props to apple for caring about the insides of the person...
cue the explaination for... the difference between Transsexual vs Transvestite... A Transsexual is for real (they permanently change their gender) and A Transvestite is some one who "dresses" up as a woman...
the offense is when you mix up the two.
and the gender of a transsexual is the gender they are now, not the gender they were born with.
Windows started out with the user was an Administrator. I'm not sure if that holds true today post WinXP with consumer versions being based on WinNT.
In Windows today, I believe your account is administrative by default, but they've changed permissions to keep things from administrators.
So even if you manually change the permissions on some items so that you can edit or move them, it refuses to let you actually edit or move them. You can't even turn off 'read-only' status.
Originally Posted by lightknight
They have pretty much said this, even if they probably don't anymore.
Ooh, is this where I do my impression of the drill sergeant in that one movie?
"PRETTY MUCH?! WHO SAID PRETTY MUCH?! HIKE UP YOUR DRESSES, GIRLS, BECAUSE I'M 'PRETTY MUCH' GOOD ENOUGH FOR YOU AND YOU 'PRETTY MUCH' GAVE ME CONSENT."
I'll say it again: Apple has never said this. Period. Get over that.
Originally Posted by pedromartins
Why don't we see more known Apps (especially free ones) on it? Chrome, firefox, onyx, dropbox, Skype, plugins like flash and silverlight, paid Apps like office (question of pride, eh?), autocad, etc.
A mix of reasons: They don't want to give Apple a cut, the App Store boxes their applications in too much, etc.
P…plugins? You want to see Flash anywhere but a Wikipedia page that reads "Discontinued and legally banned"? Much less Silverlight.
I wasn't able to rattle off a dozen things instantly as to why UNIX is inherently more secure than Windows. Because knowing and proving are not the same thing I will look for a more concrete answer other than "because."
I think the main reasons are the following:
- UNIX has always had the source code in the open so if people wanted to find vulnerabilities, they could be found more easily and fixed easily.
- UNIX systems have a better OS layout. One thing that Serlet always pointed to was the registry. The Windows registry is an easy place for malware to hide because it's a very complex database of keys that even if something was out of place, you couldn't really tell and just one or two keys can break the whole system.
- Windows systems have far wider hardware support and have such a huge amount of drivers that again, it's easier for malware to abuse. This is called "dll hell". You could far more easily hide a keylogger in there than with OS X.
- The permissions structure of UNIX systems is more sensible. They keep the core system isolated with higher permissions and it mostly doesn't change. Windows is such a mish-mash of structures that they end up hiding things you do need access to and not properly protecting some things you shouldn't touch. They are in a bit of a rut because unlike Apple, they don't have the luxury of abandoning legacy when they feel like it.
- The Windows program structure is messy. You have hierarchies of app folders with dependent files scattered everywhere. OS X apps are bundles so an entire app can be self-contained and easy to find and the Activity Monitor has a simple view of running processes - it would be nice if Apple's ones were labelled but it's a lot easier to spot suspicious tasks.
There are basically fewer places for malware to hide in a UNIX system. Windows does benefit from security by obscurity in that it's closed source. UNIX systems benefit from the low market share.
If UNIX systems had an 80%+ marketshare, you can bet there would be more security vulnerabilities taken advantage of but the OS design is still safer and more than anything easier to repair. If something did screw up the core OS, you can restore it easily and be up and running. You can't reset the Windows registry that way because it screws up all your apps. You can't reset all your dlls or you have to reinstall hardware again. The Mac system has a very clean separation here.
Adding more talented security staff like Kristin is icing on the cake (still essential though) because they can weed out the obscure vulnerabilities before anyone can take advantage of them - they actually issue updates for a lot of core software people won't even know exists so they sift through it all the time. I'd like to see them tie down some app functionality like externally linking dynamic libraries. One of the Java exploits does that with the browser. There are reasons to allow dynamic libraries to hook into apps at run-time but it's asking for trouble with Safari and it should be an explicit choice made by the user. Same goes for installing apps that just ask for an admin password - loads of legitimate apps ask for it and I want to know why it's asking so I can tell at a glance if it's doing something it shouldn't.
Great! I am really glad Apple is not blind and still thinking they can't be touched.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS.
Yes, it will cost more, but for the protection of the Apple image, it will be worth it.
Quote:
Originally Posted by Quadra 610
Touched by what, exactly?
We're up to how many trojans now? 6?
We get one (at most, two) every year.
That's negligible. And not especially interesting either way, in light of the proliferation of iOS.
Oh I think he wanted to say that if Apple put this girl in OS X, they won't ever be .... touched ...
Ooh, is this where I do my impression of the drill sergeant in that one movie?
"PRETTY MUCH?! WHO SAID PRETTY MUCH?! HIKE UP YOUR DRESSES, GIRLS, BECAUSE I'M 'PRETTY MUCH' GOOD ENOUGH FOR YOU AND YOU 'PRETTY MUCH' GAVE ME CONSENT."
I'll say it again: Apple has never said this. Period. Get over that.
Are you omnipotent? How can you make grand statements about what Apple has never said?
That drill instructor had anger issues…
Don't the words 'With virtually no effort on your part…' also have the same weasely connotations as 'pretty much'?
I've heard Apple store geniuses tell customers 'Mac's don't have viruses', which may be technically true at any given point in time, but the tech world changes very fast. Encouraging users to believe they are completely safe can end up getting them exploited by a trojan/ malware or malicious WiFi access point instead.
I do believe Macs are very safe, but I'm loathed to encourage average and non technical users to take it for granted.
What I want to know is why it even had to be made a news item that this person was "formerly Chris."
That's a female name, too, so all that's been done is gossip without meaning. And now dudes are remarking about her in ways that have nothing to do with her skills. I know people are curious, but maybe she prefers to be private about it.
Great! I am really glad Apple is not blind and still thinking they can't be touched.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS.
Yes, it will cost more, but for the protection of the Apple image, it will be worth it.
Apple never "thought they can't be touched." You're confusing the well-known fact that Macs are not affected by the thousands of Windows viruses (something that Apple has pointed out in advertising) with "can't be touched." This is merely your misunderstanding.
What Steve Jobs said to Walt Mossberg was that Apple has been fortunate that virus writers are more interested in Windows. He said that Mach OS kernel is very secure and while Apple takes security very seriously, that you should never say that you're hack-proof. I'm paraphrasing because I don't recall the exact quote, but it was at one of the D conferences.
You also have to remember that in the age before Mac OS X, the "classic" Mac OS of the 1980s era was very prone to viruses, and at one point in Mac's history, viruses primarily replicated via sharing infected floppy disks. The very act of inserting and then ejecting a floppy disk (without opening any files) could infect early Macs. Apple has no illusions about being untouchable.
Secondly, "stateful packet inspection" already exists in some commercial firewalls or proxy servers, but it's not a magic cure-all for every type of attack vector. And the "I/O controller" is the wrong place for it: virus/trojan/injection detection must be done at higher layers of the OSI model.
Quote:
Originally Posted by Tallest Skil
You're putting on that air yourself. They have never said this.
"Great! I am really glad Apple is not blind and still thinking they can't be touched.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS." -Richard Getz
The problem is that malware doesn't have a unique signature like a virus, it is basically a normal program that tricks the user into installing it & giving it the rights it needs to wreak havoc. Gatekeeper was a HUGE step in the right direction and since for $100 a year you can sign your apps with a cert from Apple it's pathetic that many big developers like adobe or oracle aren't yet signing theirs. It would be nice to see some of these big companies get raked over the coals for being part of the problem by leaving users with no other choice than to set gatekeeper wide open if they want to use their plug-ins or apps.
Gatekeeper was a HUGE step in the right direction and since for $100 a year you can sign your apps with a cert from Apple it's pathetic that many big developers like adobe or oracle aren't yet signing theirs.
With the price of certification so low, I should hope that Apple, on discovering that any instance of certification is being misused for malware purposes, would revoke said certification permanently, as well as turning over those in question to the authorities.
You also have to remember that in the age before Mac OS X, the "classic" Mac OS of the 1980s era was very prone to viruses, and at one point in Mac's history, viruses primarily replicated via sharing infected floppy disks. The very act of inserting and then ejecting a floppy disk (without opening any files) could infect early Macs. Apple has no illusions about being untouchable.
So we have worldwide networking, a higher marketshare, and a substantially higher number of units sold, a much higher installed base, and an phenomenally higher mindhare between Apple today and Apple during Mac OS "Classic" yet there is considerably less malware today. I'd say Apple is doing something right.
"No, you're wrong. There is more. Because they're more popular. That's why you need anti-virus on your Mac. They'll never be 100% safe. That's why you need to have it."
I was told this not two days ago. It has to be right.
"No, you're wrong. There is more. Because they're more popular. That's why you need anti-virus on your Mac. They'll never be 100% safe. That's why you need to have it."
I was told this not two days ago. It has to be right.
There is certainly an argument to be made that a less known and/or less popular OS will be less of a target but when you compare malware Mac OS Classic to today the argument falls short as the reason why Mac OS X is less affected than Mac OS Classic.
Page is 404'd, but Apple's pages always stated "while no system is 100% immune to viruses" or "while no system is completely safe from attack", etc. NEVER that they were perfectly, permanently secure.
Ah, fixed the link. That still doesn't refute what I said or prove him right.
Comments
cue the explaination for... the difference between Transsexual vs Transvestite...
A Transsexual is for real (they permanently change their gender) and
A Transvestite is some one who "dresses" up as a woman...
the offense is when you mix up the two.
and the gender of a transsexual is the gender they are now, not the gender they were born with.
Originally Posted by SolipsismX
Windows started out with the user was an Administrator. I'm not sure if that holds true today post WinXP with consumer versions being based on WinNT.
In Windows today, I believe your account is administrative by default, but they've changed permissions to keep things from administrators.
So even if you manually change the permissions on some items so that you can edit or move them, it refuses to let you actually edit or move them. You can't even turn off 'read-only' status.
Originally Posted by lightknight
They have pretty much said this, even if they probably don't anymore.
Ooh, is this where I do my impression of the drill sergeant in that one movie?
"PRETTY MUCH?! WHO SAID PRETTY MUCH?! HIKE UP YOUR DRESSES, GIRLS, BECAUSE I'M 'PRETTY MUCH' GOOD ENOUGH FOR YOU AND YOU 'PRETTY MUCH' GAVE ME CONSENT."
I'll say it again: Apple has never said this. Period. Get over that.
Originally Posted by pedromartins
Why don't we see more known Apps (especially free ones) on it? Chrome, firefox, onyx, dropbox, Skype, plugins like flash and silverlight, paid Apps like office (question of pride, eh?), autocad, etc.
A mix of reasons: They don't want to give Apple a cut, the App Store boxes their applications in too much, etc.
P…plugins? You want to see Flash anywhere but a Wikipedia page that reads "Discontinued and legally banned"? Much less Silverlight.
I think the main reasons are the following:
- UNIX has always had the source code in the open so if people wanted to find vulnerabilities, they could be found more easily and fixed easily.
- UNIX systems have a better OS layout. One thing that Serlet always pointed to was the registry. The Windows registry is an easy place for malware to hide because it's a very complex database of keys that even if something was out of place, you couldn't really tell and just one or two keys can break the whole system.
- Windows systems have far wider hardware support and have such a huge amount of drivers that again, it's easier for malware to abuse. This is called "dll hell". You could far more easily hide a keylogger in there than with OS X.
- The permissions structure of UNIX systems is more sensible. They keep the core system isolated with higher permissions and it mostly doesn't change. Windows is such a mish-mash of structures that they end up hiding things you do need access to and not properly protecting some things you shouldn't touch. They are in a bit of a rut because unlike Apple, they don't have the luxury of abandoning legacy when they feel like it.
- The Windows program structure is messy. You have hierarchies of app folders with dependent files scattered everywhere. OS X apps are bundles so an entire app can be self-contained and easy to find and the Activity Monitor has a simple view of running processes - it would be nice if Apple's ones were labelled but it's a lot easier to spot suspicious tasks.
There are basically fewer places for malware to hide in a UNIX system. Windows does benefit from security by obscurity in that it's closed source. UNIX systems benefit from the low market share.
If UNIX systems had an 80%+ marketshare, you can bet there would be more security vulnerabilities taken advantage of but the OS design is still safer and more than anything easier to repair. If something did screw up the core OS, you can restore it easily and be up and running. You can't reset the Windows registry that way because it screws up all your apps. You can't reset all your dlls or you have to reinstall hardware again. The Mac system has a very clean separation here.
Adding more talented security staff like Kristin is icing on the cake (still essential though) because they can weed out the obscure vulnerabilities before anyone can take advantage of them - they actually issue updates for a lot of core software people won't even know exists so they sift through it all the time. I'd like to see them tie down some app functionality like externally linking dynamic libraries. One of the Java exploits does that with the browser. There are reasons to allow dynamic libraries to hook into apps at run-time but it's asking for trouble with Safari and it should be an explicit choice made by the user. Same goes for installing apps that just ask for an admin password - loads of legitimate apps ask for it and I want to know why it's asking so I can tell at a glance if it's doing something it shouldn't.
Quote:
Originally Posted by Richard Getz
Great! I am really glad Apple is not blind and still thinking they can't be touched.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS.
Yes, it will cost more, but for the protection of the Apple image, it will be worth it.
Quote:
Originally Posted by Quadra 610
Touched by what, exactly?
We're up to how many trojans now? 6?
We get one (at most, two) every year.
That's negligible. And not especially interesting either way, in light of the proliferation of iOS.
Oh I think he wanted to say that if Apple put this girl in OS X, they won't ever be .... touched ...
Quote:
Originally Posted by Tallest Skil
Ooh, is this where I do my impression of the drill sergeant in that one movie?
"PRETTY MUCH?! WHO SAID PRETTY MUCH?! HIKE UP YOUR DRESSES, GIRLS, BECAUSE I'M 'PRETTY MUCH' GOOD ENOUGH FOR YOU AND YOU 'PRETTY MUCH' GAVE ME CONSENT."
I'll say it again: Apple has never said this. Period. Get over that.
Are you omnipotent? How can you make grand statements about what Apple has never said?
That drill instructor had anger issues…
Don't the words 'With virtually no effort on your part…' also have the same weasely connotations as 'pretty much'?
http://sophosnews.files.wordpress.com/2012/06/mac-osx-before-after.jpg from
http://www.securityweek.com/apple-pulls-no-viruses-claim-marketing
I've heard Apple store geniuses tell customers 'Mac's don't have viruses', which may be technically true at any given point in time, but the tech world changes very fast. Encouraging users to believe they are completely safe can end up getting them exploited by a trojan/ malware or malicious WiFi access point instead.
I do believe Macs are very safe, but I'm loathed to encourage average and non technical users to take it for granted.
Originally Posted by Droid
Are you omnipotent? How can you make grand statements about what Apple has never said?
…Be…cause I'm going off of what has been on their website, which is what they said.
I don't… If I was saying that Apple HAD said something, you'd have a case.
Don't the words 'With virtually no effort on your part…' also have the same weasely connotations as 'pretty much'?
No, not in the slightest.
Thanks Marvin, very enlightening answer for this lad.... ta
That's a female name, too, so all that's been done is gossip without meaning. And now dudes are remarking about her in ways that have nothing to do with her skills. I know people are curious, but maybe she prefers to be private about it.
one thing everyone failed to mention....they hired an infamous WINDOWS hacker......why hire a WINDOWS hacker for a UNIX based operating system?
Quote:
Originally Posted by Richard Getz
Great! I am really glad Apple is not blind and still thinking they can't be touched.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS.
Yes, it will cost more, but for the protection of the Apple image, it will be worth it.
Apple never "thought they can't be touched." You're confusing the well-known fact that Macs are not affected by the thousands of Windows viruses (something that Apple has pointed out in advertising) with "can't be touched." This is merely your misunderstanding.
What Steve Jobs said to Walt Mossberg was that Apple has been fortunate that virus writers are more interested in Windows. He said that Mach OS kernel is very secure and while Apple takes security very seriously, that you should never say that you're hack-proof. I'm paraphrasing because I don't recall the exact quote, but it was at one of the D conferences.
You also have to remember that in the age before Mac OS X, the "classic" Mac OS of the 1980s era was very prone to viruses, and at one point in Mac's history, viruses primarily replicated via sharing infected floppy disks. The very act of inserting and then ejecting a floppy disk (without opening any files) could infect early Macs. Apple has no illusions about being untouchable.
Secondly, "stateful packet inspection" already exists in some commercial firewalls or proxy servers, but it's not a magic cure-all for every type of attack vector. And the "I/O controller" is the wrong place for it: virus/trojan/injection detection must be done at higher layers of the OSI model.
Quote:
Originally Posted by Tallest Skil
You're putting on that air yourself. They have never said this.
Correct.
I just hope that some day soon, the virus protection will be built in to the I/O controller so that all data in and out of the box is checked independently of the OS. This is a nice job for an Ax chip that checks every packet and every byte coming into the memory. This way, you can't hack it as easily as you can when it is dependent on the OS." -Richard Getz
The problem is that malware doesn't have a unique signature like a virus, it is basically a normal program that tricks the user into installing it & giving it the rights it needs to wreak havoc. Gatekeeper was a HUGE step in the right direction and since for $100 a year you can sign your apps with a cert from Apple it's pathetic that many big developers like adobe or oracle aren't yet signing theirs. It would be nice to see some of these big companies get raked over the coals for being part of the problem by leaving users with no other choice than to set gatekeeper wide open if they want to use their plug-ins or apps.
Originally Posted by hezetation
Gatekeeper was a HUGE step in the right direction and since for $100 a year you can sign your apps with a cert from Apple it's pathetic that many big developers like adobe or oracle aren't yet signing theirs.
With the price of certification so low, I should hope that Apple, on discovering that any instance of certification is being misused for malware purposes, would revoke said certification permanently, as well as turning over those in question to the authorities.
So we have worldwide networking, a higher marketshare, and a substantially higher number of units sold, a much higher installed base, and an phenomenally higher mindhare between Apple today and Apple during Mac OS "Classic" yet there is considerably less malware today. I'd say Apple is doing something right.
Originally Posted by SolipsismX
…yet there is considerably less malware today.
"No, you're wrong. There is more. Because they're more popular. That's why you need anti-virus on your Mac. They'll never be 100% safe. That's why you need to have it."
I was told this not two days ago. It has to be right.
There is certainly an argument to be made that a less known and/or less popular OS will be less of a target but when you compare malware Mac OS Classic to today the argument falls short as the reason why Mac OS X is less affected than Mac OS Classic.
Quote:
Originally Posted by Tallest Skil
They never thought that.
http://www.adweek.com/adfreak/get-mac-viruses-94103 ;
(sorry, can't find them on apple.com)
Originally Posted by Richard Getz
http://www.adweek.com/adfreak/get-mac-viruses-94103 ;
(sorry, can't find them on apple.com)
Page is 404'd, but Apple's pages always stated "while no system is 100% immune to viruses" or "while no system is completely safe from attack", etc. NEVER that they were perfectly, permanently secure.
Ah, fixed the link. That still doesn't refute what I said or prove him right.