RSS Feed
18.33
mobileinfo
Security analysts and Windows managers often point a finger at Apple's long-standing place on top of OS vendor Secunia vulnerabilities list. That chart can, however, only part of the uncertainty image assign.
Neil MacDonald, vice president at Gartner Research recently wrote a research note on or anti virus software on Mac OS X and Linux desktops is necessary. (The answer is Yes.)
In a recent blog post says MacDonald that in a number of reports, such as Secunia vulnerability of 2010 rankings, Apple in at number 1, and Microsoft, number 3. This looks very bad for Apple.
However, he says that while the number of vulnerabilities is an important measure, the severity of the vulnerabilities is also important. Comparing the "critical and high-vulnerability disclosure" in IBM's X-Force 2010 mid year Trend and risk report, Apple seems to have the safety improved in the past 5 years, while Windows has gone from 20 percent to 75 percent.
With Microsoft's Secure Development Lifecycle in place and continue to be refined over the past 7 years, why the OS software produced by Microsoft a significantly larger percentage of vulnerabilities rated critical or contains high while other OSs fall?
MacDonald offers some important analysis on the subject. Take a look-see.
So the story is not just about some abstract vulnerability but on how bad it all really is. And anyone who has both Macs and PCs used the real-world difference understands.
For example, works on my Mac, I got infected with malware twice: once in the late 1980s before the malware word was invented, and another time with a macro virus Windows in the 1990s. This is not a declaration of the vulnerability or General invulnerability of Mac OS. Instead, it's just how it has been.
Meanwhile, Apple seems to be making a greater effort to security in Mac OS X Lion. The recently invited security researcher within the fold — something that has never happened before.
Some researchers have high hopes about improvements in Leo.
Charlie Miller, author of the Mac Hackers Handbook and principal security analyst at independent security evaluators was interviewed on Infosec island after his recent victory at Pwn2Own this month. He pointed out that with the release of iOS 4.3, the iPhone now ALSR (address space layout randomization) and data execution prevention (DEP) security. Of course, here's Apple Microsoft, that the arrangements in Windows Phone 7 supports.
Windows has since full ASLR in Windows Vista, he reminded us.
Q: this leads you to believe that the Mac OS X Lion also full ASLR perhaps when released?
A: I sure hope so. If it has full ASLR, it will be a vast improvement over Snow Leopard.
Watch the full interview: Miller slows down the security situation on Mac OS X and iOS, and talks about the techniques that he used to hack iPhone in Pwn2Own.
David Morgenstern has covered the Mac market and other technology segments for 20 years.
0 komentar:
Posting Komentar