Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security Apple

Apple Asks Security Experts To Examine OS X Lion 417

An anonymous reader writes "For as much as Mac OS X has a reputation for being safer than Windows, security researchers won't hesitate to point out that the opposite is, in fact, true. But Apple's looking to change that. This past Thursday, Apple doled out a beta of OS X Lion to developers. In conjunction with that, Apple is also reaching out to noted security experts and offering them free previews of OS X 10.7 so that they can take a look at Apple's new security measures and reach back to Apple with any thoughts and concerns they might have. Indeed, Apple is becoming a lot more security conscious these days, not only in terms of reaching out to security researchers but also in its personnel hires."
This discussion has been archived. No new comments can be posted.

Apple Asks Security Experts To Examine OS X Lion

Comments Filter:
  • by Anonymous Coward on Sunday February 27, 2011 @05:18PM (#35332852)

    Every single year, OSX loses the Pwn2Own competition first.

    Could just be that the hackers want the mac the most ;-)

  • by node 3 ( 115640 ) on Sunday February 27, 2011 @05:28PM (#35332930)

    You mean, once the contest enters the phase where you can run a program remotely, people attack the Mac first, because they want to win the Mac, and Windows and Linux are successfully attacked minutes later.

  • Re:The opposite??? (Score:5, Interesting)

    by node 3 ( 115640 ) on Sunday February 27, 2011 @05:44PM (#35333040)

    No it isn't FUD, do some research online, Just about every hacking contest sees OS X go down in a ball of flames in minutes

    Yes, minutes... After the contest enters the phase where you can load files remotely. And minutes later, Windows and Linux go down (everyone attacks the Mac first, because pwn2own means you get to keep the computer you pwn, and everyone wants the Mac).

    Just about every patch cycle from apple sees more security vulnerabilities patches than are found in all MS products combined in a year.

    Not remotely true. However it is true that in pure numbers, Apple patches more vulnerabilities than MS. These are primarily in Open Source products included with Mac OS X, and is seen as a strength, not a weakness. Also, Mac OS X patches tend to be local vulnerabilities, while Windows patches are far more often remote vulnerabilities, which are significantly more critical.

    Many security researchers have been pointing out Apples Lax Security practises for a long time

    Yet somehow the sky has never fallen. It's possible that Mac OS X is theoretically less secure than Windows, but it's absolutely certain that Mac OS X is, in actual real world usage, significantly more secure than Windows. Hands down, no-contest.

    Pwn2own and "patches per year" are interesting metrics, but the only thing that matters is whether a user has to worry about their computer being compromised, and Mac users don't, Windows users do. It's as simple as that. Everything else is academic and hand-waving side-stepping of the actual issue.

    seems they might finally be getting the message now that there share of the pie is significant enough to warrant it being an issue.

    Apple has had sufficient market share since the beginning of consumer viruses and malware. There were plenty of Mac viruses back when their market share was far lower than it is now. It's absurd to claim that there are essentially zero malware for Macs because of market share, when their market share is large enough for thriving third-party software and hardware. Market share plays a role, but is not *the* primary reason.

    What this indicates is that Apple is being proactive in making sure Macs remain as secure as they are today, and not resting on their laurels.

  • by Cronock ( 1709244 ) on Sunday February 27, 2011 @06:42PM (#35333394)
    I've had a Mac OS X Server machine open to the world for 2 years now, partially to just see what people would try to do. I watch the system very closely hoping I will see something happen so I can learn a little about it. Services running are SMB, AFP, Apache, Cal/CardDAV, Email for a few domains, MySQL, Software Update Server, AFP, VNC, and ARD. This server is setup as mostly default with only basic security precautions taken: Disabling clear text authentication mechanisms and using overly-strong passwords to rule out brute force attacks. The firewall has only recently been turned on, all ports open, to utilize the brute-force attempt throttling mechanism that requires it. This server hosts a few of my personal pet project domains, any information that would be considered valuable to intruders is actually kept in AES-encrypted sparse images. I'm overly paranoid about backups, so any vandalism-type attacks are quickly recovered from. So far I've only seen a good share of brute force attacks from IPs in Poland and China agaist SSH, FTP, and VNC. There have also been a whole crapload of spam registrations to the hosted WordPress site, but that's not an OS X issue.
  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) on Sunday February 27, 2011 @09:42PM (#35334458)
    Comment removed based on user account deletion

Men take only their needs into consideration -- never their abilities. -- Napoleon Bonaparte

Working...