Re: More on caching and logging

In article <f139rf$u17$1@xxxxxxxx>, nospam <nospamatall@xxxxxx> wrote:

How else do all the 'handy features' like recognising and automatically
syncing your iPod when you plug it in work? If the system can access
these things, then so can an attacker.

Something I guess I'll have to reckon with, I suppose. I don't pay
attention to the inner workings of the Mac. I thought by using Macs I
wouldn't have to be concerned about tech matters. And I never gave a
thought to getting an iPod.

If you want to keep totally on top of everyhting that is happening in
your system try linux. A consumer OS with loads of 'usability' features
designed for non-technical people is not a good tool for anyone with
data they want maximum security for. Macs are the most secure consuer
platform, that doesn't mean they are totally secure. Nothing is.

Thanks for the suggestion. I think I'll take a pass on Linux. I'm up
to my eyeballs as it is with the Mac. OSX has been a challenge.
There's so much going on and so much it can do that I've become
discouraged. Most of the time I use Classic (like now with
YA-Newswatcher 4.1.1, which is almost older than I am :-). I find
AppleWorks to be useful as the spreadsheets and word processing is just
right for me to understand. Linux is not the answer for me because it
would be a lot of work.

Perhaps I'm overreacting because of my interest in caching and logging
being followed immediately by this new phenom. I'd still like Apple to
come out and say that they didn't have anything to do with this, that
it violates the software agreement for whatever version of the OS they
were using, and that it's illegal and anti-competitive if it turns out
that customers lose confidence in the Mac and the OS as a result of
this device.

But the attacker never signed any agreement with apple, so they are not
violating anyhting. Would you like your machine never to cache or log
anything? Then it will stop working.

How do you figure? It may need to do something immediately necessary,
like a cookie that goes away after a session, but I see data kept and
it makes me wonder who gets to use it if I don't? I don't use plists
or log files that I know of, so who does? I don't use crash logs, so
who does and how do they get the data? Through some kind of mining, I
reckon, which someone said is not the case, with software update. Or
with Javascript, which I now have turned off, BTW.

I would think that this group is the right place to discuss this and
not to have people push it aside as if it doesn't affect them.
Anything that affects one Mac user affects us all.

This is valid, but the way you are talking about it is over the top. I
too would be interested to know how it gets the user password. The rest
follows easily from that.

It may be over the top because it feels like I'm under attack, called
names, my questions aren't answered so I have to repeat them, then get
called for browbeating... hokey smokes, this thread has been a real
challenge.

Once in a while at the grocery store I'll walk over next to a woman and
tell her that she's turned her back on her purse in the cart. Nine
times out of ten she'll say "Oh, well, there's nothing valuable in
there." Now it seems as if people who might be experts brush this
matter aside as if "Well, I have nothing to hide" (so who cares if your
computer or mine is mined by someone with one of these devices?). It's
a crazy notion.

A good lock on the door of your computer room would be far less effort
and far more of a security enhancement against this kind of thing. Think
outside the box as well.

I'm close to retiring, which means I might be able to live without a
computer. That may be the ultimate answer for me. I'm thinking about
all of the things I do and try to think of computerless ways of doing
them, or if all of this computing and connectivity and databanking and
security are really what I want for my golden years.

I'm reminded of the red-light changer that's popping up all over the
place. Have you ever started through a light that's just turned green
and it turns red within seconds? Chances are the next car through the
intersection has one of these devices. They're not for public use.
But, just like this new security device, once it's out there, everyone
who wants one will find a way to get it. You know it, I know it, and I
think a thief with one of these devices would quickly realize that real
value of it lies in the personal data, contacts, product plans, lists
of vendors and contacts. Heck, someone could start a business with my
data - it's all right there. And I bought into the Mac because of an
aura of security that no longer exists.

Your machine is far more likely to get stolen completely than to be
subjected to this. If it is really important to you, start reading about
security a lot. Read everything you can find. If this tool makes you
unhappy, then Macs and windows machines are not for you and you have a
long learning curve ahead.

Yes, sadly, maybe I could simply ditch the whole computer thing and go
back to hang gliding. Or go full-time RV'ing/fishing and give a smile
and a snurk when I see the busybodies rushing around with their
notebooks. This could be one of those epiphany things. I had one of
those in Vietnam, so maybe it's time for another.

But as you said before, you wouldn't spend the time to find out, does it
surprise you that people don't take you seriously?

I'm never surprised when people don't take me seriously.

I want to know what those of us who believed in Mac security are
supposed to think or do now in light of this development.

I for one never believed in the kind of security you seem to be alloting
to apple's systems. They have never claimed anything of the sort. In any
case, security is not a matter of trust, but one of knowledge, and that
is not something you get easily.

Makes sense. I appreciate your comments.
.