I will agree with you on this one. I still stand to my statement that blind zealots and fanboys of either side are utterly annoying. ________________________________ De : Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Envoyé : 7 mars 2006 08:14 À : [ISAserver.org Discussion List] Objet : [isalist] RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet http://www.ISAserver.org Hi Alex, I don't fret about Mac exploits. I just enjoy hearing this stuff because I'm so tired of pothead media morons and the welfare sucking minions of orthodoxy from the Linux camp endless spewing the sludge that "M$ sUXoRSzS34$" and isn't secure. Instead of worrying about the facts, just think of it as a mental health break. HTH, Tom Thomas W Shinder, M.D. Site: www.isaserver.org <http://www.isaserver.org/> Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls ________________________________ From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] Sent: Tuesday, March 07, 2006 7:06 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT:Mac OS X hacked in less than 30 minutes | Tech News on ZDNet http://www.ISAserver.org Well they just made the worst addendum ever : Clarification: The originally published version of this report omitted the fact that participants were given local client access to the target computer. And so, it did. I read that on Slashdot, where it gave an URL to the original rm-my-mac contest page, where the author itself said it wasn't really proof of anything. And a security update has shown on my Powerbook this morning if this is of any relevance. But, as the original article stated, the guy had installed Fink and configured stuff to use LDAP. Installing fink means, "oooh, unsupported gnu and unix utilities!". And the Fink/OpenDarwin guys are not exactly known for a great response time to security advisories... In the end, any operating system can be made secure, or relatively so. See OpenBSD over there. Sure it's dusty, boring and it's so ... unexciting that it's rock solid. And besides the code is thoroughly audited by thousand of eyes prior to release, and by "audited" I don't mean "It's open so people are bound to look at it", but rather "A large amount of the effort goes into auditing the code". Result is one single remote exploit post-install in more than eight years. But install ugly, unmaintained crap from the ports tree and there goes all that effort. My point is that this article is nothing to really fret about. There were other "hack my mac" contests of craptastic proportions in the past, but none as badly representative. The rule is and has always been, once someone untrusted has a local account, all bets are off. I really *really* wish people could stop being so competitive and would stop dissing platforms they have never really used... It lacks professionalism. I don't go on vitriolic diatribes against AIX because I have never used it ;) I don't go on such drivel against Windows either, even if it is not exactly my personal preference - but it still is a product that is better suited for some jobs. However, there is a great deal to be said about Unixware, OpenServer and Xenix. But that brings back the taste of bile in my mouth, so I'll stop right there :P ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: gauthiera@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx