Security through obscurity isn't the best but it has sort of worked. There are NO Mac OS X viruses and every service is off by default. My guess is Francis knows what he's doing. That's a nice time saving trick. I'm plugged in to a college 24/7 so I personally wouldn't do this, but it's possible he's just on a iMac at home without internet or on modem or something.
If I had mine completely off any network, then I'd consider it. Okay, I *might* even do it. But on a LAN/DSL/cable modem/on a lot on the modem? Nuh-uh, no way.
"It's people like you that make me think conception should be licensed"
While I won't go THAT far, I will say that what you are doing is a VERY bad thing. Security in Mac OS X relies to a large extent (such as denying the ability for applications running as admin to access root without YOUR permission) on good passwords.
Just yesterday I was having fun with Network Utility.app. I pinged some servers, traced my way to some servers, and started a portscan on a random IP. Well, this IP wasn't just random, no, I got it from Carracho. So I naturally assumed that this guy would have some ports open. Well, not only did he have his Carracho ports open (obvious), he also had tons of other ports open. One was the Apple File Sharing protocol. Once I knew that his afp was running and I knew his IP, I went to the Finder, choose 'Connect to Server', entered his IP, and was then greeted with a password dialog. I choose to enter as guest.
I could see ALL his shared files. And his user name. Just imagine what would have happened if his password was blank.
Comments
Originally posted by Brad
10.0 has viruses? I never read about any.
The only one I have heard of is the bnxayr virus.
*Cough* ...that's ryaxnb backwords... *Cough*
"It's people like you that make me think conception should be licensed"
While I won't go THAT far, I will say that what you are doing is a VERY bad thing. Security in Mac OS X relies to a large extent (such as denying the ability for applications running as admin to access root without YOUR permission) on good passwords.
Barto
I could see ALL his shared files. And his user name. Just imagine what would have happened if his password was blank.