No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help
View Responses

Grex Cyberpunk Item 149: The most secure os
Entered by b0rgel on Mon Apr 30 18:04:38 UTC 2001: 

What do you think the mose secure operating system is? I keep hearing OpenBSD,
but Ive just recently realized that i've never seen an exploit for a
Macintosh. What do you all think?

14 responses total.


#1 of 14 by raven on Mon Apr 30 22:50:54 2001: 

Supposedly the NSA is working on an open source distro of Linux that is
supposed to be very secure, see Slashdot for more details.  I would guess that
one of the commercial Unixs would be the most secure OS at this point, any
gurus care to chime in?  Maybe someone could link this to the jellyware conf?

#2 of 14 by lasar on Tue May 1 22:31:28 2001: 

I don't have any numbers, but the Mac OS (pre OS X) is quite safe, I guess.
Partly because it doesn't have a command line interface, which may make
writing virii a bit harder, and partly because there aren't so many of them.
I've been online for abouv5 years with Macs, and have never had a virus, even
though I've never had any antivirus software installed.

#3 of 14 by b0rgel on Tue May 1 23:29:56 2001: 

I know the Mac os X is built on BSD. Are you allowed to acces a BSD shell on
MacosX?

#4 of 14 by raven on Wed May 2 04:02:28 2001: 

re #3 Yep, but I odn't know if it includes gcc or not?

#5 of 14 by b0rgel on Wed May 2 15:38:24 2001: 

By the way #1, how do you link a conference?

#6 of 14 by lasar on Wed May 2 23:08:24 2001: 

Re #4: I'm not sure if it is included, but it should sure run on it, once
installed. I know gcc is for compiling programs, but in what way is it related
to this discussion?

#7 of 14 by raven on Thu May 3 01:16:11 2001: 

re #5 To link an item from one item to another you have to be a fairwitness
in the conference. The fairwitnesses are listed at the top of each conference.
To link something to cyberpunk e-mail me raven@cyberspace.org with the item
in the other conference I'll link anything as long as it's legal. :-)

re #6 The reason it's relevant is that if you want a truely secure O.S.
you will compile all your apps from original source code so you can check
the code to see if it's been tampered with or contains security flaws.
Obviously you can't do this with pre compiled bianaries.  Now me
personally I'm not that paranoid (or smart take you pick) but if you are
talking the MOST secure O.S. then it needs a compiler IMO.

#8 of 14 by scott on Thu May 3 11:24:01 2001: 

I recall some story about how the original C compiler included a back door
put in by the author.  The source was clean, but when you used the (compiled)
compiler it would figure out it was compiling its own source and put the back
door in.  Since the original compiler binary had to come from the author, it
took an amazingly long amount of time before this was discovered.

#9 of 14 by larsn on Sat Jun 30 20:24:08 2001: 

I suppose one could add to the above story the fact that the backdoor
in question was in the login program. So the compiler had two things
to be concerned about: am I compiling the compiler, or am I compiling
the login program?

#10 of 14 by jhudson on Tue Jul 3 00:16:42 2001: 

Couldn't have been the origional C compiler, as that was written in B.
But B only ran on a particular machine (the first UNIX machine).

#11 of 14 by larsn on Thu Jul 12 13:29:26 2001: 

http://www.science.uva.nl/~mes/jargon/b/backdoor.html

Historically, back doors have often lurked in systems longer than anyone
expected or planned, and a few have become widely known. Ken Thompson's 1983
Turing Award lecture to the ACM admitted the existence of a back door in early
Unix versions that may have qualified as the most fiendishly clever security
hack of all time. In this scheme, the C compiler contained code that would
recognize when the `login' command was being recompiled and insert some code
recognizing a password chosen by Thompson, giving him entry to the system
whether or not an account had been created for him.

FWIW.

#12 of 14 by darksyde on Sun Sep 2 20:56:39 2001: 

Most secure os??  well, it wasss mac os. any pre osx version are tight as
shiut. the only exploits were through appletalk, wich if you turn off is no
problem. The os itself was pretty much unhackable (now there were web hacking
ways,,,netscape java things n such).
As for osX.. im not a unix guru, but apples people( in the past anyways) have
written some pretty tight code.
As for osx compiler, yep. gcc, yep. command line, yep.
Anyways... current most secure os? i think the verdicts still out. past
os's... no contest macos.

#13 of 14 by gsibbery on Fri Sep 7 18:26:52 2001: 

I have heard that MVS is pretty secure.

#14 of 14 by jda on Sat Apr 13 10:28:00 2002: 

MVS with RACF (Resource Access Control Facility) properly configured is
probably the most secure multi-user OS in existence, IIRC RACF is to MVS
what NSA SELinux is to Linux.
Mac OS(pre OS 10) only wins in the security through disability category.

Response not possible - You must register and login before posting.

No Next Item No Next Conference Can't Favor Can't Forget Item List Conference Home Entrance    Help

- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss