What about requiring code signing? That would put the onus on the companies to ensure that they have a valid signature for apps. It doesn't have to be Apple that does the signing, it could be Verisign too (for non-App Store apps). If an app is found to be bad, the certificate can be revoked and updated immediately, perhaps using a similar process to the signature updates Apple using now. That would prevent the app from launching (no valid signature) and be a big embarrassment to the company that issued the certificate. Apple seem to be pushing this direction in their developer documentation, so I wouldn't be surprised to find this a requirement going forward (10.7.x or 10.8)
In Mac OS X Server, applications can be identified by their code signature for the purposes of allowing them to run on a clients machine using managed preferences, so it is possible for the OS to block apps that are not signed.
For open source and other apps, the user (through some step that only technical people would know - command line or keychain assistant perhaps?) could grant a machine-based signature to an unsigned app (like a key to a building) to allow it to run on the machine.
I like what was said before/above....And at the risk of sounding like a clone, I'll let Apple's PHD's and engineers do the work for me, hence, I will only buy sw thru the Apple App Store from now on!
What about requiring code signing? That would put the onus on the companies to ensure that they have a valid signature for apps. It doesn't have to be Apple that does the signing, it could be Verisign too (for non-App Store apps). If an app is found to be bad, the certificate can be revoked and updated immediately, perhaps using a similar process to the signature updates Apple using now. That would prevent the app from launching (no valid signature) and be a big embarrassment to the company that issued the certificate. Apple seem to be pushing this direction in their developer documentation, so I wouldn't be surprised to find this a requirement going forward (10.7.x or 10.8)
In Mac OS X Server, applications can be identified by their code signature for the purposes of allowing them to run on a clients machine using managed preferences, so it is possible for the OS to block apps that are not signed.
For open source and other apps, the user (through some step that only technical people would know - command line or keychain assistant perhaps?) could grant a machine-based signature to an unsigned app (like a key to a building) to allow it to run on the machine.
this would work too. This is what Nokia does..however there is a charge for this signing. Obviously, someone would next argue that it costs to much to sign binaries.
I like what was said before/above....And at the risk of sounding like a clone, I'll let Apple's PHD's and engineers do the work for me, hence, I will only buy sw thru the Apple App Store from now on!
Best
Yup.. with the option to turn this off for people who know what they are doing. However, the default is to go to the App store. I think this would prevent mass infestation and yet satisfy people who know what they are doing and turn off this setting on purpose.
Maybe if Apple took security a little more seriously, the entire internet wouldn't be laughing at Apple right now over this. OS X, is the most insecure OS. Not Windows, sorry folks but these are facts.
Windows actually does have some good features (browser sandboxing) which OS X should implement (actually OS X supports sandboxing, but only Chrome uses it at the moment.) I believe that Windows also introduced ASLR (which it still does better), signed executables, and no-execute permission for data pages before OS X did.
On the other hand, OS X (and iOS, Linux, Android, etc.) never had things like the Windows Registry or ActiveX, which have been major sources of security issues.
OS X was also way ahead of Windows for many years in terms of limiting the open network ports in a fresh install of the OS. Installing Windows 2000 or XP while directly connected to the internet (i.e. not behind a firewall) was a recipe for disaster. For that matter, buying a new XP laptop and connecting it to the internet was also a recipe for disaster. Basically you need to connect from behind a firewall and get all of the Windows updates before it's safe to connect to the actual internet.
Maybe if Apple took security a little more seriously, the entire internet wouldn't be laughing at Apple right now over this. OS X, is the most insecure OS. Not Windows, sorry folks but these are facts. Only reason OS X isn't a target is because we have such little market share, security by obscurity is not a good model. Apple needs to stop with the smug attitude, so do it's users.
"You should have to take a computer test"
"Common sense tells you blah blah blah"
"Walled gardens are better!"
First of all if you think walled gardens are better, just leave America and move to China because obviously you need someone to hold your hand and think for you. Look at what happens throughout history when you give up rights for a false sense of security, you get screwed. We Americans are learning this since 9/11. Second is Microsoft, for all it's faults, actually does take security seriously. If you look at the alerts, more attacks are done on Windows through Adobe products, why? Because Microsoft started taking security seriously in their software. Apple on the other hand treats it like it's a joke, taking months to respond to issues, something leaving patches wide open. I really, REALLY hope Apple gets a brutal virus to slap the smug out of Steve Jobs mouth. He, and a lot of other Apple users, really make me see why people don't like the stereotypical Apple user.
Walled garden is looking better and better. Maybe give consumer a preference on/off switch that allows block of any install unless it comes through App Store.
Is it in Apple's best interest to do a good job on security, when more money can be made by coercing users to buy "safely" through the App Store?
There are plenty of people with lots of common sense who get all flustered and make the wrong choice when computers are involved. I know many older people who are quite wise, and just want to use their computer for a few basic tasks like reading email, web browsing, and shopping a bit. When they encounter a PayPal phishing scam they sometimes fail to realize what's happening and make a mistake. Most of us geeks can recognize a phishing scam, but that doesn't mean that a less experienced person lacks common sense or is an idiot.
In any case, even people who are not smart don't deserve to be taken advantage of. I see so many posts that begin with "if you're stupid enough to...then you deserve..." People who can't see a problem with that attitude may lack a moral compass.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
Is it in Apple's best interest to do a good job on security, when more money can be made by coercing users to buy "safely" through the App Store?
how much money does Apple make from allowing the purchase of so called "Free Virus Scanner" like MacDefender. You think there would be any viruses if you had to pay for the virus before you are allowed to install the software.. with the exception of Microsoft products of course. *joking*
The real problem here is Google's search results being poisoned by black hat SEO's (search engine optimisation), which affect Windows, Mac and other users alike.
First of all if you think walled gardens are better, just leave America and move to China because obviously you need someone to hold your hand and think for you. Look at what happens throughout history when you give up rights for a false sense of security, you get screwed. We Americans are learning this since 9/11.
Godwin's law needs to be extended to include disparaging comments about China.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
exactly! I can see Steve Jobs saying the roughly the same thing. Bravo!
did you read what you wrote here? sorry if you are a female or gay and what you wrote above is 100% correct.
Yes I did, it gave everyone here a good chuckle since we all view it as truth.
Quote:
Originally Posted by snova
Is that you Bill? Welcome.
Someone defends MS when it's deserved and automatically they're Bill Gates. Cute.
Quote:
Originally Posted by blecch
Windows actually does have some good features (browser sandboxing) which OS X should implement (actually OS X supports sandboxing, but only Chrome uses it at the moment.) I believe that Windows also introduced ASLR (which it still does better), signed executables, and no-execute permission for data pages before OS X did.
On the other hand, OS X (and iOS, Linux, Android, etc.) never had things like the Windows Registry or ActiveX, which have been major sources of security issues.
OS X was also way ahead of Windows for many years in terms of limiting the open network ports in a fresh install of the OS. Installing Windows 2000 or XP while directly connected to the internet (i.e. not behind a firewall) was a recipe for disaster. For that matter, buying a new XP laptop and connecting it to the internet was also a recipe for disaster. Basically you need to connect from behind a firewall and get all of the Windows updates before it's safe to connect to the actual internet.
I'm not denying Microsoft at one point was a security nightmare, one only has to remember a decade ago and the security outbreaks.
That was a decade ago, times have changed. They have come along way and I feel they don't get enough credit for that, I'm not a big Microsoft fan but I will defend them or give them praise when it's due.
Quote:
Originally Posted by nkhm
it's not a virus, it's not malware and it in no way harms your computer. it's a phishing scam.
Apple have responded within five days.
You're talking out of an orifice other than your mouth.
Apple responded within five days? I've been reading about MAC Defender for more than five days now man. You must be smoking a lot of pot for time to be moving that slow. Way to completely miss the point anyways. Apple doesn't take security seriously like they should be. Patches are inconsistent and you have no idea when they're going to come. They've taken their time implementing new security measures in OS X since iOS put it on the back burner it seems.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
100% correct. Not everyone is the Terminator with a screen of choices in their brains that pop-up when confronted with a threat. No one should have to be like that to use a computer. Computer use should be no more risk-filled than reading a book or using a calculator.
Comments
In Mac OS X Server, applications can be identified by their code signature for the purposes of allowing them to run on a clients machine using managed preferences, so it is possible for the OS to block apps that are not signed.
For open source and other apps, the user (through some step that only technical people would know - command line or keychain assistant perhaps?) could grant a machine-based signature to an unsigned app (like a key to a building) to allow it to run on the machine.
Ha I just googled it, thank you lol!
Ok guys, you win
what a good sport. Im impressed.
Best
What about requiring code signing? That would put the onus on the companies to ensure that they have a valid signature for apps. It doesn't have to be Apple that does the signing, it could be Verisign too (for non-App Store apps). If an app is found to be bad, the certificate can be revoked and updated immediately, perhaps using a similar process to the signature updates Apple using now. That would prevent the app from launching (no valid signature) and be a big embarrassment to the company that issued the certificate. Apple seem to be pushing this direction in their developer documentation, so I wouldn't be surprised to find this a requirement going forward (10.7.x or 10.8)
In Mac OS X Server, applications can be identified by their code signature for the purposes of allowing them to run on a clients machine using managed preferences, so it is possible for the OS to block apps that are not signed.
For open source and other apps, the user (through some step that only technical people would know - command line or keychain assistant perhaps?) could grant a machine-based signature to an unsigned app (like a key to a building) to allow it to run on the machine.
this would work too. This is what Nokia does..however there is a charge for this signing. Obviously, someone would next argue that it costs to much to sign binaries.
it's not a virus, it's not malware and it in no way harms your computer. it's a phishing scam.
Apple have responded within five days.
You're talking out of an orifice other than your mouth.
Maybe Apple should respond with a solution that is closer to this:
http://www.youtube.com/watch?v=Z0YoefS-Mv8
http://www.youtube.com/watch?v=jMZ0F0HNGGM
I like what was said before/above....And at the risk of sounding like a clone, I'll let Apple's PHD's and engineers do the work for me, hence, I will only buy sw thru the Apple App Store from now on!
Best
Yup.. with the option to turn this off for people who know what they are doing. However, the default is to go to the App store. I think this would prevent mass infestation and yet satisfy people who know what they are doing and turn off this setting on purpose.
Maybe if Apple took security a little more seriously, the entire internet wouldn't be laughing at Apple right now over this. OS X, is the most insecure OS. Not Windows, sorry folks but these are facts.
Windows actually does have some good features (browser sandboxing) which OS X should implement (actually OS X supports sandboxing, but only Chrome uses it at the moment.) I believe that Windows also introduced ASLR (which it still does better), signed executables, and no-execute permission for data pages before OS X did.
On the other hand, OS X (and iOS, Linux, Android, etc.) never had things like the Windows Registry or ActiveX, which have been major sources of security issues.
OS X was also way ahead of Windows for many years in terms of limiting the open network ports in a fresh install of the OS. Installing Windows 2000 or XP while directly connected to the internet (i.e. not behind a firewall) was a recipe for disaster. For that matter, buying a new XP laptop and connecting it to the internet was also a recipe for disaster. Basically you need to connect from behind a firewall and get all of the Windows updates before it's safe to connect to the actual internet.
Maybe if Apple took security a little more seriously, the entire internet wouldn't be laughing at Apple right now over this. OS X, is the most insecure OS. Not Windows, sorry folks but these are facts. Only reason OS X isn't a target is because we have such little market share, security by obscurity is not a good model. Apple needs to stop with the smug attitude, so do it's users.
"You should have to take a computer test"
"Common sense tells you blah blah blah"
"Walled gardens are better!"
First of all if you think walled gardens are better, just leave America and move to China because obviously you need someone to hold your hand and think for you. Look at what happens throughout history when you give up rights for a false sense of security, you get screwed. We Americans are learning this since 9/11. Second is Microsoft, for all it's faults, actually does take security seriously. If you look at the alerts, more attacks are done on Windows through Adobe products, why? Because Microsoft started taking security seriously in their software. Apple on the other hand treats it like it's a joke, taking months to respond to issues, something leaving patches wide open. I really, REALLY hope Apple gets a brutal virus to slap the smug out of Steve Jobs mouth. He, and a lot of other Apple users, really make me see why people don't like the stereotypical Apple user.
Is that you Bill? Welcome.
Hmm, I installed the security update, but the 'open "safe" files after downloading' preference is still there in Safari.
That's because Apple treats security like having sex with a hooker wearing no condom.
Installing Windows 2000 or XP...
You do realize those operating systems came out over 10 years ago. Can we keep the conversation a little more current please
That's because Apple treats security like having sex with a hooker wearing no condom.
did you read what you wrote here? sorry if you are a female or gay and what you wrote above is 100% correct.
Walled garden is looking better and better. Maybe give consumer a preference on/off switch that allows block of any install unless it comes through App Store.
Is it in Apple's best interest to do a good job on security, when more money can be made by coercing users to buy "safely" through the App Store?
There are plenty of people with lots of common sense who get all flustered and make the wrong choice when computers are involved. I know many older people who are quite wise, and just want to use their computer for a few basic tasks like reading email, web browsing, and shopping a bit. When they encounter a PayPal phishing scam they sometimes fail to realize what's happening and make a mistake. Most of us geeks can recognize a phishing scam, but that doesn't mean that a less experienced person lacks common sense or is an idiot.
In any case, even people who are not smart don't deserve to be taken advantage of. I see so many posts that begin with "if you're stupid enough to...then you deserve..." People who can't see a problem with that attitude may lack a moral compass.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
Is it in Apple's best interest to do a good job on security, when more money can be made by coercing users to buy "safely" through the App Store?
how much money does Apple make from allowing the purchase of so called "Free Virus Scanner" like MacDefender. You think there would be any viruses if you had to pay for the virus before you are allowed to install the software.. with the exception of Microsoft products of course. *joking*
The real problem here is Google's search results being poisoned by black hat SEO's (search engine optimisation), which affect Windows, Mac and other users alike.
Right... The problem is Google
First of all if you think walled gardens are better, just leave America and move to China because obviously you need someone to hold your hand and think for you. Look at what happens throughout history when you give up rights for a false sense of security, you get screwed. We Americans are learning this since 9/11.
Godwin's law needs to be extended to include disparaging comments about China.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
exactly! I can see Steve Jobs saying the roughly the same thing. Bravo!
Stupid ought to hurt.
did you read what you wrote here? sorry if you are a female or gay and what you wrote above is 100% correct.
Yes I did, it gave everyone here a good chuckle since we all view it as truth.
Is that you Bill? Welcome.
Someone defends MS when it's deserved and automatically they're Bill Gates. Cute.
Windows actually does have some good features (browser sandboxing) which OS X should implement (actually OS X supports sandboxing, but only Chrome uses it at the moment.) I believe that Windows also introduced ASLR (which it still does better), signed executables, and no-execute permission for data pages before OS X did.
On the other hand, OS X (and iOS, Linux, Android, etc.) never had things like the Windows Registry or ActiveX, which have been major sources of security issues.
OS X was also way ahead of Windows for many years in terms of limiting the open network ports in a fresh install of the OS. Installing Windows 2000 or XP while directly connected to the internet (i.e. not behind a firewall) was a recipe for disaster. For that matter, buying a new XP laptop and connecting it to the internet was also a recipe for disaster. Basically you need to connect from behind a firewall and get all of the Windows updates before it's safe to connect to the actual internet.
I'm not denying Microsoft at one point was a security nightmare, one only has to remember a decade ago and the security outbreaks.
That was a decade ago, times have changed. They have come along way and I feel they don't get enough credit for that, I'm not a big Microsoft fan but I will defend them or give them praise when it's due.
it's not a virus, it's not malware and it in no way harms your computer. it's a phishing scam.
Apple have responded within five days.
You're talking out of an orifice other than your mouth.
Apple responded within five days? I've been reading about MAC Defender for more than five days now man. You must be smoking a lot of pot for time to be moving that slow. Way to completely miss the point anyways. Apple doesn't take security seriously like they should be. Patches are inconsistent and you have no idea when they're going to come. They've taken their time implementing new security measures in OS X since iOS put it on the back burner it seems.
Fully agree. As the installed base grows there will be many people with minimal computer experience who, when confronted by a request to install something related to 'security', will not hesitate. They may even think Apple asked them to, or that they 'had to do it'. Why not, Apple is the user friendly, secure computer, right? When an invitation arrives on the screen to protect their computer, why wouldn't they click on the button?
100% correct. Not everyone is the Terminator with a screen of choices in their brains that pop-up when confronted with a threat. No one should have to be like that to use a computer. Computer use should be no more risk-filled than reading a book or using a calculator.