Study shows Mac OS X Server among most secure in world

Networking/Security Forums -> Macintosh

Author: chrisLocation: ~/security-forums PostPosted: Sun Feb 22, 2004 6:14 pm    Post subject: Study shows Mac OS X Server among most secure in world
    ----
British cyber security firm mi2g recently announced the results of a study that names Mac OS X one of the most secure online server operating systems in the world, alongside the Berkeley Software Distribution (BSD) family of Open Source systems. The study also showed that Linux is currently the most-breached online server OS.

The study was conducted by mi2g's Intelligence Unit, which looked at the overall number of attacks against government and private sector online servers, as well as the percentage of successful attacks, for the month of January. Linux bore the brunt of 80 percent of the overall attacks, followed by Microsoft Windows at 12 percent and BSD and Mac OS X at 3 percent, together

The total number of successful attacks, according to mi2g, was 17,074, of which Linux accounted for 13,654, Windows 2,005, and BSD and Mac OS X 555. Looking strictly at successful attacks against government servers, Linux comprised 57 percent of those, followed by Windows at 35 percent and BSD and Mac OS X at 0 percent, which the company notes is a first for that category.

mi2g also saw a stark contrast between January's percentage of successful attacks against government servers and the situation six months ago, when Windows was at 51 percent and Linux suffered just 14 percent of the breaches. DK Matai, the company's executive chairman, noted that "the swift adoption of Linux last year within the online government and non-government server community, coupled with inadequate training and knowledge of how to keep that environment secure when running vulnerable third party applications, has contributed to a consistently higher proportion of comprised Linux servers."



Source

MacCentral Full Article

Author: Mongrel PostPosted: Mon Feb 23, 2004 1:28 am    Post subject:
    ----
Stands to reason - *nix used to be most secure until it became
very popular. Once that happened it became targeted by default
and studied more intensely for weaknesses.

The Oooold Security by Obscurity concept.
Nothing more IMHO


Last edited by Mongrel on Mon Feb 23, 2004 2:28 am; edited 1 time in total

Author: mregg PostPosted: Mon Feb 23, 2004 1:49 am    Post subject:
    ----
Perhaps some linux junkies will quit telling the world how much better it is than Windows now...

Author: alt.don PostPosted: Mon Feb 23, 2004 2:23 am    Post subject:
    ----
We linux junkies say that by virtue of the fact that the source code is open for audit by all. Unlike Microsoft's which is not. Or was not until recently Laughing

Author: Tom BairLocation: Portland, Oregon USA PostPosted: Mon Feb 23, 2004 2:46 am    Post subject:
    ----
This thread is seriously getting off-topic Rolling Eyes

Author: shakin PostPosted: Tue Feb 24, 2004 12:05 am    Post subject:
    ----
mi2g doesn't define what they consider an "attack" or a "breach". If a hacker stumbles upon an unsecured phpmyadmin install, is that a breach? What about a SQL injection in the app? What about an anonymous FTP with write privs? There are lots of ways to break into a server that aren't the fault of the OS. I'm sure a boat load of wu-ftp security vulnerabilities were counted, but that hardly makes Linux less secure.

Author: Colonel_Panic PostPosted: Sat Nov 20, 2004 3:10 pm    Post subject: Re: Study shows Mac OS X Server among most secure in world
    ----
chris wrote:
... Linux bore the brunt of 80 percent of the overall attacks, followed by Microsoft Windows at 12 percent and BSD and Mac OS X at 3 percent,...

...The total number of successful attacks, according to mi2g, was 17,074, of which Linux accounted for 13,654, Windows 2,005, and BSD and Mac OS X 555. Looking strictly at successful attacks against government servers, Linux comprised 57 percent of those, followed by Windows at 35 percent and BSD and Mac OS X at 0 percent, which the company notes is a first for that category.



Now wait a minute. Does this study take into account that linux is by far most common os on servers, followed by Windows and I don't often hear about Mac servers. In this light, linux comprising 57 percent of succesful attacs compared to Windows 35% actually seems to indicate that linux is more secure.

However, back to original topic, my friend who is security professional recently started using Mac as his personal computer because it is, in his opinion (and this guy knows a lot), most secure. In fact, I'm planning to get me a new computer and Mac is one option I'm seriously considering...

Author: inittab PostPosted: Sat Nov 20, 2004 3:17 pm    Post subject:
    ----
I can't see how anyone can come up with these kinds of stats. Particulary since there are a total of only 4 or m_a_y_b_e 5 Mac OS X severs in the world. Wink

Author: 0megaLocation: In Front of My Computer PostPosted: Sat Nov 20, 2004 9:11 pm    Post subject:
    ----
inittab wrote:
I can't see how anyone can come up with these kinds of stats. Particulary since there are a total of only 4 or m_a_y_b_e 5 Mac OS X severs in the world. Wink

That stat is kinda skewed! I see what you're saying, but we have more Mac servers just where I work than that! (I might mention that we are an authorized Apple repair center, and we don't do PCs, so that kinda sways us. Laughing )

Cheers,
0mega

Author: xcfxLocation: Puerto Rico PostPosted: Thu Dec 23, 2004 12:54 am    Post subject:
    ----
And I can't see w_h_y it matters so much if there are running 5,000 servers or just 1.

You only need one server of each Operating System to perform a security test.

The security tests are performed on default software installations, that means without tweaking, without modifying, just running out of the box. -- And that's where OS X and BSD is general is superior over Linux.

Now, if you have one of the most secure out-of-the-box Operating System, and mix that with a good systems administrator, you have an ultra secure system.

Author: xcfxLocation: Puerto Rico PostPosted: Thu Dec 23, 2004 12:57 am    Post subject:
    ----
I forgot to mention, that I know a lot of people that might not run Mac OS X Server at all, but they run Darwin on their X86 servers. :p

Author: ryansuttonLocation: San Francisco, California PostPosted: Thu Dec 23, 2004 1:52 am    Post subject:
    ----
I don't think I agree that "out of the box" security has anything to do with how a secure an OS is. The reason being is that everyone has different uses for a computer, which means I will secure my OS differently then you secure yours. What matters is potential for security, the only reason to be concerned with out of the box security is if you plan on doing nothing to tighten things up. If that is the case then why read this thread? Laughing

Author: xcfxLocation: Puerto Rico PostPosted: Fri Dec 24, 2004 12:13 am    Post subject:
    ----
ryansutton wrote:
I don't think I agree that "out of the box" security has anything to do with how a secure an OS is. The reason being is that everyone has different uses for a computer, which means I will secure my OS differently then you secure yours. What matters is potential for security, the only reason to be concerned with out of the box security is if you plan on doing nothing to tighten things up. If that is the case then why read this thread? Laughing


I agree, everyone has different uses for a computer -- in my opinion "potential for security" goes by hands with out of the box security. Let me explain my point, you and I have very different approaches on our systems, we will secure our systems on very different ways -- yet, we like the same Operating System... you may tweak some parts of it to make it more secure but I think it will be a bit doubtful that you will tweak the entier Operating Systems, not everyone has that amount of time or interest and thats when I think an out of the box system that is secure is very useful.

p.s. I'm lazy today, so, if you want a more elaborated tell me which part and i'll do it ;P



Networking/Security Forums -> Macintosh


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group