[access-uk] Re: careful regarding a phone call i just received
- From: Tristram Llewellyn <tristram.llewellyn@xxxxxxxxxxxxxxxxxxx>
- To: "'access-uk@xxxxxxxxxxxxx'" <access-uk@xxxxxxxxxxxxx>
- Date: Tue, 1 Feb 2011 10:27:09 +0000
Macs have nothing like the number traditional viruses or Trojans, those that
are known are relatively few in numbers. Meanwhile Apple very quietly patch
security holes often without telling the community what it is they have just
fixed. That Apple are patching the operating system is great however the
reluctance to let us all know what they have done is not and contributes to a
general level of ignorance for all. Comparably in the PC industry even if
Microsoft doesn't bark (which mostly they do these days because they have so
badly embarrassed in the past) there are hundreds of security researchers all
working away to find the next exploit being used by hackers and a ton of
academic researchers too. So although it looks really had in Windows (and
sometimes it really is) we at least know somewhat the state of play because it
is in everybody's interest to know and nobody is (or should be) fooled.
An example of how this might change is the episode with Facebook and other
social networking site security resulting in the Firesheep extension for
Firefox that allowed people on open wireless networks to take control of other
user's pages. This security whole is just as wide on the Mac as it is on
Windows and has the same consequences. It is not a Mac or Windows specific
problem but both systems are affected equally.
Browsers whether on Mac or PC are all almost universally vulnerable to
malformed input into them (a technique known as fuzzing) and can be made to
crash which means there is an exploit in there. Likewise JAVAscript is
something even Mac owners have to run on their computers in order for pages to
work yet its power is considerable and if wielded maliciously will cause a
problem on any platform. Safari along with most other browsers currently
available are not fully sandboxed and have considerable scope to manipulate a
target system bypassing most traditional anti-virus systems. Viruses and
Trojans are relatively complex forms of attack that take time to develop but
with the power of the tools available today you don't necessarily need to
create a virus or Trojan to cause trouble but at the moment it is easier and
Windows is the low hanging fruit.
Regards.
Tristram Llewellyn
Sight and Sound Technology
Technical Support
www.sightandsound.co.uk
Mail:
Tristram: tristram.llewellyn@xxxxxxxxxxxxxxxxxxx
Technical: Support@xxxxxxxxxxxxxxxxxxx
General - info@xxxxxxxxxxxxxxxxxxx
Phone:
Support line: 0845 634 7979
Sight and Sound Technology Limited is a company registered in England and
Wales, with company number 1408275.
Sight and Sound Technology
Welton House North Wing
Summerhouse Road
Moulton Park
Northampton
NN3 6WD
VAT Number - GB 860 2121 66.
-----Original Message-----
From: access-uk@xxxxxxxxxxxxx [mailto:access-uk@xxxxxxxxxxxxx] On Behalf Of
Gordon Keen
Sent: 31 January 2011 19:47
To: access-uk@xxxxxxxxxxxxx
Subject: [access-uk] Re: careful regarding a phone call i just received
So people have been saying for years now, how many actual mac virus events have
been found in the wild?
Despite this, I and other responsible mac users have virus protection software
installed just to ensure we do not infect - inadvertently - unsuspecting
windows users.
Regards
G
From glorious Devon, England.
On 31 Jan 2011, at 18:02, George Bell wrote:
> "the Mac operating system is a time bomb waiting to happen"
>
> What an absolute master of understatement, Tristram!
>
> George.
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** access-uk-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
>
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
** To leave the list, click on the immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** access-uk-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq
Other related posts:
