An article on The Register by Security Focus suggests that Macs are a potential security nightmare for enterprises. Now, to a certain extent, this is all just FUD - confessed FUD since the issuers of the security warnings admit they're doing it to make people sit up and think about future issues. Reading through the article there are hints that people don't quite understand Macs and Mac security: why worry so much about firewall-less Macs on corporate networks, particularly when there are no ports open by default on a Mac that would need firewall protection?
Similarly, arguments that while there are viruses and exploits for Linux and Windows and there aren't on Macs, that's because the Mac marketshare is so low, don't really wash. After all, Linux marketshare is no better than Mac marketshare so should be targeted as little. The article also takes little account of permissions and the administrator verification requirement needed to do anything desperately evil on a Mac.
The citing of a root kit for OS X in the article also shows that the Mac is a target, but since the root kit hasn't broken out into the wild and it has no propagation mechanism, it clearly is far harder to exploit Mac vulnerabilities than it is to exploit Windows vulnerabilities.
Nevertheless, no computer is 100% secure and putting blank and easily guessable passwords on administrator accounts is going to leave you with a compromised machine sooner or later. So don't be complacent, but don't listen to all the FUD.
;)
;)
;)
;)
;)
;)
;)
;)
;)
;)
Leave a comment