Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » Mac OS X   (RSS)

Q1 2008 - Client OS Vulnerability Scorecard

This paper is a compilation of vulnerability data for client operating systems for the first 3 month, January through March, of 2008. Vulnerabilities and fixes for the following products are discussed: Microsoft Windows Vista Microsoft Windows XP SP2 Read More...
Posted Thursday, May 15, 2008 12:04 AM by jrjones | 27 Comments
Attachment(s): q108-client-scorecard.pdf

Mac OS X Security - Reality Check #2

First, let me express a caveat. I don't really care for "hack the box" contests. If a machine doesn't get hacked, it does not mean it isn't breakable. If it does get hacked, it just shows us what we already know - any machine can be broken under the right Read More...
Posted Thursday, March 27, 2008 10:43 PM by jrjones | 1 Comments

Mac OS X Security - Reality Check #1

UPDATE: A colleague sent me a link to the source paper that the article discusses: http://www.techzoom.net/papers/blackhat_0day_patch_2008.pdf . As anyone who reads my blog knows, I like to shine a light on areas of common security misperceptions. I am Read More...
Posted Thursday, March 27, 2008 10:32 PM by jrjones | 2 Comments

July 2007 - Operating System Vulnerability Scorecard

Summer and work travel have really had an impact and I've missed a couple of months of scorecards, so last weekend, I decided to dig in and catch up to July. I hit a few road bumps: Sun changed their Security Alerts web site, making it a bit more challenging. Read More...
Posted Thursday, August 16, 2007 11:47 PM by jrjones | 12 Comments

Windows Vista - 6-Month Vulnerability Study

I was nudged by some colleagues this week, telling me that some folks may only be reading my technet blog, but that I hadn't been doing a great job of cross-posting some things. Six months is a much more interesting time frame than the previous Windows Read More...
Posted Saturday, June 30, 2007 1:34 PM by jrjones | 1 Comments

2006 Client OS Days of Risk

As a follow-up to my previous Days-of-risk in 2006 : Linux, Mac OS X, Solaris and Windows , where I compare Microsoft, Red Hat, Novell SUSE, Apple Mac OS X and Sun Solaris, I've also completed a look at the latest client products that were available for Read More...
Posted Monday, June 18, 2007 9:19 PM by jrjones | 1 Comments

March 2007 - Vuln Scorecard

I just posted my March 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Novell, Sun, and Mac OS X, broken down by server and workstation. Here is Read More...
Posted Thursday, April 05, 2007 9:01 PM by jrjones | 2 Comments

Windows Vista 90 Day Vulnerability Analysis

February 28 th marked 90 days that Windows Vista had been available to business customers. Has it been a good or a bad 90 days for security vulnerabilities? Dang, this is a sweet chart, but click here to read all the details and download the full report Read More...
Posted Wednesday, March 21, 2007 9:45 PM by jrjones | 8 Comments

January 2007 - Vuln Scorecard

I just posted my January 2007 - Operating System Vulnerability Scorecard over on CSOOnline, which includes charts comparing the vulnerabilities in Windows, Red Hat Linux, Ubuntu, Sun, and Mac OS X, broken down by server and workstation. I do include the Read More...
Posted Tuesday, February 27, 2007 9:13 PM by jrjones | 3 Comments

CNET, Experts and Windows Vista Security

UPDATE: Corrected my math problem, based upon astute reader feedback (he says sheepishly) Reading online news this morning, I came across the CNET headline: Experts: Don't buy Vista for the security . Wondering what the experts were saying, I clicked Read More...
Posted Tuesday, January 30, 2007 8:26 PM by jrjones | 3 Comments

Mac OS X Security Myth #3: Mac OS X Has More Security Designed In

Following up on Mac OS X Security Myth#1 (fewer vulns) and Security Myth#2 (nobody attacks), this post continues my look at "perception versus reality" for Mac OS X security. There are a couple of different ways that I've heard this Myth expressed. The Read More...
Posted Friday, January 12, 2007 5:20 PM by jrjones | 1 Comments
Filed under: , , ,

Mac OS X Security Myth #2: Nobody Attacks Mac OS X

Following up on Mac OS X Security Myth #1: Mac OS X Has Few Security Bugs , this post continues my look at "perception versus reality" for Mac OS X security. There aren't a lot of sources of validated compromises, but one of the few we can check is www.zone-h.com Read More...
Posted Thursday, January 11, 2007 6:45 PM by jrjones | 4 Comments
Filed under: , ,

Mac OS X Security Myth #1: Mac OS X Has Few Security Bugs

Inspired by the MacWorld Expo and Apple's security marketing claims (not to mention that ad campaign from last year), I've decided to add Mac OS X to the list of products that I monitor for "perception versus reality." First, let's review what Apple has Read More...
Posted Tuesday, January 09, 2007 6:04 PM by jrjones | 2 Comments
Filed under: , ,
 
Page view tracker