Just blame everything on the users. Its like if Honda came out and said: "Well our car is the safest we ever build, but since so many people drive and crash it, the car safety rating went down."
Just another reason to switch to Mac OSX. Apple would never blame its users on something so crucial.
Microsoft blames users for Vista infections
Summary
In countering claims Vista is less secure than Windows 2000, Microsoft has said the 'complacency' of users is to blame for infection rates
Topics
Microsoft has claimed user "complacency" is to blame for malware infections, and denied that its Vista operating system is less secure than Windows 2000.
The claim that Vista is less secure than Windows 2000 was made last week by security vendor PC Tools, which said that over the past six months Vista had suffered 639 unique threats, whereas Windows 2000 has suffered 586. PC Tools's research was conducted by collecting data from customers using its ThreatFire behavioral detection software.
"Ironically, the new operating system has been hailed by Microsoft as the most secure version of Windows to date," said Simon Clausen, the chief executive of PC Tools last week.
"However, recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight-year-old Windows 2000 operating system, and only 37 percent more secure than Windows XP," Clausen said.
However, Microsoft strongly hit back at the claims, blaming users for executing malicious code on their machines. On Tuesday, Technet blogger and Microsoft evangelist Michael Kleef said the number of infections found by PC Tools was an indication of poor user behavior.
"The number of virus infections found by a virus vendor does not necessarily equal poor security," wrote Kleef in a blog post. "In many cases it equals poor user behavior. If I, despite all prompting and consent behavior, choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code then I'm hosed."
Kleef claimed the number of infections was not purely the operating system's fault, but said that "in some cases it's the user and their lack of knowledge and their implicit 'it-won't-happen-to-me' complacency" that causes them to get infected.
Kleef's comments followed on from a blog post on Friday by Austin Wilson, the director of Windows Client Security Product Management, which also denied that Vista was less secure than Windows 2000. Wilson said results collected from over 450 million uses of Microsoft's Malicious Software Removal Tool (MSRT) and published in Microsoft's most recent Security Intelligence Report show Vista is more secure than Windows 2000.
"Our results published in the April 2008 version of the Security Intelligence Report show that Windows Vista is significantly less susceptible to malware than older operating systems," wrote Wilson in the blog post. "Using proportionate numbers, MSRT found and cleaned malware from 44 percent fewer Windows Vista-based computers than Windows 2000 SP4 computers and 77 percent fewer than from computers running Windows 2000 SP3."
Just In
Apple would never blame its users on something so crucial.
No, they would simply deny that that the security hole existed at all! Apple seems to be more a fan of:
1. Putting out the only OS to get owned within 2 minutes using nothing more than what comes on the OS X install disc.
2. Lying about the color capability of their monitors.
3. Bricking the phones of those who dare unlock them.
4. Stealthily installing Safari on Windows computers.
5. Shipping products with malware targeting Windows.
6. Putting Mac resellers out of business by withholding stock when they want to open an Apple Store in the area.
7. Using non replaceable batteries that die within months and then refusing to do anything about it until their customers launch a class action suit about it.
8. Deny that their clear Cube cases ever crack and instead calling the long crack like lines "a side effect of the injection mold process".
etc. etc. etc.
No, they would simply deny that that the security hole existed at all! Apple seems to be more a fan of:
1. Putting out the only OS to get owned within 2 minutes using nothing more than what comes on the OS X install disc.
2. Lying about the color capability of their monitors.
3. Bricking the phones of those who dare unlock them.
4. Stealthily installing Safari on Windows computers.
5. Shipping products with malware targeting Windows.
6. Putting Mac resellers out of business by withholding stock when they want to open an Apple Store in the area.
7. Using non replaceable batteries that die within months and then refusing to do anything about it until their customers launch a class action suit about it.
8. Deny that their clear Cube cases ever crack and instead calling the long crack like lines "a side effect of the injection mold process".
etc. etc. etc.
...still oughtweighed by the fact that I've been running OS X since 10.0.0 with no protection at all against viruses and spyware and have not had had any problems (haven't ever had to reload my OS either). Like the credit card ad says - Priceless!
Running Windows since 3.1 without any anti-malware on my home PC and have not had any problems either. Running Linux on my home server and on my media PC without any anti-malware and again, haven't had any problems.
Like the credit card ad says - Priceless!
You said it! Macs are expensive! I got the same trouble free experience at half the price. Yay me!
Like the credit card ad says - Priceless!
You said it! Macs are expensive! I got the same trouble free experience at half the price. Yay me!
Since when zealot ?
When I ordered my original Mac Pro, it was less expensive than any available PC with a similar configuration.
Except, it has been an XP PC on my home network running without AV or antimalware for over two years with no indications of viruses or malware. No weird processes running and restarting, no pop-ups, and performance seems roughly as good as it did when I built the system, so I have to assume it is clean.
I believe that Win98 could be run unprotected indefinitely and not become infected if the user knows what risks to avoid, so there seems to be some truth to the notion that an OS is only as secure as the user allows it to be. The important thing to remember in an enterprise environment is to lock these suckers down to protect the users from themselves. The user is the weakest link in the security chain.
I believe that Win98 could be run unprotected indefinitely and not become infected if the user knows what risks to avoid, so there seems to be some truth to the notion that an OS is only as secure as the user allows it to be. The important thing to remember in an enterprise environment is to lock these suckers down to protect the users from themselves. The user is the weakest link in the security chain.
AS a matter of fact the first thing I did when I got this new PC was remove the A/V software. Been running A/V free since day one back in 1990.
to the Internet...
This is from my experience at work:
I opened HP machine, I connected it to the corporate LAN, I went to Microsoft site to get latest updates... Guess what?
RIGHT - it was infected. Right out of the box.
You can lol as much as you wish. The story continues - I opened another box with Windows, booted it, connected to the corporate LAN, went to MS for updates... Guess what?
RIGHT - it was infected.
Neither of machines stand longer than 10 minutes connected to the Internet. Do not blame me - my family gaming Windows machines (3 - for every family member) at home are not infected, I know how to protect them.
What I am saying - your mileage may vary if you are using firewall in router/DSL/Cable modem.
It was my XPerience (SP1)...
Why I am writing - because it was SO UNBELIEVABLE!
This is from my experience at work:
I opened HP machine, I connected it to the corporate LAN, I went to Microsoft site to get latest updates... Guess what?
RIGHT - it was infected. Right out of the box.
You can lol as much as you wish. The story continues - I opened another box with Windows, booted it, connected to the corporate LAN, went to MS for updates... Guess what?
RIGHT - it was infected.
Neither of machines stand longer than 10 minutes connected to the Internet. Do not blame me - my family gaming Windows machines (3 - for every family member) at home are not infected, I know how to protect them.
What I am saying - your mileage may vary if you are using firewall in router/DSL/Cable modem.
It was my XPerience (SP1)...
Why I am writing - because it was SO UNBELIEVABLE!
...show your ineptitude wrt Windows. With the release of SP2 back in the summer of 2004 this is no longer a situation. You must have been using pre-SP2 media. Use media that has SP2 integrated or make your own (a recent article by AKH of ZDnet shows you how to do it easily).
If that's too much trouble build the system disconnected from the network. Once done enable the firewall, go obtain your updates.
Can't be bothered to do either? Fine...but don't blame Microsoft for your laziness.
Oh, and the answer to your lame question (like we've never heard it before) is: Yes, it was connected to the Internet.
If that's too much trouble build the system disconnected from the network. Once done enable the firewall, go obtain your updates.
Can't be bothered to do either? Fine...but don't blame Microsoft for your laziness.
Oh, and the answer to your lame question (like we've never heard it before) is: Yes, it was connected to the Internet.
Then you won't have to worry about any of this garbage.
Also no Virus protection, no infections, no spyware, no reloading of the OS. Still running like the energizer bunny.
Guess that kills your argument.... /boggle
Guess that kills your argument.... /boggle
http://www.msnbc.msn.com/id/24596745/from/ET/
Corporate America?s rejection of Vista
Many companies delay or denounce Microsoft?s flagship product
By Aaron Ricadela
updated 11:34 a.m. ET, Tues., May. 13, 2008
General Motors may take a detour around Vista, the latest computer operating system from Microsoft. The automaker has encountered so many speed bumps getting Vista to work on its machines that it may just wait for the next version of Windows, due in 2010 or 2011.
Looks like the Energizer Bunny tripped up.
Corporate America?s rejection of Vista
Many companies delay or denounce Microsoft?s flagship product
By Aaron Ricadela
updated 11:34 a.m. ET, Tues., May. 13, 2008
General Motors may take a detour around Vista, the latest computer operating system from Microsoft. The automaker has encountered so many speed bumps getting Vista to work on its machines that it may just wait for the next version of Windows, due in 2010 or 2011.
Looks like the Energizer Bunny tripped up.
Indulge in high risk online activity like the kind discussed in the article:
"choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code"
Now, despite the fact that we all know nobody bothers to create any significant amount of malware for OSX, there have been reports from time to time of potential risks in OSX and Safari. But the risks to OSX and Safari typically come by way of the afore mentioned reckless online behaviour; and rightly so, Apple enthusiasts laugh in the face of people who suggest that OSX is at any kind of serious risk itself if potential vulnerabilities have to use social engineering and reckless online behaviour to get malicious code on the system. We also all know there is no way yet known to stop malicious code from executing on any system or OS if the user invites it in and hits "execute", and then promptly ignores all warnings.
So lay off the poorly thought out claim that safe online usage of an Apple computer, or a Linux box compares in any way to some self destructive jackass using Vista to explore questionable websites to download and purposely install infected files and then run them while ignoring warnings.
I can say with all confidence, that if Apple sold enough computers to matter in the real world there would not only be some hackers who would take an interest and create some nasty viral material for OSX, there would also be at that point just enough of the population actually using Apples that there would be some Apple using idiots who would install the viruses just the same as the Vista using idiots now do.
"choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code"
Now, despite the fact that we all know nobody bothers to create any significant amount of malware for OSX, there have been reports from time to time of potential risks in OSX and Safari. But the risks to OSX and Safari typically come by way of the afore mentioned reckless online behaviour; and rightly so, Apple enthusiasts laugh in the face of people who suggest that OSX is at any kind of serious risk itself if potential vulnerabilities have to use social engineering and reckless online behaviour to get malicious code on the system. We also all know there is no way yet known to stop malicious code from executing on any system or OS if the user invites it in and hits "execute", and then promptly ignores all warnings.
So lay off the poorly thought out claim that safe online usage of an Apple computer, or a Linux box compares in any way to some self destructive jackass using Vista to explore questionable websites to download and purposely install infected files and then run them while ignoring warnings.
I can say with all confidence, that if Apple sold enough computers to matter in the real world there would not only be some hackers who would take an interest and create some nasty viral material for OSX, there would also be at that point just enough of the population actually using Apples that there would be some Apple using idiots who would install the viruses just the same as the Vista using idiots now do.
Feel free to ignore his post
It shows you how quick some AppleJacks are to criticize, without really reading what someone says. I would suggest that when I said:
"But the risks to OSX and Safari typically come by way of the afore mentioned reckless online behaviour; and rightly so, Apple enthusiasts laugh in the face of people who suggest that OSX is at any kind of serious risk itself if potential vulnerabilities have to use social engineering and reckless online behaviour to get malicious code on the system"
Thats a pretty big compliment to Apple computers saying that Apple users are right to laugh in the face of people who say Apple computers are at risk because some potential vulnerability requires irresponsible behaviour and a lot of human engineering to make it work.
Just because the same rule of thumb applies to all computer systems, not just Apple computers doesn't make anyone a Windows junkie. Its a simple fact of life that if Apple computers some day sell as many systems as MS then its also going to be a fact that there will be far more Apple users who are less informed and will be bound to use more risky behaviour and as such may make some vulnerabilities in Apple come to fruition much as they do from time to time in Windows machines.
"But the risks to OSX and Safari typically come by way of the afore mentioned reckless online behaviour; and rightly so, Apple enthusiasts laugh in the face of people who suggest that OSX is at any kind of serious risk itself if potential vulnerabilities have to use social engineering and reckless online behaviour to get malicious code on the system"
Thats a pretty big compliment to Apple computers saying that Apple users are right to laugh in the face of people who say Apple computers are at risk because some potential vulnerability requires irresponsible behaviour and a lot of human engineering to make it work.
Just because the same rule of thumb applies to all computer systems, not just Apple computers doesn't make anyone a Windows junkie. Its a simple fact of life that if Apple computers some day sell as many systems as MS then its also going to be a fact that there will be far more Apple users who are less informed and will be bound to use more risky behaviour and as such may make some vulnerabilities in Apple come to fruition much as they do from time to time in Windows machines.
"You are 100% right..."
And you're not. Time for damage control on Zealot. You
should really just stick to YouTube comments.
"1. Putting out the only OS to get owned within 2
minutes using nothing more than what comes on the OS X
install disc."
You can "own" any computer with physical access to
it. Windows XP SP1 used to get owned in roughly 45
seconds without user intervention simply by being
connected to the internet.
"2. Lying about the color capability of their monitors."
Every company would be guilty of "lying" about
the color capability of their LCDs. TN displays are 6-bit.
They use dithering and can simulate 16.2 million colors.
"4. Stealthily installing Safari on Windows computers."
Versus Microsoft stealthy installing updates with zero
user intervention, bringing corporate networks to a crawl
because it bypasses WSU servers; while repeating the same
stealth install tactic and breaking Windows Genuine
Advantage on volume license installs.
At least you can uncheck Safari or uninstall it. Good luck
uninstalling Internet Explorer.
"5. Shipping products with malware targeting
Windows."
Microsoft has, on several occasions, shipped trojans
and/or viruses on their foreign language versions of
Windows. HP just recently shipped malware on their
server USB keys. Creative also shipped out MP3
players with malware installed. Sony also infected Windows
computers with their own malware on music CDs.
"8. Deny that their clear Cube cases ever crack and
instead calling the long crack like lines "a side effect of the
injection mold process".
Because they weren't cracks, and it was a side effect of the
injection mold process.
And you're not. Time for damage control on Zealot. You
should really just stick to YouTube comments.
"1. Putting out the only OS to get owned within 2
minutes using nothing more than what comes on the OS X
install disc."
You can "own" any computer with physical access to
it. Windows XP SP1 used to get owned in roughly 45
seconds without user intervention simply by being
connected to the internet.
"2. Lying about the color capability of their monitors."
Every company would be guilty of "lying" about
the color capability of their LCDs. TN displays are 6-bit.
They use dithering and can simulate 16.2 million colors.
"4. Stealthily installing Safari on Windows computers."
Versus Microsoft stealthy installing updates with zero
user intervention, bringing corporate networks to a crawl
because it bypasses WSU servers; while repeating the same
stealth install tactic and breaking Windows Genuine
Advantage on volume license installs.
At least you can uncheck Safari or uninstall it. Good luck
uninstalling Internet Explorer.
"5. Shipping products with malware targeting
Windows."
Microsoft has, on several occasions, shipped trojans
and/or viruses on their foreign language versions of
Windows. HP just recently shipped malware on their
server USB keys. Creative also shipped out MP3
players with malware installed. Sony also infected Windows
computers with their own malware on music CDs.
"8. Deny that their clear Cube cases ever crack and
instead calling the long crack like lines "a side effect of the
injection mold process".
Because they weren't cracks, and it was a side effect of the
injection mold process.
They fluster him greatly.
Zealot doesn't believe in facts. Even true ones.
Too bad Colbert is just kidding, and Zealot isn't....
do not make Apple right. In regards to points 2, 4 & 5, just because others have committed similar offenses, does not make Apple less guilty. And there have been different takes on point 8. I have never heard a definitive answer one way or the other.
I am not specifically anti-Apple, just anti-abusive corporation. And Apple is one of many.
I am not specifically anti-Apple, just anti-abusive corporation. And Apple is one of many.
They usually don't have any ground to stand on when someone presents a sensible argument. Instead they jump on NonZ b/c it's easy to put him down.
I've found it's pointless to argue with Appleytes like these guys. No matter what Apple does, it's always OK because someone else is doing it.
They don't get the point that it's not OK for any company to behave in such a way.
I've found it's pointless to argue with Appleytes like these guys. No matter what Apple does, it's always OK because someone else is doing it.
They don't get the point that it's not OK for any company to behave in such a way.
I think your the one that don't get it. You see, NonZealot was trying his best to slam Apple using tired arguments that are pretty common with almost all corporations (not that I'm condoning it). Then all somebody does is point out the obvious to him and you label him as a Appleyte. I don't see anywhere in OlePigeon's comment that he was saying it was OK for Apple. You in your blind loathing of all things Apple made the hasty assumption he was.
The number of Mac users is on the rise. That means as time passes there will be incentive for people to dupe Mac users into installing software that's bad for the computer. This article is mostly right. Almost all malware infections are caused by an end user being scared into installing something because it's flashing at them saying they have spyware.
But he's right. No matter how secure a computer is and no matter how many prompts of "are you sure?" you bypass, since you have the ability to install software on your comptuer, you have the ability to install malware. If you want someone else controlling what you can and can't put on your computer, then by all means keep beating that dead horse.
I bet microsoft could catalog every Spyware, malware, rootkit, and virus out there, build a database into windows and update it, and either 1 of two things will happen. If they kill the packet outright, users will be confused and wonder why nothing is happeing and complain that "something is wrong" or if they prompt the user, this package has been identified as Spyware, do you wish to cancel? and people will still click No, because they want "that stupid warning message" out of there way and don't even read it, then scratch thier heads wondering how could MS put out such a crappy OS that allows "itself" to get infected by spyware.... /boggle
I bet microsoft could catalog every Spyware, malware, rootkit, and virus out there, build a database into windows and update it, and either 1 of two things will happen. If they kill the packet outright, users will be confused and wonder why nothing is happeing and complain that "something is wrong" or if they prompt the user, this package has been identified as Spyware, do you wish to cancel? and people will still click No, because they want "that stupid warning message" out of there way and don't even read it, then scratch thier heads wondering how could MS put out such a crappy OS that allows "itself" to get infected by spyware.... /boggle
...to a sufficiently-determined and -talented idiot. Even Linux, OpenBSD and Mac OS X - and I use them all daily; more regularly now than Windows. I can see ways to do damage in each of them - but the difference is, each of them would require what the hackers call "social engineering" at a level sufficient to convince the user to ignore the OS equivalent of sirens, flares and big, flashing red lights. Think of the old Sesame Street cartoon gag revolving around the big sign "Don't Stand In Front of This Sign"... inevitably some idiot stands there and wonders who put such a silly sign there - milliseconds before being flattened by a falling anvil. Preschool kids laugh at that, because "he didn't follow instructions" (presumably from a grownup) "and he got 'in trouble'!" Adults recognize that people really do stuff like that, either through ignorance, pride, stubbornness or some mixture of the three.
As software developers, trainers and "power users", part of our brief is to encourage development of software that makes it easier to keep our systems secure and efficient; the longtime default "everybody's an administrator" stance in Windows was just the most obvious violation of that principle. Sure, non-Windows systems can be compromised - but not so easily in the standard configuration, and (usually) not without warnings and other feedback indicating that what you're about to do may not be the wisest of all available moves.
In practice, in my experience, that makes the difference between viable support of productive users, and the Whac-A-Mole perpetually infinite moving target that is Windows security management.
As software developers, trainers and "power users", part of our brief is to encourage development of software that makes it easier to keep our systems secure and efficient; the longtime default "everybody's an administrator" stance in Windows was just the most obvious violation of that principle. Sure, non-Windows systems can be compromised - but not so easily in the standard configuration, and (usually) not without warnings and other feedback indicating that what you're about to do may not be the wisest of all available moves.
In practice, in my experience, that makes the difference between viable support of productive users, and the Whac-A-Mole perpetually infinite moving target that is Windows security management.
My wife works in a totally Mac office environment, it's been that way since the fruit-colored iMacs. Their computing experience is a checkered mosaic of LAN and WAN outages, lost documents, problematic access to network resources like printers and scanners.
I think that Apple's current ad campaign is aimed at creating a state of mind in which Mac problems simply don't exist; the current reliability status of Apple products is apparently something Mac users should simply accept.
The reason Apple makes fun of PC users is that we howl against the fading of the light when our hardware lets us down. We're not gracious about it. And about a year, eighteen months down the road the stuff we wail about gets fixed.
Which doesn't excuse that absurd little man at Redmond trying to say that Vista's security issues are because we Vista owners have an unusual affinity for Russian porno and pirate file sites. If you fall down on the job, you square your shoulders and accept responsibility for what happened. You don't make nasty remarks about what you assume your customers' personal habits are.
I think that Apple's current ad campaign is aimed at creating a state of mind in which Mac problems simply don't exist; the current reliability status of Apple products is apparently something Mac users should simply accept.
The reason Apple makes fun of PC users is that we howl against the fading of the light when our hardware lets us down. We're not gracious about it. And about a year, eighteen months down the road the stuff we wail about gets fixed.
Which doesn't excuse that absurd little man at Redmond trying to say that Vista's security issues are because we Vista owners have an unusual affinity for Russian porno and pirate file sites. If you fall down on the job, you square your shoulders and accept responsibility for what happened. You don't make nasty remarks about what you assume your customers' personal habits are.
Uh, time for your wife's company to fire the network guy
and get someone in there that knows what they are doing.
None of the issues you cite are Mac-related. You are
talking about the network there.
At any rate, getting back on topic: I think that most of the
readers on this forum are above the level of "beginner"
when it comes to computers. They know how to set them
up, how to secure them, etc. If you say that you are not
getting malware on your system, be it Mac, Windows,
Linux or something else, I'll believe you. The real test is to
take an absolute beginner (or near beginner), have them
get their computer and get it online. Then see what they
are up against. Microsoft is blaming the victim here.
Perhaps they should secure a lot of things, but the point is
that you should not have to be a computer genius in order
to avoid malware.
and get someone in there that knows what they are doing.
None of the issues you cite are Mac-related. You are
talking about the network there.
At any rate, getting back on topic: I think that most of the
readers on this forum are above the level of "beginner"
when it comes to computers. They know how to set them
up, how to secure them, etc. If you say that you are not
getting malware on your system, be it Mac, Windows,
Linux or something else, I'll believe you. The real test is to
take an absolute beginner (or near beginner), have them
get their computer and get it online. Then see what they
are up against. Microsoft is blaming the victim here.
Perhaps they should secure a lot of things, but the point is
that you should not have to be a computer genius in order
to avoid malware.
Computers are complicated machines, and the fact that the user can modify it by adding their desired applications makes it inherently vulnerable to incursions. Regardless of what OS you're using.
That's the unfortunate truth. TVs can't be infected because you just flip a switch or press a button, and you're good to go. Computers are not TVs.
Keeping a computer clean is the responsibility of both the software providers (they should do their utmost to make the software secure), and the user. You can have the most advanced security system in your house, but if you don't turn it on and you leave your door open please don't blame the security system's manufacturer if someone comes in and robs you.
I am not defending MS for squarely blaming users. But people should realize that users also share part of the blame.
That's the unfortunate truth. TVs can't be infected because you just flip a switch or press a button, and you're good to go. Computers are not TVs.
Keeping a computer clean is the responsibility of both the software providers (they should do their utmost to make the software secure), and the user. You can have the most advanced security system in your house, but if you don't turn it on and you leave your door open please don't blame the security system's manufacturer if someone comes in and robs you.
I am not defending MS for squarely blaming users. But people should realize that users also share part of the blame.
You are so right! Everything today has no blame accruing to the victim. Cross a busy street without looking? Not my fault!
Drop a thousand bucks on a crap game? Not my fault?
Fail to keep my system updated? Still not my fault! MS should have people come in and update my system every time a new update is published! Of course, they should not ask that anyone be present to let them in when they arrive.
No, the "victim" is the clueless jerk who, even though the system is set to update automatically, rejects such attempts, whether through ignorance or just stupidity. Other "victims" are just clueless and think that the system is going to work perfectly out of the box and will continuously do so forever with no effort from them.
Get real! Even Linux and others have to come up with updates.
Drop a thousand bucks on a crap game? Not my fault?
Fail to keep my system updated? Still not my fault! MS should have people come in and update my system every time a new update is published! Of course, they should not ask that anyone be present to let them in when they arrive.
No, the "victim" is the clueless jerk who, even though the system is set to update automatically, rejects such attempts, whether through ignorance or just stupidity. Other "victims" are just clueless and think that the system is going to work perfectly out of the box and will continuously do so forever with no effort from them.
Get real! Even Linux and others have to come up with updates.
because most of its customers aren't all that technically
minded and use Macs because they're a lot easier to use
and look after. I for one would never be able to look after
a Windows box, but I'd have to be a complete idiot not to
be able to look after the two Macs in our household.
Mostly they look after themselves these days; OS X needs
a lot less attention than OS 9 did. And even OS 9 needed
a lot less attention than any version of Windows.
minded and use Macs because they're a lot easier to use
and look after. I for one would never be able to look after
a Windows box, but I'd have to be a complete idiot not to
be able to look after the two Macs in our household.
Mostly they look after themselves these days; OS X needs
a lot less attention than OS 9 did. And even OS 9 needed
a lot less attention than any version of Windows.
I'm pretty sure a lot of your fellow Apple fans here would disagree with you, but if you say so...
I'll keep it in ming when I read posts from Appleytes
I'll keep it in ming when I read posts from Appleytes
is user fault
is 3rd party drivers fault
is badly written 3rd party programs
is the junior system admin fault
Repeat after me (and Ed Bott): is not MS fault...
By the way, does somebody knows somebody who knows somebody with a mac infected by a virus? still waiting to see one...
PF
is 3rd party drivers fault
is badly written 3rd party programs
is the junior system admin fault
Repeat after me (and Ed Bott): is not MS fault...
By the way, does somebody knows somebody who knows somebody with a mac infected by a virus? still waiting to see one...
PF
When (or if) Mac usage numbers increase substantially, rest assured so too will viral and malware infections/incidents affecting that platform. This will always remain a What comes first, the chicken or the egg? type proposition. Windows is not only a bigger and juicier target by far, so too is Microsoft as a corporate entity. But one more dual faceted question to ponder, whether it is really Windows or >> Microsoft that is being targeted more.
The good news is, Microsoft is taking security far more seriously in recent years, as compared to the Swiss cheese brick models of years back. They've come along way since that time, only a fool wouldn't admit as much. But in fairness, they still have a ways to go i and they did partly bring this on themselves with their arrogant and bullying attitude.
Mac users will also benefit in the long run from the pain and gore that PCers have been exposed to over the years. If they are ever are deemed "worthy" of the blackhat spotlight, the remedies they'll invariably turn to are already in place thanks to what the PC crowd has been inundated with from the beginning of time. That's a simple fact Macsters will further profit from.
PS. To answer your question, yes I have seen a few infected Macs. They are relatively rare, dwarfed by their PC counterparts, but repair techmeisters + shops do see them on occasion.
The good news is, Microsoft is taking security far more seriously in recent years, as compared to the Swiss cheese brick models of years back. They've come along way since that time, only a fool wouldn't admit as much. But in fairness, they still have a ways to go i and they did partly bring this on themselves with their arrogant and bullying attitude.
Mac users will also benefit in the long run from the pain and gore that PCers have been exposed to over the years. If they are ever are deemed "worthy" of the blackhat spotlight, the remedies they'll invariably turn to are already in place thanks to what the PC crowd has been inundated with from the beginning of time. That's a simple fact Macsters will further profit from.
PS. To answer your question, yes I have seen a few infected Macs. They are relatively rare, dwarfed by their PC counterparts, but repair techmeisters + shops do see them on occasion.
What kind of viruses were detected and what harm did they made?
No punt intended.
I am just thinking about the time when I am tired of tweaking my Linux desktop. And back then, in 90s I was doing some development under FreeBSD (v2.2). At that time FreeBSD was the better server OS than Linux, but like OS/2 lost to Windows...
An idea of buying Mac visited me several times already. So, the dream may come true.
No punt intended.
I am just thinking about the time when I am tired of tweaking my Linux desktop. And back then, in 90s I was doing some development under FreeBSD (v2.2). At that time FreeBSD was the better server OS than Linux, but like OS/2 lost to Windows...
An idea of buying Mac visited me several times already. So, the dream may come true.
Are you suggesting that Macs are invulnerable? As for the harm caused, the harm becomes a fait accompli whenever one rears its head on any platform. Can you tell me of a single virus, worm, trojan, keylogger, or even malware for that matter, that would be an exception to this? Last time I looked, parasites of any stripe are not welcome on any operating system.
OS X had the Leap-A IM worm. It wasn't particularly nasty or widespread, but it did prevent infected applications from firing up, requiring their removal and reinstallation. It could have been much worse however, if the author so intended [after all, you don't need root but simple rights to trick a user into running rm -rf ~ and voila!].
There was also the java based OS X Inqtana worm from a little earlier, though I never saw it, and never knew anyone hit by it (perhaps it didn't make the wild). But don't kid yourself, Macs are not invulnerable to parasites, and have been hit with things as common as Melissa var.
Going back in time, there was also ANTI, CDEF, Zero, Code 1, Code 252, AIDS, CLAP, MBDF, MDEF, AutoStart, Zuc to name but a few. I seem to remember a slew of macro viruses that have affected Macs, if I recall right there were too many variants to count once upon a time.
In any case, the age of the viral epidemics seems behind us at this point, it's malware that's now taken center stage. Just remember to buckle up and practice safe sex. That goes for you Macsters too.
OS X had the Leap-A IM worm. It wasn't particularly nasty or widespread, but it did prevent infected applications from firing up, requiring their removal and reinstallation. It could have been much worse however, if the author so intended [after all, you don't need root but simple rights to trick a user into running rm -rf ~ and voila!].
There was also the java based OS X Inqtana worm from a little earlier, though I never saw it, and never knew anyone hit by it (perhaps it didn't make the wild). But don't kid yourself, Macs are not invulnerable to parasites, and have been hit with things as common as Melissa var.
Going back in time, there was also ANTI, CDEF, Zero, Code 1, Code 252, AIDS, CLAP, MBDF, MDEF, AutoStart, Zuc to name but a few. I seem to remember a slew of macro viruses that have affected Macs, if I recall right there were too many variants to count once upon a time.
In any case, the age of the viral epidemics seems behind us at this point, it's malware that's now taken center stage. Just remember to buckle up and practice safe sex. That goes for you Macsters too.
Did any of these happen to OSX or was it earlier and less secure versions of Apple's OS?
Just curious.
ttfn
John
Just curious.
ttfn
John
Did any of these happen to OSX or was it earlier and less secure versions of Apple's OS?
Leap-A IM and Inqtana-A were both OS X worms. Neither saw high circulation or much damage, but as I stated earlier, it could have been worse. Most of the others mentioned were Mac attacks back prior to the OS X platform - and I could have named considerably more. There are also macro viruses that probably could spread through modern Mac systems even though they don?t possess a payload that works effectively in the OS X environment.
Worth mentioning likewise is the RSPlug.A DNS Trojan discovered late last year, and rogue anti-malware apps like macsweeper and imunizer. Also the relatively new Puper (a.k.a. Zlob) Trojan threat, a Mac version of that old and troublesome PC beast.
The key thing is, numerous and sophisticated "proof of concept" threats exist for OS X. Fortunately they give the author bragging rights and little more, and most likely will not be seen in the real world to deliver their punch. But that doesn't diminish the fact that these threats and vulnerabilities are real and exist. That's all that matters (or should), even with the remarkable track record OS X possesses to date.
Unfortunately, criminal elements are never inactive for long. Data and identity theft from malware remains an even larger threat than any "by the numbers" virus or worm at this time. Everything mentioned earlier shows the Mac OS X platform is not out of reach.
Leap-A IM and Inqtana-A were both OS X worms. Neither saw high circulation or much damage, but as I stated earlier, it could have been worse. Most of the others mentioned were Mac attacks back prior to the OS X platform - and I could have named considerably more. There are also macro viruses that probably could spread through modern Mac systems even though they don?t possess a payload that works effectively in the OS X environment.
Worth mentioning likewise is the RSPlug.A DNS Trojan discovered late last year, and rogue anti-malware apps like macsweeper and imunizer. Also the relatively new Puper (a.k.a. Zlob) Trojan threat, a Mac version of that old and troublesome PC beast.
The key thing is, numerous and sophisticated "proof of concept" threats exist for OS X. Fortunately they give the author bragging rights and little more, and most likely will not be seen in the real world to deliver their punch. But that doesn't diminish the fact that these threats and vulnerabilities are real and exist. That's all that matters (or should), even with the remarkable track record OS X possesses to date.
Unfortunately, criminal elements are never inactive for long. Data and identity theft from malware remains an even larger threat than any "by the numbers" virus or worm at this time. Everything mentioned earlier shows the Mac OS X platform is not out of reach.
Re: It could have been much worse however, if the author so intended [after all, you don't need root but simple rights to trick a user into running rm -rf ~ and voila!].
That's where SELinux comes in. Does a browser have any business deleting files that it didn't create? Nope. So it isn't allowed to do so.
So whilst MS goes from fragile to debatably a little less fragile, Linux is going from tough to tougher. Have fun catching up!
That's where SELinux comes in. Does a browser have any business deleting files that it didn't create? Nope. So it isn't allowed to do so.
So whilst MS goes from fragile to debatably a little less fragile, Linux is going from tough to tougher. Have fun catching up!
...from when I provided technical support to a number of Mac-using institutions, including private schools and a public/private consortium devoted to demonstrating computer technology for people with disabilities.
The customer who owned the Macs in question simply walked away from their investment rather than expend the time and trouble involved in keeping their Apple Talk LAM virus-free.
I even have a box of diskettes with a profoundly viral copy of the Norton Utilities for Macintosh.
Not only do Mac viruses exist, but when show up, they spread through LANs at the speed of bad news and are uncannily destructive of hard disk sector data. They are almost impossible to remove from infected systems without trashing a significant portion of the affected data as well.
Apple's publicity campaign is dedicated to drawing attention to the all-too-well-known drawbacks of PCs in order to draw attention away from issues that an increasing body of Mac users are all too familiar with.
The customer who owned the Macs in question simply walked away from their investment rather than expend the time and trouble involved in keeping their Apple Talk LAM virus-free.
I even have a box of diskettes with a profoundly viral copy of the Norton Utilities for Macintosh.
Not only do Mac viruses exist, but when show up, they spread through LANs at the speed of bad news and are uncannily destructive of hard disk sector data. They are almost impossible to remove from infected systems without trashing a significant portion of the affected data as well.
Apple's publicity campaign is dedicated to drawing attention to the all-too-well-known drawbacks of PCs in order to draw attention away from issues that an increasing body of Mac users are all too familiar with.
"Apple's publicity campaign is dedicated to drawing attention to the all-too-well-known drawbacks of PCs in order to draw attention away from issues"
Errrrr... what was the title of the article, now? Apple blames users? NOOOO! It was "MICROSOFT BLAMES USERS".
Errrrr... what was the title of the article, now? Apple blames users? NOOOO! It was "MICROSOFT BLAMES USERS".
My read on this is that Microsoft is on the same bandwagon as those that keep telling us that mankind is de-evolving.
So, since Windows 2000, the IQ of the average user must have decreased. Or maybe it's an unexplored impact of global warming and more CO2 - more CO2 means slightly less O2 - so maybe we're all slightly dumber due to O2 starvation on our brains.
Seems plausible - since it can't be the software.
Greg P.
So, since Windows 2000, the IQ of the average user must have decreased. Or maybe it's an unexplored impact of global warming and more CO2 - more CO2 means slightly less O2 - so maybe we're all slightly dumber due to O2 starvation on our brains.
Seems plausible - since it can't be the software.
Greg P.
As an example - my father recently upgraded his antique desktop for a brand spanking new Gateway laptop - courtesy of Best Buy.
He moved, with that purchase from W2K to Vista Home. Now he did make some effort to understand the differences between old vs. new and did what I would call a standard user job of it.
To help him, I installed BitDefender 8 Internet Security and set up some late night tasks that would keep his system healthy.
Last week I stopped by (he was complaining the system was acting up) and found several items installed that should not have been. I also noticed there were several additional items that BitDefender had blocked/quarrantined/etc...
Talking things thru with my dad he showed me one of the messages he was gettin to 'okay' an action. He would see a request - looks like a MS or other legitimate vendor, BF said that there were no detected viruses and he would click OK, and as he generally had to repeat this, got into the habit of just hitting OK for all items that requests that subsequently came up. Most were caught by BF but not all.
Oops!
Anyway, after some teaching he now has a better understanding of what he is really seeing and a better idea of how to handle it.
Based on this single episode I would say MS is trying, but when you have difficulty telling good from bad you are going to get bit!
He moved, with that purchase from W2K to Vista Home. Now he did make some effort to understand the differences between old vs. new and did what I would call a standard user job of it.
To help him, I installed BitDefender 8 Internet Security and set up some late night tasks that would keep his system healthy.
Last week I stopped by (he was complaining the system was acting up) and found several items installed that should not have been. I also noticed there were several additional items that BitDefender had blocked/quarrantined/etc...
Talking things thru with my dad he showed me one of the messages he was gettin to 'okay' an action. He would see a request - looks like a MS or other legitimate vendor, BF said that there were no detected viruses and he would click OK, and as he generally had to repeat this, got into the habit of just hitting OK for all items that requests that subsequently came up. Most were caught by BF but not all.
Oops!
Anyway, after some teaching he now has a better understanding of what he is really seeing and a better idea of how to handle it.
Based on this single episode I would say MS is trying, but when you have difficulty telling good from bad you are going to get bit!
the difference between a bad blowfish and a good one without biting into it first? in this case, if you live, it was good.
The point is there will always be copy cats out there making bad things look legit (kind of the point of getting users to click on things). Unless MS can anti-counterfit their OS and their prompts, ignorant users won't know the difference. But, because of the Oh so intelligent EU, any attempt for Microsoft to keep some secrets goes down the tubes with a million dollar flush.
The point is there will always be copy cats out there making bad things look legit (kind of the point of getting users to click on things). Unless MS can anti-counterfit their OS and their prompts, ignorant users won't know the difference. But, because of the Oh so intelligent EU, any attempt for Microsoft to keep some secrets goes down the tubes with a million dollar flush.
That's the wrong approach to software security right there. Security through secrecy works fine with physical locks and the like, but in the realm of ones and zeros everything's different. Since all computer code must necessarily conform to the binary standard of the physical or virtual machine it runs on, and since any software can be opened up in and editor and read, anyone who knows the binary standard can disassemble any program, given enough time, analyze it, and figure out how it works.
Imagine if someone was able to magically remove the lock from your door, open it up, and figure out the tumbler pattern, without you ever noticing because he was thousands of miles away, using an identical copy. That's how hacking works. There are tricks--code obfuscation, code encryption, memory randomization and the like--that can make the disassembly process harder, but in the end it comes down to one simple fact: the computer can only run it if it can read it, and if the computer can read, so can a determined user with the right tools and knowhow.
Since security through secrecy doesn't work, what we need is an entirely new paradigm: security through full disclosure. Create open standards that anyone can examine and test. Let security experts the world over examine them and improve them until you come up with a solid system.
For one example, look at public key encryption, one of the most-trusted ways of making email secure. It's not only based off open standards, it's based off making half of your encryption key publicly available, to the entire internet! And it's tested and tried, and it keeps your data safe.
Imagine if someone was able to magically remove the lock from your door, open it up, and figure out the tumbler pattern, without you ever noticing because he was thousands of miles away, using an identical copy. That's how hacking works. There are tricks--code obfuscation, code encryption, memory randomization and the like--that can make the disassembly process harder, but in the end it comes down to one simple fact: the computer can only run it if it can read it, and if the computer can read, so can a determined user with the right tools and knowhow.
Since security through secrecy doesn't work, what we need is an entirely new paradigm: security through full disclosure. Create open standards that anyone can examine and test. Let security experts the world over examine them and improve them until you come up with a solid system.
For one example, look at public key encryption, one of the most-trusted ways of making email secure. It's not only based off open standards, it's based off making half of your encryption key publicly available, to the entire internet! And it's tested and tried, and it keeps your data safe.
"The number of virus infections found by a virus vendor does not necessarily equal poor security," wrote Kleef in a blog post. "In many cases it equals poor user behavior. If I, despite all prompting and consent behavior, choose to go to a (probably dodgy) website, accept the ActiveX control prompts to download (probably dodgy) code and I actually choose to execute that code then I'm hosed."
So it is the end users fault for buying an OS that is insecure. I agree. Anyone using Windows and ActiveX is hosed. I use Windows, therefore, I am hosed.
So it is the end users fault for buying an OS that is insecure. I agree. Anyone using Windows and ActiveX is hosed. I use Windows, therefore, I am hosed.
There was no internet and security was definitely not in Bill Gates vocabulary nor was there much threat. ActiveX is just a marketing name for COM Component Obect Model.
But in Vista if a user is running in user mode then the ActiveX component is no longer at administrator. Plus IE7 has protected mode.
In my opinion, the real inherent insecurity is that in previous versions of Windows almost everyone ran as admin. Vista offers help here.
But in Vista if a user is running in user mode then the ActiveX component is no longer at administrator. Plus IE7 has protected mode.
In my opinion, the real inherent insecurity is that in previous versions of Windows almost everyone ran as admin. Vista offers help here.
Today, they disable UAC, which is the same thing as always running as admin. Then they'll back it up by making the idiotic claim that UAC doesn't really work. Then they'll claim they don't need antivirus, and claim they haven't been infected in years.
Then, when they finally do get a virus, they'll blame Microsoft for "being insecure." Truly pathetic.
Then, when they finally do get a virus, they'll blame Microsoft for "being insecure." Truly pathetic.
When do you think the internet was developed?
Just because Windows was behind the game (bill gates said it was a passing fad) in being able to connect to the internet (i.e. we don't need TCP/IP), doesn't mean it didn't exist.
Windows is still full of sticking plasters for security instead of going back to basics and redesigning it.
Just because Windows was behind the game (bill gates said it was a passing fad) in being able to connect to the internet (i.e. we don't need TCP/IP), doesn't mean it didn't exist.
Windows is still full of sticking plasters for security instead of going back to basics and redesigning it.
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
