Forwarded from: Richard Forno <rfornoat_private> Overall, a good article.....Apple OSX is still one of the more secure out-of-the-box OSes you can find. Few if any services are enabled by default, and those that are are easily disabled if necessary. However, the article fails to mention that Apple promptly admits responsibility when they screw up -- a few months ago Apple released an update to iTunes, its popular MP3 player - but unknowingly, one of its developers included in the install script a unix command to erase a user's data directory!! Not only did Apple pull the upgrade from its website immediately, but within 24 hours a revised installer was posted, along with a statement admitting it was Apple's fault for causing the problem. Further, Apple told those that lost data as a result that it would reimburse them for purchasing disk utilities (eg, Norton stuff) and/or the price to have a professional restore their data. You'll never see this level of public responsibility from other, larger software monopolies. It was refreshing to see the article note that Apple doesn't force people into goofy licensing schemes to receive support and such, something I discussed recently in an article entitled "Microsoft makes a deal you can't refuse" (http://www.infowarrior.org/articles/2002-09.html) I've been a PC user, but a longer Mac user -- Apple may be a smaller community, but I trust it - and its users and software - much, much more than anyone else. As I said, I prefer to be the one in-charge of the relationship with my computer. Happy 4th! Rick infowarrior.org > From: InfoSec News <isnat_private> > Reply-To: InfoSec News <isnat_private> > Date: Wed, 3 Jul 2002 06:36:34 -0500 (CDT) > To: isnat_private > Subject: [ISN] Apple: Taking OS X security seriously -- finally > > http://www.zdnet.com/anchordesk/stories/story/0,10738,2873326,00.html > > Stephan Somogyi, > Contributing Columnist, > AnchorDesk > Wednesday, July 3, 2002 > > During the days of Mac OS 9, Apple didn't need to pay much attention > to security. Attacks on Mac OS boxes were extremely rare, successful > ones well-nigh unheard-of. But Mac OS 9's excellent security record > does not automatically transfer to OS X just because both OSes > originate in Cupertino. > > Thanks to Mac OS X's Unix plumbing, any vulnerabilities in Unix > software instantly become vulnerabilities in OS X. Unix vendors as a > rule have always been quick to issue both security alerts and fixes > for discovered holes. Which means that Apple now has a pretty high > standard to live up to. > > If you're a Windows user, you've grown accustomed to the > never-ending stream of vulnerability announcements, interminable > waits for fixes, and, most recently, unilateral changes of your > end-user licensing agreement that grant Redmond remote admin > privileges on your system. Trustworthy computing, indeed. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jul 08 2002 - 06:48:14 PDT