Keeping you mac safe in an Unsafe environment! [Archive] - Glock Talk


View Full Version : Keeping you mac safe in an Unsafe environment!

06-13-2007, 05:33
Fact or Fiction?

Read the Feedback postings. Running Windows on a MAC makes it vulnerable!


Inside OS X Security: Keeping Your Mac Safe In An Unsafe World

Mac expert John Welch takes you through the threats, holes, and exploits swirling around Mac OS X, and offers up some tips and tactics to protect your system.

By John C. Welch
Jun 9, 2007 02:00 AM

Security and Mac OS X is never an easy topic to write about. There's so much emotion, advocacy, and arguing going on that getting to the heart of the matter can sometimes seem impossible. However, once you sort past those issues, the state of security on Mac OS X isn't terribly complicated, nor bad at all. It's not perfect, but it's not the final world in Quake, with pitfalls and monsters behind every corner.

Even with the recent QuickTime Java vulnerability discovered by Dino Dai Zovi at the CanSecWest contest, the Mac isn't suddenly a kitten in a shark tank, waiting to be devoured. There always have been, and always shall be, vulnerabilities in this, or any other operating system and platform. It's a fact of life, and one that Mac users in particular, should approach with more of a sense of equanimity and awareness.

When we're talking about the state of security on Mac OS X, it's useful to use the kinds of threats we hear about or have heard about in the past as a guide to help us focus our discussion. I'll do the same here, moving from the more "human-based" issues to the more "human-excluded" issues. I'm also going to, in the interests of clarity and space, stay out of larger security issues like firewalls, NAC, etc. This article is focusing on Mac OS X and the Mac user as much as possible....

06-17-2007, 14:05
Everything has vulnerabilities.

Windows has some. Mac has some. Windows on Mac creates add'l opportunities, and the same will be true if we start running OS X on Windows also.

I think the time is coming soon where Apple will need to get serious about a 'security culture' - their stuff has been so much better that they've been able to sit smugly above the fray, but as Windows improves, we'll see more attacks on Macs, perhaps including ones that intentionally work via Parallels.

One significant problem right now for Mac folk is choosing good software - there's so little call for anti-malware on the Mac, and so few real-world threats to test against, that it's hard to establish who's doing a good job, and who has crappy software...

06-18-2007, 06:20
I would have to say that running Windows on a Mac, that is running the Microsoft Windows Operating System on an Apple Macintosh computer's hardware, would have no more or less vulnerabilities than if you ran the same software on a Dell PC.

Now, if you're talking about running Windows in a virtual machine on top of Mac OS X, then it would technically be true that you have more vulnerabilities to worry about. But that is a bit misleading. Any vulnerabilities in Windows will generally only affect the virtual machine it is running on and not get back into the host operating system.

Running programs in virtual machines is actually a really good security practice for isolating applications prone to intrusion.

By the way, do you have a link to that article?

06-18-2007, 17:29
That's historically true, but the clever folks at Parallels give the option in the latest versions of giving the guest OS (Windows) quite a bit of access to user folders in Mac OSX.

It's super-convenient, and allows copying and drag-and-drop, and easy access to all of your user folders from Windows dialog boxes, but it is at least a potential security risk.

I know of no real-world exploits, or even proof-of-concept on this, though, so it's all speculative.