[Ti] Understanding security threats(was Re: Intel Mac Mini?)

Don ds1000309 at uid.onemain.com
Wed Mar 1 23:45:54 PST 2006


(My reply at end)

Lists wrote:

>
> On Mar 2, 2006, at 12:29 AM, Don wrote:
>
>> I have been following this thread and must admit I don't understand  
>> most of it. As a total non-geek who uses the computer mainly for  web 
>> surfing, emailing, iTunes/ITMS, MS Office and occasionally  
>> Filemaker, can someone tell me how I could be hurt by the OS X  
>> security leaks?
>
>
> Basically the thrust is this:
>
> Whenever a browser tries to do something "automatically" for you "for  
> convenience" you risk losing some security.
>
>     - This is true for Windows, where Microsoft designed it to be  
> essentially possible for a website to do whatever it wanted to  
> through Internet Explorer
>
>     - This is true, to a far lesser extent, with Mac OS X, if you use  
> Safari, and if you leave the 'Open Safe Files Automatically After  
> Download' option checked
>
> The recent exploit basically pretended to be "safe" but really  
> weren't, so Safari could be fooled into opening them.
>
> You can safeguard yourself to a great extent by turning off that  
> option in Safari, or by using Opera or Firefox instead.
>
> Chris, on the other hand, claims secret knowledge of another exploit  
> that he doesn't want to share too many details about.  He says this  
> is because he doesn't want it too widely known.
>
> Some people see this as evidence of Mac OS X's insecurity.


<snip>

Thanks very very much for the reply... just what I was looking for. In 
following the thread, I've started to fear I may have been lulled into a 
dangerous situation since I have never had any problems, security or 
otherwise, with my any of my Macs (512ke, Powerbook 100, Power Computing 
180, TiBook 400... and 20" iMac Intel sitting next to me in its 
just-arrived box). I never use IE; usually use Netscape since I like 
their mail program. When I set up the new iMac I will download Firefox 
(hard drive too full on TiBook).

Thanks again and I look forward to any other helpful explanations I 
might find in the morning's mail.

Don


More information about the Titanium mailing list