|
|
| Author |
Message |
b0rgel
|
|
The most secure os
| 
Apr 30 18:04 UTC 2001 |
What do you think the mose secure operating system is? I keep hearing OpenBSD,
but Ive just recently realized that i've never seen an exploit for a
Macintosh. What do you all think?
|
| 14 responses total. |
raven
|
|
response 1 of 14:
|
Apr 30 22:50 UTC 2001 |
Supposedly the NSA is working on an open source distro of Linux that is
supposed to be very secure, see Slashdot for more details. I would guess that
one of the commercial Unixs would be the most secure OS at this point, any
gurus care to chime in? Maybe someone could link this to the jellyware conf?
|
lasar
|
|
response 2 of 14:
|
May 1 22:31 UTC 2001 |
I don't have any numbers, but the Mac OS (pre OS X) is quite safe, I guess.
Partly because it doesn't have a command line interface, which may make
writing virii a bit harder, and partly because there aren't so many of them.
I've been online for abouv5 years with Macs, and have never had a virus, even
though I've never had any antivirus software installed.
|
b0rgel
|
|
response 3 of 14:
|
May 1 23:29 UTC 2001 |
I know the Mac os X is built on BSD. Are you allowed to acces a BSD shell on
MacosX?
|
raven
|
|
response 4 of 14:
|
May 2 04:02 UTC 2001 |
re #3 Yep, but I odn't know if it includes gcc or not?
|
b0rgel
|
|
response 5 of 14:
|
May 2 15:38 UTC 2001 |
By the way #1, how do you link a conference?
|
lasar
|
|
response 6 of 14:
|
May 2 23:08 UTC 2001 |
Re #4: I'm not sure if it is included, but it should sure run on it, once
installed. I know gcc is for compiling programs, but in what way is it related
to this discussion?
|
raven
|
|
response 7 of 14:
|
May 3 01:16 UTC 2001 |
re #5 To link an item from one item to another you have to be a fairwitness
in the conference. The fairwitnesses are listed at the top of each conference.
To link something to cyberpunk e-mail me raven@cyberspace.org with the item
in the other conference I'll link anything as long as it's legal. :-)
re #6 The reason it's relevant is that if you want a truely secure O.S.
you will compile all your apps from original source code so you can check
the code to see if it's been tampered with or contains security flaws.
Obviously you can't do this with pre compiled bianaries. Now me
personally I'm not that paranoid (or smart take you pick) but if you are
talking the MOST secure O.S. then it needs a compiler IMO.
|
scott
|
|
response 8 of 14:
|
May 3 11:24 UTC 2001 |
I recall some story about how the original C compiler included a back door
put in by the author. The source was clean, but when you used the (compiled)
compiler it would figure out it was compiling its own source and put the back
door in. Since the original compiler binary had to come from the author, it
took an amazingly long amount of time before this was discovered.
|
larsn
|
|
response 9 of 14:
|
Jun 30 20:24 UTC 2001 |
I suppose one could add to the above story the fact that the backdoor
in question was in the login program. So the compiler had two things
to be concerned about: am I compiling the compiler, or am I compiling
the login program?
|
jhudson
|
|
response 10 of 14:
|
Jul 3 00:16 UTC 2001 |
Couldn't have been the origional C compiler, as that was written in B.
But B only ran on a particular machine (the first UNIX machine).
|
larsn
|
|
response 11 of 14:
|
Jul 12 13:29 UTC 2001 |
http://www.science.uva.nl/~mes/jargon/b/backdoor.html
Historically, back doors have often lurked in systems longer than anyone
expected or planned, and a few have become widely known. Ken Thompson's 1983
Turing Award lecture to the ACM admitted the existence of a back door in early
Unix versions that may have qualified as the most fiendishly clever security
hack of all time. In this scheme, the C compiler contained code that would
recognize when the `login' command was being recompiled and insert some code
recognizing a password chosen by Thompson, giving him entry to the system
whether or not an account had been created for him.
FWIW.
|
darksyde
|
|
response 12 of 14:
|
Sep 2 20:56 UTC 2001 |
Most secure os?? well, it wasss mac os. any pre osx version are tight as
shiut. the only exploits were through appletalk, wich if you turn off is no
problem. The os itself was pretty much unhackable (now there were web hacking
ways,,,netscape java things n such).
As for osX.. im not a unix guru, but apples people( in the past anyways) have
written some pretty tight code.
As for osx compiler, yep. gcc, yep. command line, yep.
Anyways... current most secure os? i think the verdicts still out. past
os's... no contest macos.
|
gsibbery
|
|
response 13 of 14:
|
Sep 7 18:26 UTC 2001 |
I have heard that MVS is pretty secure.
|
jda
|
|
response 14 of 14:
|
Apr 13 10:28 UTC 2002 |
MVS with RACF (Resource Access Control Facility) properly configured is
probably the most secure multi-user OS in existence, IIRC RACF is to MVS
what NSA SELinux is to Linux.
Mac OS(pre OS 10) only wins in the security through disability category.
|