Re: The Myth of the secure Mac
- From: GreyCloud <cumulus@xxxxxxxx>
- Date: Mon, 31 Oct 2005 16:16:07 -0700
Donald L McDaniel wrote:
> In article <uow8f.18753$NJ.1576@xxxxxxxxxxxxxxxxxxxxxx>, TheLetterK
> <theletterk@xxxxxxxxxxxxxxxxxx> wrote:
> > That is equally untrue. You are screwed only if you use Outlook.
> Let's be truly honest about this, ok? You are only screwed if:
> 1) You fail to apply necessary recommended security patches after
> installing XP, especially SP2, which contains many security
> 2) You fail to install, use, and update decent antivirus, anti-trojan,
> anti-malware, firewall protection after installing XP or soon
> 3) In the case of a firewall, the XP-supplied firewall should be
> enabled before going on the Net. Additional firewall software should
> be installed, however, for optimal safety.
> 4) If Internet Explorer is used as default browser, it should be set on
> highest security settings which will allow for good browsing. The
> Popup Blocker should also be engaged, and set at highest settings
> possible which allow for good browsing.
> 5) If Outlook is used:
> a) Junk Mail filter should be enabled, and set at highest level.
> This will allow for some false-positives (not many, once it is
> trained), but will filter out the majority of the crap (especially crap
> containing social engineering in the body of the message or malware
> attached as common Windows files) Make sure this Junk Mail is moved to
> a local "Junk Mail" folder, so that it can be later examined for false
> positives before being deleted. It might be a good idea to archive
> Junk Mail for a few months, so that you will have a pretty good set of
> messages which can be trained as Junk Mail. Or, just train it as you
> go along (or automatically, if you don't mind some of your legitimate
> mail being classified as "Junk").
> b) Outlook Security should be set at "medium" or higher. The
> objective is to keep from downloading self-executing viruses or trojans
> contained in binary files, which might hitch-hike onto an image from a
> visited website, or a link which will send you to a criminal website
> for further social engineering, or any number of other vile things.
> Try to keep this in mind at all times: Never click on a link contained
> in an email message from someone you have never communicated with or do
> not recognize. It can only lead to damage to your file structure.
> Between what your default browser stops, and the Junk Mail filter
> catches, and what Outlook stops, and what the built-in firewall catches
> before being downloaded, XP will be relatively safe and free from most
> malware. Installing additional anti-malware software will only
> increase your chances of being relativly safe and free from malware
> using XP Professional. Third-party firewalls are mostly installed to
> control what goes OUT of your machine, not what comes in. In addition,
> they are installed for the extra features, such as a visible Whois map
> or Popup control, or to add better Spam controls and filters to your
> email client, or better logging abilities.
> Now, this may or may not be necessary on the OS X desktop, but that is
> irrelevant. The fact is, the above measures will keep you safe and
> free from malware on Windows XP Professional if carefully and
> consistently applied, just as properly applying OS X's security
> measures works only if carefully and consistently applied. Maccies may
> not like this, since it shows the world that Macs are not the only
> computers in the world which can be safely maintained by anyone if he
> applies himself.
> Whether security is handled mostly internally by the OS, as in OS X, or
> externally, through third-party Windows apps, is irrelevant, since both
> work successfully for their respective platforms. And in fact, both
> platforms have some form of firewall, some form of junk mail filter,
> some form of browser security settings, in addition to internal OS
> Whether one way of handling security is better than another would be
> better treated on Sunday morning down at the local Fundamentalist
> Protestant church after the preacher's sermon, down in the basement
> while everyone's having coffe and doughnuts.
> Are PowerMacs well-engineered? Yes. I do admit that everytime I look
> inside the chassis of my G5, I am taken by its complete "beauty", solid
> look, and lack of wires and cables everywhere. However, some people
> like wires and cables everywhere. I certainly have no bone to pick
> with them. As they say, there's no accounting for taste.
> However, PowerMacs are not the only computers on the face of the earth
> which are "well-engineered". Many Wintels are also "well-engineered".
> Many Suns are "well-engineered". Many Silicon Graphics machines are
> "well-engineered". Many IBM's are "well-engineered". They have to
> be. They are the work-horses of the industry.
> I agree that the Wintel world could take a few pointers from Apple as
> far as chassis design is concerned.
> The difference between the PowerMac and an equal or better Wintel is
> price, not quality or engineering excellence. Putting a lower price on
> a product does not automatically lower its quality at the same time,
> just as putting a higher price on a product does not automatically
> increase its quality. Price is just not a factor where quality is
> concerned (or it doesn't have to be). Not with modern manufacturing
> equipment (which design and produce CPUs on the molecular level) and
> The WinTel consortium can charge less for its products, while at the
> same time retaining their engineering quality standards, resulting in a
> "lower-priced, well-engineered product" instead of a "higher-priced,
> well-engineered product", because of the vast quantities of product
> they sell (and therefore, they can afford to manufacture more while
> retaining the same standards of quality). Mass-production methods do
> not have to guarantee loss of quality.
> At least Apple keeps its price for its OS at a reasonable level (even
> though they charge for each minor version change, unlike Microsoft, who
> supplies OS verion upgrades for free, only charging for a major version
> change (such as from 98 to ME, or ME to NT, or NT to 2000, or 2000 to
> XP). Microsoft offsets this by charging more for its OS. And it can
> charge more for its OS, having the monopoly over PC desktop operating
> systems as it does. If Stevie-boy would get a little back-bone into
> him, he could make a serious dent in Microsoft's market-share of
> desktop operating systems by releasing OS X for any machine which will
> support it.
> Apple, on the other hand, is limited by its production methods, along
> with its small share of sales, resulting in a higher-priced product.
> The blame for this can be placed squarely on Steve Jobs. He has kept
> Apple's market share extremely low through his insistence on using
> manufacturers who produce fewer units because of using "better quality"
> products, with a price reflecting this "better quality". Apple prices
> are artificially inflated by Steve Jobs through his "better quality,
> therefore, higher price.", propaganda .
> Apple sales are actually lower because of the higher price of his
> hardware products (caused by marketing considerations, not technical
> ones), not because it somehow takes a "more intelligent,
> discriminating, hipper user to use a Mac, and therefore, there are
> fewer of those than the ignorant bottom-feeders who base their buying
> decisions on the price, therefore Apple sells fewer computers to those
> Jeeze! Even old "Kingfisher" in Louisiana (thief that he was) built
> hospitals for the people. I went to one of his relative's political
> rallies in my youth. The old pirate was there along with the rest of
> his "family". He threw silver dollars into the crowd, sending them
> into a frenzy of "kingfisher love". Did his relative get the entire
> crowd's vote when the election was held? I don't know, since I was
> more concerned about a caterpillar which fell onto my hand from the
> tree above.
> Maybe Stevie should throw a few silver dollars into the crowd. Maybe
> people should use silver dollars more. They would soon learn to
> appreciate the weight of the money rather than its quantity.
> What a delusion! And you keep hanging on to it, while the world goes
> on all around you. All you Maccies should move to San Francisco, where
> you can live on bean sprouts and lentil soup all day, doing NewAge
> chants in front of the mirror, while listening to the Grateful Dead, as
> your "partner" steals you blind using your G5 in the living room one
> penny at a time by tapping into your bank account sereptitiously, while
> you polish your Berkenstocks. Maybe you would lose a few pounds around
> your brains walking up and down the hills.
> > >
> > >
> > >>Apple Patches
> > >>- Apple has been good about patching their software, however, they have
> > >>been known to wait three months between when they are informed of an
> > >>exploit and when they patch it. This is more common in the industry
> > >>than it should be. The point is, Apple is good about this, but they are
> > >>not perfect. Refer to:
> > >>>>http://news.com.com/Apple+issues+Mac+OS+X+security+patch/2100-7355_3-52181
> > >>89.html
> > >>
> > >
> > >
> > > M$ is far worse. Some companies point out security issues
> > > with XP and M$ squawks about being told about them. How
> > > long did it ever take M$ to fix the security problems with
> > > IE 6.0?? Several years and still more than 2 dozen
> > > outstanding security issues.
> Microsoft does not "squawk" about possible security issues. They
> carefully consider them in their labs. But they ask for truth and
> proof, not supposition and anecdotes. Tell Microsoft about a security
> breach, and they will quietly add your testimony to a thousand others'.
> And those thousands of anecdotes become over time a pool of usable
> data. When they can sufficiently demonstrate the verity of this
> testimony, they will admit the truth, and address the issue. This is
> EXACTLY what all other manufacturers would do, including Apple.
> That it may sometimes take Microsoft more time to address an issue
> satisfactorily (after all, Windows is many millions of lines long, and
> changes to one part of the code could have disasterous effects on other
> parts of the code) only shows their carefullness in addressing the
> issue. And sometimes, there is just no satisfactory solution at the
> present time which will not also break another important part of the
> code (not to mention the further billions and billions of lines of code
> of the thousands and thousands of other Windows applications.)
> Finding fault with Microsoft for doing the same thing Apple does is
> kind of hypocritical, don't you think?
> > >
> > >
> > >>The
> > >>
> > >>common cliche applies here. Past performance is not an indication of
> > >>future results.
> > >
> > >
> > > But a knowledge of the UNIX internals will tell you it will
> > > be extremely difficult to accomplish.
> > >
> > >
> > >>The main point that I want to get through here is that Apple does take
> > >>you a long way with respect to securing your system. I am extremely
> > >>pleased about that. However, they do not take you all the way.
> Some people don't like to dirty their hands. Some do. Does that make
> one better than another? Or one platform better than another? Of
> course not.
> Let's face it: If one truly wants to be relatively safe in this world
> (there is no perfect safety short of the grave), he must take his
> security into his own hands, and take pro-active measures to protect
> himself, his family, and his data.
> Any man who implicitly puts his trust in a computer program, any
> computer program(such as OS X or Windows XP), is a fool.
> An example: Recently, a friend of mine accessed his Credit Card
> balance via the Web, and found that over $1500 in charges had been made
> against his card for food and lodging in New York City. Thankfully, I
> was his witness to not haveing been in NYC during the period (or in
> fact any period) the charges were made, in addition to which he had
> several independent ways of corroborating his whereabouts on the dates
> in question. So it really only hurts his ego, and not his wallet. But
> it did temporarily interrupt his financial plans.
> Evidently, a hotel cashier somewhere was convinced enough by a computer
> screen that someone who used my brother's name and credit card number
> (obtained who knows how) was in fact my brother, and allowed him to
> charge several days' services at his hotel to a card not truly his.
> > >>
> > >
> > >
> > > Please elaborate.
> > >
> > >
> > >>Regarding responses. Please don't waste intelligent people's time with
> > >>Apple marketing rhetoric. If "OS/X is the number one Unix platform on
> > >>the web" or "Mac users are the most savy users out there". Please back
> > >>it up with respectable sources. Apple marketing is not one of those
> > >>sources.
> > >
> > >
> > > And of course neither are any other companies rhetoric
> > > admissable as evidence.
> So you are going to stop spouting Apple propaganda like a good little
> Nazi from now on?.
> > >
> > > We've had a Mac for two years now and so far I have yet to
> > > waste any money on AV software, spybot removal tools or ad
> > > removal tools that seem to plague M$ users.
> I assure you, money spent on AV/anti-malware software for Windows
> machines is never wasted. It may or may not be wasted for Macs. The
> jury is still out on that one. But every time I have purchased a
> Windows AV product, it paid for itself within 1 month.
> > In the last three years of using Windows some of the time (albiet for
> > nothing of even marginal importance), I have spent exactly $0 on malware
> > removal tools. Of course, it's easier and cheaper for me to simply
> > maintain good backups and restore the system when there's a problem.
> Everyone has their favorite way of handling malware, I guess. It's
> easier for me to maintain a suite of decent anti-malware products than
> it is to have to remove the malware once it gets into my files.
> You say "toh-may-do" while I say "tuh-mah-to".
I say balonee! Outhouse Distress made email dangerous.
And why is it that IT depts. download M$ patches and test
them first on test beds before deployment?
Which leaves their systems open to attack while waiting to
see what breaks first on their test bed.
- Prev by Date: Re: The Myth of the secure Mac
- Next by Date: Re: The Myth of the secure Mac
- Previous by thread: Re: The Myth of the secure Mac
- Next by thread: Re: The Myth of the secure Mac