Posted on 06/09/2010 4:02:59 PM PDT by KevinDavis
What I've seen asked for consistently is "in the wild" and "self-propagating," what Windows has had thousands of times over.
Nobody denies that *a* specific computer can be hacked given enough time, resources and effort. Nobody denies idiots purposely install pirated software acquired through P2P (ignoring the OS's protections) only to find out that it's a trojan. Of course given the large number of Macs out there, even those instances are limited. Sure, there have been viruses and worms. But those are made by Mac antivirus-companies looking for business, and they never succeed in the wild due to propagation difficulties on the system.
What I'd also like to know is where the Mac botnets are. There are 50 million of them out there, mostly unprotected. Getting a tenth of them would make for a rather big botnet. And getting a tenth of a population is doable given poor-enough security. SQL Slammer infected 90% of all vulnerable systems (75,000 systems) in under ten minutes. The only thing that slowed it down was that it crashed the networks under its load.
So if Windows is so vulnerable why have I never been attacked by one of these self-propogating viruses that require no user interaction? The way you describe it it sounds like I’m probably getting infected right now.
I mean if windows was so vulnerable I’m bound to have had at least one attack on my many machines that I leave online all day long or one of my work machines. But yet I’ve had none.
SQL Slammer...was that a Windows vulnerability or SQL vulnerability? Last I checked it was an application. So I can install an application on a Mac that could be exploited and then you’d say the Mac wasn’t exploited it was the application.
So please try again.
And Verizon could just as easily have screwed up. Sure, incidents like this you keep in mind when it comes time to renegotiate the contract, but otherwise you can't blame Company A when Company B screws up. The fact that Microsoft idiots will upgrade a SAN with no backup in place does not reflect on the ability of T-Mobile to properly run a SAN. It makes T-Mobile look bad to customers, but still, no reflection on their technical side for people who know what happened.
That you haven't doesn't mean millions of others haven't.
SQL Slammer...was that a Windows vulnerability or SQL vulnerability? Last I checked it was an application.
I used that as an example of how a much smaller population than the Windows base will be targeted and can be infected very quickly. This shows that a significant portion of a population can be infected. It was also so you couldn't use the disproven argument that Macs are not targeted because of the smaller installed base, thus the reason for the lack of active viruses and worms.
Sure you can. In fact, there are even laws to allow you to do so. For example, if Hasbro makes a toy that is sold to you via walmart you can sue Hasbro AND walmart (of course it depends on the state, but this is common in many states).
meant to say makes a Toy that harms you or your child.
1. The complaint is obviously about support for a third-party application that is running in a VM, not stated as Microsoft.
2. If you knew anything about .NET, you'd know that a ".NET runtime error" means a problem with an application written for .NET, not a problem with .NET itself.
Paranoid much?
But why on earth would you use an example that doesn't fit your rules? Ah I know...hypocrissy.
How does that prove anything about the smaller install base? SQL is installed on a ton of Windows Boxes. In fact, I bet the amount of SQL instances out there dwarfs the number of Mac users (just a gut instinct though).
and what on earth does VMWare have to do with this thread? Like I said they had to bring .NET (WINDOWS) into this. Sure they didn’t point out the obvious that it was most likely user code that was failing and it was left the typical macbot thinking...”He he windows fails again”.
Afterall that’s the point...we are stating macbots say mac is foolproof. But then again when I see most of the mac users are nothing but fools I guess it really isn’t (I guess it’s an oxymoron).
You're talking about overall liability, and also consumer perception, business relationships. But that's not what we're talking about.
Does AT&T's lack of security reflect poorly on Apple's ability make secure products itself? No. Apple didn't do it. Simple fact is, AT&T was giving out AT&T customer information.
There are no exploits found, that is the thing. Sure, you get some security software company that says they have found a vulnerability in a lab, but...you never see it in the real world.
That is the point a lot of mac advocates make...sure, there may be exploits out there, just like there are sharks in the ocean, but...if they aren’t biting or killing people, so what?
Your assertion of “what an exploit means changes” is irrelevant. What is relevant and meaningful is that there aren’t any out there torturing the users in the way they are on Windows. We can discuss WHY that it so, but we cannot dispute the absolute reality of that. It exists.
I don’t think breathless claims like this one help the anti-mac fanatics either. It makes them look silly, in my opinion.
You and I are on the same page, we don’t disagree.
Goatse Security and GNAA are basically 4chan.
And what is Apple to do about that? Sprint and Verizon utilize CDMA rather than GSM. In order to sell the iPhone and iPad on Sprint and Verizon networks, they would require a major revamp. Whereas, the majority of carriers in Europe and elsewhere use GSM, which conveniently, in the United States, only two major carriers use. AT&T and T-Mobile. T-Mobile has a smaller network than AT&T in the U.S., and Europe does not have AT&T. Hence, Apple went with AT&T in an exclusivity agreement because their devices supported GSM rather than CDMA.
It’s easy to see why AT&T was the preferred choice for the exclusivity agreement. Although T-Mobile should have also have been contracted for the phone.
Stop blaming Apple for having an exclusivity agreement and shutting out Verizon and Sprint.
I wrote an OS myself. It’s probably got all kinds of security holes that have yet to be exploited. But hey as you say...since the sharks aren’t biting who cares, right?
Using your analogy...we know sharks will eventually bite especially when provoked or under the right conditions. So I don’t recommend going and swimming with sharks and those idiots who try it find out what happens. In fact look at what happens when someone gets paid to hack a mac:
http://www.macnewsworld.com/story/57038.html?wlc=1276184178http://www.theregister.co.uk/2008/03/19/pwn2own_contest_returns/
I really don’t need to post all the times someone was paid to hack OSx and was successful do I? This just proves the point that it’s not worth the effort (yet) for hackers in the real world to start writing spyware and such for mac users. Although it’s getting there as now even Valve is releasing games on Steam. So Mac is growing (some for legit reasons and others for false sense of security). And those buying it for the false security will have a rude awakening, but at that point it will be a pyrrhic victory for the those that said this would happen.
Oh and this is interesting as well:
http://www.zdnet.com/blog/security/mac-versus-windows-vulnerability-stats-for-2007/758
This article from way back in 2005 pretty much still applies today: http://www.zdnet.com.au/mac-community-must-wake-up-to-security-139210762.htm
It’s not that much harder to make a CDMA phone. But as you said why shut out T-Mobile? They could have captured both Europe and US with T-Mobile.
They are. T-Mobile is the contracted provider of the iPhone in Europe.
Exactly so they could easily use them in the US. But I could really careless who they chose as thier provider in the US. The point is since they have a single partner in the US with no options for their consumer other than that partner they are liable for the security of that partner.
I understand what you say, but again, that isn’t really the point.
You and I can both nod our heads vigorously in agreement that there are vulnerabilites in OS X or (insert your OS here) and there are all kinds of devious ways to get in, especially on a system that has been set up on a network by someone who doesn’t really know what they are doing.
But it isn’t there in the real world. You cannot argue that point. Maybe it will be, and I am sure there are a lot of people who will be jubilant that “those arrogant mac users are getting theirs”. If that floats someone’s boat, then...well, that’s their approach to life, not mine.
I use a Mac, and don’t use virus protection. When viruses and malware eventually hit, you know what? I’ll just dust myself off, purchase some malware/virus protection and go on from there. I’ll be thankful that the last twenty five years I have owned a personal computer have been 99.99%free from viruses and malware, but the good times will be over.
I personally would love it if Windows users DIDN’T have their PC’s mangled constantly by crap like that. I wouldn’t feel disappointed their systems work well, I would be overjoyed. Of course, my brother’s business (which I work in one night a week in addition to my sysadmin job during the day) would likely go downhill since he probably gets 70% of his revenue from cleaning infested PC’s.
But you know what? That would probably make my brother happy. He likes it when people’s PCs WORK for them. I like his attitude.
It would be great if we all felt that way, particularly the slimy cocksu*kers who write that destructive crap. But that isn’t the real world.
Self-propagating, in the wild, small population, high infection rate. It can happen. That it hasn't happened on the Mac shows a relatively secure operating system, not because of a lower installed base.
How does that prove anything about the smaller install base?
You didn't read? SQL Slammer infected 90% of vulnerable systems, it infected 75,000 (maybe as many as 100,000) systems. You do the math from there. SQL Server is an expensive business platform, no way are there tens of millions of installs. As far as MSDE, vulnerable test computers set up later showed no updates available from Windows Update. IOW, every computer where MSDE was installed and port 1434 was open was vulnerable. Given that MSDE is mainly installed on home machines (never by default, as part of a software package), and that most home users don't block ports, that would mean most of the population was vulnerable. I'll easily give you over 100,000 installations, even a million, but no way enough to dwarf the OS X installed base.
And if you want to get particular and argue about the installed base, I still have a much smaller example for you, 12,000 vulnerable installations of a far more obscure product, and all of those were controlled by computer security admin types.
Basic fact: Installed bases much smaller than that of OS X are targeted and are effectively attacked in large numbers.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.