From a system security standpoint OS X is just another secure *nix variant, but where OS X shines is human interface security, with features such as the admin password prompt even for those with admin access, the fact that the main admin user is BELOW root, etc.
Again just like every *nix out there that has some basic graphical tools installed (GNOME, KDE, etc.)
Quote:
You stood up that strawman and knocked it flat on its butt.
Oh, that's just great.
Quote:
I said that there are non-Windows OSes out there that are less vulnerable to viruses than Windows.
Meaning they are more vulnerable than OS X, no? Wrong. There's nothing extra OS X does that other *nix variants don't do (and that's what OS X is, just a *nix variant).
Quote:
I did not say that these are all *nix variants. I didn't even use the phrase. Nor did I even so much as hint at the numberof these non-Windows OSes.
You didn't need to use the phrase. You implied, indirectly, though admittedly, we have non-*nix systems as well, with around 50 users, like Zeta or SkyOS.
All above responses are very constructive and have convinced me that OS X is secure - I will be PGPing the whole computer and using the Sparse Disk Idea.
No dammit, use disk utility with 128-bit encryption. Using software bundled with your system means you can access your files on any os x machine and it means you will have the software through system updates.
DO NOT USE SPARSE IMAGES whether manually or via home folder encryption. They are extremely susceptible to corruption during system crashes. I did a test on unimportant data and I thought things were going ok. But in just 2 weeks, I had some sort of crash and I couldn't mount the disk any more - all the files were lost and this has happened to lots of people.
If you use a fixed size read/write encrypted disk, you can mount it like a volume and just add files to it. Yes it does waste space but you just estimate the amount you will use. If you need more, make a bigger image and copy the stuff over, then delete the old image (it's encrypted so you don't have to overwrite it). I've been using fixed size images for years and not one error but sparse images failed in a matter of weeks.
No dammit, use disk utility with 128-bit encryption.
PGP is pretty much the standard when it comes to cross platform encryption. Disk utility is fine to a point but if you are dealing with sensitive information then you are probably also going to want to have the facility to encrypt your emails.
The downside in PGP is despite its improvements is does have a bit of a learning curve and of course if you are using it for email both people must have a copy. That said there are free versions available for just email.
You didn't need to use the phrase. You implied, indirectly, though admittedly, we have non-*nix systems as well, with around 50 users, like Zeta or SkyOS.
So I implied things that I didn't say about things that I didn't mention? Earth to Gene Clean, ....
MacOS X is darned near immune to viruses, but the other non-Windows OSes are pretty darned secure as well.
To which Gene Clean essentially said "No, because OS X is a *nix, and there exist a non-trivial number of flaws in all *nix products". He didn't say that you were talking about all the unices, linuxen etc., etc., but he attacked your assertion of "darned near" immunity.
One (1) buffer overrun in Safari is all it takes and a user's home directory is compromised. Furthermore it has been proven that there are privelege escalation attacks that are well-known in the "bad guy" community so that once they have user level access they can escalate to admin or root within about a half hour. Worse, we don't know what or where these exploits are.
OS X does have a better security model than Windows XP, but it's nothing like "darned near immune". If apple hits 20% installed base and wide use in the business community, anti-virus/anti-rootkit measures will have to become much more commonplace.
In practical terms, though, OS X users are currently not plagued by viruses, spyware or hackers, but there are reports of pure linux & OS X botnets out there, which means that compromise rates are definitely non-zero.
DO NOT USE SPARSE IMAGES whether manually or via home folder encryption. They are extremely susceptible to corruption during system crashes. I did a test on unimportant data and I thought things were going ok. But in just 2 weeks, I had some sort of crash and I couldn't mount the disk any more - all the files were lost and this has happened to lots of people.
Comments
Windows minus 4
Originally posted by akheron01
From a system security standpoint OS X is just another secure *nix variant, but where OS X shines is human interface security, with features such as the admin password prompt even for those with admin access, the fact that the main admin user is BELOW root, etc.
Again just like every *nix out there that has some basic graphical tools installed (GNOME, KDE, etc.)
You stood up that strawman and knocked it flat on its butt.
Oh, that's just great.
I said that there are non-Windows OSes out there that are less vulnerable to viruses than Windows.
Meaning they are more vulnerable than OS X, no? Wrong. There's nothing extra OS X does that other *nix variants don't do (and that's what OS X is, just a *nix variant).
I did not say that these are all *nix variants. I didn't even use the phrase. Nor did I even so much as hint at the numberof these non-Windows OSes.
You didn't need to use the phrase. You implied, indirectly, though admittedly, we have non-*nix systems as well, with around 50 users, like Zeta or SkyOS.
Originally posted by kmhtkmhtkmht
All above responses are very constructive and have convinced me that OS X is secure - I will be PGPing the whole computer and using the Sparse Disk Idea.
No dammit, use disk utility with 128-bit encryption. Using software bundled with your system means you can access your files on any os x machine and it means you will have the software through system updates.
DO NOT USE SPARSE IMAGES whether manually or via home folder encryption. They are extremely susceptible to corruption during system crashes. I did a test on unimportant data and I thought things were going ok. But in just 2 weeks, I had some sort of crash and I couldn't mount the disk any more - all the files were lost and this has happened to lots of people.
If you use a fixed size read/write encrypted disk, you can mount it like a volume and just add files to it. Yes it does waste space but you just estimate the amount you will use. If you need more, make a bigger image and copy the stuff over, then delete the old image (it's encrypted so you don't have to overwrite it). I've been using fixed size images for years and not one error but sparse images failed in a matter of weeks.
Originally posted by Marvin
No dammit, use disk utility with 128-bit encryption.
PGP is pretty much the standard when it comes to cross platform encryption. Disk utility is fine to a point but if you are dealing with sensitive information then you are probably also going to want to have the facility to encrypt your emails.
The downside in PGP is despite its improvements is does have a bit of a learning curve and of course if you are using it for email both people must have a copy. That said there are free versions available for just email.
Originally posted by Gene Clean
....
You didn't need to use the phrase. You implied, indirectly, though admittedly, we have non-*nix systems as well, with around 50 users, like Zeta or SkyOS.
So I implied things that I didn't say about things that I didn't mention? Earth to Gene Clean, ....
MacOS X is darned near immune to viruses, but the other non-Windows OSes are pretty darned secure as well.
To which Gene Clean essentially said "No, because OS X is a *nix, and there exist a non-trivial number of flaws in all *nix products". He didn't say that you were talking about all the unices, linuxen etc., etc., but he attacked your assertion of "darned near" immunity.
One (1) buffer overrun in Safari is all it takes and a user's home directory is compromised. Furthermore it has been proven that there are privelege escalation attacks that are well-known in the "bad guy" community so that once they have user level access they can escalate to admin or root within about a half hour. Worse, we don't know what or where these exploits are.
OS X does have a better security model than Windows XP, but it's nothing like "darned near immune". If apple hits 20% installed base and wide use in the business community, anti-virus/anti-rootkit measures will have to become much more commonplace.
In practical terms, though, OS X users are currently not plagued by viruses, spyware or hackers, but there are reports of pure linux & OS X botnets out there, which means that compromise rates are definitely non-zero.
Originally posted by dfryer
Mr Me, I believe this was your assertion:
.....
What does anything have to do with what you believe?
Originally posted by Marvin
DO NOT USE SPARSE IMAGES whether manually or via home folder encryption. They are extremely susceptible to corruption during system crashes. I did a test on unimportant data and I thought things were going ok. But in just 2 weeks, I had some sort of crash and I couldn't mount the disk any more - all the files were lost and this has happened to lots of people.
You're going to want to back that claim up.