Headline FeedsMacNewsWorld Talkback
|
|
Re: Just Because I'm Paranoid Doesn't Mean My Mac Is Secure
Posted by: Erika Morphy 2009-06-25 07:07:48
See Full Story
I was buying a fully loaded Mac to replace the 4-year-old Mac I had at home. Along with Microsoft Office for the Mac, I also wanted to buy a standard security AV and firewall application. The salesperson's response? Not necessary. I was sufficiently chastened by the $2,000-plus tab I had racked up that afternoon to let it go. But years of writing about online security had made me paranoid. I ran out the next morning to buy the software at a nearby Best Buy. Still, there's doubt in my mind about the wisdom of that purchase. Did I waste my money?
Being proactive not reactive
Posted by: Imagine Engine 2009-06-25 18:00:56 In reply to: Erika Morphy
I've used a wide variety of OS over my long career and believe it's important no matter what OS you use to be proactive instead of reactive when it comes to securing data. I've come across to many users that still run their accounts as the Administrator, don't feel the need to run an Anti-Virus scanner or don't even run the default firewall that is included with their OS. Turning a blind eye to data security is basically no different than leaving your home with all doors and windows open or leaving your car door unlocked with the engine running. People need to take their heads out of the sand or their heads out of the clouds to realize there are those in the world who don't care who you are or where you're from as they only care about stealing your data. Consumers have a wide variety of security solutions to choose from. Several of which are either free or cost a nominal fee.
You don't understand the subtleties involved.
Posted by: LouisWheeler 2009-06-25 10:06:49 In reply to: Erika Morphy
I'm not sure you will understand because appearances are deceiving.
And too, Microsoft's propaganda machine tries to paper over its design flaws by pointing fingers at everyone but themselves. The one glaring flaw with this plan is Apple's apparent immunity to malware. Windows advocates are, thus, forced to invent specious talking points to deflect people from asking why Windows is so insecure.
People like you repeat their positions verbatim, because you have no understanding of the situation. MS windows is a mess and will always remain a mess. MS is doing nothing to fix Windows. They tried, for five years, to fix it with Longhorn and failed. System 7 is Vista done better and Vista is Windows Server 2003 with a GUI bolted on top. Windows Server 2003 is an updated version of Windows NT. This is very old insecure software designed before the internet.
If Microsoft's and Apple's market share were reversed, so that Apple had 90% of the market, Microsoft would still have more malware than Apple. Why? Because Microsoft's security stinks. It was never designed to withstand the onslaught from hackers on the internet. Windows was designed as a stand alone operating system on a secure wired LAN.
http://www.rixstep.com/2/20090601,00.shtml
Thus, Microsoft Windows has a glass jaw. It has to protect itself from every vulnerability, every punch, because once its periphery is pierced, Windows has no defenses.
Mac OSX is very tough. It has fine internal defenses based in BSD Unix which was designed to withstand hackers on the internet. This is why Apple doesn't panic every time a security expert finds a flaw in its code.
No Operating System is a 100% safe, but some Operating System's are more secure than others. Mac OSX is much better protected, internally and externally, than Windows. This is why Mac OSX has never had any problems with virus', worms, malware, adware and spyware.
Yes, it is vulnerable to corrupted code, but that merely shuts down an application rather than giving root access to the computer. Many of the Mac's vulnerabilities are in its Darwin Open Source foundations. Apple tends to fix these flaws periodically, but never as fast as Linux advocates demand. Why? Because those vulnerabilities never turn out to be anything more than pin pricks.
Yes, a user can be fooled into giving away his security through Trojan Horses and Phishing, but Apple cannot protect its users from being fools.
You come from a highly insecure system: MS Windows. You may not understand why Mac users are so lax about security. The reason is that Apple protects us better than Microsoft does. Mac OSX was designed to be very tough and hard to attack but nothing is perfect. We Mac users are not naive. We know that a possibility of a security issue may arise, but we see no reason to panic. Help is on the way.
Snow Leopard 10.6 will be out in September. It has a much improved 64 bit security system. Thus, it will be much harder to crack; not that Apple has a real problem with security, anyway.
Apple is going through and fixing Snow Leopard line by line, thus, it is not spending much time on improving Leopard 10.5. Snow Leopard's very low upgrade price ($29) will induce the vast majority of users to upgrade quickly.
We Mac users tend to upgrade, anyway. Leopard 10.5 has been out for 19 months and 92% of the Mac user base is on it.
If you want to waste your money on Mac anti-virus software, do so. If you intend to run Windows on your computer, then you must have anti-virus software.
Just don't claim that Mac users are careless. We Mac users don't have a malware problem; Windows users do.
And too, Microsoft's propaganda machine tries to paper over its design flaws by pointing fingers at everyone but themselves. The one glaring flaw with this plan is Apple's apparent immunity to malware. Windows advocates are, thus, forced to invent specious talking points to deflect people from asking why Windows is so insecure.
People like you repeat their positions verbatim, because you have no understanding of the situation. MS windows is a mess and will always remain a mess. MS is doing nothing to fix Windows. They tried, for five years, to fix it with Longhorn and failed. System 7 is Vista done better and Vista is Windows Server 2003 with a GUI bolted on top. Windows Server 2003 is an updated version of Windows NT. This is very old insecure software designed before the internet.
If Microsoft's and Apple's market share were reversed, so that Apple had 90% of the market, Microsoft would still have more malware than Apple. Why? Because Microsoft's security stinks. It was never designed to withstand the onslaught from hackers on the internet. Windows was designed as a stand alone operating system on a secure wired LAN.
http://www.rixstep.com/2/20090601,00.shtml
Thus, Microsoft Windows has a glass jaw. It has to protect itself from every vulnerability, every punch, because once its periphery is pierced, Windows has no defenses.
Mac OSX is very tough. It has fine internal defenses based in BSD Unix which was designed to withstand hackers on the internet. This is why Apple doesn't panic every time a security expert finds a flaw in its code.
No Operating System is a 100% safe, but some Operating System's are more secure than others. Mac OSX is much better protected, internally and externally, than Windows. This is why Mac OSX has never had any problems with virus', worms, malware, adware and spyware.
Yes, it is vulnerable to corrupted code, but that merely shuts down an application rather than giving root access to the computer. Many of the Mac's vulnerabilities are in its Darwin Open Source foundations. Apple tends to fix these flaws periodically, but never as fast as Linux advocates demand. Why? Because those vulnerabilities never turn out to be anything more than pin pricks.
Yes, a user can be fooled into giving away his security through Trojan Horses and Phishing, but Apple cannot protect its users from being fools.
You come from a highly insecure system: MS Windows. You may not understand why Mac users are so lax about security. The reason is that Apple protects us better than Microsoft does. Mac OSX was designed to be very tough and hard to attack but nothing is perfect. We Mac users are not naive. We know that a possibility of a security issue may arise, but we see no reason to panic. Help is on the way.
Snow Leopard 10.6 will be out in September. It has a much improved 64 bit security system. Thus, it will be much harder to crack; not that Apple has a real problem with security, anyway.
Apple is going through and fixing Snow Leopard line by line, thus, it is not spending much time on improving Leopard 10.5. Snow Leopard's very low upgrade price ($29) will induce the vast majority of users to upgrade quickly.
We Mac users tend to upgrade, anyway. Leopard 10.5 has been out for 19 months and 92% of the Mac user base is on it.
If you want to waste your money on Mac anti-virus software, do so. If you intend to run Windows on your computer, then you must have anti-virus software.
Just don't claim that Mac users are careless. We Mac users don't have a malware problem; Windows users do.
It is tragic that the irrelevance of the OSX Operating System has misled users like yourself into making such incredibly misinformed statements based solely on the unwillingness of organized criminals to spend the time necessary to compromise the least important 5% of the Internet. The truth is that Windows security has improved tenfold since the disasters of XP SP0. Not only has the default available network attack surface of Windows basically vanished, but the anti-exploitation mechanisms built into the core of the Vista OS are industry-leading and so far undefeated. Hardware DEP support, ASLR, protected exception handling chains, stack canaries - these features combined have made every flaw discovered in the core of Windows NON-EXPLOITABLE in Vista x64 for its entire history. There has not been a single instance of a default network remote compromise in Vista in its history. Compare this to OSX, where you can look up the public payload for the MDNS network remote in Metasploit and go hunting. Why the difference? Because Apple has failed to keep up with innovation when it comes to binary anti-exploitation. Go look at the pwn2own results for 2k9 or read Charlie Miller's interview - with the sole exception of the PATCHED Mark Down technique in IE8, nobody knows how to gain execution on Vista x64 even in the browser. Meanwhile the Macbook Pro gets owned in 5 minutes every year like clockwork.
Mac users using their perceived invulnerability as proof of their immunity are like the last Japanese soldiers discovered guarding Pacific islands in the 70's. The war passed you by while you ground your bayonet and dreamed of granduer.
Mac users using their perceived invulnerability as proof of their immunity are like the last Japanese soldiers discovered guarding Pacific islands in the 70's. The war passed you by while you ground your bayonet and dreamed of granduer.
Sure, windows security has improved in Vista and Windows 7, but Microsoft is trying to paper over its glaring flaws. Windows has no internal security. Read the Rixstep link.
Windows has a glass jaw. Any vulnerability which is found compromises your system. Your malware problems will not be going away even if the World upgrades to Windows 7.
I hope that the mass of Windows users do upgrade, because I don't like to see so many people in pain. Billions of dollars per year are being lost through Microsoft's incompetence.
Mac OSX has no malware "in the wild." What it has is a series of vulnerabilities in its code which are never exploited. Apple security is usually poned through weaknesses in its Darwin Open Source foundations. And even those are never useful for taking over an Apple computer. They never give you root access. A corrupted file merely shuts down an application.
I'm willing to make you a bet. A year from now, even if Windows 7 is a success, little will be changed. Windows will still be as insecure as it is now. Apple users will be more secure because of Snow Leopard. And people like you will still be arguing the case that Apple has the security problems, not Microsoft. Apple will have above 10% of the user base in America, but you will discount that. You will contunue to say that this is too small a user base to tempt a hacker.
If it were easy to take over a Mac, hackers who hate Apple, like yourself, would be constantly violating the Mac's security. But, it isn't happening. It takes an expert security analyst to do it and he uses means which are not exploitable by anyone else.
No operating system is 100% safe, but when only professional security people can compromise an OS, then that is pretty safe. Windows security can be opened up by anyone, even 10 year olds.
But, this point is moot for now, because both Snow Leopard and Windows 7 will be released soon. We can do a shoot off then. Catch you later.
Windows has a glass jaw. Any vulnerability which is found compromises your system. Your malware problems will not be going away even if the World upgrades to Windows 7.
I hope that the mass of Windows users do upgrade, because I don't like to see so many people in pain. Billions of dollars per year are being lost through Microsoft's incompetence.
Mac OSX has no malware "in the wild." What it has is a series of vulnerabilities in its code which are never exploited. Apple security is usually poned through weaknesses in its Darwin Open Source foundations. And even those are never useful for taking over an Apple computer. They never give you root access. A corrupted file merely shuts down an application.
I'm willing to make you a bet. A year from now, even if Windows 7 is a success, little will be changed. Windows will still be as insecure as it is now. Apple users will be more secure because of Snow Leopard. And people like you will still be arguing the case that Apple has the security problems, not Microsoft. Apple will have above 10% of the user base in America, but you will discount that. You will contunue to say that this is too small a user base to tempt a hacker.
If it were easy to take over a Mac, hackers who hate Apple, like yourself, would be constantly violating the Mac's security. But, it isn't happening. It takes an expert security analyst to do it and he uses means which are not exploitable by anyone else.
No operating system is 100% safe, but when only professional security people can compromise an OS, then that is pretty safe. Windows security can be opened up by anyone, even 10 year olds.
But, this point is moot for now, because both Snow Leopard and Windows 7 will be released soon. We can do a shoot off then. Catch you later.
