[clug] OSX + wireless security...
Alex Satrapa
alexsatrapa at mac.com
Tue May 12 02:06:18 GMT 2009
Andrew Janke wrote:
> Does anyone have any links to articles or the likes showing that OSX
> wireless is less secure than its equivalent Microsoft counterpart?
Any system that is not understood by the people paid to support it
will be inherently unstable, insecure, and poorly configured. Once
there is a "supported configuration", by definition everything that is
not the "supported configuration" is unsupported and therefore not
understood.
The "it's not secure" argument will be used in a different incarnation
to explain why the Department is sticking with Microsoft Windows XP
instead of migrating to Microsoft Windows Vista. Again, it's more
about what is supported (and therefore maintained and understood by
the trained monkeys) rather than what is inherently more or less secure.
Apart from lack of understanding by people in the IT desktop support
industry, prejudices against Apple products because they're not Dell,
or other symptoms of cretinism, here are some other issues to consider:
Address Space Layout Randomisation
Microsoft Windows Vista uses Address Space Layout Randomisation, which
Mac OS X does not, Microsoft Windows XP does not, and neither do
Debian or Ubuntu Linux distributions. Of course, the ASLR is turned
off for Internet Explorer (the application most likely to be
exploited), so the argument is moot.
There are versions of Linux or other operating systems available that
perform ASLR in various incarnations (eg: "Hardened Gentoo", OpenBSD).
Non-Executable (NX) bit
The NX bit is intended to prevent the Intel processor from executing
instructions fetched from specific regions of memory. Ideally, the
memory region such as heap and stack is marked as "non-executable",
and each process runs in its own virtual memory map (ie: applications
can't go clobbering memory used by other applications).
Mac OS X supports the NX bit on all applications, Microsoft Windows XP
SP2 and Vista makes some use of NX. "These features have been in the
stable Linux kernel since release 2.6.8 in August 2004." -- Wikipedia
Wi-Fi Vulnerability
There was one rather public hack (David Maynor) against the device
drivers for wireless cards supported by Mac OS X. My understanding is
that the vulnerability (stack overflow when handling bad frames) was
common to the drivers - anyone using that company's chipset+driver on
an Intel platform was vulnerable, Apple MacBooks were used purely for
the PR factor. See CVE-2006-3507 and CVE-2006-3508.
Pwn2Own
There has been a lot of press on the Pwn2Own competition, with Safari
falling prey in every competition with great spectacle. Note that the
vulnerabilities exposed mean that it is possible to attack a Mac with
drive-by malware.
Having said that, it's worth noting that Internet Explorer 8 running
on Windows 7 was also "pwned" in the Pwn2Own competition. Firefox was
"pwned" too. Again, vulnerabilities in the browsers lead to the
possibility of drive-by malware infection.
This is just a selection of stuff that came up in five minutes of
trying to remember stuff about real-world security on Mac OS X versus
"everyone else". Hopefully others on list can expand on it.
Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 220 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/linux/attachments/20090512/6634a2c4/PGP-0001.bin
More information about the linux
mailing list