Yes, but unlike those films there's a much stronger 'light side' community... where your reputation (and, as a result, influence) is earned by being Yoda.
Jeff
Jeff
Windows 7
- Thread starter Morgan C
- Start date
Gelatin
Boob inspector
Jarkko Mattheiszen
The FU guy.
Note: IE exploit, not Windows exploit. Messenger exploit, not Windows exploit. Visual Studio exploit, not Windows exploit. See the pattern?
It doesn't matter whether the vulnerability is in the OS itself or a common piece of software often run on it, it compromises the machine's security nonetheless.
Razzee
Kolja
there are some good statistics, some are handed out with vista cds afaik. (the statistics are done by a third party)
check: http://blogs.zdnet.com/security/?p=758
check: http://blogs.zdnet.com/security/?p=758
Kazrog
Kazrog, Inc.
Interesting article, but it's not accurate, and here's a response:
http://blogs.zdnet.com/Burnette/?p=496&tag=rbxccnbzd1
A lot of random theoretical vulnerabilities in obsucre apps show up in OS X from time to time, and get patched before anyone thinks of targeting them. That's a hell of a lot different than 1 in 3 Windows PCs being vulnerable to the root-level, phantom install worm that went around last week, infecting an estimated 3.5 million PCs. That kind of thing is bat shit crazy and impossible in OS X due to the UNIX permissions system.
Note: IE exploit, not Windows exploit. Messenger exploit, not Windows exploit. Visual Studio exploit, not Windows exploit. See the pattern?
It doesn't matter whether the vulnerability is in the OS itself or a common piece of software often run on it, it compromises the machine's security nonetheless.
You can remove Safari in OS X. Good luck getting rid of IE in Windows without the closest thing to black magic that can be done on a computer. There are plenty of exploits not needing any of those applications as well.
Jeff
Jarkko Mattheiszen
The FU guy.
You still don't have to use it. And yes, there are plenty of directly OS related exploits in Windows, but that also applies to OS X. Just check the Secunia databases, for example.
Don't get me wrong, I love Macs and I consider OS X an excellent operating system, but it's absolutely naive to live in the belief of OS X being untouchable.
You don't need to use IE for it to be a weak spot - I went as far as I possibly could to eradicate IE on the family XP box, back when I had the patience to deal with that shit, and my brother was *still* able to nuke the whole computer by clicking on a link in an IM box. The Secunia reports are amazingly unspecific (*much* more could be said if they noted how the actual exploit took place and what privileges were necessary on the user's part) so I can't say much for those. It is, however, awfully hard to make any kind of connection between unnecessary software (like Safari in OS X) and software like IE - it took them bloody long enough to restrict the shit that IE could do and that *still* didn't stop everything from going wrong.
I don't think OS X is untouchable, but I think it's close enough - especially when administered properly and carefully.
Jeff
I don't think OS X is untouchable, but I think it's close enough - especially when administered properly and carefully.
Jeff
Jarkko Mattheiszen
The FU guy.
That's exactly my point. Even your example of clicking the IM link was - and I certainly don't mean this in an offensive way - purely the stupidity of the user. In the end, the user can always utterly fuck up his/her computer, no matter what OS being used. I've never had a single problem with vulnerabilities in XP because I use common sense and took the time to figure things out.
I agree that Macs and their OS have been designed to be a more secure solution, and it's all good, but I just want to emphasize the fact that it is completely possible (and not even hard) to run an XP system that is just as stable and at least pretty damn near as secure as it's Apple equivalent.
devouredremains
Matt Van Daele
Based on Jeff's "Security Through Obscurity" phrase I've coined "Exploitability Through Ignorance."
I know plenty of casual mac users that have had issues. And not a single power user who has. The same goes for PC.
Have you seen any windows using members on this forum mention getting this mysterious phantom worm?
There are many different types of computer users of all levels and many things factor into making a computer vulnerable. Is the user running legitimate software? Are they using shady peer to peer downloading clients? Do they know how to update security software definition files? Do they open every email attachment they recieve?
I've done tech support for a major ISP that provides security software free of charge for their customers that we had to give 100% support for and I could tell you stories that you wouldn't even believe.
I once had a caller from Tennessee that had just brought home his new computer and was looking for help setting it up. It was obviously far out of my support scope since I worked for an ISP but I don't mind helping a guy out so I asked him where he was at connecting all the devices to the tower. He replied that he couldn't find where to plug in the gas pedal! I inquired what he meant by gas pedal while holding back laughter and it turned out he thought the mouse was a gas pedal.
I explained to him what it was, how to use it and what that little rectangular mat with a picture on it was for. I helped him get everything else connected and told him that when he's ready to get his internet connection to call us back and sent him on his way.
How can you even think for a minute that someone like this will be able to keep a computer secure regardless of which OS they use?
We not only supported Windows users but Mac and Linux as well and I have good stories for them all with the exception of linux.
I know plenty of casual mac users that have had issues. And not a single power user who has. The same goes for PC.
Have you seen any windows using members on this forum mention getting this mysterious phantom worm?
There are many different types of computer users of all levels and many things factor into making a computer vulnerable. Is the user running legitimate software? Are they using shady peer to peer downloading clients? Do they know how to update security software definition files? Do they open every email attachment they recieve?
I've done tech support for a major ISP that provides security software free of charge for their customers that we had to give 100% support for and I could tell you stories that you wouldn't even believe.
I once had a caller from Tennessee that had just brought home his new computer and was looking for help setting it up. It was obviously far out of my support scope since I worked for an ISP but I don't mind helping a guy out so I asked him where he was at connecting all the devices to the tower. He replied that he couldn't find where to plug in the gas pedal! I inquired what he meant by gas pedal while holding back laughter and it turned out he thought the mouse was a gas pedal.
I explained to him what it was, how to use it and what that little rectangular mat with a picture on it was for. I helped him get everything else connected and told him that when he's ready to get his internet connection to call us back and sent him on his way.
How can you even think for a minute that someone like this will be able to keep a computer secure regardless of which OS they use?
We not only supported Windows users but Mac and Linux as well and I have good stories for them all with the exception of linux.
Razzee
Kolja
so you are saying that a patched mac is superior to a non patched windows? microsoft is not threatening you to patch your system and I'm pretty sure that 50% of that 3.5 systems are running an illegal version of windows and therefor can't be patched. (outside of security updates) thats nothing you can blame ms for (in my opinion)
just get an windows "K" version it's without the ie, same goes for the "N" version without media player and "KN"
The fun part... he was running on a 'limited' account. In any decent OS that would have *at most* caused his personal account some damage, but the MBR got borked.
Any sufficiently incompetent user can nuke a lot, but on a system with decent access management there's no way to nuke anything more than his own little box of stuff. Can a 'regular' user kill the entire system *and* stuff that takes extra work to ruin (like the MBR) in Linux? No. Apple? As far as I know, no. Some things are far more idiot-proof than others.
As far as user incompetence... no shit. I still don't let him touch any of my computers, and he recently got an iBook for his 18th birthday.
For making XP as secure as anything UNIX-based... nope.
Jeff
Kazrog
Kazrog, Inc.
No. In fact, a non-patched Mac is superior to a patched Windows. Any release of Mac OS X since the initial public beta in 1999 is more secure than any release of Windows, ever. There has never been an exploit for the Mac that can self-install. Mac OS X has a huge market share, there's no way the "security by obscurity" argument is relevant anymore. Lots of money has been put towards finding a way to break into Mac OS X at the root level, and nobody has ever achieved it.
The patch only came out in October! Many IT departments run on a 3 month wait cycle for all operating system updates, even "critical" security updates, because they often break drivers and functionality. Many studios never upgrade the OS until there's a strong need, especially Pro Tools based studios (Digidesign must approve all OS updates for compatibility, and they often take several months to finish testing and releasing updates, always behind OS patch cycles.)
It shouldn't be necessary to patch an OS to keep a mission critical system running and secure. In UNIX based operating systems, this isn't necessary, so why in the hell does Microsoft think this is OK? This is their fault, I blame them 100% for all virii, spyware and worms on their platform.
-Gavin-
Gavornator
Notuern
Bloody vaginal belch
- Oct 20, 2007
- 3,625
- 0
- 36
+10000
.. Why cant everyone just stfu about mac vs. windows(I know, that goes for me as well.)?
Razzee
Kolja
+10000
.. Why cant everyone just stfu about mac vs. windows(I know, that goes for me as well.)?
Another option is to ignore these threads - it's actually much more fun to ignore some threads entirely and imagine that epic battles of JP22 proportions are taking place, laughing at how much time I'm saving... I really doubt that's going on in the Mark V thread, but I'm enjoying the fantasy warfare far too much...
Jeff
-Gavin-
Gavornator
Okay, for the record, security problems that have never affected me ever aside..
I was at my keyboard player's this weekend tracking stuff on a macbook and i believe i'll stick with my windows 7 laptop as it's functionality is 1000x that of OSX FOR WHAT I NEED!
Everyone getting High and Maccy over their shiny boxes cause it's immune to security threats that affect only stupid users on windows need to shut the fuck up and stop preaching!
We know you love your macs, i like them too!
But just rubbishing ANY windows thread with your pointless pretentious attitude is getting very old.
Iäm not gonna switch cause Shane tells me there are scurity problems! Nor will anyone else...
It's the same discussion every thread, stop bringing it up!
I was at my keyboard player's this weekend tracking stuff on a macbook and i believe i'll stick with my windows 7 laptop as it's functionality is 1000x that of OSX FOR WHAT I NEED!
Everyone getting High and Maccy over their shiny boxes cause it's immune to security threats that affect only stupid users on windows need to shut the fuck up and stop preaching!
We know you love your macs, i like them too!
But just rubbishing ANY windows thread with your pointless pretentious attitude is getting very old.
Iäm not gonna switch cause Shane tells me there are scurity problems! Nor will anyone else...
It's the same discussion every thread, stop bringing it up!
