Hacker: Snow Leopard less secure than Windows

Status
Not open for further replies.
spajdr

spajdr

New member
As reported by Techworld, Snow Leopard, Apple's highly anticipated new operating system,
lacks basic security features that are found in Windows XP, Windows Vista and Windows 7 says Charlie Miller, a noted security researcher.

Address Space Layout Randomization, commonly referred to as ASLR, randomly assigns data to the memory to make it more difficult
for hackers to locate the critical operating system functions.

Charlie Miller of Baltimore-based Independent Security Evaluators who many people may remember from when he successfully
hacked a fully patched Macbook in seconds, was disappointed upon hearing that Apple did little to improve ASLR from Leopard to Snow Leopard.

"Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good.
I hoped Snow Leopard would do full ASLR, but it doesn't. I don't understand why they didn't.
But Apple missed an opportunity with Snow Leopard. Apple did make various moves to improve Mac OS X 10.6's security
including a revamp of QuickTime and additions to Data Execution Prevention (DEP), a security feature built in to Windows Vista."

"Having both ASLR and DEP in an operating system makes it much more difficult for attackers to create working code," Miller argued.
"If you don't have either, or just one of the two [ASLR or DEP], you can still exploit bugs, but with both, it's much, much harder.
Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place],
that's when I'll stop complaining about Apple's security."

In the end, Miller agreed that hackers' disinterest in Mac OS X comes down to numbers rather than the security measures
that Apple adds to the operating system. "It's harder to write exploits for Windows than the Mac," Miller said, "but all you see are Windows exploits.
That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."

"I still think you're pretty safe [on a Mac]," Miller said. "I wouldn't recommend antivirus on the Mac."

http://www.neowin.net/news/main/09/09/16/hacker-snow-leopard-less-secure-than-windows



not surprised, Macs always sucked hard :evil:
 
I thought that was common knowledge? :confused:

Macs are not hacked because, due to their tiny numbers, nobody gives enough of a **** to hack them.
 
If I was a hacker, I'd go after Macs harder than Windows. Why? Because mac users are all retarded and have lots of money... what better target? :lol:
 
Stingray, I deleted your post. Let's keep things on-topic here. There is no need to call anyone out. :)
 
Spoof an e-mail from apple saying you're steve jobs or his assistant, and you're good to go. You'll get anything from them at that point. :lol:
 
genci88 said:
I thought that was common knowledge? :confused:

Macs are not hacked because, due to their tiny numbers, nobody gives enough of a **** to hack them.
Click to expand...


That'll be changing soon enough though. Especially with younger crowds, apple is gaining a lot.

I'm in a graduate level teaching class at my university that uses computers for a few of our important tasks - I am one of two people in the class (of 25ish) that uses a windows machine.

Now with Windows 7 this may slow somewhat, and with netbooks and budget oriented PCs, I don't expect macs to take the majority at any point.... but they'll be targeted by hackers soon enough. It's only a matter of time and there's less of it every day.
 
DaJMasta said:
Now with Windows 7 this may slow somewhat, and with netbooks and budget oriented PCs, I don't expect macs to take the majority at any point.... but they'll be targeted by hackers soon enough. It's only a matter of time and there's less of it every day.
Click to expand...

They've been saying this for *years*. Since about 2004 or so.
Hasn't happened yet. This is also from the guy who admits he had a four man team and searched for months inside of open-source code provided by Apple for his big CanSecWest splash...

It has nothing to do with numbers but more to do with the skill level required to breach these machines. Oh, btw, his "hack" of Apple machines would have worked to breach a Vista/7 box running Firefox, btw. The flaw was in WebKit, *not* Mac OS.

For years, MS paid no attention to security outside of LAN and file permissions so once the Web world took off, MS was caught with their pants down. In addition to that, MS deliberately left security holes in place even into the 2000s. A few years back, MS reclassified Gator from being a malware product to a "regular" program. Why? They bought Gator's creator because MS wanted a product and stick in Windows that would help them track their users...

WinXP isn't falling to hackers because of numbers. It's falling because it has been a historically insecure product, requiring a lot of work and money for users to address the flaws and oversights. After all, there is a whole industry out there just to secure MS' products. The skill level required to perform any sort of escalation on Windows was in the script kiddie domain.

BSD has a long and very good history of security. After all, BSD was created and mandated by the government in the early 1980s to graft Internet capabilities into a Un*x based OS (that was the point of the whole project).

In contrast, Windows insecurity is holdover from the pre-Internet era where networking was just worrying about LANmanager not crashing...
 
HAL10000 said:
Oh, btw, his "hack" of Apple machines would have worked to breach a Vista/7 box running Firefox, btw. The flaw was in WebKit, *not* Mac OS.
Click to expand...

Don't want to sound as though I'm nit-picking (as otherwise I am in complete agreement with your points), but Webkit is used by Safari and Chrome, not Firefox, so it wouldn't have worked on a Vista/7 machine unless one of those browsers was installed and running.
 
Fat Jez said:
Don't want to sound as though I'm nit-picking (as otherwise I am in complete agreement with your points), but Webkit is used by Safari and Chrome, not Firefox, so it wouldn't have worked on a Vista/7 machine unless one of those browsers was installed and running.
Click to expand...

The other thing about breaking through an app, say a browser, there's a world of difference. Get through the app, on Windows, you have OS security to deal with. OSX, you get through the app and you're free to do what you like. This is what the researcher is concerned about.
 
Fat Jez said:
Don't want to sound as though I'm nit-picking (as otherwise I am in complete agreement with your points), but Webkit is used by Safari and Chrome, not Firefox, so it wouldn't have worked on a Vista/7 machine unless one of those browsers was installed and running.
Click to expand...

I stand corrected.
 
FiggyG said:
The other thing about breaking through an app, say a browser, there's a world of difference. Get through the app, on Windows, you have OS security to deal with. OSX, you get through the app and you're free to do what you like. This is what the researcher is concerned about.
Click to expand...

Incorrect. Windows has as bad a history, if not worse, than other OS' when it comes to the problem of user rights escalation. For example, Flash is notorious bad for security, which is why any Flash item running in Safari is automatically sandboxed. It's also done for performance issues since Flash is a bigger resource hog than nearly any Microsoft product...

Flash makes Silverlight justifiable...

It's also interesting that Miller speaks of DEP, which is pretty much pointless. Causes more problems than it's worth. DEP itself is often DISABLED on Windows boxes because even MS provided products end up nonfunctional.
 
Last edited:
Security through obscurity. People have been saying it for years because it's taken that long to even threaten 10% market share of the OS market. Until it breaks 20%, people will keep on saying it. After 20%, those same people will be saying something different. They'll be saying "told you so..."
 
HAL10000 said:
WinXP isn't falling to hackers because of numbers. It's falling because it has been a historically insecure product, requiring a lot of work and money for users to address the flaws and oversights. After all, there is a whole industry out there just to secure MS' products. The skill level required to perform any sort of escalation on Windows was in the script kiddie domain.
Click to expand...

Windows XP's security infrastructure is, in many ways, more advanced than even modern UNIX-based OS's. The biggest security hole in Windows is the user, not the technology.

HAL10000 said:
BSD has a long and very good history of security. After all, BSD was created and mandated by the government in the early 1980s to graft Internet capabilities into a Un*x based OS (that was the point of the whole project).
Click to expand...

UNIX (and BSD is simply a free implementation of UNIX) was merely designed to allow multiple people to share a system. Security was mearly an afterthought, and a large number of security incidents during the early age of the Internet were due to UNIX's weak security model. Only recently have UNIX vendors focused on security.

HAL10000 said:
In contrast, Windows insecurity is holdover from the pre-Internet era where networking was just worrying about LANmanager not crashing...
Click to expand...

If we were discussing Windows 9x, you'd be totally correct. However, Windows has been based on the NT line for nearly a decade, and NT was designed with security in mind from the ground up.

HAL10000 said:
It's also interesting that Miller speaks of DEP, which is pretty much pointless. Causes more problems than it's worth. DEP itself is often DISABLED on Windows boxes because even MS provided products end up nonfunctional.
Click to expand...

You can't disable DEP in Windows, at least not by any conventional means.
 
HAL10000 said:
Incorrect. Windows has as bad a history, if not worse, than other OS' when it comes to the problem of user rights escalation.
Click to expand...
Up until NT kernel 6 I agree with you. However for NT6 and newer you are incorrect.

HAL10000 said:
It's also interesting that Miller speaks of DEP, which is pretty much pointless. Causes more problems than it's worth. DEP itself is often DISABLED on Windows boxes because even MS provided products end up nonfunctional.
Click to expand...

With XP you could turn off software DEP but in NT6 and newer the options you have are to restrict it to windows processes only, or all processes.

Applications that don't work with DEP are either very old or poorly coded, which means they have other holes in them that make them more of a liability.
 
Status
Not open for further replies.
Back
Top