Computer Crime Research Center


Bad news for Mac antivirus

Date: April 30, 2007

John Gruber of Daring Fireball has interviewed Dino Dai Zovi one of the people who cooked up an exploit to hack into a Mac last week as part of a challenge which netted them the Mac (a 15" MacBook Pro) and $10,000. (If you're interested, it exploits a flaw in Quicktime's implementation of Java. Not much else is known.)

It's an interesting interview mostly for the end part, in which Gruber asks Dai Zovi (whose primary job is what we could call "pen-testing" - trying to penetrate security systems to make them more robust) what sort of security precautions he takes.

Gruber: Do you use a Mac as your primary computer? If so, what security precautions do you take? I’m going to go out on a limb and predict you do not use any sort of commercial anti-virus package.

Dai Zovi: I use a Mac as my primary, secondary, and tertiary computers :). I take some extra security precautions such as always running as a non-admin account, using separate encrypted disk images and keychains for different purposes, and isolating data on different machines. I also take some extra precautions that I’m not going to advertise publicly :). I do not, however, run any commercial anti-virus packages.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo