Inside Mac OS X Snow Leopard: Malware Protection
Apple has enhanced the warnings Snow Leopard users get when directly downloading or opening disk images containing files known to be malicious. This article, the fifth in a series looking closer at some of Snow Leopard's well-known but often misrepresented or misunderstood features, examines what this really means for Mac users and their relative security.
Malware Protection?
Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software (below). The previous release of Leopard also already flags Internet downloads with metadata that alerts users that what they are opening was downloaded from the web, citing where and when.
What's new in Snow Leopard is an additional warning when disk images are opened containing known malware installers. However, there is no real malware problem on the Mac, in part because it's hard to write viral code that infects Mac OS X and very easy for Apple to roll out a patch that closes any discovered holes.
"Mac bugs aren?t really valuable"
Shortly after security experts disclose their pet exploit discoveries at black hat security competition events, the highly publicized exploits are patched relatively quickly by Apple, although many report that they wish the company would step up its efforts on that front to close any potential window allowing theoretical attacks.
The fact that there are no real problems on the Mac makes every potential exploit discovery newsworthy, unlike the scores of new exploits regularly discovered for other platforms. In the wake of the Pwn2Own contest, Mac security expert Charlie Miller reiterated, "I'd still recommend Macs for typical users as the odds of something targeting them are so low that they might go years without seeing any malware, even though if an attacker cared to target them it would be easier for them."
Despite this exaggerated publicity surrounding Mac malware discoveries, there's simply no sustainable business model for profiting from malware on the Mac. In Miller's words, "Mac bugs aren?t really valuable."
That is particularly the case in comparison to Windows, where security holes abound in the massive sea of the unmanaged installed base of generic PCs, updates are not as easy to install, and there is an active market for ready-made virus code used to deliver malware payloads.
Most of the iceberg is under water
Microsoft's installed base of a billion Windows PCs is a fertile base for spammers and identity thieves to set up their virus-distributed operations. While Microsoft has invested heavily in securing Windows Vista/7, adoption of modern versions of Windows is very low. This has severely diluted the billions Microsoft has invested over the past decade to fix Window's show stopper security problems.
As noted earlier, even among big spending gamers with higher-end PCs, Vista's penetration has only reached a weak 36% after nearly three years. W3Schools reports the combined use of Vista/7 reaching just 21% in August 2009 among its web stats of ten million visiting developers.
That means more than two-thirds of the general PC population worldwide is still using Windows XP, and many of those Internet-connected but security-challenged machines are not regularly patched and will never be upgraded to Vista or Windows 7.
Window's security problem isn't simply a product of its popularity, but rather a result of Microsoft's catering to the low end of the mass market to deliver a ubiquitous product suffering from engineering lapses, from Active X to the Registry to invisible and unauthorized background software installation, all problems that have resulted in a platform riddled with serious security breeches.
Microsoft isn't just a victim of malicious software vendors however; it has also distributed both its own and third party adware and spyware, from Windows Genuine Advantage to Alexa. In 2005, it even entered talks to buy the notorious Claria, which resulted in Microsoft's Windows AntiSpyware conveniently reclassifying that company's Gator and other malware titles as "non-threatening" and suggested that users ignore the problem.
Prior to becoming a potential benefactor of the firm's malware business, Microsoft recommended that Windows users quarantine Claria's malware.
No ice on the horizon in Cupertino
The iPhone demonstrates that Apple can achieve a significant share of a market without creating a Windows-like petri dish of viral malware as a result. If the iPhone can avoid a security plague while capturing 10% to 25% of the smartphone hardware market (and a majority portion of smartphone software activity), it appears Apple's Mac platform should also have room to safely double several times.
Panicked warnings about an inevitable flood of Mac malware have been regularly sounded since 2004, but dramatic advances in Mac market share have simply not resulted in similar growth in malware threats relative to those on the Windows platform. Instead, the Mac's security has been improving.
Snow Leopard continues the development of the Mac platform to include an immune system that helps prevent users even from infecting themselves inadvertently while trying to download porn or obtain an illicit copy of iWork. This issue, of trojan user trickery, has no direct connection with the separate issue of software flaws and vulnerabilities that can result in direct exploits from outside attackers.
Security Fears and Exploitation
Security experts who discover theoretical exploits and flaws in operating systems, including Miller, report that Mac OS X offers fewer security features overall than Windows Vista, but that it is "safer" because nobody is taking advantage of those holes.
It is true that in certain areas, Microsoft has delivered security features in Windows Vista/7 that have no equivalent Snow Leopard. Uninformed writers who interview these software exploit experts often confuse the issue by associating "exploits" with "viruses," and "automated viral attacks" with "people being tricked into installing malicious software themselves."
As a result, they end up falsely claiming that the Mac is on a similar level as Windows as far as malware existence, which is not remotely true; they ignore that Windows PCs are still bombarded with viruses, none of which has ever hit Mac users; and they claim that the theoretical security of Windows is better than that of Mac OS X, apparently having forgot that the very "do-it-to-yourself trojan installation problem" they inspire fear about on the Mac is much worse on Windows, and that nothing in Vista/7's fancy exploit-closing technologies can stop users from manually installing their own casual malware trojans.
Be careful what you ask for
The Mac platform isn't under attack from virus writers who exploit vulnerabilities because there is no business model for investing in attacking Macs. The only examples of Mac malware ever cited are non-viral, malicious software installers that must trick users into authorizing their installation.
However, the only way an operating system can prevent users from installing their own malware is to specifically regulate the software users can install. That's what the iPhone does; users can't install unapproved software without first defeating the iPhone's security system via jailbreaking.
Most Mac users wouldn't want Apple preventing them from installing any software that wasn't signed and approved by Apple. Yet some pundits who complain that Apple went too far in restricting iPhone apps are also inspiring fear that the iPhone is a potential security risk when jailbroken, effectively arguing for the right to eat cake while keeping it around, too.
Mac Antivirus?
Antivirus vendors Kaspersky, Symantec, and particularly Intego have all tried to suggest that Apple's new alert targeting a couple of known malware installers is somehow an admission that Mac users need to buy antivirus software to eat up 10% of their processor while looking for problems that don't exist.
However, with Snow Leopard's built-in, updatable malware blacklist managed by the operating system, the Mac now has a security profile closer to the iPhone, without any need for a whitelist requiring an app approval process like the App Store.
Mac and iPhone users are not theoretically impervious to any possible attack, but both are well ahead of the competition. Macs are not suffering from real-world problems (as Windows does) and the iPhone is secured from the wide-open potential for malicious assault (as Android is). With Snow Leopard, Apple has simply made the business case for building new Mac malware that much less attractive to thugs.
Bugs in the bug-catchers
The fact is that virtually all software has some potential for exposing exploitable vulnerabilities. The threat of vulnerabilities in antivirus software is particularly dangerous because antivirus typically requires greater access privileges to do its job than most user software does.
On Windows, the moderate risk of antivirus exploits are outweighed by the benefit antivirus provides. On the Mac however, installing antivirus software has little upside and can instead expose its own vulnerabilities, demand performance-sapping overhead, introduce other bugs or incompatibilities into the system and simply get in the way.
One obvious example is McAfee Virex, which Apple formerly bundled with .Mac. It doesn't anymore because Virex didn't really provide any valuable security service, it flagged false positives and it introduced other bugs.
A simple Google search for ?antivirus vulnerability? provides a long list of critical vulnerabilities introduced by antivirus products from virtually every brand in the business: Avast, AVG, BitDefender, McAfee, Norton, ClamAV, Symantec, F-Secure, F-Prot, Kaspersky Labs, and Trend Micro. There are flaws in the antivirus engines and sometimes even new vulnerabilities that are exposed when updates are downloaded.
A recent vulnerability discovered in Panda Security's ActiveScan online service for Windows users allowed remote execution of code. Last year, a study of antivirus vulnerabilities unearthed hundreds and called into question how antivirus vendors report and patch their own software's flaws.
The problem with antivirus vulnerabilities is separate from the additional risks of false positives (sometimes just a false alarm, sometimes disabling important system files which cause serious problems), false negatives (failing to stop an infection), and just being in the way and sapping system performance. The claim that users should just ?install something? to feel safe is simply wrong.
Preparing for the future
Despite all the uproar about theoretical exploits made possible by software vulnerabilities in either Apple's own code or the open source code Apple incorporates into Mac OS X, the lack of any business model to support the creation of such exploits has prevented Mac users from being attacked.
For this reason, third-party Mac antivirus software largely only offers most users the potential of installing new vectors for exploit. There are no real malware risks that are currently addressed on the Mac by third party antivirus tools apart from scanning for Windows or Office viruses.
Snow Leopard's launch is now being set for an overshadowing by tomorrow's iPod and iTunes event. However, Apple is also continuing to build upon the new foundation laid with Snow Leopard, preparing the next minor "service pack" 10.6.1 update and working to build the next generation of new hardware to further exploit capabilities enabled in the new release.
Among these are support for built in WWAN mobile wireless networking, far more RAM, and fully exploitable, advanced GPUs. Apple is also advancing Snow Leopard Server, and will also be using the advances delivered in Snow Leopard to improve the iPhone and Apple TV, as future articles will examine.
Inside Mac OS X Snow Leopard: QuickTime X
Inside Mac OS X Snow Leopard: 64-bits
Inside Mac OS X Snow Leopard: GPU Optimization
Inside Mac OS X Snow Leopard: Exchange Support
Daniel Eran Dilger is the author of "Snow Leopard Server (Developer Reference)," a new book from Wiley available now for pre-order at a special price from Amazon.
Malware Protection?
Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software (below). The previous release of Leopard also already flags Internet downloads with metadata that alerts users that what they are opening was downloaded from the web, citing where and when.
What's new in Snow Leopard is an additional warning when disk images are opened containing known malware installers. However, there is no real malware problem on the Mac, in part because it's hard to write viral code that infects Mac OS X and very easy for Apple to roll out a patch that closes any discovered holes.
"Mac bugs aren?t really valuable"
Shortly after security experts disclose their pet exploit discoveries at black hat security competition events, the highly publicized exploits are patched relatively quickly by Apple, although many report that they wish the company would step up its efforts on that front to close any potential window allowing theoretical attacks.
The fact that there are no real problems on the Mac makes every potential exploit discovery newsworthy, unlike the scores of new exploits regularly discovered for other platforms. In the wake of the Pwn2Own contest, Mac security expert Charlie Miller reiterated, "I'd still recommend Macs for typical users as the odds of something targeting them are so low that they might go years without seeing any malware, even though if an attacker cared to target them it would be easier for them."
Despite this exaggerated publicity surrounding Mac malware discoveries, there's simply no sustainable business model for profiting from malware on the Mac. In Miller's words, "Mac bugs aren?t really valuable."
That is particularly the case in comparison to Windows, where security holes abound in the massive sea of the unmanaged installed base of generic PCs, updates are not as easy to install, and there is an active market for ready-made virus code used to deliver malware payloads.
Most of the iceberg is under water
Microsoft's installed base of a billion Windows PCs is a fertile base for spammers and identity thieves to set up their virus-distributed operations. While Microsoft has invested heavily in securing Windows Vista/7, adoption of modern versions of Windows is very low. This has severely diluted the billions Microsoft has invested over the past decade to fix Window's show stopper security problems.
As noted earlier, even among big spending gamers with higher-end PCs, Vista's penetration has only reached a weak 36% after nearly three years. W3Schools reports the combined use of Vista/7 reaching just 21% in August 2009 among its web stats of ten million visiting developers.
That means more than two-thirds of the general PC population worldwide is still using Windows XP, and many of those Internet-connected but security-challenged machines are not regularly patched and will never be upgraded to Vista or Windows 7.
Window's security problem isn't simply a product of its popularity, but rather a result of Microsoft's catering to the low end of the mass market to deliver a ubiquitous product suffering from engineering lapses, from Active X to the Registry to invisible and unauthorized background software installation, all problems that have resulted in a platform riddled with serious security breeches.
Microsoft isn't just a victim of malicious software vendors however; it has also distributed both its own and third party adware and spyware, from Windows Genuine Advantage to Alexa. In 2005, it even entered talks to buy the notorious Claria, which resulted in Microsoft's Windows AntiSpyware conveniently reclassifying that company's Gator and other malware titles as "non-threatening" and suggested that users ignore the problem.
Prior to becoming a potential benefactor of the firm's malware business, Microsoft recommended that Windows users quarantine Claria's malware.
No ice on the horizon in Cupertino
The iPhone demonstrates that Apple can achieve a significant share of a market without creating a Windows-like petri dish of viral malware as a result. If the iPhone can avoid a security plague while capturing 10% to 25% of the smartphone hardware market (and a majority portion of smartphone software activity), it appears Apple's Mac platform should also have room to safely double several times.
Panicked warnings about an inevitable flood of Mac malware have been regularly sounded since 2004, but dramatic advances in Mac market share have simply not resulted in similar growth in malware threats relative to those on the Windows platform. Instead, the Mac's security has been improving.
Snow Leopard continues the development of the Mac platform to include an immune system that helps prevent users even from infecting themselves inadvertently while trying to download porn or obtain an illicit copy of iWork. This issue, of trojan user trickery, has no direct connection with the separate issue of software flaws and vulnerabilities that can result in direct exploits from outside attackers.
Security Fears and Exploitation
Security experts who discover theoretical exploits and flaws in operating systems, including Miller, report that Mac OS X offers fewer security features overall than Windows Vista, but that it is "safer" because nobody is taking advantage of those holes.
It is true that in certain areas, Microsoft has delivered security features in Windows Vista/7 that have no equivalent Snow Leopard. Uninformed writers who interview these software exploit experts often confuse the issue by associating "exploits" with "viruses," and "automated viral attacks" with "people being tricked into installing malicious software themselves."
As a result, they end up falsely claiming that the Mac is on a similar level as Windows as far as malware existence, which is not remotely true; they ignore that Windows PCs are still bombarded with viruses, none of which has ever hit Mac users; and they claim that the theoretical security of Windows is better than that of Mac OS X, apparently having forgot that the very "do-it-to-yourself trojan installation problem" they inspire fear about on the Mac is much worse on Windows, and that nothing in Vista/7's fancy exploit-closing technologies can stop users from manually installing their own casual malware trojans.
Be careful what you ask for
The Mac platform isn't under attack from virus writers who exploit vulnerabilities because there is no business model for investing in attacking Macs. The only examples of Mac malware ever cited are non-viral, malicious software installers that must trick users into authorizing their installation.
However, the only way an operating system can prevent users from installing their own malware is to specifically regulate the software users can install. That's what the iPhone does; users can't install unapproved software without first defeating the iPhone's security system via jailbreaking.
Most Mac users wouldn't want Apple preventing them from installing any software that wasn't signed and approved by Apple. Yet some pundits who complain that Apple went too far in restricting iPhone apps are also inspiring fear that the iPhone is a potential security risk when jailbroken, effectively arguing for the right to eat cake while keeping it around, too.
Mac Antivirus?
Antivirus vendors Kaspersky, Symantec, and particularly Intego have all tried to suggest that Apple's new alert targeting a couple of known malware installers is somehow an admission that Mac users need to buy antivirus software to eat up 10% of their processor while looking for problems that don't exist.
However, with Snow Leopard's built-in, updatable malware blacklist managed by the operating system, the Mac now has a security profile closer to the iPhone, without any need for a whitelist requiring an app approval process like the App Store.
Mac and iPhone users are not theoretically impervious to any possible attack, but both are well ahead of the competition. Macs are not suffering from real-world problems (as Windows does) and the iPhone is secured from the wide-open potential for malicious assault (as Android is). With Snow Leopard, Apple has simply made the business case for building new Mac malware that much less attractive to thugs.
Bugs in the bug-catchers
The fact is that virtually all software has some potential for exposing exploitable vulnerabilities. The threat of vulnerabilities in antivirus software is particularly dangerous because antivirus typically requires greater access privileges to do its job than most user software does.
On Windows, the moderate risk of antivirus exploits are outweighed by the benefit antivirus provides. On the Mac however, installing antivirus software has little upside and can instead expose its own vulnerabilities, demand performance-sapping overhead, introduce other bugs or incompatibilities into the system and simply get in the way.
One obvious example is McAfee Virex, which Apple formerly bundled with .Mac. It doesn't anymore because Virex didn't really provide any valuable security service, it flagged false positives and it introduced other bugs.
A simple Google search for ?antivirus vulnerability? provides a long list of critical vulnerabilities introduced by antivirus products from virtually every brand in the business: Avast, AVG, BitDefender, McAfee, Norton, ClamAV, Symantec, F-Secure, F-Prot, Kaspersky Labs, and Trend Micro. There are flaws in the antivirus engines and sometimes even new vulnerabilities that are exposed when updates are downloaded.
A recent vulnerability discovered in Panda Security's ActiveScan online service for Windows users allowed remote execution of code. Last year, a study of antivirus vulnerabilities unearthed hundreds and called into question how antivirus vendors report and patch their own software's flaws.
The problem with antivirus vulnerabilities is separate from the additional risks of false positives (sometimes just a false alarm, sometimes disabling important system files which cause serious problems), false negatives (failing to stop an infection), and just being in the way and sapping system performance. The claim that users should just ?install something? to feel safe is simply wrong.
Preparing for the future
Despite all the uproar about theoretical exploits made possible by software vulnerabilities in either Apple's own code or the open source code Apple incorporates into Mac OS X, the lack of any business model to support the creation of such exploits has prevented Mac users from being attacked.
For this reason, third-party Mac antivirus software largely only offers most users the potential of installing new vectors for exploit. There are no real malware risks that are currently addressed on the Mac by third party antivirus tools apart from scanning for Windows or Office viruses.
Snow Leopard's launch is now being set for an overshadowing by tomorrow's iPod and iTunes event. However, Apple is also continuing to build upon the new foundation laid with Snow Leopard, preparing the next minor "service pack" 10.6.1 update and working to build the next generation of new hardware to further exploit capabilities enabled in the new release.
Among these are support for built in WWAN mobile wireless networking, far more RAM, and fully exploitable, advanced GPUs. Apple is also advancing Snow Leopard Server, and will also be using the advances delivered in Snow Leopard to improve the iPhone and Apple TV, as future articles will examine.
Inside Mac OS X Snow Leopard: QuickTime X
Inside Mac OS X Snow Leopard: 64-bits
Inside Mac OS X Snow Leopard: GPU Optimization
Inside Mac OS X Snow Leopard: Exchange Support
Daniel Eran Dilger is the author of "Snow Leopard Server (Developer Reference)," a new book from Wiley available now for pre-order at a special price from Amazon.
Comments
However, there is no real malware problem on the Mac, in part because it's hard to write viral code that infects Mac OS X and very easy for Apple to roll out a patch that closes any discovered holes.
Well yes. Most software have a software update mechanism that makes it easy to deploy patches. And it is also true that OS X hasn't had many active exploits and the average Mac user is already better off than most Windows users. Still, the concern is not whether it is easy for Apple to release patches, but how they choose to do so. Apple is often slow to release patches and more importantly, has poor communication regarding security. Even if they don't release a patch right away, they could certainly communicate steps that users can take to mitigate the risk until a patch is released.
Despite all the uproar about theoretical exploits made possible by software vulnerabilities in either Apple's own code or the open source code Apple incorporates into Mac OS X, the lack of any business model to support the creation of such exploits has prevented Mac users from being attacked.
For this reason, third-party Mac antivirus software largely only offers most users the potential of installing new vectors for exploit.
Are you actually suggesting that installing Mac antivirus software makes users more vulnerable to attack? I can see how that could theoretically be possible if the antivirus software was poorly written security-wise. However, this is a very serious accusation that really needs to be backed up by proof. Certainly, in an article claiming people are spreading fear of OS X vulnerability, accusations like these shouldn't just be thrown out there.
Are you actually suggesting that installing Mac antivirus software makes users more vulnerable to attack? I can see how that could theoretically be possible if the antivirus software was poorly written security-wise. However, this is a very serious accusation that really needs to be backed up by proof. Certainly, in an article claiming people are spreading fear of OS X vulnerability, accusations like these shouldn't just be thrown out there.
I think what Dan is getting at is, if virus writers know a good deal of Mac users are using the same antivirus software, it gives them a more unified target because all they have to do is find an exploit for that software and, voila, they can infect numerous Macs. This is true for other well-known, prevalent software (hello Flash).
Antivirus software can also create a false sense of security as it can't stop unknown attacks (if there were any) or, separately, undocumented trojans until after the user has infected themselves.
I have no doubt it took a lot of work to produce the ongoing series of articles -- critiquing is all too easy when protected by the privacy of a keyboard and screen -- and the intent is a contribution to the Mac community but as an interested reader, I just wish I didn't have to wade through so much anti-Microsoft to learn more about Snow Leopard, the underpinnings for which the author clearly understands and from whom I can learn. It's okay to assume the readership has critical thinking skills. Please take this as a constructive suggestion.
Peter
And how exactly does "Snow Leopard's built-in, updatable malware blacklist managed by the operating system" give it "a security profile closer to the iPhone"? That's quite a stretch.
If only Daniel Dilger's writing style didn't get in his way. From my point of view, its subtext overshadows his ideas and the impact of his précis.
I have no doubt it took a lot of work to produce the ongoing series of articles -- critiquing is all too easy when protected by the privacy of a keyboard and screen -- and the intent is a contribution to the Mac community but as an interested reader, I just wish I didn't have to wade through so much anti-Microsoft to learn more about Snow Leopard, the underpinnings for which the author clearly understands and from whom I can learn. It's okay to assume the readership has critical thinking skills. ...
I know what you're getting at, and I appreciate the constructive way in which you try to phrase it, but IMO there really isn't that much "anti-Microsoft" stuff in what daniel writes for AI. Some of the more extreme stuff on his own site maybe, but not this stuff.
I think most people make the same mistake here as is made in certain news organisations when they assume that there are two equal sides to every story. Sometimes the truth is just one sided.
I've used most OS's since the Commodore and Amiga were on top and used most versions of Windows and I don't see how there is ever much good to say about Microsoft or Windows or that there ever has been. Just because Daniel writes articles that point out how rotten Microsoft is and just because he contrasts and compares what Apple is doing right to what Microsoft is doing wrong, that doesn't mean he's "bashing" Microsoft unfairly.
The facts are the facts. Microsoft never has had the user's interests at heart. We've heard as much from the lips of Bill Gates himself. Microsoft really have copied most of their best ideas from Apple. Microsoft never has really cared about security, or open standards or all the things that Daniel takes them to task for. There's nothing wrong with speaking the truth.
On the contrary, it would be disingenuous to do what most tech writers do and constantly give Microsoft the benefit of the doubt when in fact they don't deserve it, and never have IMO.
There aren't two *equal* sides to this debate.
My work PC has been hit by trojans twice going to tech web sites.
And how exactly does "Snow Leopard's built-in, updatable malware blacklist managed by the operating system" give it "a security profile closer to the iPhone"? That's quite a stretch.
However, the only way an operating system can prevent users from installing their own malware is to specifically regulate the software users can install.
I'm pretty sure Snow Leopard's system-level malware detection/warning system is closer to the regulated App Store.
There hasn't been any viruses for OS X, but there are and has been vulnerabilities that are used covertly, not overtly like a virus is. Browser exploits, Java too.
There is the little Mac keyboard firmware issue that can't be wiped with a hard drive reformat. Also Apple doesn't update the open source components of OS X with security updates they find fast enough. So it's rather easy to look there first and then apply to OS X.
I was rather happy Mac's were off the "radar" but they are on it now for sure. There was a OS X based "botnet" some time ago.
If you like to surf for adult material and other dark places, use Ubuntu w/Firefox on a cheap netbook is my advice. Getting nearly zero browser hijackings now.
Also using the "safe browsing" feature turned on is just telling Apple/Mozilla/Google all the sites your visiting along with your IP address.
http://www.ubuntu.com/
http://system76.com/product_info.php...products_id=92
(example only, no compensation for mention)
I wonder what will happen when the barn door is found open.
Anyhow, off to Linux Mint... where viruses don't attack there either. It must be its amazing security system.
It seemed like the majority of this article was really saying that Mac OS X has less security than other OSs, for the mere fact that nothing is really written for it. I don't see that as a plus for the Mac OS. I see it as a negative that just because something isn't out there, you aren't protecting against it fully? Did I read correctly that Vista, of all OSs, has some security features that just don't exist and are above OS X? Doesn't seem right from OS X, the "best Operating System in the world".
I wonder what will happen when the barn door is found open.
Anyhow, off to Linux Mint... where viruses don't attack there either. It must be its amazing security system.
It is exactly what the article is saying. And I'm surprised that AI would even publish it.
OSX is not even close to Windows 7 or all the way back to Windows XP.
And the fact that an Apple site is writing articles about it is an open door for malware to be written for OSX.
Another failed article by AI today. That makes 3 (one of which they deleted all of the comments because it wasn't positive Apple.
Quit quoting this book, it's obvious the writer hates Microsoft and to even post that OSX is not as safe as Windows makes 20 years of commercials useless.
Mac users get Anti Virus software. Apple's is a band-aid on the big problem and leaves your computer open to the bad guys that want your credit card info, key trackers and to use your computer to run their mail scams.
If you like to surf for adult material and other dark places, use Ubuntu w/Firefox on a cheap netbook is my advice. Getting nearly zero browser hijackings now.
When surfing "dark places" I use OS X Fast User Switching to bump over to a non-admin account and run Firefox with Private Browsing on and Java and Javascript off.
I know what you're getting at, and I appreciate the constructive way in which you try to phrase it, but IMO there really isn't that much "anti-Microsoft" stuff in what daniel writes for AI. Some of the more extreme stuff on his own site maybe, but not this stuff.
I think most people make the same mistake here as is made in certain news organisations when they assume that there are two equal sides to every story. Sometimes the truth is just one sided.
I've used most OS's since the Commodore and Amiga were on top and used most versions of Windows and I don't see how there is ever much good to say about Microsoft or Windows or that there ever has been. Just because Daniel writes articles that point out how rotten Microsoft is and just because he contrasts and compares what Apple is doing right to what Microsoft is doing wrong, that doesn't mean he's "bashing" Microsoft unfairly.
The facts are the facts. Microsoft never has had the user's interests at heart. We've heard as much from the lips of Bill Gates himself. Microsoft really have copied most of their best ideas from Apple. Microsoft never has really cared about security, or open standards or all the things that Daniel takes them to task for. There's nothing wrong with speaking the truth.
On the contrary, it would be disingenuous to do what most tech writers do and constantly give Microsoft the benefit of the doubt when in fact they don't deserve it, and never have IMO.
There aren't two *equal* sides to this debate.
I'd go further: I wish there were more news organizations presenting, and more consumers demanding, a polygonal viewpoint. Sometimes important textures get lost in two-sided debate. Code may be binary, people aren’t
I love points of view, hard-hitting ones. No doubt you do, too. My observation of this series by Daniel Dilger is that were he to spend more time at each of his master-heads detailing the merits of Snow Leopard in-and-of themselves, I think he'd strengthen his piece. For instance, judging by the title of his upcoming book, he's schooled on the server side of OS X and therefore, the security backend. As such, I'm keen to learn what structural elements in the OS make it difficult to write malware code. Why is the black-hat banging their head against the wall? If there is a breach, where in the OS and why might it happen? What is Apple’s anti-malware strategy and how is it evolving to meet the ever-moving, proverbial "puck?” With macro functionality returning to Office 2010 for Mac, are there new security concerns? Could a macro launch a destructive Automator script? When connecting to an Exchange server, does using Snow Leopard’s integrated Exchange support for Mail, Address Book, and Calendar afford any security benefit over Entourage 2008? Since Flash is an ongoing security problem, how does (or could) Apple mitigate the problem at the OS level? Given its publicly quiet approach to security, is Apple doing itself a disservice? How does it keep a pulse on security threats?
In short, concentrating more on Who/What/Where/When/Why, and of course, "How" and “So What” would add much more to the collective discussion and render sniping at Microsoft all the more moot.
Cheers
Anyway, the malware warning she got was a pop artist web-site where she wanted to download some desktop wallpaper... odd... that's all the Mac needs is false warnings of doom...
It is exactly what the article is saying. And I'm surprised that AI would even publish it.
OSX is not even close to Windows 7 or all the way back to Windows XP.
And the fact that an Apple site is writing articles about it is an open door for malware to be written for OSX.
Another failed article by AI today. That makes 3 (one of which they deleted all of the comments because it wasn't positive Apple.
Quit quoting this book, it's obvious the writer hates Microsoft and to even post that OSX is not as safe as Windows makes 20 years of commercials useless.
Mac users get Anti Virus software. Apple's is a band-aid on the big problem and leaves your computer open to the bad guys that want your credit card info, key trackers and to use your computer to run their mail scams.
Again you shout your opinions without one ounce of factual data and expect us to listen to you. I wonder if we could get you to actaully post some facts for a change.
Soul
When surfing "dark places" I use OS X Fast User Switching to bump over to a non-admin account and run Firefox with Private Browsing on and Java and Javascript off.
with Flashblock (addon) too
or you can go even further and run Firefox in a chroot jail
I hold the view that Dilger is one of the few people willing to speak knowledgely and bluntly about Microsoft. It seems to me that Hans Christian Anderson made his fable ( http://www.youtube.com/watch?v=aGDr69VOv6g ) of the Emperor's New Clothes for just this situation - 'Microsoft is too prevalent and too powerful for anyone to say how bad it really is'.
It is exactly what the article is saying. And I'm surprised that AI would even publish it.
OSX is not even close to Windows 7 or all the way back to Windows XP.
And the fact that an Apple site is writing articles about it is an open door for malware to be written for OSX.
Another failed article by AI today. That makes 3 (one of which they deleted all of the comments because it wasn't positive Apple.
Quit quoting this book, it's obvious the writer hates Microsoft and to even post that OSX is not as safe as Windows makes 20 years of commercials useless.
Mac users get Anti Virus software. Apple's is a band-aid on the big problem and leaves your computer open to the bad guys that want your credit card info, key trackers and to use your computer to run their mail scams.
I know what you're getting at, and I appreciate the constructive way in which you try to phrase it, but IMO there really isn't that much "anti-Microsoft" stuff in what daniel writes for AI. Some of the more extreme stuff on his own site maybe, but not this stuff.
The problem with Daniel's writing style is that everything reads like a sales pitch. Sales pitches by their very nature are likely to be a distortion of the truth. It makes it very hard for the reader to take anything he says on face value, whether the information is accurate or not.
Daniel Eran Dilger is the author of "Snow Leopard Server (Developer Reference)," a new book from Wiley available now for pre-order at a special price from Amazon.
Congrats on the book! I hear writing one is a bear of a job.