cancel
Showing results for 
Search instead for 
Did you mean: 

Security

Community Veteran
Posts: 38,460
Thanks: 1,027
Fixes: 62
Registered: 15-06-2007

Security

10 REPLIES
Moderator
Moderator
Posts: 18,328
Thanks: 1,666
Fixes: 184
Registered: 11-01-2008

Re: Security

and? don't think there is anything new that a balanced viewpoint would have considered anyway.
The question is will the market share become large enough to make it worth it?

Customer / Moderator / If it helped click the thumb / If it fixed it click 'This fixed my problem'

Moderator
Moderator
Posts: 18,328
Thanks: 1,666
Fixes: 184
Registered: 11-01-2008

Re: Security

I also think Linux would be in the same position if the market share ever hit the point where it becomes worth it.
[me=adiewoo]awaits the fan boi reactions[/me]

Customer / Moderator / If it helped click the thumb / If it fixed it click 'This fixed my problem'

barky
Grafter
Posts: 166
Registered: 21-01-2009

Re: Security

I've heard & read the 'I've got a mac so I don't need anti virus software' so often that now I rarely bother to ask mac fans how they are so sure  Roll eyes
They've spent all that money on shiny, pretty mac they should have it as a safety net IMO -- but lots don't -- power of apple marketing macs as superior to PC's that is -- both do the same job just as well 99.9% of the time -- even got the same cpu's in them now
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Re: Security

Well it's true, as a Mac user you don't really need antivirus software. Perhaps people's reasons for saying that might be incorrect but it is, nonetheless, true. To date I don't think there's been a single virus that's caused much of a problem for Mac users - certainly nothing widespread.
Community Veteran
Posts: 1,850
Registered: 11-08-2007

Re: Security

while it may be true that mac, along with linux, is not vulnerable to viruses, they can be vulnerable to other exploits, such as sms, as mentioned in the article.
sensible users of linux NEVER go online as root, which keeps that extra layer of security between the user and the outside world.  checking for rootkits from time to time is recommended.
the sort of exploits being employed lately use browser vulnerabilities to get at the user's operating system, so it is as well to take whatever precautions are offered whatever operating system is being used.
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Re: Security

Quote from: artificer
the sort of exploits being employed lately use browser vulnerabilities to get at the user's operating system, so it is as well to take whatever precautions are offered whatever operating system is being used.

I disagree, to an extent: I think an informed decision needs to be made. Anti-virus software and the like all takes up valuable system resources, and can be a pain in a Windows-UAC kind of way. So for me personally, I choose not having that stuff cluttering up my computing experience over having every last shred of protection. Someone who is less confident at spotting unusual behaviour etc. might, of course, choose differently.
Ben_Brown
Grafter
Posts: 2,839
Registered: 13-06-2007

Re: Security

Quote from: artificer
the sort of exploits being employed lately use browser vulnerabilities to get at the user's operating system, so it is as well to take whatever precautions are offered whatever operating system is being used.

True, however all the examples I've seen in the wild use Windows shellcode, so would do nothing on a *nix box. That doesn't mean the Mac/Linux community should become complacent however, and I can see a possible problem developing as some distributions of Linux try to make their system as close to windows as they can, in the meantime compromising on security (e.g. letting people run pretty much anything as root via sudo without having to think about it first), combined with increased uptake of Linux systems.
One of the great double edged swords of GNU/Linux is that it lets you do what you want - weather it's a good idea or not. Like they say in Spiderman, with great power comes great responsibility!
Community Veteran
Posts: 1,850
Registered: 11-08-2007

Re: Security

there is some argument in the community regarding the use of 'sudo'.  many of us won't enable it as it offers a doorway to the hacker by making access to root so readily available.  people use it because they don't want to keep having to enter the root password when they need to have root access.
most linux/bsd exploits require physical access to the computer.
Waldo
Grafter
Posts: 473
Registered: 01-08-2007

Re: Security

Quote from: artificer
people use it because they don't want to keep having to enter the root password when they need to have root access.

The benefit of using sudo is that the root password isn't required.
On a mullti-user system a sysadmin can configure sudo such that one (or more) individual(s) can be allowed to run one (or more) command(s) with root privileges without said individual(s) needing to know the root password.
Ubuntu opted for sudo over su (for the first user on a system) partly on the basis that the password associated with their user account is less likely to be forgotten than a (relatively) rarely used root password.
So long as the user password is no less weak than one would use for a root password it's unlikely to make any difference to a hacker.   
FWIW Darwin uses sudo by default, too.
MrC
Grafter
Posts: 523
Thanks: 2
Registered: 17-07-2008

Re: Security

Quote from: Waldo
On a mullti-user system a sysadmin can configure sudo such that one (or more) individual(s) can be allowed to run one (or more) command(s) with root privileges without said individual(s) needing to know the root password.

Which is a bit irrelevant for most hobby boxes where, if there is more than one user, usually only one of them will need root access.
Personally I don't use sudo (or su for that matter) when I'm at home - I just permanently run a console app with a root login and ensure it has a different prompt and distinctive foreground and background colours to make it stand out. Obviously in an office environment or similar then you wouldn't normally do this - then sudo or other control methods have their place.