Mac OS X Security Test (University of Wisconsin-Madison)

In response to the woefully misleading ZDnet article, Mac OS X hacked under 30 minutes, an academic Mac OS X Security Test has been launched. (Test is now concluded.)

The ZDnet article, and almost all of the coverage of it, failed to mention a very critical point: anyone who wished it was given a local account on the machine (which could be accessed via ssh). Yes, there are local privilege escalation vulnerabilities; likely some that are "unpublished". But this machine was not hacked from the outside just by being on the Internet. It was hacked from within, by someone who was allowed to have a local account on the box. That is a huge distinction.

Almost all consumer Mac OS X machines will:

Not give any external entities local account access
Not even have any ports open
In addition to the above, most consumer machines will also be behind personal router/firewall devices, further reducing exposure
Mac OS X is not invulnerable. It, like any other operating system, has security deficiencies in various aspects of the software. Some are technical in nature, and others lend themselves to social engineering trickery. However, the general architecture and design philosophy of Mac OS X, in addition to usage of open source components for most network-accessible services that receive intense peer scrutiny from the community, make Mac OS X a very secure operating system. There have been serious vulnerabilities in Mac OS X that could be taken advantage of; however, most Mac OS X "vulnerabilities" to date have relied on typical trojan social engineering tactics, not genuine vulnerabilities. The recent Safari vulnerability was promptly addressed by Apple, as are any exploits reported to Apple. Apple does a fairly good job with regard to security, and has greatly improved its reporting processes after pressure from institutional Mac OS X users: Apple is responsive to security concerns with Mac OS X, which is one of the most important pieces of the security picture.

The "Mac OS X hacked under 30 minutes" story doesn't mention that local access was granted to the system. While local privilege escalation exploits can certainly be dangerous - and used in conjunction with things like the above Safari exploit - this isn't very informative with regard to the general security of a Mac OS X machine sitting on the Internet.

more...
http://test.doit.wisc.edu

peace

Thanks

When will these "experts" finally admit windows is crap and made purposely so.

Macs will never be that way.

Might as well put it in the closet for all the use it would be.

no one i know would do such a thing with any OS.

:hi:

peace

That's why user accounts have security levels built in. When you give someone access to your box under a certain level of security, that should be all they can get. With a Mac box, any low level user can get root access. Not good at all and a MAJOR breach of security protocols. All it takes is for one of your friends and trusted users to leave his password stuck to his monitor and someone can get it and take control of your box. This isn't a security breach, it's a welcome mat.

And they haven't even issued a fix? My conclusion is that they are at the same stage Microsoft was with Windows 1.1. Shame on Jobs - he should know better.

FreeBSD/OS X is way beyond XP let alone W 1.1 - lol
http://www.freebsd.org/about.html

learn more about os x security...
http://www.princeton.edu/~psg/unix/osx/osxsecurity.html

peace

ie the subject of this thread. I like free BSD, but this thread was about OSX and not freeBSD. I can build you an operating system on freeBSD that's full of holes. No problem. Apparently so can Apple, and they won't even fix the holes!

Sounds like a job for Jobs, if you ask me. I think he'll step up to the plate now that the publicity is out there.

and as you point out in your OP that there is no real defense against trusted accounts.

mac folks have much less hassles in regards to security & the web then windows users.
as a mac, unix/linux & windows user I know from experience that that is a fact.

more...
http://XvsXP.com

peace

And it's partitioned with no chance to elevate permissions. I can do the same with Unix and Linux. But I can't do that with Max OSX because the user can elevate to root? Shame on Apple. There's no excuse for creating a hole in Max OSX that doesn't exist in free BSD or any flavor of Unix/Linux that I know about.

One of the first steps any responsible Windows admin will take to secure a system is to completely disable any and all guest accounts.

One can configure a Unix host to allow guest usage, but that is also done at direct risk to the security of the system.

The second you allow people to open a shell on a system, however limited, you expose that system and all its other users and services to a wide variety of risks.

If you are not aware of this simple fact, if you have not made it part of your computing paradigm, you need to stay as far away from system administration as possible.

I can't count the number of security patches I've installed on numerous OSes (including Windows and various Unixes, SystemV/BSD/etcetera) that boil down to "buffer overflow can enable priveleged access." Bottom line: the more access to those buffers you grant, the greater the risk to OS integrity. Half the battle is denying that access in the first place, because any competent hacker will know about such weaknesses and how to exploit them.

My bad. When I said a guest account, I meant a user account, as a guest on my system, but the point is the same anyway. Sure, if you give a user access to your system you open up certain possibilities, and in the Mac case, which is what this thread is about, that user can use an openly available exploit to gain root access in less than an hour.

Despite your claims, you can't do that on my Windows machine, but that's beside the point. You see, my Windows system had/has security holes too, and they are blocked and updated regularly by Microsoft's, admittedly retroactive, security updates. With the Mac operating system there is an open hole that is known and is not being fixed. There is no fix for it.

I don't know why people get so emotional about the Mac, but if this were Windows and Microsoft wasn't issuing a patch for a known root access exploit, we'd see a thread filled with people exhorting others to "buy a Mac".

It seems the same standard doesn't apply when there's a hole in the Mac system, and not only that, Apple refuses to fix it!

I'm not a Bill Gates fan either, but at least MS (nowadays) takes security seriously, unlike Apple. Why is it so hard to admit that Apple is dropping the ball here? If I point out your Honda car has a squeaky brake, do you rush to tell me that Ford's cars squeak more, or do you address the issue at hand, your own squeaky brakes?

I think some people take it too personally. I have nothing personal at stake either way, but I do think that an open security vulnerability needs to be repaired. In a fair world, we would all agree that such holes should be repaired asap, and that the vendore making the OS would be responsible, wouldn't we?

I think the culprit is Apples clever marketing campaigns to make users act more like faithful parishoners of a religion than just people using a productivity tool.

> Despite your claims, you can't do that on my Windows machine, but that's beside the point.

It's easy for you to say that, when we're blabbing on an anonymous forum and I don't have either access to or interest in hacking your Windows box. Put your system on an open LAN with an open invitation to hackers to cut their own accounts, and we'll see how long it lasts. Which is very much the point.

> my Windows system had/has security holes too, and they are blocked and updated regularly by Microsoft's,
> admittedly retroactive, security updates.

See, there's a problem with that. You're counting on MS to fix the problems MS admits they know about. Just like any other OS manufacturer, MS Windows* has undocumented exploits, not unlike the kind that andrewG used to gain root access on MacOSX. The issue is not whether an OS should be patched to fix a security hole -- of course it should, and if Apple's turnaround time on these fixes is well above the industry standard, they should damn well lose market share because of it. Nor is it a question of whether you, personally, use a security update tool to patch your operating system periodically to fix security holes -- use of "known" exploits to compromise unpatched systems is a fraction -- perhaps a plurality -- of total system cracking, but hardly the whole enchilada. If you think your system, or any system, is 100% secure, you're living in la-la land.

The core issue is one of policy, which in turn is a problem of methodology for the study. The 30-minute crack was performed under conditions that no responsible admin in his/her right mind would allow in practice, not even you on your windows machine. Think about it: would you willingly and purposefully give anonymous hackers, with expressed intent to crack your system, a way to create accounts on your system just to make a point?

That's sheer stupidity. I don't care what OS you're running, that's simply stupid. Any OS that's been in use for a while has its cracks, and a subset of those cracks are unpatched. Otherwise, you wouldn't have to use the word "retroactive" in your declaration about MS's security updates. True system security is not just a matter of passively applying the manufacturer's patches, but a continuous process of actively monitoring and intelligently controlling access to the point where precautions match expectations without overly compromising function.

FWIW, I think you do have a valid point about MS getting a bad rap by comparison. Their market share has exposed MS to a lot of criticism which we might be otherwise inclined to overlook. But to claim that Mac's bugs are somehow categorically worse than any other OS (you explicitly mentioned Windows, Linux, and Unix, which covers a heckuva lot of territory) is just as bogus.

I never said "Mac's bugs are categorically worse than any other OS", nor did I say "I think my system is 100% secure". I have a windows box on the net, with Windows Advanced Server 2000 on it, with user accounts for clients and a web server, ftp, etc. all open. No one has hacked it despite several attempts every day to do so. I won't tell you where it is as inviting an attack is against my TOS at the databank, but I can assure you that it's as secure as any other OS out there, which means it's subject to attack. I'm glad my operating system company cares engough to patch my system even for exploits that are hard to utilize, and I'd be happier if yours did too.

On all the other points, I think we agree. All I said was that Mac should fix the bug and that it was a shame that Jobs/Apple doesn't think it important to do so.

I'm glad to see that you agree that the Max OS is no more and no less secure than any other operating system. After all, one wonders what other bugs there are in OSX that Apple doesn't care to fix now, so at the very least, Apple should fix this asap before they get a worse rap. If I were Jobs, I'd have it fixed just for the PR.

You know, you might want to read what you type before you accuse me of misrepresenting you.

Post #15:
> But I can't (create user accounts) with Max OSX because the user can elevate to root? Shame on Apple.
> There's no excuse for creating a hole in Max OSX that doesn't exist in free BSD or any flavor of
> Unix/Linux that I know about.

If you don't see how that amounts to saying "Mac's bugs are categorically worse than any other OS", then perhaps you have a different understanding of what it means to be "categorically worse" than I do. And if you think that your Windows machine is somehow immune to hacks from a user to whom you've granted "limited" access just because you and Microsoft say so, you have a very naive view of OSes.

> No one has hacked it despite several attempts every day to do so.

Indeed, the users you intentionally support generally won't hack destructively, because it's not in their interest to do so. Why would they want to compromise the services they use themselves? That is qualitatively different from the failed attempts at anonymous network cracks by people you don't support, who may well be port-scanning entire subnets looking for an easy autohack. However, it is far from a guarantee that your OS would stand up to a concerted cracking attempt by one of your supported users, if they had the urge to do so, or even someone hacking in from the net who knows what s/he's doing. You're making a negative assertion you can't possibly prove (i.e., no one has cracked your system because of your automated security updates from MS). With that attitude, the only attempts you'll know about are the ones that failed anyway; whatever are you going to do when someone succeeds and really fucks you over?

> I'm glad my operating system company cares engough to patch my system even for exploits that
> are hard to utilize, and I'd be happier if yours did too.

:shrug: The conditions for your happiness are entirely your own problem, but I recommend separating them from the OS running on your computers as much as possible, let alone those running on my computers, whatever they may be.

> All I said was that Mac should fix the bug and that it was a shame that Jobs/Apple doesn't
> think it important to do so.

Is that really all you said? I'm getting the distinct impression you have a very poor short-term memory. However, even if it were, you'd still be making the assertion that Jobs/Apple disregards the importance of patching OS security holes -- an assertion for which your evidence thus far appears to consist of a single instance of sheer administrative idiocy.

Again, I didn't say what you said I said, proof is in the forum

And the "proof" you presented doesn't even support your arguments in the very same post.

Sorry, but I can't reach you if you're not willing to deal with what's on the screen and instead choose to chase your own thoughts. I think I got your communication anyway - you're a Microsoft hater.

For the record, I don't hate Macs, I like them. I want them to be fixed. Best wishes to you.

:shrug:

> I didn't say what you said I said, proof is in the forum

Uh huh. You will say you said whatever fits your interest at the moment. Got it.

> I can't reach you if you're not willing to deal with what's on the screen

Projection, baby. Pure projection. All you have to do is read your own posts in this thread. Check 'em out sometime when you're ready to face the truth.

> I think I got your communication anyway - you're a Microsoft hater.

For some of us, communication is like a two-way street. Perhaps for you it more closely resembles a cliff with a raging sea of bile crashing agaisnt the jagged rocks below? How sad.

For your record, I don't hate Microsoft. I run and administer their OSes, along with many others. IMHO, Microsoft presents a well-supported OS with a range of hardware compatibility that the others can only dream of longingly. What MS does well, it does very well indeed. However, it concerns me when some of Microsoft's more devout adherents seek to unfairly portray those others as weak under conditions that would compromise any OS.

> I want (Macs) to be fixed.

Yes, you want them to be "fixed" so very much that you contribute prolifically to exaggerated rumors of their demise.

The very simple fact that I pointed out, and which you seem so very eager to evade and conflate, is that thus far no OS is or has been perfect, they are all in a constant state of patchwork and upgrade, and undocumented exploits always exist and always have existed. Always. There is no "fixed" OS, only a constant flow of "fixing", from which neither Apple nor Microsoft is exempt. Any notion of absolute security is a dangerous illusion for a computer admin to harbor; may you overcome it before it overcomes you.

password?

Anyway, admin can block access to the terminal, limiting the user to selected applications. I did that with my wife's user account on this machine. I gave her access to her games, Mail, Safari, iTunes, iPhoto, Tex-Edit and Graphic Converter.

Someone was able to do it using a published exploit. Ask them how to do it if you have any need to break into a Mac system. It should be a snap, they're wide open if you have an account on one or know someone's account information, or can gain access to a low level user account by brute force. Once in, elevating to root is apparently a snap.

Perhaps I misunderstood the article in question, but it seems to me that this is what they did. Gained access to the machine with a regular user account and elevated privileges to root. A common method of exploitation, I might add.

reasonable belief he/she won't be caught, and the will to do it. In this case the security breech is allowing this person access to the computer. Any person with a bit of sense will put sensitive info in File Vault. http://www.apple.com/macosx/features/filevault/

The first thing you have to consider is whether someone has physical access to the computer hardware. If so, if they can drop in a CD and re-run the OS installation, or find a way to drop the system back to a single-user root prompt, you've got yourself a security problem. Kapiche?

So let's say that's not an issue, for whatever reasons. Well, your next level of access is external hardware. Can the user attach a USB drive with arbitrary software to your system? That's an easy one.

Networks essentially extend hardware access, so look at them next. You said your wife runs Safari and Mail, so she's probably using one. There are whole families of exploits right there, and they're available to everyone on that network at varying levels. For instance, someone on the same LAN using the same network devices has more opportunity to compromise your system than, e.g., someone who has to cross a controlled gateway with PAT and can't initiate TCP connections. Wireless LANs are especially gamey, since many home users don't know that they need to adjust the transmission strength and reception sensitivity to restrict physical connectivity.

Anyway, you initially asked how someone can get root without a password. Well, what it usually comes down to is breaking the OS in a specific way that it changes its notion of privelege. That can often be done by tricking the OS into running something with privelege that it shouldn't be running, thereby overwriting memory in just the right places to set mode bits. There are too many variations on this theme to list here. Modern OSes are constantly running root-level processes in the background, so there are plenty of targets for hijacking.

time to do it without being discovered. Even though my wife has access to the internet, she never logs on. She plays games, that's all.

i don't care what box you are on, though it's even easier to exploit windows applications.

unless you don't give them access to ANY apps/services... then you might as well use your computer as a foot stool.

be that as it may, the point of this thread is that the original article was very misleading, typical for M$M but thank GORE, he 'invented' the INTERNETs ;->

peace

This is about giving strangers network access to your PC/Mac.
You can still use it yourself without doing that.

I didn't know that. And here I thought it was supposed to be a robust general use operating system, not a single user system. My bad. I stand corrected. I hope we can get the word out to Mac users quickly enough so that they don't give accounts to their friends and relatives and business customers and other personnel in their businesses. I don't think everyone knows that it's a single user system.

Message removed by moderator. Click here to review the message board rules.

Message removed by moderator. Click here to review the message board rules.

And MS should fix Windows, but won't. And actually, who says Apple "won't" fix this? Why is there any great rush for them to come out with a patch for something that is virtually impossible to exploit? Just to say they're on top of it? That may be a good pr move, to be sure, but I'm not losing any sleep over this.

What my "antagonist" comment is about is your seeming unwillingness to put this on the proper level of the "urgency" scale. You appear to be deliberately attempting to blur the distinction between the very real security issues Windows users face every day just in opening their e-mail, and an exploit in OSX which is only available to a person sitting directly at a particular computer to which one has already been granted user access. I have a three node lan running now, and am I concerned about an unauthorized user breaking into my house, holding me at gunpoint and demanding I set up an account for him so he can hack my machine? No. Because that's about the only way I can see this being a concern to the average Mac user, the way e-mail and embedded font viruses are to Windows users. Your snarky, sarcastic comments about Macs being "single user" machines do nothing to address the issue of the real vulnerability of Macs, which is virtually nil. COULD it be exploited? Sure. If you're a university running a bogus test and granting people access they wouldn't otherwise have. But in a real world setting, the only people who seem to have their knickers in a twist over this are Windows users! They seem desperate to find a way to do a "gotcha!" on Apple. Sorry...I've been a Mac user (and a PC user, too...I hate Windows with a passion) since the Mac II in 1987, and I've heard this kind of scare-tactic rubbish regularly for nearly two decades now. And I've never had a virus or worm or hacker or anything of the sort in all that time.

Oh, and as for my accusing MS of funding the test, you actually have taken my comment far more seriously than I did when I wrote it. It was actually rather tongue-in-cheek, but you actually lend it some credence. Hmm.

Just another day in the never-ending PC/Mac non-debate!

You want control over who gets to use your Mac and which privileges each user has, don't you?

In this case it was portrayed as though strangers did get unauthorized access, now it turns out that these supposed strangers did in fact have authorized access to the Mac.

You can hack it if someone gives you an account.

If you're on the outside, then forget it.

Just wondering. If you can't give someone access to your box with limited privileges without opening up possible root access, and Apple isn't doing anyuthing about that breech, there's a problem. DOn't you see there's still a serious problem there despite the hype?

But nowhere near as bad as Windows.

The recent mac "worm" story that made all the news wasn't a worm at all. I believe it was reported later to be a very common email virus that attacked vulnerable AOL chat software if the user activated it and gave password approval to let it install itself. doh! This 30 minute hack story is just as bogus and tried to lead people to believe it was something it wasn't.

My opinion is that MS Vista release is just around the corner and there are those people out there that would like to level the playing field in terms of the public's view on system security.

and growing viability as an alternative to Windows.

Basically, expect a lot of people to slime Apple in the coming months.

I am really tired of this. I use windows. I haven't reinstalled my OS in 3 years (since I put it on this system for the first time). My computer is directly connected to the internet (no NAT). I use firewalls and GOOD JUDGEMENT and haven't had a virus/spyware problem. There are a lot of things I need to do on a computer that I can't do on a Mac.

I personally don't like the Mac interface. I also don't like the small choice of components. These are my opinions. I realize people LOVE Macs as well. However, I dont go around pushing Windows in everyone I know's face. However, for some reason, a few of my friends who are graphic designers, love to bitch and moan to me how much Windows sucks and how I suck because I dont use a mac. I don't get it really. Now, I've noticed more and more threads on here about how great and inexpensive a Mac is to own and maintain. Great Grand Wonderful. Not everyone shares your opinions. Macs are great for some people, PCs are great for others.

Don't get me started on people with iPods who rub it in my face that I dont have one and I dont care to own one either. These people might be a minority of Mac/iPod owners, but they give the rest of them a bad image and generally turn me off to the whole Apple platform. Its a piece of hardware, get over it.

It's been a decade or so since I've longed for any computer component which wasn't available for the Mac. My last two have used standard-issue components I buy from the local "PC Warehouse" store, because they're way cheaper than what Apple charges.

My biggest beef with a Windows machine are the freakin' WINDOWS. I cannot stand the way they take up the entire screen. Everything is twice as big, overdesigned for no apparent reason. If a "window" takes up your entire desktop, is it really a "window?"

Small point to quibble with, but in the end, isn't that what we always wind up quibbling about? Just preferences. I have a good friend who is a PC user, and loves LIVE 365 for internet radio. It is the cludgiest, most horribly designed, difficult to navigate interface I've ever used for such a simple task of selecting a radio station. On iTunes (which he also has on his PC), there is simply a radio tab with a list of categorized stations. Yet, he hates iTunes. Never uses it. He preferes all the colors and buttons upon buttons and clicking twenty times to call up the same thing iTunes does in one click. He actually prefers it. It baffles me.

To each his own!

My information about Macs just comes from what my Mac friends tell me. Lately they've been going on and on about the mac mini. I saw one in Compusa, and while it does look "cool", I asked how you were supposed to upgrade the video card if you needed to. Sales guy looked at me and said "You're a PC guy arent you?". I didnt know you could part together a Mac.

As I said, everyone has their choice. for $250 I can build a decent PC that will do everything I need. Whats the cheapest Mac I can buy?

The mini. But it may do more than you need. I'll admit, while people complain about a "Windows Tax," there is an "Apple Tax" on Macs...not OSX, but the hefty batch of software preinstalled on them. I've never used iMovie, for instance, although the most recent review I read of it claimed it was almost too high-end to be on a consumer machine. So sure, if Apple left out all the apps, and probably the Firewire ports and some of the little extras, it could easily be $250.

Also the not-upgradable/fixable/workable stuff is kinda old. Even the "sealed" iMacs that everyone claims can't be upgraded...I opened up my old candy iMac with instruction I got off of Apple's own web site, and upgraded the hard drive in about 5 or ten minutes. But if you ask them, they'll tell you it can't be done. Likewise, the Mini opens with a sharp putty knife, very quickly and easily.

I'm a pc tech support guy, and am familiar with both. What exactly is it that you can do with Windows that you can't do (better) with a Mac?

There is an entire section devoted to Windows security holes. Every other article seemed to be cracking jokes about how shitty Windows is, and how full of holes it is. There is no similar section in any Mac magainze I've ever read. I wonder why that is?

Oh, I particularly like the article about the cool NEW features in IE7, due out someday...like TABBED BROWSING! Wow! How 2004! And they're finally giving Win users back about 2" of their desktop by eliminating the ridiculous multiple tiers of menu bars, title bars, and all the other useless redundant shit they glue to every window. By the time MS has finally figured out how to design an interface, the rest of the world will be using holograms!

Because noone else could have an opinion or like something made another way. There are many other alternatives to IE for using the web under windows. Firefox being one of them.

BTW I've played around on OS X on an intel platform, and didnt really like it. Just my opinion, its NOT for me.

You've "played around with" OSX, on a "Wintel platform," no less. Not sure how, but good for you.

No one asked you to bow down to anything. Glad you like Windows. Because noone else could have an opinion or like something made another way. Right?

some on here have about the whole Mac vs PC war. Maybe they don't mean it, but it usually comes out something like "I have NO CLUE why ANYONE would NOT want to use a MAC."

As for OS X on an intel, its amazing what you can find on bittorrent and irc :)

Old news:
Apple to Use Intel Microprocessors Beginning in 2006
WWDC 2005, SAN FRANCISCO—June 6, 2005—At its Worldwide Developer Conference today, Apple® announced plans to deliver models of its Macintosh® computers using Intel® microprocessors by this time next year, and to transition all of its Macs to using Intel microprocessors by the end of 2007. Apple previewed a version of its critically acclaimed operating system, Mac OS® X Tiger, running on an Intel-based Mac® to the over 3,800 developers attending CEO Steve Jobs’ keynote address. Apple also announced the availability of a Developer Transition Kit, consisting of an Intel-based Mac development system along with preview versions of Apple’s software, which will allow developers to prepare versions of their applications which will run on both PowerPC and Intel-based Macs....

Is there really anyone who doesn't know about this?

for the past few months or so. Of course, I don't have the nice interface or programs, but for all intents and purposes, its OSX without the pretty face, though GNOME isn't bad. Of course I uninstalled it, at the time half my hardware didn't work with it, so right now its Linux for me.

Gnome just won't cut it alone. http://www.afterstep.org/ -- looks like they just put out a new version, too, might be worth a shot. I generally lean more towards fvwm, but afterstep sure is pretty...

You're 110% right about the darwin hw incompatibilities, I had to try the install on at least 10 systems before I found one where opendarwin could even detect the hard drive. It's one of the ways Microsoft has the open source OSes beat, just by already having its 90% market share: all the hardware and peripheral companies do their Windows compat first, by necessity.

Apple's next generation OS has been out for five years.

Why do people put up with Microsoft's BS?

But at least, this time, MS isn't releasing it early to meet an arbitrary date like 1995 or 2000 - perhaps they'll wind up calling it Windows 2010, though...

:evilgrin:

(* Note: Soon is an arbritary word, and the release date is actually determined by how far Ballmer can throw a chair)

That a Vista release will be timed to coincide with the release of Duke Nukem Forever. :-)


Illustration ...

:rofl:

I gotta say that that test was downright disingenuous. It's ZD though so I'm not surprised.

Jay

I gotta say :yourock:

trying to sow some misinformation. No wonder so many of them are Bush supporters - familiar tactics.

I was going to write up something about it, but I realized as I was doing so I was just bitching (again) about all these stupid-assed media people writing headlines like they have a single damn clue about anything at all...(ahem) I'm doing it again.

Okay ... I'll just add that this test, and possibly more significantly the stories about it, relate very strongly to recent MS-backed "studies" indicating Linux and OS X aren't as "secure" as Windoze based on the number of reported vulnerabilities. Without getting into a rehash of all that, I'll only comment on the relation. There are two basic types of security vulnerabilities in this context, local and remote, and media types (along with MS PR people trying to hide the problems with their OS) always conflate them. Local security vulnerabilities are much more pervasive and much more difficult to shut down since everything you run on your system, well, runs on your system. Not everything that runs on your system is open to attack through a network, much less the Internet. An image editing program can have a vulnerability that leads to local privilege escalation problems. It's not going to let someone attack your machine via the Internet unless they have a local account on the machine.

And of course that's a very simple way of putting it, but it's all I'm up to at the moment.

Anyway ... again, thanks for posting this.