GTFO the internets, Symantec
Monday, 2006-07-03; 01:49:00
Norton Utilities was the first tool I used to fix a damaged computer.... BACK WHEN I WAS USING SYSTEM 7.5.5. Now look at what Symantec has devolved into: take a look at their latest security bulletin regarding a "trojan horse" for Mac OS X.
But guess what? There is no trojan. There is no malicious entity out in the wild trying to get into your computer, and there is not even a proof-of-concept. There is only a security hole, present in a no-longer-up-to-date version of Mac OS X: it only affects 10.4.0 to 10.4.6. (By the way, it's also just a local privilege escalation vulnerability, which means you have to already have local access to the computer.) The requisite Apple security knowledgebase article describes the security hole under the launchd/CVE-ID: CVE-2006-1471 heading.
As MacFixit reports, the only reason Symantec even knows about this hole is because there was a small post to the SecurityFocus website. They also probably got some info from the Apple knowledgebase article, since the SecurityFocus bulletin is so devoid of details. (It's possible that they had "internal knowledge" of the vulnerability, but since the publish date of the vulnerability is later than even the modified date of Apple's bulletin, I bet they just gleaned the info from there.)
This thing has been slowly making it's way around the web, and recently ended up on digg (I marked it as inaccurate). And it again makes many uninformed dimwits point and say, "See? Mac OS X isn't invulnerable either!" No one said it was, but this doesn't prove it isn't. And although it may not be invulnerable, it certainly is much more secure than any operating system that rhymes with "Shmindows". Also, if some Microsoft fanboy wants to make the case that Mac OS X is more secure because it just has a piddly market share, there is no better cure to this lame-ass point than the witticisms of John Gruber:
*sigh* It really pisses me off how every time there's a minor security vulnerability in Mac OS X, everybody goes around championing the fact that Mac OS X has a new hole and that viruses are going to start running rampant on Macs and that the sky is falling. Symantec has pulled this trick out of their ass before -- twice, in fact. (And then, irony of ironies, it turned out that installing Norton Antivirus on your Mac made it LESS secure.)
It seems the only way that Symantec can get in the Mac news anymore is to say that they're heroes of the Mac community for saving everybody from the latest rampant Mac virus.
Seriously, Symantec, go away. We don't want you on the Mac platform or in the Mac community. If you're going to give us shit, not to mention shitty products, stay on the Windows platform where you'll be right among your peers who use the same tactics to sell their shitty software.
But guess what? There is no trojan. There is no malicious entity out in the wild trying to get into your computer, and there is not even a proof-of-concept. There is only a security hole, present in a no-longer-up-to-date version of Mac OS X: it only affects 10.4.0 to 10.4.6. (By the way, it's also just a local privilege escalation vulnerability, which means you have to already have local access to the computer.) The requisite Apple security knowledgebase article describes the security hole under the launchd/CVE-ID: CVE-2006-1471 heading.
As MacFixit reports, the only reason Symantec even knows about this hole is because there was a small post to the SecurityFocus website. They also probably got some info from the Apple knowledgebase article, since the SecurityFocus bulletin is so devoid of details. (It's possible that they had "internal knowledge" of the vulnerability, but since the publish date of the vulnerability is later than even the modified date of Apple's bulletin, I bet they just gleaned the info from there.)
This thing has been slowly making it's way around the web, and recently ended up on digg (I marked it as inaccurate). And it again makes many uninformed dimwits point and say, "See? Mac OS X isn't invulnerable either!" No one said it was, but this doesn't prove it isn't. And although it may not be invulnerable, it certainly is much more secure than any operating system that rhymes with "Shmindows". Also, if some Microsoft fanboy wants to make the case that Mac OS X is more secure because it just has a piddly market share, there is no better cure to this lame-ass point than the witticisms of John Gruber:
So, let’s concede the point, just for the sake of argument: OK, fine, if the Mac had the same market share as Windows, the tables would be turned and there’d be just as many Mac security exploits as there are Windows exploits today.
Now what? Given that the Mac is never going to attain a monopoly share of the operating systems market — that merely expanding its share to, say, 10 percent would be universally hailed as an almost-too-good-to-be-true success — isn’t it thus only logical to conclude that the Mac is forever “doomed” to be significantly more secure than Windows?
*sigh* It really pisses me off how every time there's a minor security vulnerability in Mac OS X, everybody goes around championing the fact that Mac OS X has a new hole and that viruses are going to start running rampant on Macs and that the sky is falling. Symantec has pulled this trick out of their ass before -- twice, in fact. (And then, irony of ironies, it turned out that installing Norton Antivirus on your Mac made it LESS secure.)
It seems the only way that Symantec can get in the Mac news anymore is to say that they're heroes of the Mac community for saving everybody from the latest rampant Mac virus.
Seriously, Symantec, go away. We don't want you on the Mac platform or in the Mac community. If you're going to give us shit, not to mention shitty products, stay on the Windows platform where you'll be right among your peers who use the same tactics to sell their shitty software.
Technological Supernova Rants Older Newer Post a Comment