<<< Date Index >>>     <<< Thread Index >>>

[IP] Mac OS X security under scrutiny





From: Monty Solomon <monty@xxxxxxxxxx>
Date: November 29, 2005 7:04:18 PM PST
Subject: Mac OS X security under scrutiny


Mac OS X security under scrutiny
Robert Lemos, SecurityFocus 2005-11-29

When the SANS Institute, a computer-security training organization,
released its Top-20 vulnerabilities last week, the rankings continued
an annual ritual aimed at highlighting the worst flaws for network
administrators. This year, the list had something different, however:
The group flagged the collective vulnerabilities in Apple Computer's
Mac OS X operating system as a major threat.

It's the first time that the SANS Institute called out an entire
operating system for its vulnerabilities. While the move has raised
questions about the value of such a general warning, highlighting
recent vulnerabilities in Mac OS X was intended as a wake up call,
said Rohit Dhamankar, security architect for TippingPoint, a
subsidiary of networking firm 3Com, and the editor for the SANS
Top-20 vulnerability list.

"We are not pointing at the entire Mac OS X and saying you have to
worry about the entire operating system," he said. "It is just that
the Mac OS X is not entirely free of troubles."

The naming of Apple's Mac OS X to the list is the latest warning from
security experts to users that Apple's operating system is not immune
to threats. In its last two bi-annual reports, security firm Symantec
has warned Apple users that the perceived security strengths of Mac
OS X will not withstand determined attackers, especially with
mounting vulnerabilities and at least one known rootkit tailored to
the system. (Symantec is the owner of SecurityFocus.)

Such warnings, however, have to contend with the Mac OS X's
impressive lack of major security incidents. While users of Microsoft
Windows have to worry about the latest viruses, Trojan horse
programs, spyware and phishing attacks, users of Apple's systems have
significantly fewer threats about which to be concerned.

....

<http://www.securityfocus.com/news/11359>

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/