I honestly actually lol-ed when I read this post Joe. To say OS X is "VERY easy to hack into" is a ridiculous statement.
You say that like you're an expert at coding buffer overflow attacks in CPU-Specific codesets, understand getting the payload executed on a target machine and all the technical complexities that go with it.
It really shows that you don't thoroughly understand core operating system technologies.
But that's ok. It's ok not to know stuff but don't run around slamming things you don't understand. (Others in the krew are guilty of this.)
Look at what that "Expert" is saying that OS X lacks ASLR so it is therefore insecure. OS X does use memory randomization, it's just differently implemented than Windows.
If the words "Buffer Overflow" didn't pop into our head when you read that then you don't know the first thing about ASLR and memory addressing methodology. (I'm no expert on it myself but i know enough to discuss it.)
Mac software code would have to be vulnerable to user executable stack space attacks (Buffer Overflows) to begin with and there are no known vulnerabilities in the default install of OS X (At this moment.)
One critical thing to remember here is, no matter how secure the default OS install is, it is useless the moment stupid user installs a cute little program they found on russia.ru that opens up vulnerabilities on the system.
Anyhow, vulnerabilities are patched as they are discovered just like with most modern operating systems. (OS X, Windows, Linux, FreeBSD Unix)
Since there are no known buffer overflows on OS X software then ASLR is pointless. You have to have a vulnerable software condition to make ASLR useful.
Besides, Mac OS X does use library load randomization while Vista uses that plus code, stack, heap but it has its own vulnerabilities as shown on this site.
http://www.laconicsecurity.com/aslr-leopard-versus-vista.html
For those of you new to this technology, buffer overflows occur because the programmers failed to add input validation into where users can input data into software.
Example: Image my username on the forum being 256 characters and has some machine code in it.
The machine code is a program that does something the system isn't prepared for.
If the software is vulnerable this code I've just inserted as user input (user executable stack space) gets processed by the CPU.
The machine code tries to predict which memory region has the instruction pointer. (where stack, heap, code and library randomization is useful.)
It grabs that instruction (EIP) pointer, tells it to execute this code I just stuck in there (with my 256 byte username)
And that code says grant user pwnsauce forum admin privileges.
Like I said, I don't care if you ppl slam one of the operating systems I use but at least have valid complaints with knowledgeable arguments and not just "OSX is VERY easy to hack into" lol!
Pwn
PS One other thing. People have a bad habit of slamming Macs for their cost but they're comparing cost of a nice Mac to the cost of a Windows entry level laptop that costs $250.
A Windows laptop comparable to a MacBook pro 15 inch costs $260 more than the Mac so that argument fails.
osx is VERY easy to hack into. take a look.
http://www.tomshardware.com/news/hack-windows-security-snow-leopard,8704.html
granted windows gets viruses becasue majority of population has windows, but x64 ggets rid of that and if you dont watch porn and use limewire ull be fine
ive used windows 7 x86 and x64 since beta. i havent had a single virus at all. (no porn and no limewire/p2p). i didnt use anto virus until recently. i got it because i use my pc to do alot on ebay. i dont want to randomly find out i was haxed.