Maybe theoretically you should do that, but I don't know anyone that actually does on Windows or OS X. In both cases you aren't actually running with your full powers all the time, and get prompted to escalate if something needs admin access.
The default account created in Mac OS X has password authentication. Your password is the unique identifier. Most people use the default account created by the OS for day to day computing.
Commercial software shouldn't be installing malware...I mean tons of it now has all kinds of DRM that is arguably malware, but...
While I'd rather run something without giving it full access to the system, ultimately you're trusting the publisher either way.
When the software is running with superuser privilege and connects to servers that can be controlled by anybody such as in many online games for Windows, the content downloaded from the server can be written anywhere in your system. This allows keyloggers, backdoors, and malware rootkits to be installed.
Why?
Why! (http://forums.macrumors.com/showpost.php?p=11720477&postcount=182).
I really doubt they double count things like that, given they're counted separately. I suppose there might be some validity to it if they did.
They count the number of items in each vendors security releases. Mac OS X includes Flash, Java, & etc by default so vulnerabilities in those are counted for Mac OS X because included in Apple security releases. Often these items constitute the majority of vulnerabilities in the security release. It is only valid if Windows users don't install Flash, Java, various ActiveX components, codecs, etc, etc, etc...
I'm not seeing why you're saying there's any difference. I don't use IE or Safari as my primary browser, though there may be some validity to including one or the other in the list of OS issues, but at any rate neither yet sandboxes plug-ins to my knowledge.
There's a flag that can be set for that, but I'm not sure where you're getting it from that article. Regardless 'some' is better than 'none'.
Except for Chrome which is sandboxed, all browser are susceptible to the security problems of the underlying OS but these issues arise in more than just the browser. An example of how they are different is Java has no security mitigations (DER or ASLR) in Windows (as shown in article) but Java has hardware based DEP and partial ASLR in Mac OS X as Java is 64 bit in OS X. Also, Mac OS X randomizes memory space into 4 byte chunks making it more difficult to defeat ASLR while Windows uses 64 byte chunks. Like you said, some is better than none.
Security mitigations, such as DEP and ASLR, can be optionally set in Windows OSes for various reasons such as support for legacy software. A lot of software for Windows comes with weak security by default and will break if the user tries to modify its settings. In Mac OS X, apps have a standard level of security mitigations dependent on the type of process (32 or 64 bit) that are set at that standard level when the app is compiled and not modifiable as in Windows (Opt-in, Opt-out, etc).
Which is different from Windows how?
Because Windows has a history of malware that achieves privilege escalation and Mac OS X does not? Check out these from late November 2010:
Security hole in Windows kernel allows UAC bypass (http://www.zdnet.com/blog/security/security-hole-in-windows-kernel-allows-uac-bypass/7752)
Nightmare kernel bug lets attackers evade Windows UAC security (http://www.computerworld.com/s/article/9198158/_Nightmare_kernel_bug_lets_attackers_evade_Windows_UAC_security)
UAC bypass exploit for Metasploit (http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/)
Loreena McKennitt - Elemental
lt;bgt;Loreenalt;gt; lt;bgt;McKennittlt;gt;. Loreena McKennitt - Parallel Dreams (1989) Celtic, Folk | 1CD | APE(image) + CUE + LOG | Covers Scans | 263 MB
Loreena McKennitt - Elemental
album loreena mckennitt
loreena mckennitt the book
album loreena mckennitt
mckennitt elemental is
album loreena mckennitt
Loreena McKennitt - Elemental
Loreena McKennitt - 1989
album loreena mckennitt
Loreena McKennitt - An Ancient
The default account created in Mac OS X has password authentication. Your password is the unique identifier. Most people use the default account created by the OS for day to day computing.
Commercial software shouldn't be installing malware...I mean tons of it now has all kinds of DRM that is arguably malware, but...
While I'd rather run something without giving it full access to the system, ultimately you're trusting the publisher either way.
When the software is running with superuser privilege and connects to servers that can be controlled by anybody such as in many online games for Windows, the content downloaded from the server can be written anywhere in your system. This allows keyloggers, backdoors, and malware rootkits to be installed.
Why?
Why! (http://forums.macrumors.com/showpost.php?p=11720477&postcount=182).
I really doubt they double count things like that, given they're counted separately. I suppose there might be some validity to it if they did.
They count the number of items in each vendors security releases. Mac OS X includes Flash, Java, & etc by default so vulnerabilities in those are counted for Mac OS X because included in Apple security releases. Often these items constitute the majority of vulnerabilities in the security release. It is only valid if Windows users don't install Flash, Java, various ActiveX components, codecs, etc, etc, etc...
I'm not seeing why you're saying there's any difference. I don't use IE or Safari as my primary browser, though there may be some validity to including one or the other in the list of OS issues, but at any rate neither yet sandboxes plug-ins to my knowledge.
There's a flag that can be set for that, but I'm not sure where you're getting it from that article. Regardless 'some' is better than 'none'.
Except for Chrome which is sandboxed, all browser are susceptible to the security problems of the underlying OS but these issues arise in more than just the browser. An example of how they are different is Java has no security mitigations (DER or ASLR) in Windows (as shown in article) but Java has hardware based DEP and partial ASLR in Mac OS X as Java is 64 bit in OS X. Also, Mac OS X randomizes memory space into 4 byte chunks making it more difficult to defeat ASLR while Windows uses 64 byte chunks. Like you said, some is better than none.
Security mitigations, such as DEP and ASLR, can be optionally set in Windows OSes for various reasons such as support for legacy software. A lot of software for Windows comes with weak security by default and will break if the user tries to modify its settings. In Mac OS X, apps have a standard level of security mitigations dependent on the type of process (32 or 64 bit) that are set at that standard level when the app is compiled and not modifiable as in Windows (Opt-in, Opt-out, etc).
Which is different from Windows how?
Because Windows has a history of malware that achieves privilege escalation and Mac OS X does not? Check out these from late November 2010:
Security hole in Windows kernel allows UAC bypass (http://www.zdnet.com/blog/security/security-hole-in-windows-kernel-allows-uac-bypass/7752)
Nightmare kernel bug lets attackers evade Windows UAC security (http://www.computerworld.com/s/article/9198158/_Nightmare_kernel_bug_lets_attackers_evade_Windows_UAC_security)
UAC bypass exploit for Metasploit (http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/)