On Fri, Dec 25, 2009 at 02:56:29PM -0500, John Francis scripsit: > I've personally encountered a Linux-based attack (at one of the > sites I use for hosting), valthough that's probably a softer > target than OS/X because the source code is widely available.
It's not security until it works when the black hats know how it works. The degree of obscurity in OS/X isn't an advantage because it's still fundamentally BSD, and anybody who cares to can download it and decompile it; all the tools required are in the free ecosystem. Linuxes have the minor advantage that it's mostly a server OS; the relatively secure server tools are available if you want them. (Really secure, well, you start by disabling any non-volatile writeable storage and recompiling all the utilities with random 4,098 character hex digit names, library names, and options, which gets put into a totally flat directory structure. (/dev/ and /proc/ too, everything. The problem is that no one wants to use such a machine for some reason...) -- Graydon -- PDML Pentax-Discuss Mail List PDML@pdml.net http://pdml.net/mailman/listinfo/pdml_pdml.net to UNSUBSCRIBE from the PDML, please visit the link directly above and follow the directions.
