Mad As Hell: Metaphor 1.42

The reason Windows people think they're just as safe is because they're the victim of a propaganda war about the existence of Security By Design. Microsoft tries to play both sides of Security By Design, and most people don't even notice.

When Microsoft (and their apologists) want to explain why they're OS seems to be a miserable piece of technology ridden with problems, they *deny* the existence of Security By Design, and say that the problem is because they are so wonderfully popular. They tell everyone that Security By Design doesn't exist and they'd be safe "if only they weren't so wonderfully popular!" They want you to believe only the gospel of Security By Obscurity.

But when Microsoft (and their apologists) want to explain how Longhorn will be better than the sucky situation now, suddenly Security By Design exists! Alleluia! Suddenly, you hear angels singing lofty ideas about "secure code" and "built with safety in mind". Microsoft leaders and evangelists swear Longhorn is a godsend because "security needs to be part of the design, not a bolt-on". Bill Gates had the chutzpah to tell the BBC that with Longhorn, he can personally promise no more malware ever again! (see http://news.bbc.co.uk/2/hi/business/4516269.stm )

So that's the story of the propaganda myths of Security By Design. The truth is, and even Microsoft admits it, is that Security By Design is real. And Windows is an old product, poorly designed, repeatedly patched and patched and patched, with an incestuous tangle of subsystems that interact directly with each other and get full access to everything they need whenever they want to.

Once upon a time, in a world full of yucky bugs and evil burglars, there was a house named Windows, and it had many doors and many windows. And they were all left open. (These are called "ports" and "services".) All the bugs and burglars in the world could just go right in. Only a few experts know how to close the doors and the experts just couldn't around often enough to prevent lots of bad problems. Bugs and burglars in the house! Bugs and burglars in the house! [Yes, XP SP2 helped this problem, but it's not perfect, and lots of people run other Windows variants]

And even worse, in order to let the townspeople actually use the house, in other words to actually live in the house, Windows was designed to let anyone create new windows or doors whenever they wanted. And you didn't even have to be in the house to create new windows and doors! You could be across town! Or if you read the newspaper, someone in another town could suddenly create problems in your town! [Browsing the Web with Internet Explorer exposes you to hackers across the world because of bugs, and also ActiveX "features"] The great power behind the risk is Administrator Privileges. With this power, it's especially easy to create secret hidden and *permanent* doors (automated self-propagating worms/viruses and spyware) with Admin Privs. And so bad people all over town were creating new big holes in the house every hour! Bugs and burglars in the house! Bugs and burglars in the house!

Some people said "You don't have to give people Administrator Privileges simply to live in the house!" But all those people who said that were geeks and wizards who have special knowledge of how to control big companies. The truth is that if they weren't around to help their mother and grandmother, they would *need* all this power day-to-day (to configure the OS, to install software and drivers, etc). They would all use Administrator privileges because it's too complicated and restrictive and confusing for average folks not to. It's just plain hard to live in the house called Windows like without that destructive power at your fingertips.

And to make it worse for the house of Windows, it was an old house. You see, it originally was a small cottage, but over the course of many years of tubes and hammers and some scrap metal, the house's "walls" today are really weak body armor pieced together over a period of several decades.

Way across town, there was a house called Mac OS X. In that house, there is exactly one door and really thick strong walls made from rebar and reinforced concrete. Those are called the built-in firewall and a well-designed-and-tested UNIX BSD communications security architecture. No gratuitous doors or windows (ports and services).

It's not impossible for Mac OS X residents to create new doors and windows (opening ports, creating services), but it can only be done carefully in cooperation with whoever is keeping track of the front door and whether it's safe right now (configuring the firewall). And even in those cases, only certain types of objects can come in (opening specific ports) -- no bugs and no burglars in general. No bugs! No burglars!

When the Mac OS X residents were building their house, they realized they don't need to be able to make doors and windows *all* the time -- they don't need Admin Privs.

So the house called Mac OS X is designed that no one can simply just *create* doors and windows whenever they want in a split second on their own. Even the mighty geeks are suddenly prompted for their password, and then they have more power temporarily only, and only for what they are doing right then. This makes it much easier to prevent people from accidentally creating new doors and windows in the house! Also, it makes it harder for bad guests (malware) to create new doors and windows. Also, it makes it harder for to trick the residents of Mac OS X into creating new doors and windows, because the password must be magically said before such destructive big things happen. So, it's harder to create secret hidden and *permanent* doors (automated self-propagating worms/viruses and spyware) to sneak people into the house of OS X. (This approach is called "well-designed and user-friendly Privilege Escalation system and subsystem compartmentalization, while avoiding the *need* for normal average users to constantly wield dangerous Admin privileges". The idea that OS X Admin users don't *actually* wield root/Admin power full-time is often misunderstood, or lied about, by Windows apologists.)

The people living in the house of Mac OS X were happy. They had to keep track of their front door, and had to think carefully before announcing their password when something asked for it, but it was a good house, and a good world.

The people living in the house of Windows were riddled with bugs, and always had mosquitoes in their teeth. And burglars constantly entered their house and took everything, and they usually had 5-10 unwelcome visitors secretly watching them, eating their food, and learning all their secrets (spyware).

At the end of the day, the people in the house of Mac OS X gathered around the dinner table, talking of fun they'd had together as a family that day.

And the people suffering in the house of Windows said to all their friends "Yes, it's an awful life, and our homes are full of bugs and burglars, but it's only because our house's design is really so wonderfully popular!!!"

I will remind you, little man, of your comments at the beginning of this thread:
"The comments on the Blog are interesting too... especially the clueless Windows users."

Windows users are clueless when they comment negatively on something they know nothing about. Do you accept that as an insult to you? Did you comment on that Blog? No, probably not.

Therefore, my statement stands... I have NOT insulted you.

Bush, there is a world of difference between attacking ME personally with denigrating comments such as "little man" and a general commentary about some posters on another thread. I made a judgment of the level of their comments as being clueless. YOU use an insulting term to address me personally absent any knowledge of me. That is ad hominem attack and a fallacious argument methodology... not to mention it won't win you any friends.

That said, the rest of your post is fairly reasonable. Of course your viewpoint (and apparently Microsoft's) will condemn all newbies for the next year and a half to security hell.

I do disagree with the following...

Considering FireFox's current rate of vulnerability, it is very high risk spyware.

That is just idiotic. If that is the case, then Internet Explorer is FAR more of a risk.

My analogy to a can-openner is adeqate to communicate the desireable operating characteristics of an appliance

But not those of a computer, which was my point. I got a little zinger in; sorry that offended you.

If my family would have bought Mac, there wouldn't BE any issues!

That's the arrogance and dishonesty that I think rubs so many Mac-heads the wrong way. It can't be "I like my way better," it's "Macs are flawless and failure-proof, and people who recommend anything else should be 'horsewhipped' (your word)."

And no one has to "push" Windows. It's already a universal standard, versus Apple struggling for 3% market share. The only thing being pushed here is the notion that it's easier for the average user to buy all new hardware and learn a new non-standard OS than it is to secure Windows at little difficulty and zero cost.

Speaking of which, is "right-click" unfamiliar or has Apple finally figured out how to fit more than one button on a mouse? ;-)

Right click work also so long as the word is highlighted... but it takes a second longer longer because Right Clicking returns the entire definition, not just the quick basic definition in a pop-over window that disappears when you click again the other method provides instantly. With that method, if you want the entire definition, you can click on "more" or if you want synonyms of antonyms, change to the thesaurus option with a click.

The Apple mouse still has only one mouse button. However, Apple has supported multiple button mouses for years... plug in almost any pointer input device and they work - no need to install drivers or any of that stuff. True Plug and Play.

But not those of a computer, which was my point. I got a little zinger in; sorry that offended you.

Yes that of a computer. Gainsaying doesn't change fact, pal. Car doors lock by pushing a single button. Can you lock up your windows machine by pushing a single button? Any other answer but "yes" means you've been lying; answering "yes" means you ARE lying. And your "zinger" is right up there with Bob Bechel once again working in "Bush was selected, not elected" for cleverness.

... That's the arrogance and dishonesty that I think rubs so many Mac-heads the wrong way.

I'm assuming you mean to say that's what rubs windows people the wrong way about Mac-heads. But where is the arrogance and dishonesty? What part of "just works" don't you get? You've already admitted you don't know Macs, so who are you to call me arrogant and dishonest when I say there wouldn't be any problems.

I've run into your type before, and interestingly enough, it was over cars.

Back in the eighties and ninties many of the old timers I work with just refused believe toyotas would go a hundred thousand miles without anything breaking. I'd tell them my experience, and that of damn near everyone else I know that owned one, but they simply refused to believe it. Well it's not so unbelievable now, is it?

I bought my first Mac in 1989, and in all that time I've never had a single, not one, corrupted file. Can you say that about your windows machine? I've never lost the a single piece of data to a crash. Can you say that? I've never had to re-install a program because it wasn't working correctly. Can you claim the same? Now I'm not going to claim the service I've gotten out of Macs is completely trouble free, but I am going to claim every incidence of trouble I have had was not because the Mac did something it wasn't suppose to do. If you're on the level you say you are I know you can't say the same thing.

Windows isn't the universal standard because it's good. It's the universal standard because it's what the witch doctors know. Guys like you are living proof of Planck's Dictum: major advances in science occur not because the proponents of the established view are forced by the weight of evidence to change their minds, but because they retire and eventually die."

I didn't really get where you were going with the car door analogy. Yes, it is possible to lock up a Windows machine, just like any other computer. I never said otherwise. But you appear to claim that it is not possible to do so with a Mac, which is what I called arrogant and/or disingenuous. I have no interest in Macs now, but when I worked on them as a tech in the mid-90's they most certainly did crash, get viruses, etc. So they certainly haven't been perfect since 1989, and that sort of disingenuity doesn't incline me to believe that they're perfect now.

You can continue to believe that "one day" there'll be a Mac revolution and your preferred system will ascend to dominance. Mac-heads have been waiting on that for twenty years. Despite what you may think, there are valid reasons to dislike Macs, and your 2.9% market share is not a result of evil techies lying to their eldery family for no good reason.

I didn't know that - very Windows-like ;-) That one-button thing was always one of the things I disliked about Macs.

I prefer to use a five button wheeled trackball... but I am not too sure that Apple made the wrong decision when they went single button on their mouse user interface.

I used to take people completely unfamiliar with computers (literally homeless people off the streets in some cases) and train them to use a database I designed for an emergency Food Bank. The database ran on Macs. (Classic - OS8) Some of the Macs on the network had single button and some had two button mouses... INVARIABLY, I had the most problem training these newbies on the two button mouses... while those who were on the one button learned much quicker. I could usually turn them loose to do interviews after two hours... but the two button trainees took at least twice as long!

(By the way, the best way to get these REALLY new users used to the idea of a pointing device was to let them play solitaire on a computer for about a half an hour!)

I finally pulled all the two buttons meese and tossed them and installed only one button mouses. Problem solved. I no longer heard "oops, wrong button." or "Hey, which button do I click (push, poke, press)???" or "What happened?! Where'd it go!?" or "Damnit!". (or worse language).

Incidentally, that database is STILL running, ten years later, still tracking the large database of clients, donors and their donations. In fact, it is still running on several Mac PowerMac 6100s (accelerated with G3s) It took me a year to "idiot" proof it... and I had a lot of guinea pigs to test it on... it was amazing what they could do that I had to fix.

One of the things I learned working with these people on the fringes of society is that there are GOOD reasons why some people are unemployed.

One year a group of homeless people offered to paint the Food Bank's reception area. I bought them paint, brushes, rollers and left them to it. When I came back I found they had painted everything... including the clock hanging on the wall (but not the wall under the clock) so that the dial could no longer be seen! The guy "supervising" this paint crew asked to be trained on our interview computers so he could be an interviewer... surprisingly, although he had never touched a computer before, he was interviewing in less than an hour and became one of our best interviewers. Just don't put a paint brush in his hands... very dangerous.

I have no interest in Macs now, but when I worked on them as a tech in the mid-90's they most certainly did crash, get viruses, etc. So they certainly haven't been perfect since 1989, and that sort of disingenuity doesn't incline me to believe that they're perfect now.

Turbo. The mid-90s Mac and OSX have no code in common.

But even then, the total number of OS1-9 viruses for the Mac number less than 50 (counting varients - 114). In 1997 a Swedish company offered a 100,000 Kroner ($16,500 US) prize for any hacker who could alter a web page running on a PowerMac 8500/150 straight out of the box. The Crack-a-Mac Contest went for two months... and the prize money was never won despite thousands of attempts.

Or you might want to read this article from 2003:

Mac Viruses By The Numbers - Word Macro: 553, Classic Mac: 26, OS X: Zero

Were now two years farther along on the development of OSX... and the count of OSX viruses is still ZERO.

No one has said the Apple Mac or OSX is perfect... just that the combination offers a safer and more enjoyable computing experience than the other alternatives.

Yes, it is possible to lock up a Windows machine, just like any other computer. I never said otherwise. But you appear to claim that it is not possible to do so with a Mac, which is what I called arrogant and/or disingenuous.

I have been using Mac OSX since the first day it was released. After it reached OSX.1, I have NEVER seen a system crash or lockup. I am a power user, often running as many as 50 apps at the same time... occasionally, an app will cease responding... but it is easy to force quit and restart it without impacting any other running app or the system. I have diligently tried to crash my system and have failed miserably.

One of my clients called one day to report one of his seven OSX Macs had frozen. It had... the hard drive had failed (it literally let out the magic blue smoke). I put in a new harddrive, re-installed OSX, dragged an Applications folder from a backup DVD I had burned months before to the new HD, and it was back on the network in 45 minutes. His office network of seven Macs has been running for four years with no firewall, no anti-virus, no anti-spy or adware and until this failed HD, no problems. The only time the computers were restarted was after an OS update.

Uptime is what counts. MI2G, a Computer Security Consulting firm working with major banks, reported in November 2004 ,that:

"When applying the benchmark of Uptime on the full sample of permanently connected 235,907 machines, the mi2g Intelligence Unit found that the only computing environments left standing without the need for a single reboot at the end of the 12 month period were either BSDs or Apple Mac OS Xs."

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.