Is Windows inherently more vulnerable to malware attacks than OS X 3373

Yes. This is about what you do to protect your computer, not what hackers do to break into it.

If the hacker can create services, it's All Over; he's got administrator access, and that's enough to rewrite the OS itself.

If he can do that, he doesn't *need* any services.

snip

The hacker will, perhaps, try to take control of one of these services through Nefarious Skullduggery.

The scope of Snits obsession
Holy poo, I was just looking at the visit statistics of a few site I have, and saw a huge spike on www.sandman.net on around 2006-06-18. Some...

WAVE to BMP
Convert WAV To BMP And Back On RentaCoder one of the other coders thought I just wanted him to change the extension from WAV to...

If he succeeds and obtains complete control of a service, what then?

If that service is running as SYSTEM, then he can take complete control of your machine; it's all over.

If that service is running as Network Service or Local Service or some other limited account, then he still has way to go. He can do some things (ie, maybe he can set up a spambot) but not others (ie, maybe he can't steal your data).

He needs a further exploit to complete the task and take over the whole machine.

That's why fine-grained security is considered a Good Thing. That's why it is good that MS supports this stuff, but not so good that they don't use it themselves more aggressively.

List | Previous | Next

The scope of Snits obsession

Mac OSX Advocacy from Newsgroups

Is Windows inherently more vulnerable to malware attacks than OS X 3372

PLEX86 x86- Virtual Machine (VM) Program


	CVS \| Mailing List \| Download \| Successes \| In the Media \| Newsgroups

		Is Windows inherently more vulnerable to malware attacks than OS X 3373 Yes. This is about what you do to protect your computer, not what hackers do to break into it. If the hacker can create services, it's All Over; he's got administrator access, and that's enough to rewrite the OS itself. If he can do that, he doesn't need any services. snip The hacker will, perhaps, try to take control of one of these services through Nefarious Skullduggery. The scope of Snits obsession Holy poo, I was just looking at the visit statistics of a few site I have, and saw a huge spike on www.sandman.net on around 2006-06-18. Some... WAVE to BMP Convert WAV To BMP And Back On RentaCoder one of the other coders thought I just wanted him to change the extension from WAV to... If he succeeds and obtains complete control of a service, what then? If that service is running as SYSTEM, then he can take complete control of your machine; it's all over. If that service is running as Network Service or Local Service or some other limited account, then he still has way to go. He can do some things (ie, maybe he can set up a spambot) but not others (ie, maybe he can't steal your data). He needs a further exploit to complete the task and take over the whole machine. That's why fine-grained security is considered a Good Thing. That's why it is good that MS supports this stuff, but not so good that they don't use it themselves more aggressively. List \| Previous \| Next



		The scope of Snits obsession Mac OSX Advocacy from Newsgroups Is Windows inherently more vulnerable to malware attacks than OS X 3372