Hacker News new | past | comments | ask | show | jobs | submit login

> This virus spreads from visiting malicious websites or websites with malicious ads. Since not much browsing happens on servers, there is no reason to target them.

Servers have a lot more information (thousands of credit cards, email addresses, passwords, etc.) than desktops. Criminals who seek personal gain rather than just mayhem would target servers.

> Does that mean that some Windows viruses were written by Mac fanboys to make Windows look bad?

No. To use sociological terms, Windows was the dominate group, Mac OS X the subordinate. When Mac OS X was starting to come into vogue in the first half of the 2000s, there were many fanboys that kept bragging about how their computers were infinitely better than "PCs", and everyone who grew up in the 90s and 2000s has surely had conversations with Windows users, often gamers or early /b/ users, who had almost a religious vitriolic hatred towards every aspect of Apple--Mac OS X, Mac computers, fanboys, "one-button mice", etc. Now that Mac OS X is accepted as a well designed OS, those fanboys and that hatred seem to be much less visible, although now lots of people dislike Apple for becoming the new Microsoft with regards to patent lawsuits, but I digress. The point is that whenever such vitriol exists, there are people dying to prove that they're right, in this case that Mac OS X wasn't immune to viruses like the "mactards" (that's one of the terms they called Apple fanboys) claimed. Did you really not witness this phenomenon of hatred in the early 2000s?

> How? Can you explain what you mean by Windows having a unique vulnerability that is not present on a Mac?

Mac OS X is essentially the Aqua window system atop Darwin, the OS's underlying system that descends from FreeBSD. As a form of UNIX, it does not give non-root users direct kernel access. Windows doesn't have this very logical restriction, and more and more ways are discovered to exploit this. Windows Vista and 7 have tried to mend this flawed infrastructure by asking users to explicitly authorize everything, but we all know how that's worked out.

> Again, this is a drive by exploit from a web page, not social engineering.

Escalation was allowed from the JRE vulnerability, but it was my understanding that initial authorization had to be given to run it. Edit: I just reread the article and it appears that this was a self-installing trojan. If that's the case, that certainly shows that vulnerabilities that allow self-installation as opposed to just privilege escalation do show up in Mac OS X from time to time, but from my limited experience, the main way to make use of trojans targeting Mac OS X is to use social engineering to install them (e.g. take advantage of the fact that Finder hides file extensions by default, and then change an executable's icon to that of an image, and then preserve the metadata in an archive) and then take advantage of a security vulnerability that allows privilege escalation. Such vulnerabilities are incredibly rare in Mac OS X since unlike Windows, kernel space is isolated from users.

> Such vulnerabilities are incredibly rare in Mac OS X since unlike Windows, kernel space is isolated from users.

That's just flat wrong and hasn't been true for an OS Microsoft has supported for mainstream use since 2003 [1]. Windows XP and all current Windows releases are based on the protected NT kernel which debuted in 1993 (with Windows NT 3.1). In fact, Microsoft and Apple stopped shipping OSes with unprotected kernels in the same year (2001) with Windows XP and OS X "Cheetah", respectively.

Look, Microsoft has made a lot of mistakes with respect to security (bad defaults, running as Administrator too often, too many low-level bugs, ...). Since OS X, Apple has had a much better security track record. That's why it is so frustrating to see people criticize Microsoft for mistakes they fixed a long time ago instead of focusing on current (or at least recent) issues.

[1] When Microsoft downgraded Windows 98/98SE/ME to paid support and critical security fixes only: http://support.microsoft.com/gp/lifean18

That can't be true. If NT-based versions of Windows implemented a system call mechanism that protected the kernel from users, XP wouldn't have been ridden with viruses, and there would have been no purpose in giving Vista and 7 the access control mechanism to warn users of potentially harmful system calls. By the way, Cheatah just refers to the original Mac OS X. Your phrasing "stopped shipping OSes with unprotected kernels ... [starting with] Cheetah" makes it sound like Mac OS X initially didn't have this protection, which is not the case.

First, Cheetah wasn't the first Mac OS X. There was Mac OS X Server 1.0 in 1999 (see: Wikipedia). Cheetah was the first desktop-oriented version of Mac OS X.

Second, I didn't imply that prior versions Mac OS X didn't have kernel protection, I implied that prior versions of Mac OS didn't have kernel protection. This is indisputably true (see: Mac OS 9). Personally, I find Windows / Mac OS parallel surprisingly close here: Windows ME is to Windows XP as Mac OS 9 is to Mac OS X Cheetah.

Third, UAC (User Account Control), the access control introduced with Windows Vista, is almost entirely unrelated to kernel protection (except that UAC would probably be pointless without it). The problem UAC tries to solve is "users running as an administrator too often", not "the kernel isn't protected from user programs". In other words, it is Windows' answer to sudo, not a fundamental change to the Windows kernel.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact