SuperSite Blog

Anybody that does not use the available tools, both hardware and software, to protect their investment and date...regardless of what OS you are running...is just asking for trouble. Sure, the number of OS X viri(?) in the wild is very minimal. Eventually, that will change. Once OS X has a large enough footprint, the Blackhats will start hitting it. If you don't think that it is possible because the OS is inherently secure...you are a fool.

--tayme

"If you don't think that it is possible because the OS is inherently secure...you are a fool."

Similarly, if you think the OS is inherently secure in the first place, you are also fool.

(Or is that what you meant, tayme?)

Of course, you should put AV on your Mac. As Tayme points out, as the market share for Macs grow, it will be targeted. Hell, it will probably be targeted now by hackers because they love a challenge. Sure, OS X may use a Unix-based kernal that makes it less-prone to malware attack. But when there is a will, there is a way. And there is a way.

Expect robertsjoe to call me a Winjihadist in five, four...

I'd say tayme's right on the money here. There's nothing about OS X or Unix that makes them inherently secure against malware attacks and, in fact, most implementations have a much less secure design. Taking the chance of running with no AV software is a needless risk.

To me, the most interesting part of the story was the sidebar poll that asked readers whether they would install AV software on their Macs. When I looked, 60% said they wouldn't even if Apple suggested it. That level of arrogance is just the kind of thing that invites the bad guys to start targeting them. With such a small number of protected machines they're perfect as zombies. They'd be pwned and wouldn't even know it.

"I would say that while I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?), "

Flamebait!!

I don't use anti virus on my pcs and have never had a problem. Every once in a while the hype will get to me and I will install something and scan and...again nothing. Ever. I don't understand how intelligent people get this stuff on their machines.

In all honestly, I don't run AV software on my Mac or my PC (although both are behind firewalls and the PC has Anti-spyware software running on it).

Haven't had a virus on my PC in pretty close to six years now. Never had one on the Mac.

Guess it's all about how you use your computers.

I'm actually more interested in both MS and Apple fixing potential security holes in their respective OS's than I am about worrying if I'm going to get a virus.

"Also, I would say that while I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?), I would never install AV on that system, ever. And that’s true even if I were using it 24/7. It may not last, but for now at least, Mac users don’t need AV. That’s the simple truth."

Who are you and what have you done with Paul Thurrott?

Seriously, that is so right on the money that I still can't believe it.

Despite rejoinders from Mike and others, Paul has it exactly right on this one.

"With such a small number of protected machines they're perfect as zombies. They'd be pwned and wouldn't even know it."

A friend of mine who works for one of the country's biggest IT security firms can attest to that.  One of their clients had 2 computer labs:  1 Mac network, and 1 PC network.  The Mac network ended up getting r@ped by a custom-written worm that siphoned, and then deleted a few gigs of corporate data worth millions.  The PC network was segregated, but completely unaffected by it since it was designed to attack Unix and Linux OS's, and runs on OS X.  It also attempts to shut down the OS X firewall.

Nasty bug.  There's no antivirus software that detects it because it was never released "in the wild" before - it's targeted towards certain companies.  AV vendors have been contacted, but they don't have a fix yet.  That was a year ago.  The bug affects certain versions of Linux and Unix, but it affects Mac OS X dating back to 10.0.  Apple hasn't fixed the problem either.

The measures used to attack were considered to be only in the realm of a "professional".  It's not just something floating around the web or P2P networks.  The issue also scrambles user passwords and data, preventing people from logging in or otherwise accessing their data.

The client wasn't too amused by it, needless to say.  They also aren't buying any new Macs.  Once the lease is up, they're switching entirely to Windows Vista PC's.

Content management systems can be an arrow pointed right at the heart of a company's image.

Virus: 0.  Nada  (There were some for Mac OS and for "System xxx" before the Mac OS name)

Malware of other forms: some

Ability to spread Word Macro malware: just as present as on Windows, although one isn't affected oneself (especially in Office 2008, which doesn't do macros).

Virus in the Mac OS (and prior--that name appeared late) (not Mac OS X) period was a problem, going way back to the WDEF virus that pretty much started it all on personal computers (way before Windows).  (WDEF = Window Definition, executable code which could be included in a document to define an oddball window or execute anything the bad guys wanted to at system level.)  I missed one of those by being 2 months behind in mounting a CD from a then-popular magazine.

 -- John (who longs for the carefree days of the "dogcow")

chuckb84

"... I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?) ..."

I'm guessing that you probably didn't mean to include that in the quote that you said was "... so right on the money that I still can't believe it."

Waethorn

Right. Again, for those who believe Apple ads and don't know computer architecture, there is nothing in Unix or OS X that is inherently secure. In reality, the Windows NT family is architecturally more secure having been designed to meet the NSA's B and C level standards and having been certified as a "Red Book" C level operating system. That's a level of security certification that no commercial *nix OS ever met (although a couple of specialized versions built for the military and 3-letter agencies and never sold to the public did)

Mike,

Unlike you, I am not using rhetorical devices to score debating points. I meant to include Paul's full quote, not a snippet to make his statement into something that it wasn't.

Paul is welcome to his OPINION about Win7 and Vista vs. OS X because he also clearly stated the FACTS about OS X.

The problem with this thinking of not needing AV (or we really should call it AM software for anti-malware to eliminate the semantics) is the current threats are nearly all based on users letting them in, the social engineering aspect.  I've said this before many, many times, but it is no longer the single rogue person creating these things.  Rather, it is in many cases quite advanced crime syndicates, getting as many computer users to give out financial data, whether this be in terms of phishing, or in terms of software that steals that data.  They follow the money, and the money is on the OS that has the most marketshare.

Sandi at Spyware Sucks had a very good analysis of the problem here msmvps.com/.../1655627.aspx.

Folks, the threats are real.  It doesn't matter whether your OS is the most secure or impenetrable (not possible).  If you leave the door open, the crooks will come in, no matter whether you have the best lock and a moat with sharks with fricken laser beams attached to their heads.

robertsjoe will paint this as simply stupid users getting what they deserve.  However, the threat will only get worse as the Mac marketshare continues to increase.

"I would never install AV on that system, ever. And that’s true even if I were using it 24/7. It may not last, but for now at least, Mac users don’t need AV."

That's a pretty contradictory statement, and a poor choice of words on your part Paul.  I'd like to see how much that statement would change if you actually WERE using it 24/7, and malware was rampant on OS X.

chuckb84

Actually, everything you quoted was opinion except the statement that he doesn't use OS X much. And, while it's admirable (if wordy) to include enough of a quote to show context, if you don't call out what you disagree with, then your statement of agreement applies to the whole quote.

Mike Galos,

Please cite a source that shows that Windows NT meets the NSA level B and C standards.  Since you keep repeating that, it should be easy to point us to some reading material about it.

I did find this link though

itrain.org/.../it010202.html

The article is entitled.

"NSA Opts High-Security Linux Over Windows NT/2000"

Before I bought my vista machine I ran XP for 3 years without any anti-virus programs. I did not have any virus issues. As long as a user is smart and knows how not to be tricked by phishing sites, email attachments, etc.  They should be fine. That's my opinion. But I certainly would tell people who do not know these things to install virus software.

As far as Mac's not needing AV. Hmmmm. I probably would not put it on there either. But for people with no clue about the dangers out there, I do not see why it would be such a bad thing.

Dipsh

"Folks, the threats are real.  It doesn't matter whether your OS is the most secure or impenetrable (not possible).  If you leave the door open, the crooks will come in, no matter whether you have the best lock and a moat with sharks with fricken laser beams attached to their heads."

Exactly right. For ANY user on ANY system that's connected to a network or the Internet:

Use the latest version of the OS that you can

Be current on ALL security patches

Run anti malware software including anti-virus, anti-spyware and a phishing filter

Run either a software or hardware firewall or both set to only open ports you actually use

The bad guys out there aren't kids in their parents' basements playing around to impress their friends anymore. The bad guys are now mostly very sophisticated international criminal groups (and a few trial tests by governments getting their cyberwar programs up to speed)

@waethorn - That was my meaning...you stated it much better.

--tayme

panache

For the architecture, see Helen Custer's book, "Inside Windows NT" (Note: this is the Custer authored version and not the later ones that dealt less with architecture)

For a list of what each level specifices, see en.wikipedia.org/.../Trusted_Computer_System_Evaluation_Criteria or any other article on the program

For the KB article discussing the awarding of C2 certification see: support.microsoft.com/.../93362 (and many others)

"Haven't had a virus on my PC in pretty close to six years now."

You won't know that unless you have an anti-virus, though, right?

One last thought for all the people (OS X, *ix and Windows) who run their systems with no anti-malware and say they're not infected:

Remember that malware on a computer is akin to a parasite in an animal.

A successful parasite is one that gets its needs met with no harm to the host. It's only an unsuccessful one that will make you sick or kill you since that hurts it as well.

A successful malware program is one that gets its needs met with no harm to the host computer. It's only an unsuccessful one that will hurt the system enough to notice or cause you to reinstall or run an antivirus since that hurts it as well.

Well written malware won't draw attention to itself and you're very unlikely to notice a 1% increase in network traffic or a task siphoning off 1% of your processor.

Just because you don't know you're system is infected doesn't mean it isn't.

@waethorn - "A friend of mine who works for one of the country's biggest IT security firms can attest to that..."

I totally agree with everything that you have in that post. The real concern is not so much viri(?) on home PC's(OS X based PC's included), they are bothersome, but not so risky to your personal data - except for the zombies or bots or whatever you want to call them...Go ahead, if you feel that secure, by all means run naked..but, on my home network I have all of the bases covered, and see no performance hit.

Corporate and government networks being compromised is a big risk, thus every machine on those networks should be considered at risk. Anybody with true, large corporate experience will agree with that hands down.

Any good firewall or anti-malware tool used in corporate settings is non-intrusive and does not impede the real work that goes on.

--tayme

Mike,

Right from the second link you posted

"NOTE: This does not mean that Windows NT is C2 certified (no operating system is ever C2 certified). Certification applies to a particular installation, including hardware, software, and the environment that the system is in. It is up to an individual site to become C2 certified. "

And

"C2 classification does not define a substantive security system in the sense of classified or unclassified data. (B-level security assumes the existence of an independent security classification system and enforces that system, but does not specify the substance of the classification system.)

For example, in Windows NT, every object (file, Clipboard, window, and so on) has an owner; any owner can give or not give other users access to its objects. The system tracks (audits) your actions for the administrators (that is, the system administrator can track the objects you accessed, both successes and failures). "

So, you are suggesting that is what makes Windows NT more secure structurally from a *NIX distro?

In my opinion, these Mac owners who are running with no anti-virus or anti-spyware are tempting fate. It will be a matter of time, before a major incidient like a "Blaster" or "Sasser" strikes the Macs as they gain in consumer notoriety. Just because they've been mostly ignored for the better part of a decade or longer, doesn't mean anything coming to the future. I know these virus writers want the bragging rights as the first virus to break the Macs defenses.

I know we'll have the usual suspects in the cabal saying that their okay. They haven't had any incidents thus far. That OS-X is superior and it doesn't need that stuff. That reminds me of the U.S. mindset on September 10, 2001, before the worst incidents of international terrorism struck the next day. If you just look this year at the sheer number of vulnerabilities and patches on the OS-X side, Mac users should be flocking to the stores for anti-virus and anti-spyware.

Thankfully, as part of the Windows growing pains, we've dealt with the incidents. The OS and the User base has been educated in what to do. Vista can clearly claim lower vulnerabilities thanks to those growing pains. Windows Defender, Windows One Care, Morro, and UAC are part of the new experience. Its not perfect but its made the security stronger. Compared with prevous versions, Vista has made good strides.

This isn't a maybe or a theory. This is a definite that someone out there will crack OS-X and take advantage of the lax attitudes.

panache

Since you now have stuff to read, you'll find that the Windows NT family was architected at the B3 level and implemented at C2. (B3 was found to be too difficult to use outside of security and military agencies -  if you think UAC is a pain, think about having a mandatory requirement of classifying every document you write)

panache

Pedantically correct in that theory is never "certified". Only actual implementations are "certified".

What everyone outside of the NSA calls certified is, by their jargon, "capable of being used in a C2 certified installation"

That gets around things like copying Windows NT on an unused partition of an insecure computer system and then claiming your system is "C2".

"I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?)"

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAH!!!!!!!!!!!!!!!!!!!!!!!!!!!

Oh dam my stomach hurts from laughing so hard, the tears of laughter stream down my face!!

panache

Or, to put it in an analogy...

If you have a hardware component that is rated as 5 nines reliability, it doesn't mean that your computer will meet 5 nines, only that the specific component won't be the one that makes your reliability worse than required. You could screw up on other components.

In the same way, the C2 rating on Windows NT doesn't mean your installation will be certified as C2, only that it won't be Windows NT that will cause it to be less secure than required. You could screw up on other components.

As a Mac and Windows user, AV is a must on both.

AV on Windows for the vast amount of crap out there coded to take Windows users out.

AV on a Mac to let Windows users know they have a virus after receiving a infected Office file from them:)

@Waethorn, you should contact Steven King and see if he has some fiction writing he can offload on you.  

For every "story" you invent about a Mac worm destroying corporate data, making that customer move to Vista, I can counter with 50 Windows Virus/Malware infestations that I could provide links to using Google and 20 seconds of my time.

Oh here is a real story about Windows users moving to Macs, link included.

www.forbes.com/.../apple-army-hackers-tech-security-cx_ag_1221army.html

In case the link is broken.

"Wallington, a division chief in the Army's office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack. That's because fewer attacks have been designed to infiltrate Mac computers, and adding more Macs to the military's computer mix makes it tougher to destabilize a group of military computers with a single attack, Wallington says.

This past year was a particularly tough one for military cybersecurity. Cyberspies infiltrated a Pentagon computer system in June and stole unknown quantities of e-mail data, according to a September report by the Financial Times. Later in September, industry sources told Forbes.com that major military contractors, including Boeing (nyse: BA - news - people ), Lockheed Martin (nyse: LMT - news - people ), Northrop Grumman (nyse: NOC - news - people ) and Raytheon (nyse: RTN - news - people ) had also been hacked."

panache

A full discussion of what makes the Windows NT architecture more secure than *nix is partly based on what you mentioned. A full discussion, unfortunately, would take more time than I have right now since I'm late for a conference I said I'd attend. Feel free to email me and we can discuss it offline sometime.

"For every "story" you invent about a Mac worm destroying corporate data, making that customer move to Vista, I can counter with 50 Windows Virus/Malware infestations that I could provide links to using Google and 20 seconds of my time."

Every time one of these discussions comes up, "Waethorn" points to a customer of his whose business was nearly destroyed by some as-yet-unknown-and/or-fixed Mac virus that forced the customer to abandon Apple and move to Microsoft.

Every. Single. Time.

I'm through believing these anecdotal stories. I'm not saying it's not possible, but it's like reading Whitley Strieber's alien invasion stories. You get the feeling Wae is cobbling together bits and pieces of what he's read and inventing "customers" for this forum so he can spread his WinJihadist agenda.

Nonetheless, Mac users should run A/V software. Period. Paul's off the reservation (again) on this one.

Oh lord, did someone seriously pull out Windows NT being certified to C2 level as an example of secure design? I remember when that was first announced it was actually the setup to a decent punchline. Why? Becuase while it's true that NT is indeed C2 certified it's only true when the system IS NOT CONNECTED TO A NETWORK! Here, straign from the MSDN site:

msdn.microsoft.com/.../ms953175.aspx

"Windows NT has passed the Orange Book certification process (for a standalone PC, not connected to a network)"

In fact I seem to remember that the C2 requirements only deal with systems in standalone configurations. So utterly irrelevant to todays world I'm afraid.

I'm not as up to date as I used to be on security certs but I believe that almost all modern OS's (XP with SP2, 2003, most Linux versions, OS X) are at the least Common Criteria certified. Of course, in turn, that means nothing really as CC focuses more on whether or not the evaluation document is correct rather than the underlying technical design.

Oh, and on the subject of OS X security and the need for anti-virus why does everyone wring their hands worrying about what'll happen when a virus or two does appear? Surely it's obvious that at that point Apple will simply do what MS are currently in the process of doing and introduce an AV product into the core OS X feature set? Heck, they can just roll it into a x.x.1 release if they need to.

"Corporate and government networks being compromised is a big risk, thus every machine on those networks should be considered at risk. Anybody with true, large corporate experience will agree with that hands down."

Yup.  The only people that don't get this is Apple and its apologists.

"For every "story" you invent about a Mac worm destroying corporate data, making that customer move to Vista, I can counter with 50 Windows Virus/Malware infestations that I could provide links to using Google and 20 seconds of my time."

I have yet to see any real companies that post information about the operating system that they use in those cases.  Can you honestly find information about the operating systems that were used and their update status, as well as the security software that was in place?  I didn't think so.

My friend can't divulge information about their clients, nor of specifics about the case.  That's typical for IT security firms.  I would imagine that no company would want this information to get out about them either since it would look bad on them.  Confidentiality and security go hand-in-hand.  

I guess that's why Apple dismissed the case and wouldn't offer any support in the matter, claiming that there was no problem.  After all, it debunks the myth that is their security claims.  I would imagine that Apple would probably have the gall to send their  lawyers after the company with a C&D order had they made the case public.

"Every time one of these discussions comes up, "Waethorn" points to a customer of his whose business was nearly destroyed by some as-yet-unknown-and/or-fixed Mac virus that forced the customer to abandon Apple and move to Microsoft."

Nope.  It's the same story every time.  I use it as a prime example.  And it's not fiction....

But it IS a comedy!  :P

I have been guilty of ot using AV software on both Vista and Leopard, Since my kids are using them more, I am forced to install it. [OneCare for Vista. Duh!]. Vista is not set up for email, and I used at at trusted sites, so I didn't feel the need. But since OneCare is so inexpensive, and the trial version rid the trojan that I personally/foolishly installed, while two other programs didn't even find it, I was sold on OneCare. I really do not want any form of Norton software on my Mac. I think I'd rather have the Google Toolbar! Also, I kinda fear about infections on my iPhone more than my Mac PC, at least from what I have read. It's truly as shame that unscrupulous people create malware. like Google ;)

"I think I'd rather have the Google Toolbar!"

You already have that.  It's the Safari search bar.

A lot of you just son't get it. This is not a Mac vs Windows issue...it is an information security issue. If you don't practice good information security, you are not a reliable system/network/desktop administrator.

See www.sans.org/reading_room for some good reading on the subject.

--tayme

"Nope.  It's the same story every time.  I use it as a prime example.  And it's not fiction...."

I heard from a friend that if you live in Canada and Jerk off too much you will go blind.  Its true really.

Like a few others I have not run any AV on MY (not my kids last standing PC) home PC's that I use or my Macs.  As other have said occasionally I will read something and think maybe I am a fool and down load stuff and scan........nothing.

Today is 98% about what YOU do before anyone can do it to you.  2% is running as a privileged user, which is something that you do, but in some cases because you have have to (XP and old software/corporate policy).

I remember reading all that C2 hype back in the day of NT 4.0, about MS having a PC not on the network etc.  WTF good is that??  Is C5 a Vista box not on the network in a mini sub 10,000 feet under the ocean with a sign on the side that says "Hack Me I dare you"????

Tayme:

Exactly. But once again the Apple trolls appear out of their parent's basement to turn every topic into an OS X vs. Windows debate.

@Delmont - As did Paul, mikegalos, and to some extent waethorn in this case.

--tayme

Delmont you seriously that dense???  

This is a blog post about OS X, Apple and AV, from Paul on the Winsupersite.  Where Paul intentionally throws out flamebait about why would anyone want to run OS X, when Vista and Windows 7 are out.  Then add to that WeeLittlethorn, and Microsoft Mikey start posting fairy tales and you wonder why it turns into a OS X vs Windows debate???

Oh, Lindy...you just don't get it here, do you? Information Security is not an OS war subject. If you think otherwise, you are a fool.

ot only that...but you just admitted to being an Apple troll- finally.

--tayme

"I heard from a friend that if you live in Canada and Jerk off too much you will go blind.  Its true really."

That was uncalled for.  

In any case, for Mac users, they don't have to - they already are.  After they buy, they still go through the motions though.

Lindy should be barred from Paul's site for posting that kind of drivel. Paul???

--tayme

No wonder I misread my calendar and WAe's post yesterday:)

I actually use FF on the Mac, but my internet computer in this reading room has the frackin' Google Toolbar again!!! Evil!! I will uninstall right now. It will be back next week. IT supposedly blocked DL's. Yeah, right!

DRWAM - I'm with you...I hate all of those toolbars...especially Google's. We block them successfully here. If a friend or family memeber calls me with a problem, I make them uninstall it before I come over to look at their problem...

--tayme

smiddlehurst

The Windows C2 rating was done for the operating system.

You're right that it's not a test of the network. It's also not a test of the building the computers are in or the physical access requirements or any other issues. It's just what it says.

The operating system is considered secure enough to be used in a C2 certified security environment. Which is something no other commercial operating system can say. Period.

Feel free to list any Apple OS that passed at C2. There have never been any.

Feel free to list any commercial Unix that passed at C2. There have never been any.

Feel free to list any open source operating system that passed at C2. There have never been any.

Now. Knowing that, care to explain how operating systems that couldn't pass C2 are more secure than one that could?

Since he asked, exercising my capability of choice, I choose to use OSX10 with Windows Vista and Seven around.  Makes the most sense to me and it makes Paul no different than any other partisan fanboy of either the Mac OS, or anything else.  Dealing in absolutes is not the hallmark of a rational mind.

Seven beta in January? What about public beta?

btw: The reason I say "commercial Unix" is because I believe there were two "government use only" specialty stripped down Unix-based products produced by Mitre Corporation and SUN that were rated C2 but were never available to anyone but the US Government.

"Also, I would say that while I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?)"

Who would? Someone with taste. Someone wanting a better OS. Someone that's not running a pro-Microsoft fanboy blog called Supersite for Windows?

I hate to say it, but for the first time in a very long time Paul is right. Mike and the rest of you followers of the Evil Empire are wrong.

@mikegalos: Where are you chiming in here actually saying that you think that Paul is wrong? Instead you say you agree with @tayme. Nice way to avoid flack from your master.

Truth be told, Windows users are simply jealous that their OS is such a magnet for viruses and spyware that they continually spurt FUD about how OS Xers will get caught because they don't run AV, blah blah and blah.

Truth be told, we simply do not have to and gain nothing from doing so. Go try the same on Windows and watch it go up in flames. "Vista, now not as insecure as Windows XP (But still damned bad)" (tm)

So Microsoft fanboys, get over it and accept that you it's your lot in life to be burdened with AV software.

Look at all you Windows users getting all worked up because you've spent your lives in the threatening shadow of viruses and spyware that you can't accept that there are safer options out there. What a sad, sad lot you all are.

"I don’t use OS X regularly anymore (who would with Windows Vista and 7 around?)"

Cheap trolling, nothing more. Every time Paul calls what he does "journalism" I get deeply offended.

@mum: Well you don't come here for the "journalism" do you? It's more like switching on to Fox News for the biased "journalism" than anything else. If it's unbiased and serious, then look elsewhere. You have a chance of less biased commentary if you read the Slashdot comments for pro-Microsoft stances.

Part of the problem is the number of Windows users going to dodgy sites and picking up viruses. Lots of Windows fanboys going to *** sites helping drive the AV industry.

School must have let out...I see our resident zit faced teenager is here. What, no band practice tonight, robertsjoe?

--tayme

@robertsjoe - What don't you understand about this being an Information security issue and not an OS War issue? I guess that they haven't begun to teach true system administration in the 9th grade where you go, huh???

--tayme

@tayme: You'd better go and make sure your anti-virus software is all up to date. You don't want to get caught out - especially running such a magnet of an OS for viruses and spyware. Vista 2 - now with more anti-virus support.

It already updated automatically...on my XP, Vista and 2 OS X (1 Tiger and 1 Leopard) machines...but thanks for thinking of me. You see, I take info security seriously, because I am a realist with a couple of decades of experience...you are obviously as I described. you might try using the school's computers so that you can post during lunch and library time. Of course, they might have fw rules that don't let you visit certain sites or sites that have adult language such as this one does at times...or they might only allow certain sties to be browsed to...but if you are good, you can find a way around that on a bug ridden Vista or XP machine that is probably at use somewhere in your school...right?

--tayme

@tayme: Obviously you are not sure of the sites you visit or have doubt in your own abilities with computers to know enough that you need to run anti-virus. Either that or it's just that you're running Windows.

Wae, I'm about to plug in my 1TB Seagate FreeAgent Pro. I'll let you all know if it's good or not.

I'm convinced now that robertsjoe is the same old bonch.

@robertsjoe - Nope, I know exactly where I go and usually have a good idea of the route taken to get there...like I said, I am a realist. You are hopeless. I'm done baiting you for now. It was so easy too! I enjoyed it! You enjoy school tomorrow...remember, the weekend is coming. You'll be able to be in the basement for hours on end posting on Paul's site from your daddy's iMac.

--tayme

"Seven beta in January? What about public beta?"

Oh my God! Seven delayed? All because Paul wrote that unflattering article about simple v. easy? And that after they gave him a free laptop? Tssk, tssk.

Shark

Oh no! We all know the January public beta was delayed until January to handle Randall C. Kennedy's compaints. Does this now mean it's going to be delayed even further, maybe even until January by Paul's issues?

Wow. One or two more of these delays and it won't be available until January.

:-)

I wasn't posting about a delay. I just read that a beat was probably coming in January and never knew of any expected date. It mention disc for a conference, so assumed that it was not a public beta. I was just wondering if any of you guys knew when a public beta [for my $400 Vista laptop] would be available. I did not read of any prior promised dates, so I assume that there is no delay. How can there be a delay if MS did not announce a beta release or public beta release date?

OT. This FreeAgent Pro ext HD lights up like a christmas tree. All the yellow in the ads is led [I thought it was going to be paint]. Pretty but possibly annoying.

One other thing. I guess is more of a riddle to Mike. Are you ready?

Amalga

DRWAM

A pre-beta release was given to PDC attendees and it was announced that the Public Beta would be in early 2009.

The jokes about a slip were due to Randall C. Kennedy from Infoworld making a complete idiot of himself by claiming that the beta (announced for Early 2009) was being delayed until Early 2009 as a result of Microsoft going back to the drawing boards to resolve his issues with the OS. Later his editor, trying desperately to save any shred of reputation Infoworld had left, claimed that the posting was a joke that nobody got.

We discussed it mostly in the topic "Windows 7 public beta in 2009 ... as previously announced" which is at community.winsupersite.com/.../windows-7-public-beta-in-2009-as-previously-announced.aspx

DRWAM

Amalga looks pretty cool. Any take from the medical community?

Thanks Mike. I never read the article. I glanced at one today stating that a beta would available at some developer conference in January and was wondering if a public beta would shortly follow. I need more toys and Windows 7 sounds like a good one for that laptop. It may be a little over my head, but I like a challenge. I hacked my iPhone last weekend and need more. Especially when I work out. I take 3 to 5 minutes in between sets [ it should be shorter if not power-lifting, BTW]. Dang I would like the beta, but not the pre-beta.

"Lindy should be barred from Paul's site for posting that kind of drivel. Paul???"

Why because what I stated to be true is not??  Sort of like Wae's Killer Mac Worm, that is taking down corporations, that only he knows about.  Apple cant fix and AV companies wont comment on?

Or was it the content of my fairy tale that got your panties in a knot?

It was sarcasm/exaggeration to point out the same of Wae's BS.  I will type slower for you next time.

I get its not about the OS.  I get its about security, but simple facts cant be ignored.

Windows gets attacked more because of its market share.  Windows get attacked more because XP the OS with the most "in use" market share defaults to users as full administrators.  OS X does not get the focus because the effort is not worth it.  There is way less to attack and "out of the box" it more protected than XP, the #1 desktop OS right now.

I have said this before, the virus of yesterday is basically gone, or so well protected against that straight up AV is insignificant.  Todays malware is social, with the goal of gaining control of your OS to gather information (SSN/credit card numbers/bank account info/etc).  Vista, Linux, and OS X out of the box restrict the power of all users and require the user to allow the malware to do the damage.  XP does not.  That is why I said above that its about WHAT the user does and not the AV or OS.

For example last week or the week before the military was slammed by a Trojan and shut down USB drive/CDROM access to all users because their Windows systems were infected.  Some user brought that crap into the DOD network.  Some admin did not do his/her job, not its news.

blogs.zdnet.com/security

DRWAM

If you want some new toys to play with, I'd suggest spending some time with the new Windows Live Wave 3 releases that came out yesterday afternoon. Very cool. Very integrated both with Microsoft and 3rd party services. Liveside has a fair amount of info on the sites.

Thanks Mike. I will check it out. Did you solve the riddle?

To add to Lindy's comments.  He is spot on with the market share that MS has.  But also Windows makes themselves a target based on the vast capabilities the OS has.  Windows allows programmers an enormous amount of control.  For all the locked down code you can't get your hands on, you can still hack through/around it.  Or better yet through the available applications that can be ran on it.  You have app's calling to weakly written drivers and dll's.  Yes a flaw but also a blessing for legit app's.  What do you think would happen if Windows was as locked down as OS x?  We already seen how well UAC was taken with Vista.  Cheers.

"Every time Paul calls what he does "journalism" I get deeply offended."

Too bad this isn't journalism - it's a blog post.  Maybe you should learn the difference before you criticize.

@tayme:  Maybe he can sneak into the library while everyone else is enjoying nap time.

@mike:  I don't envy the position of the Governor General anymore.  She had to cut her European trip short to decide whether or not to clear the House, or to call another general election.  The NDP and Liberals formed a majority coalition against the Conservative government.  They also have the support of the Bloc Quebecois in future confidence votes, meaning they won't hold a vote of non-confidence as the coalition is doing with the current government.  Only 7 weeks after an election and already the Opposition is trying to overrule the elected government.  The PM just issued a recorded statement to the public, and the Liberal leader, Stephane Dion, had a recorded rebuttal.  The PM would have the Gov. General suspend government until late in January, when the Conservative government issues their new budget proposal.  The Opposition wants her to call an election ASAP.

One of the big problems with having the Governor General suspend parliament until late January is that it affects one of the biggest industries affected by the economic downturn:  GM.  They figure that they could be filing for bankruptcy before the end of the year.  Without an immediate economic stimulus package, GM could be going t!ts up.  Thousands will be out of a job.  The Opposition wants a stimulus package ordered up immediately, but the Conservatives won't supply it that fast.  Their budget plan is due to be released January 27th.

Could be interesting in the days to come, or "Hard times in the Maritimes" as they say.

DRWAM

What riddle about Amalga?

Waethorn,

I'd still be fine with them offering me the Governor General position even with having to cut a trip short to decide on a political no-win situation. It's still a cushy job.

Sadly, I don't think I'm likely to be put up for the position even though I was in Toronto for the opening of the new Microsoft Canada headquarters back in 1991 - clearly they're not considering me for the post as a  result of bias against former Microsoft employees.  

:-)

Google it.

"Wae's Killer Mac Worm, that is taking down corporations, that only he knows about."

Me, a friend, and the IT security firm that he works for, as well as their business client.  So far it is only known to have attacked one organization.  It was written in a fairly generic fashion though, not with any indication that the developer knew what was on the target computer, so it could be used against any system.

"Apple cant fix"

Look at their history.  It's not like they have a very successful record at it.

"and AV companies wont comment on"

AV companies don't actually.  It's custom code, and so far they haven't seen it anywhere else.  Most AV companies don't classify malware unless it's found by numerous sources.

Your lack of IT security is glaring.  Maybe you should garner some knowledge in the topic before criticizing it so.

"There is way less to attack and "out of the box" it more protected than XP"

Check your firewall settings recently?  The XP SP2 firewall is turned on by default.  Is it on OS X?

*crickets*

"its about WHAT the user does and not the AV or OS"

Sorry that's just not true.  Look up the definition of Remote Code Exploit.  Anybody that has ever had Blaster or Sasser infect their system can testify.  As far as that Mac code goes, the malware in question does look for Samba support as one of the attack vectors for infection.

@Doc;

May I remind you that Google is evil.

I mean Live search it. That's a black mark on my soul for forgetting.

"I'd still be fine with them offering me the Governor General position even with having to cut a trip short to decide on a political no-win situation. It's still a cushy job."

It's a no-win for her.  It all depends on the choice she makes.

In either case, we're open to some political turmoil ahead.

I'm not a big fan of GM though.  They've been frivolously p!ssing away money for years.  If they go down the sh!tter, that's their problem.  I don't want my taxes bailing them out.  Flood the market with cheap Asian imports instead.  It's better for consumers.

Our economy isn't nearly as bad as the US (which started it all), but nations relying on exports (we export most of our commodity products to the US) have to reevaluate our positions if other nations aren't buying.  I've said before that Canada should've started trading our currency on the Worldwide market instead of comparing it to the Greenback.  Other countries have done it already and came out ahead.  They're the same countries that aren't having any troubles now too.

BTW:  The PM speech tonight had a record # of Canadian TV viewers.

"I mean Live search it."

Canadians can use "Big Ticket Search".  It flips 2 cards at the top of the search results screen and if they match, you win the prize on the cards.

http://www.bigticketsearch.com

I don't like how they do the results page though.  It's a narrow results page, and they appear to be in an IFRAME or something.  The header at the top stays there, even after clicking a link, but the link is sized to the narrow IFRAME thing, so pages don't always fit.  They need to fix that.

I'm not sure if they have anything like it in the US, but Canadians don't have Live Search Cashback, so I guess this is the next best thing for us.

Big Ticket Search, like a lot of things, isn't open to residents of Quebec.  It's something to do with contests and language laws.  It's no surprise that the province has a political party whose ultimate goal is to secede from the rest of the country.  That party is the Bloc Quebecois - the same one that is supporting the Opposition against the Conservative government.  The PM's speech emphasized that fact to discredit the Liberal/NDP coalition.  It's quite the drama that's unfolding.

BTW:  If you're looking for a good political drama, look for a movie by the CBC miniseries called "H2O" (not Halloween: H2O, obviously), starring Paul Gross.  Good movie.  Kind of a twist ending too.  

The sequel isn't as good, but holds its own.  It's called "The Trojan Horse".

@Lindy - No...for you juvenile comment regarding Canadians and going blind...That was really below anything I have seen posted here in a long, long time.

--tayme

DRWAM

I know what Amalga is. I just don't know what the riddle is.

Waethorn

Just an aside, I seriously p!ssed off Former CIA chief George H. W. Bush back in 1979 when he was running for President against Reagan by asking him whether the reports in Time Magazine were true that the CIA had a contingency plan in place to invade and annex Canada in case of a successful Quebecois sessession vote. He did NOT want to answer that one and sidestepped it.

@mikegalos - 2 new former professions? Political Reporter and Conspiracy Theorist??? ;-)

--tayme

"AV companies don't actually."  So how long before you go blind?

www.symantec.com/.../index.jsp

www.symantec.com/.../theme.jsp

www.mcafee.com/.../default.asp

Oh look they have one in your neck of the woods...

www.csis-scrs.gc.ca/index-eng.asp

http://www.us-cert.gov/

http://cyberinsecure.com/

www.ca.com/.../anti-virus.aspx

www.microsoft.com/.../portal

@Lindy - Nice try...You lose. Read waethorns post closely...maybe you can figure it out...doubtful, though.

--tayme

BTW,those who use the term "jihadist" so flippantly over here to describe Windows users, do you even know what it means? You've either disconnected yourselves from the rest of the world or are insensitive to the feelings of the victims of some of the attacks. I find that sad and unfortunate.

@mikegalos: "Just an aside, I seriously p!ssed off Former CIA chief George H. W. Bush back in 1979..."

And now you're trolling Microsoft blogs, spreading FUD and basically being a Microsoft fanboy?

I did not think that you would know. My apologies. The end of the story, but the beginning of our digital 3 hospital system of the future is...Microsoft Almalga, the unified health enterprise informatics platform designed to retrieve and display patient information from many sources. Couple other Microsoft offerings, Exchange and Sharepoint for better physician and management communication as an example, and you get a solid digital system with capabilities of safe, secure healthcare delivery, reducing medical errors by at least 50%, and increasing quality and good outcomes. We're all pretty excited. I told my wife that I had one on you Mike. Now I gotta tell her that you knew what it was. But, I shall return!

Doc

"Too bad this isn't journalism - it's a blog post.  Maybe you should learn the difference before you criticize."

That's like saying it's ok for a policeman to rob banks in his spare time because he's off duty. There are also journalistic rules, they're just unwritten. I know there are also different standards for journalism depending on where you're from, but generally you mostly get a choice between being a journalist and having a blog like this.

"Sorry that's just not true.  Look up the definition of Remote Code Exploit.  Anybody that has ever had Blaster or Sasser infect their system can testify.  As far as that Mac code goes, the malware in question does look for Samba support as one of the attack vectors for infection."

You or tayme to provide statistics?  I am not saying that there are NOT holes in the OS and that AV is totally useless.  Hell once a month you see holes being patched on Windows, they keep my Shavlik servers busy once a month pushing patches out to thousands of Windows servers.

The point is for joe consumer these days the vast, VAST majority of crap that can take you down comes from a user doing something to let crap in, going to web site, clicking yes to crapware, opening email and clicking on a link etc.  That firewall on XP wont do anything if your running as a full admin and click on a link in a email that then downloads all kinds of junk to your PC with a full admin privileges.  I have seen so many home XP users that dont even have a password, running as a full admin, the default install for Windows XP home if I am not mistaken.  Vista, OS X, and Linux will at least prompt you to before you slit your own throat, and OS X/Linux will require you to enter a password before the knife starts cutting.

Viruses.....Un-patched Security holes.........or Privileged user self initiated attacks..........which causes more damage these days??  

They dont make AV for stupidity.

Straight from Wea's god....

technet.microsoft.com/.../cc507867.aspx

"With Windows XP and earlier versions of Windows, any process that an administrator ran automatically used administrative privileges. This situation was troublesome because malware could make system-wide changes, such as installing software, without confirmation from the user. In Windows Vista, members of the Administrators group run in Administrator Approval Mode, which (by default) prompts administrators to confirm actions that require more than Standard privileges."

XP firewall good stuff!!!

Yeah that would be a link\facts to back my point up Tayme.  Only if I could find that going blind link, it probably in the same folder as the Mac Worm takes down corporation NO news at 11 very hush hush.

I fail to understand why we cannot keep this thread to the point and avoid personal attacks, religious attacks etc ?

Pingback from  what is beta software | Digg hot tags

Well it's pretty clear that threats exist for all platforms, Windows users are more exposed, and unless you really know what to look out for, then most people would do well to run on-access protection all the time.

Mac users (I use a mix of both Macs and Windows PCs at home) often feel they are secure because of their OS choice - this is demonstratably false, however there are still significantly fewer threats on the Mac - so for most reasonably savvy users, occasionally running a good online scan will probably be sufficient.  Only the less tech-savvy should look to install 'resident' on-access protection.

Ultimately, this sort of thing always gets boiled down into a 'Your OS is s**t, mine is awesome!' argument, but when it comes to security, the OS you choose is only ONE element in how secure your computer(s) will be - a persons individual atttitude to security is perhaps the most important thing, and taking the attittude 'I'm Safe, I use a Mac' is dangerous.

As for Waethorns assertations that he knows of situatutions where the use of Macs has nearly brought a company to it's knees - well, true or not, there are examples of people ditching a platform in their business in favour of something else all over the shop, some of them are true, some are embelished and some are downright fiction, but these stories do not, in any way 'prove' that the ditched platform was universally and fundamentally bad, it just shows that someone, somewhere along the line, got complacent - and got screwed over as a result.

"I fail to understand why we cannot keep this thread to the point and avoid personal attacks, religious attacks etc ?"

It's kinda hard because the original blog post was a religious attack.

Sharky:

Sometimes words have more than one meaning. From dictionary.com:

"jihad:

2. any vigorous, emotional crusade for an idea or principle."

Sounds like Waethorn and "mikegalos" to me.

"You or tayme to provide statistics?"

Blaster, Sasser, MyDoom, NetSky....they were all supposedly written by the same person.  Blaster and Sasser didn't require user intervention because they would randomly attack blocks of IP addresses and look for a specific, unpatched security hole.  That's a remote code exploit.  If you know anyone that worked IT around 2003, you've heard how bad it was.  Obviously you haven't, so next time, do your homework.

"Vista, OS X, and Linux will at least prompt you to before you slit your own throat, and OS X/Linux will require you to enter a password before the knife starts cutting."

Not true.  There are viruses that masquerade as OS services, thereby bypassing UAC and the like.  Remote code exploits, by definition, don't require user intervention.  If a system service runs with system-level privileges (most do), and it contains a security hole, it's game time.

"generally you mostly get a choice between being a journalist and having a blog like this."

You obviously haven't visited ZDnet, CNet, eWeek, PC World, CNN, the NYtimes, the WSJ, or practically any other website that has a tech column.  Here's a tip:  If you can remember the journalists name, they're not a journalist.

"it just shows that someone, somewhere along the line, got complacent"

That position was taken by Apple, and their customers paid the price by believing in their marketing message.

I guess robertsjoe school doesn't allow mobile devices, or I'm sure we would hear from him during the day.  Since he doesn't deny it, he is just in school, probably high school, and doesn't have any real world experience except what Steve has told him.  Another reason to ignore him, which I should take my own advice...

"Sometimes words have more than one meaning."

From urbandictionary.com

http://tinyurl.com/4f7cro

Sounds like robertsjoe, Ocean, Lindy, and lostamystuff to me.

"It's kinda hard because the original blog post was a religious attack."

So, y'all think of this stuff as some kind of a religious war? That would explain the use of terms like "jihad".

I can't believe the complacency of the Mac crowd. If their platform is so untouchable, why is Apple patching holes by the dozens in every update? Look at the security bulletins issued by Secunia for OS X: secunia.com/.../96

Apparently, since the Mac users are somehow born different [nah, intelligent! they say] and the platform has in-built defenses against the vermin, why the worry, Apple? Do you Mac nuts also not install security updates from Apple, since you won't install an AV even after Apple [for a brief moment of sanity] recommended doing so? What would it take? An AV program from Apple itself?

I think that the name calling just antagonizes and makes matters worse. The Mac crowd gets angry and posts a rebuttal, then the name calling [by BOTH side] starts a perpetual fight. Read some past threads and see.

Wae, the 1TB FreeAgent Pro drive is pretty good. I think that you recommended Seagate drives [5 yr warranty]. Two of us bought one. This was from Frys.com. Newegg is getting slow in delivery. The shipped from less than 2 hrs away and it took business 5 days due to a hand off from DHL to USPS. This happened twice.

Waethron.

From the same website

http://tinyurl.com/64cjug

Kind of sounds like you and MikeGalos, doesn't it?  LOL!  People in glass houses...

I know of a couple of people who had those $500 laptops. They didn't want to pay for software, so they downloaded pirated versions from torrent sites. Some of them obviously came with Viruses or made the computer crash. They decided it was Windows that was the problem (obviously). Now they've bought $1600 iMacs and paid for some software too. Their experiece so far has been far better. I've noticed, at least among the people that I know, that they're willing to spend more on Macs and on Mac software. In such cases, I don't think a direct comparison of the two ecosystems is even possible.

One thing useful to all platforms is the new feature on Live Search that warns about compromised web sites. www.liveside.net/.../live-search-flags-malicious-websites-with-warning-message.aspx

"Obviously you haven't, so next time, do your homework."  Lol you still have not provided anything genius.

In 2008 (NOT 2003) in the PWN 2 OWN contest, Vista, OS X or Linux could not be hacked at all until the user went to a web sight and run some malicious code.  All 3 went down by user initiated attacks.  They could not be hacked just sitting there on the network.

Blaster/sasser attacked a OS hole, on XP and 2000. NO USER INTERVENTION required.

en.wikipedia.org/.../Sasser_(computer_worm)

www.rif.org might help.

Realistically and leaving aside religious wars we get the following:

There are many more exploits targeting Windows users

The underlying architecture of Windows is better designed for security than Unix based architectures like OS X or Linux

There is no magic "special sauce" that makes OS X or Linux less vulnerable to attack

All operating systems have bugs that expose security holes - C based operating systems moreso due to C's lack of buffer management

Apple does a worse job of keeping up on patching their operating system than Microsoft

All software is vulnerable to zero day exploits

User warnings on elevations of privildge are good, are present on all current operating systems and should not be disabled

User warnings don't help against an exploit that uses a hole in an administrator tool

Many OS X users don't run anti-malware software as a point of pride

When a short notice exploit targets OS X using a hole that Apple hasn't patched and that takes over an administrator level service it will infect most of the OS X computers in the world within hours as most users won't have tools to stop it and, if it is written well most won't know they're infected.

@Mike that feature is only two years late...

www.technewsworld.com/.../52262.html

Wow Mike that post is almost not biased against Apple and well said....most of it.  A lot of "if's" but all possible.

Lindy

The goal was to summarize it all without the religious biases. Security is too important to fall into the "ur os suxorz" stuff.

Personally, I think Apple corporate's willingness to encourage and exploit the "we're protected by magic" mindset in their users borders on criminal neglegence and I wish they'd get past it before somebody decide to take advantage of it.

If I really were doing OS religious wars I'd be encourage Apple to keep doing what they're doing because if that zero-day system attack ever hits, the psychological damage to the Mac community will likely damage the reputation both far beyond what is deserved and probably beyond repair.

While I thing Apple corporate deserves a black eye for encouraging this stupidity, the damage to the industry would hurt society in general.

Pingback from  Paul Thurrott and his own views | Confessions of a cat