From my experience with Linux server and workstations, It has become a habit to install a few essential applications to secure the system. Some of the applications I automatically install is Advanced policy Firewall (APF), Brute Force Detection (BFD), Chkrootkit, and Rkhunter.
OS X being a unix based subsystem, is it remotely possible that a few script kiddies can compile an application that may compromise your system? I imagine popularity of OS X will sky rocket in the coming months and I would think that it's inevitable that certain scripting attacks will occur. I know how easy it is to create or modify any PHP or Perl code in order to compromise a system, as long as it isn't obfuscated or Zended . Is this possible with PPC or Universal Binary Applications?
Another concerning factor is that even legitimate applications do call home or send information back to the developer. This is not new to Windows and Linux. I worry about information collected and sent back to the developer without the owner's consent. Having worked on Tiger for a very brief time, I have detected many applications, even native Apple applications connecting to the internet. It has not been a issue to me at this point. But I imagine in a year or two or when I own my legitimate Apple OS, it will be.
2 replies to this topic
Posted 11 January 2006 - 02:35 PM
Posted 11 January 2006 - 03:00 PM
I think many people are in the same (unsecure) situation as me:
Security IS Your Responsibility
- I can't update my OSX86. I don't think that this is a problem right now (not enough OSX86 users), but once there are more intel MACs online (then the skript kiddies will begin to work) this can be a problem.
- I downloaded many x86 compiled software for testing from unknown people or URL's, at usual this is very unsecure (everything can be in this binarys).
- I don't have any antivirus for OSX86 because I don't want to install PPC software (my only OS without an antivirus)
Right now I'm using OSX86 against every security rules, but I'm still hoping that I can change this situation in the future.
Posted 11 January 2006 - 04:49 PM
even Maxxuss could be a big devil who get every password we type, by adding a spy inside the kernel itself (lol!)
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users