More Welcoming MacUsers

I guess maybe I am beating this particular drum a bit hard, but I know a few Mac users and this is no longer just my hypothetical good computing hygyne advice. I really would hate for my Mac friends to find out the hard way that its not safe to play in the street. Following up on AdvisorBits: Welcome to my world, MacUser, I noticed today that there were mulptiple posts to the Incident Handlers Diary as SANS regarding the Apple security issues.
http://isc.sans.org/diary.php?storyid=1145&rss
http://isc.sans.org/diary.php?storyid=1139&rss
http://isc.sans.org/diary.php?storyid=1138&rss
I thought the remark by Kevin Liston this moring bears repeating, especially since it basically echos mine.

In an effort to use as little hype as possible I only suggest that now is the time for Mac users to seriously consider anti-virus, personal firewalls, and safe browsing habits. It is the time for Mac sysadmins to develop strong patch management policies. This likely means that a Mac is no longer the no-brainer-choice for what computer to get for your parents.

One Response

  1. Alex Hutton
    Alex Hutton March 8, 2006 at 10:20 pm | | Reply

    “…anti-virus, personal firewalls, and safe browsing habits. It is the time for Mac sysadmins to develop strong patch management policies. This likely means that a Mac is no longer the no-brainer-choice for what computer to get for your parents.”
    Anti-Virus – ClamX, done.
    Personal Firewall – built in. done.
    Safe Browsing Habits – stopped using IE long ago, done.
    Should we really do a risk analysis of using a Mac Vs. Windows? Really? Good.
    1. Threat Community. I would argue that the size and capabilities of the Mac threat community are far, far less than their windows counterparts. By orders of magnitude.
    2. Threat Event Frequencies. Extremely small in comparison. Extremely small.
    3. Control Strenghts – Much higher than Windows – that is, of course if you consider a properly written UNIX to be safer than NT.
    4. Now we have enough information to derive vulnerability using a Monte Carlo simulation given our estimates concering the threat community and the Macs control strenghts. Hmmm…. look at that, very, very low vulnerability ratings.
    5. Loss Event Frequency – Well, given the low vulnerability and the low threat event frequency, it looks like our loss event frequency should be much, much lower than Windows. Thanks BSD UNIX!
    6. Now that we know LEF – we should agree that our Probable Loss Magnitude (and you know you can’t measure risk unless you know how much you stand to lose and how likely you are to lose it!) would be roughly the same – whether our laptop is a Dell running XP or a Powerbook running OS X. Given that we can call PLM a constant – let’s move onto actually deriving risk, shall we?
    7. Risk and recap. Our risk using a Mac is MUCH lower than the risk associated with a Windows PC. Why? Threat Communities are weak and small in comparison, threat event frequencies are low (though one might argue a might over-hyped at this point), and control strengths are high. Glad we are able to focus our risk analysis on probability and not possibility.

Leave a Reply