Eric Schmidt -- Want to be secure? Chrome + Mac

http://www.cultofmac.com/eric-schmidt-if-youre-worried-about-security-use-chrome-and-a-mac/97810

Hard to argue. The worst malware OSX has had to deal with literally has to be installed by the user and is easier to uninstall than norton.

 

As Mac's get more popular that could change however. I would put my money on Linux or BSD.

 

Me as well. Macs are for newbies.

 

Newbies? Hardly. At least not exclusively.

 

They are made to be simple to use.

Ironic that Eric Schmidt didn't recommend something from his own company, Google Chrome OS (which is based on Linux). Heck it's completely a Chrome browser.

 

The article cited by the OP is from cultofmac.com

cult

http://www.prevx.com/blog/109/The-goal-of-antimalware-products.html
December 16th, 2008

Drive-By Attacks vs. Social Engineering
June 3, 2009
http://blogs.pcmag.com/securitywatch/2009/06/drive-by_attacks_vs_social_eng.php

http://nakedsecurity.sophos.com/201...al-engineering-more-common-than-exploitation/
May 19, 2011

Indeed, even 3-1/2 years ago:

DNS changer Trojan for Mac (!) in the wild
Published: 2007-11-01
http://isc.sans.org/diary.html?storyid=3595

The idea that an OS/browser combination is the answer to malware threats is misguided at best.

For the non-technically knowledgeable person, it is a false sense of security, since that person is susceptible to being tricked, no matter the OS/browser.

The technically knowledgeable person won't be tricked anyway, no matter the OS/browser.

Note that the initial stage of the current MACDefender exploit is triggered in the same way as those against Windows users:

More on MAC OSX Malware - MACDefender Fake Antivirus
http://isc.sans.edu/diary.html?storyid=10813

No matter the OS and browser combination, if the user is tricked, she/he grants permission to install the ____________ (fill in the blank) and that is that!

It will be interesting to see how remote code exploits against the Mac OS and 3rd party applications develop. There have not been many, but they do show the potential for code exploitation, such as:

Skype 0day vulnerabilitiy discovered by Pure Hacking
http://www.purehacking.com/blogs/gordon-maddern/skype-0day-vulnerabilitiy-discovered-by-pure-hacking

Sound familiar? If we remove "skype" we can substitute any number of products:

And so, as malware for Mac users evolves, those users will be in the same position as Windows users, where they will need to

• pay attention to keeping the OS, 3rd party applications, and plugins updated;
  
  
• employ security products to protect against the execution of 0-day unauthorized code;
  
  
• develop safe and secure computing habits.

Those who follow the malware scene pay no attention to the musings of the cultists.

regards,

-rich

 

I have a better title: Want to be secure? Anything + anything. Boring.
Mrk

 

agreed. its the person using the operating system thats the issue.

or the better title: to be secure unplug your router

no matter what OS is used if someone allows malicious software the root password they get owned.

I would like more separation in all operating systems. It would be nice for operating systems to have separate containers like qubes. I dont like how any programs I run can access my user data if they wanted to. third party solutions such as sandboxie create issues. programs werent designed to run inside sandboxie. I would like to see native sandboxing. my media player only needs access to F:\Music and my disc drive so it would be nice if i could create a container and only allow those locations.

 

Can you give an example to illustrate what you mean?

Thanks,

-rich

 

Hello Rmus,

Well im not an expert in user permissions but surely any program i run as user has the same permissions as i do? which means it can access my user directory? if the program can then im wondering what i can do about it? I Currently use windows 7 with a standard user account.

 

Nothing to do about it. Google does this so that if you have multiple Windows accounts it isn't globally installed/ can be used or unused more easily.

 

I think Eric is still pissed about this: http://battellemedia.com/archives/2005/09/ballmer_throws_a_chair_at_fing_google

 

He would do well at caber tossing, too!

Anyways, here's a little from the link:

 

I'm not sure what scenarios you are concerned about.

For example, an updater (such as adobe or java or browser) can peruse your computer to check for versions.

If not these, give some examples of what you think might happen...

regards,

-rich

 

Chrome is a good option, MAC should be not. I still stick to Win7.