Kar98

True. Except the concept and the architecture of OSX prevents users from accidently or stupidly wreaking havoc with the system. Also, there aren't any viruses for the platform, and that has nothing to do with the market share but with the architecture.

Not to be contrary or anything, but you have no idea what you're talking about. Is this architecture far more inherently secure than windows? Absolutely. Is it invulnerable? Absolutely not.

This was released today. Key line is:

A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information.

In other words, anyone can completely own your mac. But please, go on with how this doesn't really mean anything, I'd love to hear it.

/that kid from "Dodgeball" said they better though...

Kar98

This was released today. Key line is:

A remote attacker may exploit these issues to execute arbitrary code, trigger denial-of-service conditions, escalate privileges, and disclose potentially sensitive information.

Are you retarded? This was _fixed_ today, you wouldn't even know about it if it wasn't for the fix.

I'm sorry, there seems to be a bit of a disconnect. You were implying that the architecture made such things impossible, I'm showing you they clearly are possible, now you've changed your tack to how quickly they fix issues. Face it, you made a stupid statement, now you're trying to act like it never happened and change the topic.

But what the hell, I'll humor you, I'm a nice guy, Yes, it was fixed the same day it was released, but only because they delayed releasing it until they had a fix. I mean, you do know they didn't hear about these vulnerabilities and fix them the same day, right? This tells us nothing about time to fix since we don't know when they were told.

Not to mention: "The vendor has released a security advisory to address the majority of these issues." Oh good, the majority, they fixed > 50% of the problems, how comforting.

"The vendor credits Dino Dai Zovi of Matasano Security, Tom Ferris of Security-Protocols.com, Neil Archibald of Suresec LTD, Rob Middleton of the Centenary Institute, Gael Delalleau and iDEFENSE, and Jesse Ruderman of Mozilla Corporation."

Please note that Apple didn't find ANY of these problems, they were found by others who were nice enough to report them and give mac a chance to fix them first, not everyone is so nice. Hell, some people don't publicly release the information at all, except to a select group of friends, or in some cases, clients.

The bottom line is, directly contrary to your statement, the architecture of OS X does not render it invulnerable from anything. This collection of exploits could easily have been turned into the payload for a worm, hell, it still could - do you honestly think that within 24 hours of a patch release everyone has it? They don't. Ahh, but it is harder since they didn't release any PoC exploit code or any details on the vulnerabilities, right? Yes, it is, and welcome to security through obscurity, hope you like sharing a bunk with Windows.

This is just one example, that happened to come out the day we were discussing it, there are others.

/This is what I do
//This is clearly not what you do