Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Tom Yager Confirms: Windows Inherently Insecure

__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Thursday 24 August 2006 10:51 \__

>>
>>
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html
> 
> Article titled, "Is Windows inherently more vulnerable to malware
> attacks than OS X?"
> 
> What's unusual about this article is the detailed justification of the
> thesis (I would have just said, "You have to ask?!!").  Example (on
> faults of Windows):
> 
> Quote:
> -------------
> I've been giving it great deal of thought, and I came up with a reasons
> pointing to the likelihood that Windows is at greater risk of
> catastrophic attacks. It's not easy reading, but it was either this
> dense packing or a book-length blog post.
> 
> · All Windows background processes/daemons are spawned from a single
> hyper-privileged process and referred to as services.
> · By default, Windows launches all services with SYSTEM-level
> privileges.
> · SYSTEM is a pseudo-user (LocalSystem) that trumps Administrator
> (like UNIX's root) in privileges. SYSTEM cannot be used to log in, but
> it also has no password, no login script, no shell and no environment,
> therefore
> · The activity of SYSTEM is next to impossible to control or log.
> · Most of the code running on any Windows system at a given time is
> related to services, most or all of which run with SYSTEM privileges,
> therefore
> · Successful infection of running Windows software carries a good
> chance of access to SYSTEM privileges.
> ----------
> and on and on.
> 
> And then about how OS X is different:
> 
> Quote:
> ---------------
> · OS X has no user account with privileges exceeding root.
> · Maximum privilege is extended only to descendants of process ID 1
> (init or Darwin's launchd), a role that is rarely used and closely
> scrutinized.
> · Unlike services.exe, launchd executes daemons and scheduled
> commands in a shell that's subject to login scripts, environment
> variables, resource limits, auditing and all security features of
> Darwin/OS X.
> · Apple's daemons have man pages, and third parties are duty-bound to
> provide the same. Admins also expect to be able to run daemons, with
> verbose reporting, in a shell for testing.
> · OS X Man pages document daemons' file dependencies, so
> administrators can easily rework file permissions to match daemons'
> reduced privileges.
> · Launchd can tripwire directories so that if they're altered
> unexpectedly, launchd triggers a response.
> --------------
> and on and on.
 
I believe I will use this article, in conjunction with the following, to shut
up anyone who argues that Linux and Mac OS are secure owing to obscurity.

The short life and hard times of a Linux virus

,----[ Quote ]
| For a Linux binary virus to infect executables, those executables must
| be writable by the user activating the virus. That is not likely to be
| the case. Chances are, the programs are owned by root and the user is
| running from a non-privileged account. Further, the less experienced
| the user, the lower the likelihood that he actually owns any
| executable programs. Therefore, the users who are the least savvy about
| such hazards are also the ones with the least fertile home directories
| for viruses.
|
| [...]
`----

                                        http://librenix.com/?inode=21 

Best wishes,

Roy

-- 
Roy S. Schestowitz      |    "I think I think, therefore I think I am"
http://Schestowitz.com  |  Open Prospects   ¦     PGP-Key: 0x74572E8E
Tasks: 146 total,   2 running, 142 sleeping,   0 stopped,   2 zombie
      http://iuron.com - knowledge engine, not a search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index