Forums > MaxMSP

[OT] botnets and OSX

November 30, 2007 | 12:28 pm

I have been reading a lot lately about botnets. It is not clear whether
Macs are currently at risk. Any wisdom?

Cheers
Gary Lee Nelson
Oberlin College
http://www.timara.oberlin.edu/GaryLeeNelson


December 2, 2007 | 1:00 am

Over the past 15 years very few worms & viruses have been written for Unix based environments. However, Microslofts Widows environment has and will continue to be a target due to it’s poor security architecture (which creates a whole sector of the economy, thanks M$).

OSX has had a good run.

If we look at Linux and it’s security history, very little in the way of worms or viruses surfaced in the last 10 years and most of these were unsuccessful.

Risk / Exposure / Vulnerability… These are simply factors of time. A large easy to exploit hole in the OSX network implementation will eventually be found by a bad guy and put to use, but how?

A BoT net is unlikely as OSX exploits are rare and security patches could be issued quickly once Apple knew of the problem, so the discoverer would want to utilize his new found power against specific targets for specific reasons in a stealthy way.
Besides, building an army of zombies or onion routers is easy enough using Widows targetted worms.

Advice?

- Keep backups

- Know the value of your information both to yourself and others. Have real perspective not paranoia, and enjoy the occasional leak when if/when it happens… Life is fun.

- Disable unneeded network services, keep your firewall on, use WEP on your wireless access points, use https whenever possible, rotate passwords, use different passwords per each system, avoid spyware looking products, disable GUI scripting languages (Applescript).

- As far as max patching goes, while unlikely someone could use a max patcher to hack your machine. If you need to be paranoid, save your max patchers to text, then search for "/bin/bash" or "shell" or other system level commands like applescript stuff, etc.

- Don’t buy one of those crappy "secure your computer" adware/malware/spyware unless you really understand what it’s doing and that you want that function.

Know your mind, know your body, know your drug

-a+b


December 3, 2007 | 4:16 am

> Over the past 15 years very few worms & viruses have been written for Unix based environments. However, Microslofts Widows environment has and will continue to be a target due to it’s poor security architecture (which creates a whole sector of the economy, thanks M$).

Microsloft Widows? M$? :rollseyes:

The biggest reason Microsoft is targeted is due to its overwhelming domination of the personal computer market. I would imagine OS X exploits will start popping up if and when OS X approaches the market penetration of Windows.

> Advice?
>
> – Keep backups
>
> – Know the value of your information both to yourself and others. Have real perspective not paranoia, and enjoy the occasional leak when if/when it happens… Life is fun.
>
> – Disable unneeded network services, keep your firewall on, use WEP on your wireless access points, use https whenever possible, rotate passwords, use different passwords per each system, avoid spyware looking products, disable GUI scripting languages (Applescript).
>
> – As far as max patching goes, while unlikely someone could use a max patcher to hack your machine. If you need to be paranoid, save your max patchers to text, then search for "/bin/bash" or "shell" or other system level commands like applescript stuff, etc.
>
> – Don’t buy one of those crappy "secure your computer" adware/malware/spyware unless you really understand what it’s doing and that you want that function.
>

This is all good advice for any operating system. :)


December 4, 2007 | 1:28 am

It’s not simply an issue of popularity. Windows had a slipshod security foundation to start with and was forced to balance the crowd of 3rd party developers using their libraries with a slow security reform plan. They lost a lot of government contracts because of this.

From 2005 on I’m ignorant, but instinct says the platform is still under revision to prevent the kind of gross security problems that I dealt with when I worked in the industry.

Hopefully Apple can preserve and improve their existing architecture as they gain market share rather than throw too many ingredients into the mix too quickly.

I just noticed a few days ago that some files in /etc/ had been completely deprecated with a left over note suggesting they’d be removed in future releases and not to rely on them.

Ouch.

-anthony


December 4, 2007 | 1:28 pm

Where is /etc/

On 12/3/07 8:28 PM, "Anthony Bisset" wrote:

>
> It’s not simply an issue of popularity. Windows had a slipshod security
> foundation to start with and was forced to balance the crowd of 3rd party
> developers using their libraries with a slow security reform plan. They lost a
> lot of government contracts because of this.
>
>> From 2005 on I’m ignorant, but instinct says the platform is still under
>> revision to prevent the kind of gross security problems that I dealt with
>> when I worked in the industry.
>
> Hopefully Apple can preserve and improve their existing architecture as they
> gain market share rather than throw too many ingredients into the mix too
> quickly.
>
> I just noticed a few days ago that some files in /etc/ had been completely
> deprecated with a left over note suggesting they’d be removed in future
> releases and not to rely on them.
>
> Ouch.
>
> -anthony

Cheers
Gary Lee Nelson
Oberlin College
http://www.timara.oberlin.edu/GaryLeeNelson


December 5, 2007 | 12:18 am

Quote: Gary Lee Nelson wrote on Tue, 04 December 2007 05:28
—————————————————-
> Where is /etc/
>
>
>
go to your terminal and type "cd /etc/" and there you are. Type ls to have a look around.

mz


December 5, 2007 | 8:30 am

My point about files in /etc/ being deprecated was simply that old unix conventions are being abandoned. It doesn’t necessarily make OSX more insecure, but new code and new conventions always have bugs where old systems in use for 10+ years have been hardened by time.

back to wizardry… Computers can be amazing distractions. Anybody prefer a smaller screen so that peripheral vision can remain connected to the physical space giving consciousness some grounding about "what" am I using the screen for; as opposed to using the screen for the screen?


December 5, 2007 | 9:50 pm

Quote: Anthony Bisset wrote on Wed, 05 December 2007 21:30
—————————————————-
> Anybody prefer a smaller screen so that peripheral vision can
> remain connected to the physical space giving consciousness some
> grounding about "what" am I using the screen for; as opposed to
> using the screen for the screen?

I know what you mean. When doing graphic design, I quite like using a smaller screen so I’m constantly reminded that what I am looking at is NOT the real "thing" I’m working on, which will be printed and interacted with differently to the way I am interacting with it.


Viewing 8 posts - 1 through 8 (of 8 total)