[Ti] i386 viruses
Chris Olson
chris.olson at astcomm.net
Fri Nov 25 17:38:44 PST 2005
On Nov 23, 2005, at 4:16 PM, Ian Collier wrote:
> Of course, if the move to Intel results in a _hugely_ greater
> market share for OS X (which I doubt) then of course OS X may
> become more attractive to virus writers.
It may not too. With the root account disabled by default on Mac OS
X, only viruses/worms that take advantage of social engineering
(trick a user into supplying an admin password) would be largely
successful. The overall number of patched vulnerabilities in core
Darwin components are quite low, and being an open source development
model are better than 98% of the time going to be discovered and
patched long before an exploit exists in the wild. Windows simply
doesn't have this advantage.
The majority of successful viruses/worms rely on being able to modify
critical system components with malicious code to open back doors or
firewall ports so it can propagate, and/or load a daemon/binary at
boot time.
By no means impossible on OS X, just harder to make it work.
--
Chris
-------------------------
PGP Key: http://astcomm.net/~chris/PGP_Public_Key/
-------------------------
More information about the Titanium
mailing list