Computer Security Still Totally Inadequate 452
Several news sources are running articles detailing the lack of computer security on all platforms. Symantec foretells a dark future for Firefox and Mac users describing their security as a "false paradise". Kernel developer and Red Hat fellow, Allan Cox stated in his recent interview with O'Reilly that "even the best systems today are totally inadequate". He goes on to say that "We are still in a world where an attack like the Slammer worm, combined with a PC BIOS eraser or disk locking tool, could wipe out half the PCs exposed to the Internet in a few hours," Cox said. "In a sense we are fortunate that most attackers want to control and use systems they attack rather than destroy them."
Symantec, eh? (Score:5, Funny)
Re:Symantec, eh? (Score:5, Funny)
No, they have one... they found it in some book, written by some guy named Agrajag. Works much better for them than it did for him. Funny that.
""Do not worry, Arthur Dent. Be afraid. Be VERY afraid.""
How many NAV copies sell on Linux? (Score:2, Funny)
Re:Symantec, eh? (Score:3, Funny)
http://img375.imageshack.us/my.php?image=hoff1os.
Re:Symantec, eh? (Score:5, Insightful)
That's the main problem with these viruses, they DON'T only affect microsoft products.
OSX Virus (Score:3, Interesting)
Re:OSX Virus (Score:4, Insightful)
The primary problem with OS X is the indiscriminate use of the administrative password. Mac users are so used to typing in that password that if an installation ask for it the user automatically types it in. Instant root-kit installation. Now, let's see if Symantec, with all their ridiculous doom and gloom crap, detects it.
Re:OSX Virus (Score:5, Insightful)
Re:OSX Virus (Score:5, Insightful)
That assumes the Mac user knows the admin password. In a business or school environment the password could be kept only by a few administrators and in a home the parents could keep it. Everybody else is just an ordinary user and the computer is therefore safe from any attack that needs adminsistrator access.
In Windows that is much harder and often impossible to do, because so much software for mostly stupid reasons will not run correctly if the user is not an adminsitrator.
Restricting users like this would go a long way to reducing the spread of malware. Only those clueless computer users that are running as as adminsitrators could be affected if they type in their password after they have downloaded something from the Internet.
Unlike Windows, there are NO known exploits that can come over the Internet that DON'T require some action on the part of a user. If the action involves an unknown admin password, then that stops the nast stuff right then and there.
Re:OSX Virus (Score:3, Informative)
It's not FUD.
I work in a small OCR shop. We scan alot of legal documents and convert them to PDF using Adobe Capture (not my choice, I prefer OCRShopXTR).
Capture, both the OCR and scanning components, will either refuse to run or keep crashing if not run as an administrator. Same goes for Kodak's scanning software (which is, incidentally, some of the worst and most user-unfriednly software I have ever
Re:OSX Virus (Score:3, Insightful)
The only way you can even come close to calling this FUD is by rescoping the problem to school/business. Half the games my kids get for Christmas can't run without admin privs. It's why my kids have administrative accounts eve
Re:OSX Virus (Score:3, Insightful)
Re:OSX Virus (Score:5, Insightful)
Re:OSX Virus (Score:2, Insightful)
The article's point is that as "alternative" (read non-MS) OSs and browsers gain popularity, they will garner proportionately more attention from crackers. The "dream world" they speak of is the notion that certain products are more secure because there are less attacks launched against them.
Not that I agree with TFA, but the point it is trying to make is that because these products have fewer deployments they are a less juicy target for crackers (opportunists). That will c
Re:OSX Virus (Score:5, Insightful)
So am I, but I don't kid myself the lack of OS X viruses is because of something in the OS making them impossible (or even difficult) to create.
Re:OSX Virus (Score:3, Informative)
I don't kid myself the lack of OS X viruses is because of something in the OS making them impossible (or even difficult) to create.
Actually, I think it is pretty difficult to create an internet worm or virus that will infect OS X machines and propagate. Some of this is due to circumstance and some of it is due to a better design. Circumstantially OS X machines are still not common, so any worm or virus that wanted to quickly spread to them would have to be cross-platform or very intelligently targeted. E
Re:OSX Virus (Score:2, Insightful)
There are no viruses out in the wild for OSX.
Come on, Mr. Anonymous Coward - if you have proof, then post it!
Re:OSX Virus (Score:3, Insightful)
That is such an old saw which sounds like a broken record. If I had the money, I'd offer $100K to the first person that can infect a standard OSX Mac over the Internet with a self-replicating, spreading malware without requiring user interaction such as entering a password. That also goes for turning such a Mac into a remotely controlled zombie. In business and schools as well as in many homes, the admin passwords could be kept away from most users.
There are uncountable Windo
Re:OSX Virus (Score:3, Insightful)
Comment removed (Score:5, Funny)
100% Not so!! (Score:2)
What is to say the guy who designed the safe didn't install a back-door!
Re:100% Not so!! (Score:5, Funny)
Re:Three Steps to 100% Computer Security (Score:3, Funny)
Symantec Security Software (Score:5, Insightful)
Re:Symantec Security Software (Score:5, Informative)
If you need more then switch to Linux.
Re:Symantec Security Software (Score:3, Interesting)
I rather liked the article a few days ago that suggests allowing no code to execute unless first added to a whitelist
Re:Symantec Security Software (Score:3)
The only thing I find amazing is that a large number of people somehow find it okay that their systems are broken enough by default that it's reasonable to think you need some ad
Re:Symantec Security Software (Score:3, Insightful)
So much for the legendary robustness of $ALTERNATIVE_OS, then. If Linux or MacOS X is so much better designed than Windows, how can some anti-virus software destabilise the system as you desc
McAffee is even worse (Score:5, Interesting)
I once got a computer virused intentionally. (That was the only Windows virus I ever got, btw, so if anyone wants to start with the canned "Windows has viruses, use Linux instead" answers, spare your breath.) I was installing Windows 2000, had no firewall handy, and thought I'm too lazy to go buy a firewall or go burn Zone Alarm on a CD on someone else's computer. Also, I didn't know yet that I could just activate the built-in poor-man's firewall (yes, you can tell Windows 2000 to not allow incoming connections) to stay safe until I download the updates and a firewall. So, anyway, I thought I'd let it get virused while I download the firewall, then format and reinstall. It's not like 20 minutes extra are a major catastrophe.
So predictably it does catch an RPC buffer-overflow virus while downloading Sygate Personal Firewall. Then I block it from connecting to the network and play with it a little. It got me curious.
You know what was sad? It actually slowed the computer a lot less than Norton. You know what's sadder? Installing Norton and running a full scan didn't catch it anyway. It just slowed down the computer some more.
But still, Symantec isn't _the_ worst. Try McAffee sometime if you're masochistic. Not only it was even less efficient and slower, but also had such gems as:
- needed IE to download its updates, because it used some ActiveX crap, but it was too stupid to just launch IE, then. It launched the default browser, in this case Opera, and then couldn't get itself updated. That sad.
- it was installed on D: but the updates proceeded to install themselves in the default directory on C:. Worse yet, I wasn't just left with just an extra copy on the hard drive, but had two versions running in RAM at the same time.
- this got even funnier later when I uninstalled it, because one of the two versions remained installed and auto-loaded. I had to edit the registry to stop it. (If you thought only spyware has to be removed that way, McAffee is obviously the counter-example.)
- their "privacy" protection basically did nothing but try to protect me from cookies, including temporary login cookies on web sites. I suddenly couldn't use any sites that required login. Not even in a consistent and predictable way. E.g., Gamespy's Fileplanet got terminally confused and different pages thought that I was logged in and not logged in at the same time.
And so on and so forth. That was a rather non-funny experience.
why firefox will never be so bad as IE has been (Score:5, Interesting)
2. Automatic updates
The nightmare IE/windows users have suffered for years is pretty much derived from these two points.
BTW, gotta love how the IE guys [msdn.com] are adding a "new" feature to IE7:
Building on the security features released at beta 1, upcoming new features will include ActiveX Opt-in: To reduce the attack surface and give users more control over the security of their PC, most ActiveX controls (even those already installed on the machine) will be disabled by default for users browsing the Internet
I already can read the press: "IE7, with new ActiveX Opt-IN technology which protects you from the threats of the Internets"
it's amazing how they're trying to get rid of one of their major security mistakes by converting it in marketing crap. "IE7 adds activex opt-in". No, IE7 doesn't "add" that feature. It just removes/limites a already existing feature
And that is why you'll continue to see these. (Score:5, Insightful)
From TFA: And that statistic means absolutely nothing. Simply counting the vulnerability ANNOUNCEMENTS does not tell you anything about the vulnerabilities themselves.
Is a vulnerability that causes FireFox to crash the same as a vulnerability that automatically installs an ActiveX control? Nope.Yeah. Whatever. How about you do a survey and find out how many FireFox machines have been compromised via FireFox? Huh? How about that?And he has determined that
Seems to me that IE's still being hit by spyware and such crap. Or didn't he mean those attacks?"We sincerely thank the person who killed our daughter because it makes us appreciate our son so much more now." Does that make sense to anyone?Hmmmm, Symantec sells anti-virus software and the like.
Macs don't seem to be having massive virus/trojan/worm problems.
Something doesn't look right.When "emerging" becomes "successfully attacked and cracked" it will become an issue. Until then, the "threat" is purely theoretical.Again, it isn't the number of vulnerabilities, it's how they can be exploited.
Yet I keep seeing references the the NUMBER of vulnerabilities announced.#!
cd /
rm -R
Oh my GOD!!! It's a trojan that is designed to exploit the bash shell on LINUX!!!As does my example with regards to bash and Linux.
It isn't whether someone can write a virus/worm/trojan. It's whether they can get such onto your box.Why "away from"?
Aren't they also the top target on the desktop?
How about "As well as the desktop, Microsoft's enterprise apps are targets for attack"?
Nothing but more crap from a vendor who's seeing their gravy train getting ready to leave the station on its last run.
Re:And that is why you'll continue to see these. (Score:3, Interesting)
Are you really sure that they are serious about security? [com.com] Looks like they have some leach like qualities themselves!
Re:And that is why you'll continue to see these. (Score:3, Insightful)
Sort of, except I'm not willing to stipulate that Symantec is in the business of security. I think they deal more in the field of "security perception management".
Witness "Symantec Internet Security Suite", with a bunch of sub-standard crapware that breaks just about every machine it touches. Even if Windows becomes completely secure, Symantec will move to a "VoIP Security Suite" or a "IM Security Suite", or "$BUZZWORD Se
Opt-In ActiveX is the best IE feature, ever (Score:5, Informative)
MS has made a huge mistake when IE 4.x-6.x relied on CATID_SafeForScripting/CATID_SafeForInitializing COM component categories to make decisions whether it's safe to use the COM component from a JavaScript/VBScript.
CATID_SafeForScripting is not needed when the COM component is accessed from a stand-alone
IE has a kill bit [microsoft.com] feature which allows disabling certain scriptable COM components based on their GUIDs. And most IE security fixes are, in fact, just registry updates adding more of those "kill bits".
Examples: http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/bulleti
http://www.microsoft.com/technet/security/Bulleti
http://www.microsoft.com/technet/treeview/?url=/t
Re:Opt-In ActiveX is the best IE feature, ever (Score:3, Informative)
Re:Opt-In ActiveX is the best IE feature, ever (Score:2, Insightful)
However, if malware ever gets installed and gains admin access, it is quite pointless to defend against it.
Even the new IE7 opt-in system is going to be fooled - but *until* your system is rooted, you are in control of the COM components that can be used against you - and that's the point.
Re:why firefox will never be so bad as IE has been (Score:2)
Windows Server 2003 already have this "feature". Actually, what they did was increase the restrictions in the "Internet" security zone, and *presto!* And you can't even download on this zone by default. Even Windowsupdate requires you to add it manually to the "trusted sites"
Re:why firefox will never be so bad as IE has been (Score:2, Insightful)
This is reasonable on servers, but too restrictive to put that in Vista.
The ability to control (and disable by default) the loadable COM components without the Registry Editor (browsing through 1000's of COM GUIDs) is new in IE7, and that is a welcome improvemen
A corporate IT disaster (Score:2)
Re:A corporate IT disaster (Score:2)
Duplicate Link Checker (Score:5, Interesting)
the best systems today are totally inadequate-not (Score:5, Insightful)
We are still in a world where an attack like the Slammer worm, combined with a PC BIOS eraser or disk locking tool, could wipe out half the PCs exposed to the Internet in a few hours
Well, actually, I wonder what percentage of PCs are currently infected with malware? I'd guess way more than 50%, and the world hasn't come to an end. Actually, it would probably be a good thing if the hypothetical disk-erasing worm would come along -- it would probably prompt a lot of dumb users to make backups, take some basic security precautions, and maybe consider switching from MS-ware to more secure OSS.
Allan Cox, huh? (Score:5, Funny)
I'm delusional (Score:4, Interesting)
I have been happily living in a "false paradise" since 1984 using Macs.
P.S. Fair disclosure I was laid off by Symantec when they bought Fifth Generation Systems in the early 90s.
Re:I'm delusional (Score:5, Informative)
Number of PC viruses in 2004: 30
Number of Mac viruses ever:26
Do the math. Oh, and most of the stuff that SAM flagged...
MS Word macro viruses: 533
Sources:
Mac Viruses by the numbers [macobserver.com]
30 PC viruses played havoc in 2004 [rediff.com]
Symantec is crying wolf again (Score:5, Interesting)
They have been pulling this kind of thing for years, predicting floods of malware on Palms, Pocket PCs, mobile phones, and I'm sure that game consoles and internet connected coffee machines will be next.
I'm glad they're working on the problem, so if it ever happens that Apple pulls a stupid trick like ActiveX they'll be there, but in the meantime more people have lost data due to false positives from antivirus software on these platforms than have lost data to actual viruses... so I'll steer clear and take everything they say about it with a grain of salt.
what's real? (Score:5, Insightful)
Our most effective viruses will be the ones that allow the system to live long enough to spread the virus, and as soon as it can't spread it anymore, or the rate of infection drops below a certain level, the self destruct button can be hit. Allowing maximum transfer, and then maximum destruction.
In the time between these two phases human interference should be able to pick up the CPU/network drain. (Or perhaps a software developer can make a program that realises when cpu usage + network activity is uncontrolled.)
Re:what's real? (Score:5, Interesting)
1) You are trying to keep the virus active indefinitely, or...
2) The virus requires a significant amount of time to saturate the population.
If the writer is interested in making a name for himself neither of the two may apply. Some of the recent big-name worms have been able to infect a significant percentage of the vulnerable population in a matter of minutes or hours. This means that after the first 4 hours or so your rate of infection will level off, and you may as well start killing hosts. Which would get the greater publicity, just infecting 3/4ths of the Net, or infecting 2/3rds the Net but permanently killing the machines?
Whereis AntiVirus for MacOS and Linux?? (Score:5, Insightful)
No-no-no-no (Score:5, Funny)
If it was a false paradise it would come with a tropical island, Nicole Kidman and bathtub full of champagne.
In other news (Score:3, Interesting)
Seriously, how are we "fortunate" that they only wish to take control over your server and not destroy it? If one of my servers are compromised it's as good as destroyed. If they didn't do it, I will as I wouldn't trust any part of the system. (drives wiped and hardware flashed)
false paradise (Score:5, Funny)
Mac User Buys Nortan AntiVirus (Score:5, Funny)
"Updating Virii Signatures......"
"0 Signatures updated, there are no virii for mac you idiot"
Can I return it?
Re:Mac User Buys Nortan AntiVirus (Score:5, Funny)
It's been said time and time again. (Score:5, Insightful)
Where I live, there was a huge scandal about some company that sent other companies "demo discs" which the employees at the other company obviously ran, trusting some random company. This caused a trojan/backdoor to be installed, eventually costing the companies a lot of data which was viewed by their competitors.
Even in the army, they have a network completely (physically) disconnected from the public internet, with very strict rules on what's allowed to move inside and usually everything is ok. One time there was a large outbreak of a virus, obviously it was disconnected from the outside, but still an outbreak.
The source? A high ranked officer thought he's above the rules and connected his infected laptop to the inside network.
No matter how strong are your means of security, stupidity will always prevail.
As long as humans... (Score:2)
On the other hand, a clued-in user with "commonly recommended security tools of the times" (currently a firewall and AV if they run windows, future who knows?) will typically defeat most things.
"Security Professionals" are Retards (Score:5, Insightful)
I'm really tired of mediocre systems guys passing a CISSP exam (thousand miles wide, quarter inch deep) and being declared experts on securing things they don't even understand to begin with.
For one, quantative analysis of the numbers of vulnerabilities doesn't equate to determining if a system is more or less secure than another. It's also meaningless if you don't compare how the systems are configured in what kinds of environments. Even simple things like Linksys routers greatly contribute to additional security on a personal computer (Windows or otherwise).
From the article: "Symantec chronicled 1,862 new vulnerabilities during 1H2005 - an average of 10 new flaws a day - 73 per cent of which it categorises as easily exploitable. The time between the disclosure of a vulnerability and the release of an associated exploit was just six days. Half (59 per cent) of vulnerabilities were associated with web application technologies."
Can anyone tell me where in that statement is a shred of useful, meaningful information? Of course not. Because there is none.
Insofar as Firefox and and OS X being "in for surprises." Sure, Firefox is an evolving application, bugs will be introduced and squashed, and later on more will be introduced. Some of those will be security vulnerabilities. Any application who's sole job is to pull data from untrusted sources and parse it will be vulnerable to security problems resulting from buggy code. Period. End of sentence.
OS X
Despite that incentive, it has yet to be done. A rootkit is being touted as "proof of OS X's insecurity." Give me a break. If you can trick a user to type in their admin password with an application, it doesn't matter if you're running Windows, Linux, BSD, OS X, HP-UX, or Solaris -- you're going to get owned.
Jesus, I hate security people. I just want to choke them.
dark future (Score:5, Funny)
Whew, good thing I'm running IE 5.5 and Windows 98.
I don't know if we're lucky. (Score:5, Interesting)
Re:I don't know if we're lucky. (Score:3, Insightful)
In fact, it's the standard policy at home: I let my folks do whatever they want with their PC, if it starts acting funny, though, it gets reformatted and reinstalled (with a previous DATA ONLY backup, strictly). I don't let them choose the basic software (mozilla o
Computer viruses like their biological counterpart (Score:5, Insightful)
IMHO, Symantec has done more damage themselves! (Score:5, Interesting)
I have run into *countless* numbers of damaged Windows installations, directly attributable to Symantec's own products. Just last week, I struggled for hours with a customer's XP Home Edition because he was "having problems getting any streaming audio to work properly".
Upon closer examination, the XP firewall was in a corrupt state, refusing to allow connections for his Internet radio stations. I was unable to view the advanced firewall properties, etc. After looking up event log error codes and trying several methods that repaired the problem for some people, it became obvious that I was looking at the result of a botched uninstall of a Symantec Personal Firewall or "Internet Security Suite" product.
Not only can these things happen, but you'll often see computers with errors with the "32-bit subsystem" when going to an MS-DOS command prompt, due to Norton products screwing up system registry settings due to an improper/incomplete uninstall or installation/upgrade.
Furthermore, when their anti-virus and "security suite" products do work properly, they still bring older, slower PCs to their knees in many cases. The "on-demand scanning" feature lags far behind the rest of the system when working with large numbers of small files (extracting a ZIP or the like), causing a window to constantly pop up, informing you to "please wait" while it scans them... And their "activation" process they now require for their AV products in Windows is every bit as bad as Microsoft's XP activation procedures! I remember purchasing a 25-pack of OEM Norton AV licenses last year, only to find that 6 or 7 of the key codes refused to work, claiming they were "used too many times" or the like. (I guess pirates with keygens hit upon them already or something?) Thiis is *not* the type of B.S. you want to fool around with when you're on a client site, getting paid by the hour to fix a virus problem for them!
I won't even go into the disk corruption their "Disk Doctor" for Macintosh did to MANY customers after they upgraded to newer versions of OS X and Symantec didn't keep up with needed changes/patches to the product!
Their company went down the tubes ever since Peter Norton quit coding their products and started getting royalties for having his photo thrown on the front of the packages.
Re:IMHO, Symantec has done more damage themselves! (Score:3, Interesting)
So, I'll tell you something for nothing -
Actually, more often than not, the "32bit subsystem error" is caused by a missing autoexec.nt and config.nt in the windows\system32 directory.
No joke... check out MS KB 305521 (yes, I have a few favourite KB articles memorised...)
You can recreate these as zero-length files or just copy them from the restore\ directory (created during initial XP install - may not exist on OEM images).
Unfortunately, a certain number of
Re:IMHO, Symantec has done more damage themselves! (Score:3, Interesting)
We had to boot from a rescue floppy and delete the NIS folder before the system got usable again (yay for FAT32). Of course, a few weeks
Register.uk's publishing Symantec's adware (Score:5, Insightful)
Shame on both!
How about reporting:
"Symantic issued an official sensationist panic warning to Mac users who have not bought their product. It is unclear how Symantec's products will secure the Mac platform from exploits, since they do nothing to secure a system from a user with physical access. The company may also consider selling volcano insurance and eating babies"
From the actual Register story:
"While the number of vendor-confirmed vulnerabilities in OS X has remained relatively constant during the last two reporting periods [12 months], Symantec predicts this could change in the future. Symantec's analysis on a rootkit (OSX/Weapox) reveals it is designed to take advantage of OS X. This particular trojan demonstrates that as OS X increases in popularity, so too will the scrutiny it receives from potential attackers."
So Symantec:
- is shy to report that there are no exploited vulnerabilities
- analyzed a OS X root kit and determined it ran on OS X
- thinks the adware/malware market, driven by demand for easy to zombify PCs, is somehow poised to launch specialized attacks on inherently secured systems via non-replicating trojans that require root access to install.
Which is worse, Symantic's bullshit misinformation, or the Register's uncritical dissemination?
I'm surprised (Score:2)
Going Nuclear (Score:5, Interesting)
This change will be as important to infosystems as was the transformation of life on earth from "prokaryotes", cells without a defined nucleus within a nuclear membrane, into prokaryotes, nucleated cells. Their DNA and other infosystems are compartmentalized from the other machinery of the cell, including those that interact with signal-carrying chemistry from the extracellular environment. That change is the basis for most of life on Earth, for most of the lifetime of the world. The changes in infosystems will likely be as epochal. And until the infodynamic boundary between humans and machines is no longer mediated by non-nervous tissue (like typing fingers and seeing eyes), it will primarily define our machines, as well as ourselves.
Re:Going Nuclear (Score:3, Interesting)
Nonsense. Or perhaps an attempt to spread some propaganda here to prepare the ground for so-called trusted computing [lafkon.net]? Or a misunderstanding of some high-level discussions between people who never had to deal with real-world security issues?
There is an obvious flaw in your argument: What you describe r
"Totally Inadequate." (Score:2)
*yawn*
Sure... whatever.
Rootkit? (Score:3, Informative)
Then I saw them mention a root kit for OSX and wondered to myself what good that would do without actually having a way to gain control in the first place.
(See definition of rootkit from wikipedia: "A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes."
Note the words "after cracking" and "maintain"
Sounds like a bunch of malarky disguised as solid information to scare people who aren't aware of more advanced computer concepts.
Your barber called (Score:2)
Oh, and Symantec says you aren't safe, and some guy in England who competes with open source software says it is going to ruin his industry without government help.
Anyone see a pattern?
One little difference (Score:3, Insightful)
It's just a matter of modular design.
Predictably, the /. response is head in the sand (Score:4, Insightful)
I've seen people have that same attitude before someone draws down and leaves them a crumpled mess on a bar rooom floor. It didn't help them and doesn't help the OSX, BSD, and Linux crowd. You cannot underestimate the danger of the average users' whimsy and inexperience, the truly committed crackers, and the legions of script kiddies who learn their tools from the first two. It isn't Windows that is insecure and dangerous. Windows does nothing it isn't told to by people stupid enough to tell it so by accident or on purpose.
The future is pointed at self-contained encrypted containers of both interpreted and compiled code objects flitting about the global net and this future will be embraced by Microsoft and the only way that Microsoft will not entirely control it is if the major vendors arrayed against them co-opt the paradigm with standards themselves. The law of unintended consequences being what it is, there is no way that the non-MS community can say credibly that the sheer combinatoric explosion of possibilities for system interaction in this future will not affect them, no matter what their safeguards. It's like trying to guess the outcome of a mating based on a glimpse of a few genes of one parent.
Assume the worst or the worst will happen to you. Hold true in survival on the streets, in the jungle, or on the Internet. Blowing off the very idea is foolhardy in the extreme. The only option for Linux for its part to avoid it is to remain a sado-masochistic wrong and hard is better than right and easy platform which scares away the average user. In that case, Microsoft's hegemony is assured simply through the incompetence of their opponents, not that it isn't close to that already.
So why hasn't this happened already? (Score:3, Insightful)
I suspect it is for one of two reasons: Either doing physical damage to the PC (BIOS/MBR wipes) isn't that easy; or the machines are better protected than we think. Many people have hardware firewalls as part of their home routers. AOL can't be trusted to pass any packets..
Symantic should talk (Score:5, Insightful)
That would be the "Norton Utilities" for Mac OS X they wrote and sold, that corrupts your hard drive because Symantic didn't bother to figure out how our filesystem works. Wonderful. I had to buy Diskwarrior to sort it out.
If you go to the Amazon page for the Norton Utilities they sold, it's still there, but along with the dozens of one-star reviews, there is a suggestion that Symantic has quietly stopped shipping it.
It will be a long time before Mac users trust Symantic again.
Re:Java. (Score:5, Funny)
Re:Java. (Score:2)
Re:Java. (Score:2)
Not JAVA, but FLASH!!! (Score:2)
void infect(this-host,) {
infect(n-hosts near this-host);
for(int i=0;i < n; i++)
infectHost(n);
}
Java doesn't spread like a virus. I think Flash is a virus because it uses the computer user as a host for the get-flash-now-meme and makes him download it.
Re:Not JAVA, but FLASH!!! (Score:2)
Oops!!!:
void infect(this-host) {
infect(n-hosts near this-host);
for(int i=0;i < n; i++)
infect(n);
}
Re:Java. (Score:2, Informative)
CVE-ID: CAN-2005-2529
Available for: Java 1.4.2
Impact: Malicious system users can gain elevated privileges.
Description: This is specific to the implementation of Java on Mac OS X. The utility used to update Java shared archives is susceptible to a privilege escalation vulnerability from local system users. This update addresses the issue by performing additional clean-up before launching the utility on behalf of unprivileged users. This issue does not affect systems prior to Mac O
Re:Java. (Score:3, Insightful)
Now I am not saying that Viruses can not exist for mac, but at the same time it would not be easy for it to gain access to the entire system, since the only user that can modify the entire system is disabled by default (root). For years people have been saying "just wait, their will be a virus that affects Macs". Well I am still waiting for it. Sure you could tell people to download someone from a web page that
Re:Java. (Score:2)
Stating the obvious, sometimes you get a feeling of security by keeping a low profile. If something is popular it naturally attracts saboteurs, and therefore has a better chance of being exploited, thereby ruining its reputation. Some might brand less popular OSes as insecure [lockergnome.com] as Windows -- we just don't hear of as many incidents related to breaches.
Re:Java. (Score:3)
And that very same reason, low market share, is why there are so few exploits for IIS and so many more exploits for Apache.
Oh, wait a minute. Reality is the ot
Re:Java. (Score:2)
Re:Java. (Score:5, Funny)
In other news, fans of anal sex everywhere protest the comparison to Java.
Re:"Computer" security? (Score:3, Insightful)
Re:"Computer" security? (Score:3, Informative)
"Symantec foretells a dark future for Firefox and Mac users describing their security as a "false paradise"."
Hydrogenous (Score:2, Funny)
Is English your first language? Or do you make them up as you go along?
Re:Hydrogenous Infrastructure. (Score:3, Funny)
Re:Hydrogenous Infrastructure. (Score:2)
Hy`droge`nous a. 1. Of or pertaining to hydrogen; containing hydrogen.
Re:Hydrogenous Infrastructure. (Score:2, Insightful)
Re:Hydrogenous Infrastructure. (Score:2, Funny)
Maybe you were thinking of heterogeneous? or androgynous? Hard to tell because attempting to read a few lines of your post made my face explode. It's 'unpossible' to read your posting.
What does this have to do with flammable gas? (Score:5, Insightful)
I'm guessing hydrogenous is not the word you were looking for. Assuming of course that you weren't proposing that we base our networks on hydrogen.
I'm going to instead assume you meant heterogeneous which is something often proposed on Slashdot and grants the proposer instant karma as people rush to mod them up.
The only problem is having a hetereogeneous environment increases your support costs whether you have a security incursion or not. How many people are security experts in Mac, Windows, Linux, BSD, Solaris, FreeBSD and CPM? Not many. Which means that for every environment your IT staff supports, you need additional admins.
CPM Security is pretty easy, actually. (Score:2)
Re:Hydrogenous Infrastructure. (Score:5, Funny)
jellomizer: Vindictive ass. (Score:5, Insightful)
Well, after I posted my response to him (read it for yourself here [slashdot.org], he changed his sig to:
--
Insult me if you feel you must, Ill just mod down your other messages.
Out of curiosity, I checked my user page. Several of my comments in the last couple days have been modded down. Of course, nobody would have any reason to mod them down - they're long since off the first page.
Karma is so ridiculously easy to come by that I wouldn't imagine anyone would care enough to do such a thing. I think this qualifies as the most assinine use of mod points in quite some time. Congratulations, asshat!
Re:Doomsaying, like s*x, sells... (Score:2)
Re:Well, Sherlock... (Score:3, Funny)
Quite frankly I'm thinking something like the opening sequence of XenoGears, with the mass tentacles of spam reaching out to engluf us all, and the scrolling messages of "And Ye Shall Be As Gods" replaced by countless repititions of "Make Money Fast", "Strong Erections", "FREE!!!!!" and the like.
I'd like to play the part of the captain, giving a faint smile as I detonate the self destruct. Gods know it'll be better than the alternative.
Re:Secure vs. Reliable (Score:2)