??
By alanore on 3/20/2010 9:12:50 AM , Rating: 2
I think windows 7 only had 1 which got patched. 20 Current zero day flaws is major.


"And boy have we patented it!" -- Steve Jobs, Macworld 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki