From owner-freebsd-security Wed May 2 10:47:56 2001 Delivered-To: freebsd-security@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 9677937B423 for ; Wed, 2 May 2001 10:47:52 -0700 (PDT) (envelope-from bright@fw.wintelcom.net) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id f42Hlnf11738; Wed, 2 May 2001 10:47:49 -0700 (PDT) Date: Wed, 2 May 2001 10:47:49 -0700 From: Alfred Perlstein To: Brett Glass Cc: security@FreeBSD.ORG Subject: Re: What do folks think of this article? Message-ID: <20010502104749.O18676@fw.wintelcom.net> References: <200105021702.LAA24669@lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200105021702.LAA24669@lariat.org>; from brett@lariat.org on Wed, May 02, 2001 at 11:02:20AM -0600 X-all-your-base: are belong to us. Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org * Brett Glass [010502 10:02] wrote: > http://www.businessweek.com/bwdaily/dnflash/apr2001/nf2001051_727.htm As usual someone is trying to raise an issue that's already common knowledge. I mean: So, where security was concerned, Apple users enjoyed a free ride. Same with virus attacks. Mac users avoided the carnage of the I Love You virus in May, 2000. Nor did they have to worry about nasty Trojan-horse attacks, such as the SubSeven variety that could give hackers remote control of a computer. Mac users lived in a digital Garden of Eden, a simpler place free of serpents. The "I Love You virus" ? Because it's a Unix like OS? Afaik "I Love You" was a Microsoft Outhouse^H^H^H^H^Hlook problem, not a Unix one. Sure making a Macintosh actually useful by having it run an Unix like OS might make a more interesting _target_, it sure doesn't mean that it has to run all the same services. I imagine if Apple was smart, the default "desktop configuration" wouldn't be running any services to expose it to this kind of risk. I do agree that Apple should invest some resources into security on OS X, but I doubt they aren't already in the process of procuring those resources if they haven't done it already. As far as getting the word out on bugs, I find it terribly annoying that Bugtraq is now a vendor's forum to spam about security updates, it's really irritating to hear about some vulnerability and then recieve about 20 emails from different Linux and other Unix distributors about the exact same bug. -- -Alfred Perlstein - [alfred@freebsd.org] Daemon News Magazine in your snail-mail! http://magazine.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message