Microsoft privacy guru Kim Cameron fell victim to a blog hacking. Commenters on the site went crazy, at once blaming Microsoft products and playing nutty fanboy over LAMP. Unfortunately for them, Cameron’s blog doesn’t run on an MS backend…it’s FreeBSD cranking Wordpress. No surprise…it’s neither Cameron’s or Microsoft’s fault, unless a jury concludes guilt by association is a crime.

In other news, Stan Schroeder pounces…Macs are susceptible to viruses, despite what all the Apple fanboys think. I’m a longtime (but only semi-smug) Mac user, and I’ve previously warned Mac users to stay humble. A history of the OS X security debate via this susceptible-to-hacks blog can be found here.

UPDATE: Carlo Longino goes contrarian on Ooma. Meanwhile, I may be waiting a long time for that OS X bug…the “creator” is on the lam.

According a MacWorld report, a bluetooth security hole has been found. Yes, that’s right - bluetooth. You know, bluetooth! You don’t use bluetooth? Where have you been?

My guess is on a deserted island for the last six months, as you would have to have ignored about that duration’s worth of updates to OS X (since Apple posted a patch in like May).

The debate continues, even though many say the Mac is only less susceptible to malware because there are less Macs in the world. Tom Yager provides more “guts” on the matter.

No judgement here - I just want to hear those security through obscurity comments from Windows users again.

It must be wireless hack day. A debate has ensued over at Brian Kreb’s Security Fix (WaPo) over…wireless vulnerabilities.

A demonstration is happening today at Black Hat Briefings, whereby two fellas will present hijacking a MacBook in sixty seconds flat. The question at hand - is this an OS X issue or a wireless vendor (in this case Atheros) issue?

Sophos just released their latest Security Threat Management Report, and the news is not good for all. Viruses are waning, but malicious malware designed to steal you blind (say financially-oriented trojans) is up dramatically. The Sobers and Netskys of the world still lead the charge, but the face of deliver is simply changing.

Then, in the wake of this news, Sophos (who I feel generally maintains an unbiased reporting approach in order to preserve their credibility), adds the following footnotes to their distribution charts:

For malware…

All of the above malware works on Windows; none is capable of infecting Mac OS X.

and their families…

Again, all of the above malware works on Microsoft Windows; none is capable of infecting the Apple Macintosh operating system.

They go on to say…

“It’s more vital than ever that all organisations use an integrated security solution to protect against intrusion, as well as blocking known and unknown malware. On top of this, hackers seem happy to primarily target Windows users and not spread their wings to other platforms. It seems likely that Macs will continue to be the safer place for computer users for some time to come - something that home users may wish to consider if they’re deliberating about the next computer they should purchase.”

This couldn’t be much more timely. I was recently accused of being a well-crafted shill (for OS X, despite the fact I generally promote Linux side-by-side), and a “clueless machead.” Well, let’s just set the story straight.

I was a Windows user since the days of 3.1, moving to 95, then migrating carefully along the NT-based set. I never got an infection (I spent a hoard of money on protective mechanisms), but since I put my machines through their paces, I saw the “blue screen of death” on numerous occasions. Then I stuffed Linux on my Dell laptop, and I was hooked. My “in-the-know” friends lent a helping hand, while my less inclined colleagues continued to struggle with Windows. I found freedom to do what I wanted with my desktop - but it took time. The ensuing months found me spending more and more of my work day on the Linux side of that tricky little dual-boot, dual-drive Dell, even though that work day was primarily financial in nature.

Then one day, I get handed a Powerbook - told to toy with it on a rainy weekend. I did, and what I found was the best of both worlds, so I bought one myself. I’ve stuff a fresh database server on it, used it to test web apps, compiled Gimp and Ethereal for it, and hoards of other half-fun, half-needed things. And I’ve even protected it with anti-virus software (mostly to prevent passing something on to others). It has never crashed to memory dump or been infected, and I can (surprise) still use it to send email, build financial projections, and write letters. And, Linux is still the platform of choice when bringing a server up.

I can’t help but be biased now, but I’ve put in the hours. I promote OS X because the shit works, and I hate seeing my friends struggle (and I hate reformatting their Windows machines, and reinstalling XP, too, although I do it anyway). I’ve gotten numerous people to switch to Linux (and if it had training wheels, they would have probably stayed). Only one migration to OS X as a result of my preaching (due mostly to cost), but it has stuck. Put in the time, or fork up the dough - both are fine by me.

I don’t own Microsoft or Apple or Red Hat stock either.

***UPDATE***

Regardless of what’s really the case, a battle ensued over at Slashdot, and the arguments were top notch.

After years of tried and true service in the backoffice and among the highly technical set, UNIX-like operating systems are tooting high tones on the mainstream desktop. I am sure those historically “in the know,” having tackled Linux, OS X and other flavors for their computing needs, are feeling rather smug right now.

But wait! In the midst of “other” operating systems failure to deliver decent security (and maybe even fail to deliver to the store shelves in one piece), all of a sudden threats to the underdogs are being spoke of everywhere.

Does the newfound popularity make Linux and OS X vulnerable to technical attacks, or simply the target of pundits’ attacks?

Bill Husted breaks down some needed tools you have to have to stay safe from evildoers lurking on our computer networks. Firewall, anti-virus, anti-spyware, and you are set. But for how long?

“Unfortunately, given the state of computer security, your term of enlistment is for life.

I disagree. A lifetime’s enslavement is only for those who can’t stand change (or just aren’t willing to step out of their comfort zone for a bit). You could prepare yourself for the future by studying the past. Pick a new operating system - one that ends with an “X” instead of starting with it. You might be waiting a long long time for a less “invasive” solution.

A Mac was hacked in thirty minutes. This doesn’t seem to bode well for Apple, until you look under the cover of the news, and realize it is just more hype.

A Slashdot reader laid bare the mistake, which included the fact that the hacker had an open SSH connection to work with. I wonder how many designers, illustrators, writers, and (in my case) finance geeks who tinker with open source projects, keep remote access on their machines on all the time? As usual for OS X, it is turned off by default.

As one commenter noted:

I think you can’t “see the forest for the trees.” The original test was equivalent to saying “I’ll let a thief into my house. Let’s see if he can steal anything!” Most houses don’t have everything bolted down to the floor. But how often do you allow someone into your machine? For a desktop, not often, perhaps never.

Next.

***UPDATE***

Despite this news, the person who broke into the Mac box (after being handed a partial set of keys) is mocking Apple security anyway. I suspect someone really needs some attention.

The Register reports that the recently discovered threats are largely academic, noting too much interaction is needed on one, and that another was released as a proof of concept out of academia itself. Meanwhile, the Wall Street Journal is all over the topic, quoting a Symantec engineer who is predicting a “gradual erosion” of OS X security as the platform continues its popularity climb.

No matter which way this issue heads, I’ll still be chuckling over one Slashdot commenter’s take on the WSJ position…

“A Symantec engineer predicts a ‘gradual erosion’ of the idea that Macs are a safer operating system than Windows.

Now there’s a neutral party with no agenda when it comes to security!

Honestly, the worst Mac malware I’ve seen so far had a Symantec sticker on the box.”

This is what he was referring to.