Posted on 05/30/2005 5:38:27 AM PDT by Swordmaker
Mad As Hell: Metaphor 1.42
---------------------------------------------------
The reason Windows people think they're just as safe is because they're the victim of a propaganda war about the existence of Security By Design. Microsoft tries to play both sides of Security By Design, and most people don't even notice.
When Microsoft (and their apologists) want to explain why they're OS seems to be a miserable piece of technology ridden with problems, they *deny* the existence of Security By Design, and say that the problem is because they are so wonderfully popular. They tell everyone that Security By Design doesn't exist and they'd be safe "if only they weren't so wonderfully popular!" They want you to believe only the gospel of Security By Obscurity.
But when Microsoft (and their apologists) want to explain how Longhorn will be better than the sucky situation now, suddenly Security By Design exists! Alleluia! Suddenly, you hear angels singing lofty ideas about "secure code" and "built with safety in mind". Microsoft leaders and evangelists swear Longhorn is a godsend because "security needs to be part of the design, not a bolt-on". Bill Gates had the chutzpah to tell the BBC that with Longhorn, he can personally promise no more malware ever again! (see http://news.bbc.co.uk/2/hi/business/4516269.stm )
Ha ha ha! Also, Longhorn users will get eternal life. And, umm, a pony!
So that's the story of the propaganda myths of Security By Design. The truth is, and even Microsoft admits it, is that Security By Design is real. And Windows is an old product, poorly designed, repeatedly patched and patched and patched, with an incestuous tangle of subsystems that interact directly with each other and get full access to everything they need whenever they want to.
But, for your readers, how exactly is Mac OS X different from Windows?
It's a long story, but the short version of the story goes like this...
Once upon a time, in a world full of yucky bugs and evil burglars, there was a house named Windows, and it had many doors and many windows. And they were all left open. (These are called "ports" and "services".) All the bugs and burglars in the world could just go right in. Only a few experts know how to close the doors and the experts just couldn't around often enough to prevent lots of bad problems. Bugs and burglars in the house! Bugs and burglars in the house! [Yes, XP SP2 helped this problem, but it's not perfect, and lots of people run other Windows variants]
And even worse, in order to let the townspeople actually use the house, in other words to actually live in the house, Windows was designed to let anyone create new windows or doors whenever they wanted. And you didn't even have to be in the house to create new windows and doors! You could be across town! Or if you read the newspaper, someone in another town could suddenly create problems in your town! [Browsing the Web with Internet Explorer exposes you to hackers across the world because of bugs, and also ActiveX "features"] The great power behind the risk is Administrator Privileges. With this power, it's especially easy to create secret hidden and *permanent* doors (automated self-propagating worms/viruses and spyware) with Admin Privs. And so bad people all over town were creating new big holes in the house every hour! Bugs and burglars in the house! Bugs and burglars in the house!
Some people said "You don't have to give people Administrator Privileges simply to live in the house!" But all those people who said that were geeks and wizards who have special knowledge of how to control big companies. The truth is that if they weren't around to help their mother and grandmother, they would *need* all this power day-to-day (to configure the OS, to install software and drivers, etc). They would all use Administrator privileges because it's too complicated and restrictive and confusing for average folks not to. It's just plain hard to live in the house called Windows like without that destructive power at your fingertips.
And to make it worse for the house of Windows, it was an old house. You see, it originally was a small cottage, but over the course of many years of tubes and hammers and some scrap metal, the house's "walls" today are really weak body armor pieced together over a period of several decades.
Somewhere in town, a bird chirped.
Way across town, there was a house called Mac OS X. In that house, there is exactly one door and really thick strong walls made from rebar and reinforced concrete. Those are called the built-in firewall and a well-designed-and-tested UNIX BSD communications security architecture. No gratuitous doors or windows (ports and services).
It's not impossible for Mac OS X residents to create new doors and windows (opening ports, creating services), but it can only be done carefully in cooperation with whoever is keeping track of the front door and whether it's safe right now (configuring the firewall). And even in those cases, only certain types of objects can come in (opening specific ports) -- no bugs and no burglars in general. No bugs! No burglars!
When the Mac OS X residents were building their house, they realized they don't need to be able to make doors and windows *all* the time -- they don't need Admin Privs.
So the house called Mac OS X is designed that no one can simply just *create* doors and windows whenever they want in a split second on their own. Even the mighty geeks are suddenly prompted for their password, and then they have more power temporarily only, and only for what they are doing right then. This makes it much easier to prevent people from accidentally creating new doors and windows in the house! Also, it makes it harder for bad guests (malware) to create new doors and windows. Also, it makes it harder for to trick the residents of Mac OS X into creating new doors and windows, because the password must be magically said before such destructive big things happen. So, it's harder to create secret hidden and *permanent* doors (automated self-propagating worms/viruses and spyware) to sneak people into the house of OS X. (This approach is called "well-designed and user-friendly Privilege Escalation system and subsystem compartmentalization, while avoiding the *need* for normal average users to constantly wield dangerous Admin privileges". The idea that OS X Admin users don't *actually* wield root/Admin power full-time is often misunderstood, or lied about, by Windows apologists.)
The people living in the house of Mac OS X were happy. They had to keep track of their front door, and had to think carefully before announcing their password when something asked for it, but it was a good house, and a good world.
The people living in the house of Windows were riddled with bugs, and always had mosquitoes in their teeth. And burglars constantly entered their house and took everything, and they usually had 5-10 unwelcome visitors secretly watching them, eating their food, and learning all their secrets (spyware).
At the end of the day, the people in the house of Mac OS X gathered around the dinner table, talking of fun they'd had together as a family that day.
And the people suffering in the house of Windows said to all their friends "Yes, it's an awful life, and our homes are full of bugs and burglars, but it's only because our house's design is really so wonderfully popular!!!"
The End.
JX Bell http://www.jxconsulting.com http://www.jxphotography.com
"Again, I make the point that you're expecting the casual user to adapt to an entirely new OS, hardware package, and software suite, while at the same time assuming they're too dumb to secure their existing system in little time and for no cost."
Again, again and again...it won't make a difference to them. Your point is valid, however, as well as fatal to the notion that even the dippiest Windows user has any reason to switch over to the Mac platform.
This whole issue is essentially moot. Not only are there a huge number of tools available to secure Windows, but users can prevent infection from spyware simply by running a Limited User Account (LUA). Windows Longhorn is going to require that OEMs install LUAs by default. But users don't have to wait for Longhorn to get that kind of capability in XP. Takes about 1 minute to set up a LUA in XP. With limited permissions, spyware can't install itself, access the registry, modify the filesystem, etc. But you're not going to hear this from Mac bigots because they simply don't know how easy it is to lockdown Windows. As you've rightly pointed out, they'd rather that users spent thousands of dollars to replace their hardware and software investments in order to save a few minutes. Ridiculous. It's no wonder people tend to ignore them. They're like Moonies selling flowers at the airport.
Again you weigh in with insults and ad hominem arguments.
Windows Longhorn is going to require that OEMs install LUAs by default.
And WHEN is that going to happen, Bush? Microsoft could start requiring that right now.... as you said, it only takes about a minute to set it up. They just have to include instructions on how to temporarily escalate the user level to let the limited users install software while working in a LUA.
But you're not going to hear this from Mac bigots because they simply don't know how easy it is to lockdown Windows.
And security experts state that 70-80% of Windows users haven't the foggiest idea how to do it... and 90%+ are running their current boxes in Administrator mode and are vulnerable. You might be surprised at the number of "newbie" users I have encountered that haven't even enabled the free anti-virus apps included with their newly purchased computers... or even know its there!
Why doesn't Microsoft at least ship Windows XP with MS Anti-spyware installed and turned on by default?
PS, I ran MS Anti-Spyware last week on a client's computer after installing FireFox... MSAS identified FireFox as a very high risk spyware under the name MozillaFF... and declared it a Browser Hijacker! How many un-aware users will accept the default choice MSAS offered... deletion of the "offending" files? LOL.
He we not calling all windows users clueless, he was saying that someone who is a clueless windows user would find this interesting. Are you denying that there are clueless windows users (the ones who dont use non admin accts, who dont install anti-virus, ....)
Which means that the best way of implementing LUA is by starting fresh in Longhorn.
To help clueless users right?
And you're right there to carry his water. Are you guys roommates, by any chance? No doubt sharing a toothbrush.
Typical b2k attack..
You gotta be frickin' kidding me. I've got over a decade of experience with Macs, and I troublshoot my mother-in-law's windows machine all the time (or should I say constantly)
Protecting your dad from having to "learn" the Mac OS is like protecting a bushman from civilization.
People here where I work need a tan... especially the really white employees
What am I saying there... Am I saying
A) Everyone where I work is white and the all need a tan?
or
B) The white people where I work need a tan?
Horse hockey. Not like I didn't expect you to come back with a comment like this, but so far as people that aren't trying to avoid being confuted go: you're wrong. If it screws up, and we get it to do what it's suppose to, it's fixed. If keeping it from going wrong again requires some archane procedure, its the fault of the OS, not the user. But judging from your demeanor on this entire thread, you would have no problem claiming to own the same axe for thirty years, except three new heads and two new handles.
And as for "exaggeration," hardly. I shouldn't have to do periodic maintenance on my can-opener, no matter how easy it is, and owning a Mac proves to me I don't have to. I don't know about the little old people in your life, but many of the rest of us have old people in our lives that tend to get a bit panicy when something the price of their first car doesn't do what it's suppose to, and no one seems to think that's a problem.
I assumed you'd mistyped "confused" and tried to make a sarcastic comment. Having checked the dictionary, I find "confuted" is a word, and though I disagree with your use thereof, it wasn't grammatically or orthographically incorrect. I apologize and accept public embarrassment for my ignorance, though I still stand by the remainder of my post.
Gee, could it have something to do with supercilious comments like: 1) a Mac is no more functional or adaptable than a can opener and 2) they still cost as much as one's first car. instead of admitting the only people who should be using windows are those that make their living off it.
Of course I've come to expect that level of pettiness from windows wonks... and pre-pubescent girls.
but at least you could admit that the Mac is your platform and you're not necessarily expert on how to handle Windows issues.
Uhm, did ya NOT read my first post? I was quite explicit about being a Mac guy, and I have to wonder if you're being purposefully obtuse about the import of my comment.
Both my mom and my mother in law are windows users, but they can't fix their own problems, so they come to ME to figure out their problems, because I never have any. Hell, I don't know anything but the rudiments, but that makes me a computer geek as far as they're concerned.
The point is if some windows wonk, who's nowhere to be found now, hadn't sold them on frickin' windows to validate his own choice, I wouldn't have to deal with this crap.
You like windows? Fine. I can respect that...but if you will recommend windows to someone you KNOW is a functional illiterate with computers, and KNOW they don't want it for anything but email, web surfing, printing tuna casserole recipes, and digital pictures...ya ought a be horsewhipped.
My ego has nothing to do with it; you are intellectually dishonest.
But rather than admit you don't know how, you malign the entire system. It's nothing to do with Windows; your family wouldn't be able to resolve Mac issues either. It's that you can't take care of their problems based on your lack of familiarity, but that's somehow the platform's fault.
If my family would have bought Mac, there wouldn't BE any issues!
I don't malign the entire system. I was quite specific about who I thought needed to stay away from windows, but you have to conflate (conflate |k?n?fl?t| verb [ trans. ] combine (two or more texts, ideas, etc.) into one : the urban crisis conflates a number of different economic and social issues.) the two in order to justify your petulance.
You're right about one thing though...it's not the platform's fault. It's the fault of all the IT doyens that think nothing of talking little old ladies into buying something they can't reasonably be expected to maintain.
You can continue to tell yourself there's something wrong with me, but I'm not the one who actually said what you have to do to maintain windows isn't worth considering....as opposed to not having to do anything at all.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.