Slashdot Mirror
Wall Street Journal On The Switch
An anonymous reader writes "Walt Mossberg, the Wall Street Journal's personal technology columnist, has long appreciated Macintosh, in a very unbiased, but still probably slightly business-oriented way. Today, in honor of tomorrow's "Panther" release, he has a very positive article in favor of "consumers and small businesses" switching for peace of mind. "If you're tired of the virus wars, the Mac can be an island of serenity.""
I own 2 macs and a pc. I prefer my mac for my research mainly because of the GUI and Unix underpinnings. Since I do a lot of coding for my biological modeling work, the built in compilers come in handy. Plus, I like the fact that I do not have to worry about viri. I'll always keep a pc around for certain things, especially gaming, but my mac goes with me for work. It is a simple matter of personal choice. I personally would hate to have to give up my 12" powerbook.
Considering there are no known viruses that run in Mac OS X, he's absolutely right. And Panther is going to rule :D
I think the Mossberg Article makes the point when it is contrasted with the article he wrote last week about which pc one should purchase. In that article he advises about the feature-set one should look for and how to best make use of the digital life apple has been attempting to push for years. I remember a Steve Jobs MacWorld Keynote where he introduced iLife and another where he makes it clear that apple will innovate its way out of the bad times. I guess everyone else in the industry is ready to follow the leader. I think the fact that this week's article is selling the point that, "Hey, as you are downloading this week's M$ critical update, you should know there is a platform where people are not targeted nor is this platform flawed in the foundation of its design." I have always thought life would be better if we worked on a *nix platform at work and when home to a Mac. One could make the argument that it is now in print.
Please, "unbiased", my ass. This guy will gush with praise about any product that's easy to use and free of bugs. Every time he reviews something with flaws, he feels like pointing them out.
Sometimes I read his column and all he talks about is "oh, this program was fun to use", or "I didn't like this music player because it was hard to operate and the battery cover broke off". Like any of that matters.
His constant annoying praise for Apple products is clearly due to the quality of the product and it's usefulness to the average consumer, and not due to any objective standard like how big Apple's cash position is or how man deals they've cut with other computer companies.
This kind of yellow journalism must be put to an end.
For games I have my ps2, and my fastest box is this laptop a P4-2000m so I have been I thinking about what I should do for a workstation.
Assuming neither KDE, GNOME, or someother desktop become as freindly as OS X, my next computer will be an apple.
I read that article and I wonder whether it's time to be more specific when it comes to calling something a virus. Yes, often times the behavior can be annoying either way, but the viruses that most Windows machines are exposed to today are dramatically different than the few macro-viruses that macs are succeptible to.
A trojan horse or something that can slowly kill your hard disk is much more severe than something that adds characters to your Excel spreadsheets.
It makes me feel that the Symantec quote is more FUD than anything else. Aside from that, I enjoyed the read.
As a long time Mac user, I personally learned nothing new in the article, but it's good to get that info into wider circulation. Particularly the sort of people who read the WSJ, influential but not tech savvy.
"Common Sense Ain't" -Unknown
So if one of the main arguments about why Macs are so virus free is their small market share, should we really keep telling people to switch, since a growing market share will make Macs a bigger target?
Also, is it wise to keep pointing out so loudly that its so hard to write a virus for OS X and that none currently exist? I mean, it sounds kind of pompous and arrogant...like an invitation to try write one?
fuck you.
>So if one of the main arguments about why Macs are so
>virus free is their small market share, should we really
>keep telling people to switch, since a growing market
>share will make Macs a bigger target?
How much would it have to grow before it becomes a likely target? A factor of 10? 20?
That said, there are two main reasons why viruses on the mac are less common:
1) Mail.app makes it more difficult to launch an application sent to you directly and warns you. It doesn't keep you from doing so, but its not as easy (or defaulted, like it used to be on Outlook).
2) Better security model. The damage one app can cause, even in an admin account, is limited unless it's given extra permissions, which requires giving it a password.
>Also, is it wise to keep pointing out so loudly that its so
>hard to write a virus for OS X and that none currently
>exist? I mean, it sounds kind of pompous and
>arrogant...like an invitation to try write one?
The question would then be, providing you (or whoever) could actually write it, "how long would it stay in the wild."
The low marketshare means that even if you could get it to be as infectious as a virus on windows (same infectious characteristics) it wouldn't have a large pool of systems that it could infect, this means that it is more likely to fizzle than become an issue.
Even providing you could get it work and people to run it.
Integrate Keynote and LaTeX
Who cares about how true it is (there have been 2 such updates) but still, I laughed.
Like Microsoft, Apple issues periodic security patches, but they are less frequent than the Windows patches -- and some of them are needed to repair flaws in the software programs Microsoft writes for the Mac.
There's an old Microsoft joke of an error message that says:
With that said: heterogeneous computing environments, whether within small networks or on the global network increase security.
But the point is that even if it is a target, it is much harder to write a virus for OS X at this point in time.
- Zav - Imagine a Beowulf cluster of insensitive clods...
the comparison of online music stores, does this mean that the WSJ might actually like us now? That perhaps they'll influence tech-ignorant business sorts to stop assuming that the Microsoft way is the only way. That would be helpful.
My Blog Sucks.
How much would it have to grow before it becomes a likely target? A factor of 10? 20?
Probably about 20, since that would bring the sub 3%ish market share up to parity with MS. If the goal is to infect as many people as possible, 49.9% market share doesn't really need patching. Computer A gets infected, what are the odds it will find another to infect? You have the market share raised to a very high exponent, and 0.93^n is a much fatter target than 0.03^n.
Macs more secure by design? Maybe. We'll never know unless the market share becomes significant.
MS Office viruses are becoming few and far between. The virus de jour is Outlook-based viruses (or worms exploiting the latest Windows flaw) and Outlook doesn't exist on the Mac. (I've heard Entourage, the MS Mac mail client is quite nice, but haven't used it myself). Even if you do get a MS Office virus, they're often tied to some Windows feature that just doesn't work on a make like deleting C:\Windows.
It's okay if you're not using IMAP [I'm one of the unfortunate]. Apparently MS didn't conform to the RFC. Imagine that...
Trust me. This is an inactive account. Regardless of what the
Compare Apache's webserver market share to that of Microsoft IIS. Compare the number of exploitable vulnerabilities in those products, and the severity of the results.
Compare Sendmail's SMTP server market share to that of Microsoft Exchange. Compare the number of exploitable vulnerabilities in those products, and the severity of the results.
Compare Oracle's (or IBM's) SQL RDBMS market share to that of Microsoft SQL Server. Compare the number of exploitable vulnerabilities in those products, and the severity of the results.
Deduction: Microsoft manages to lead in introducing exploitable vulnerabilities to market segments, with severe results, even in segments where they do not enjoy market share leadership.
Now that's innovation! :)
To be blunt and honest, Microsoft designed and maintained its operating system product(s) in ways that failed to take security (and multiple users, and networking, and...) into consideration for far too long, and now finds itself in the unenviable position of being the only operating system vendor most people have even heard of that doesn't have a properly secure operating system.
-Dan (whose new "cheesegrater" G5 has fewer holes than Windows)
I think the key feature of the OS X security model is that the root account is disabled by default. Doing admin by sudo instead of su seems much safer. I agree wholeheartedly with the above post and would like to add that I find the continual challenging for admin passwords very reassuring. Fair enough, passwords are only as secure as you keep them but I am fairly confident, using OSX, that no one can get my password without me specifically telling them (which isn't going to happen).
First off, the parent is not flamebait. It's unfairly moderated.
That said,
For the individual user, opportunity cost, lost productivity, and essentially waste of resources are far less of a noticeable factor than for MegaCorp Inc. I should know, I'm building an incident response team at a large international bank--they blew millions and millions either preparing for or responding to shit that never should have happened in the first place. Check the CSI/FBI computer crime survey, Gartner, whatnot--you'll find absolutely stunning figures. Whether they're the result of underlying flaws in Windows, or just of a higher suscepbility of that OS to attack because it's further spread I won't argue--I have made up my mind on that already.
Furthermore, while I have no issue with your general comments, there's one important thing you're missing--vulnerabilities in Linux/BSD tend (note careful choice of words) to be results of configuration errors, or of vulnerabilities in software running on top of the OS.
I just had this discussion with a colleague recently--your fundamental difference, compared to Windows is that (a) the existence of Linux workstation in a corporate network does not require you automatically to run vulnerable services as part of the core OS (vulnerabilities in OpenSSH notwithstanding, it's a far more secure mechanism for administering distributed boxes than mapping a C: drive via RPC), and (b) if you do have to run service, I can't think of many (and if you mention NFS, I'll throw a shoe at you) which cannot somehow have their running privileges limited (run as different user, chroot, jail, whatever.)
Of course, if you allow remote root logins, that's your own problem.
Cole's Law: Thinly sliced cabbage
A big problem brewing in the wings is the continued use of .SIT Stuffit Archives on OSX. .SIT has no provisions for the x (01) bit on files, so Stuffit Expanders version 7 and 8.0.1 set the x bit on every file. This makes it much easier to launch the theoretical mac virus.
.sitx format that handles this properly, and there's little that you can't do with an OSX .dmg image natively (just drag&drop onto Disc Copy). Panther will make a .zip for you from the Finder, although I'm not sure how it handles forks and file attributes.
Aladdin has created a
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
So what you're saying is that a good exploit only needs to be a trojan that runs at user-level (no manipulation of anything critical) and asks the admin password (which everybody is so used to handing out all the time). Getting regular users used to using sudo a lot isn't necessarily a good thing.
A Good Intro to NetBS
I do a PS2 + Mac myself. The way I figure it, the overlap on those two particular machines, game-wise, is a fantastic match.
Consider: we have watched the consoles eat a significant portion of the once-dominant PC game market. Consoles are custom game machines, that enjoy even better mass market economics than PCs, that have no compatibility problems or patches to speak of, and are usually the same approximate cost as the video card alone would be for the PC.
Most kinds of games work better on a console, especially with the console controller. There are two exceptions to this: 3rd-person shooters, which anyone half-serious knows you must use a mouse for; and Real Time Strategy games like WarCraft 3, which need the mouse and the keyboard... usually a multibutton mouse too.
The Mac gets almost all the big 3rd-person shooters ported (Quake3, Wolfenstein, Medal of Honor, etc), as well as many of the RTS games (WC3, Age of Whatevers, etc).
So a Mac + PS2 provides a pretty vast array of gaming. Not quite as vast as a PC of course, but if you want OS X the rest of the time...
If Jesus wants me it knows where to find me.
Windows is riddled with security flaws, and new ones turn up regularly. It is increasingly susceptible to all kinds of viruses, malicious Trojan horse programs and spyware. As a result, Windows users have been forced to spend more of their time and money supporting their computers.
..and this is different to Apple Software Update how exactly? Yes people target Windows but that is simply because it is so widespread. Windows / OS X / Linux all require regular patches. This is not a practice limited to Microsoft.
ANY computer is susceptible to a virus written for it. Money? The last time I checked security patches were free.
They are free - however the cost in bandwidth and the cost of IT for businesses isn't free. And the design of *nix makes it less susceptible to major viruses.
Almost every week, they are supposed to install patches to the already patchy operating system to plug these security holes. And every few months, it seems, Windows users must quake in fear as some horrible new virus is created by the international criminal class that constantly targets Windows.
True - but when you patch a new OS X machine all the patches are wrapped up nicely together. You don't have to install 15 security patches for a new machine. Plus, there are MAYBE 1 security update every couple of months. With Windows it is closer to 7-10 a month. Linux - it depends on what services you are running - but it is closer to OS X's number.
But for consumers and small businesses, there's a simple way out of this endless morass: Buy an Apple Macintosh computer. There are no viruses on the Macintosh's excellent two-year-old operating system, called OS X. And the Mac is a terrific computer -- as good as, or better than, Windows for the typical computing tasks important to mainstream users.
No viruses.. Yet. And typical computing tasks? Linux can do all that too - for free.
Without special programs to make them work it can't do MS Office, Photoshop, iTunes, or a host of other great programs. Yes, I know that OO, Gimp, and XMMS exist - but they aren't as refined as the others. I have used them and to be honest in a production environment I would rather pay for the other software then use the open source solutions because it is the free software isn't worth the loss in productivity.
It isn't impossible to write a virus for the Mac. The system isn't impenetrable. Mac users should still use antivirus software. But any virus or security problem that does emerge on the Mac is likely to be much less serious than the Windows security crisis. "Mac OS X hasn't had any viruses since the OS was launched," says Bill Rosenkrantz, the head of Macintosh products at Symantec, the big antivirus firm. "It's more difficult to attack the Apple system than Windows."
So, first we have how there are no viruses for OSX yet we should still run anti-virus? So what sort of signature library is this antivirus system going to have if there are no viruses?
Good point.
So, if you're a Windows user, you could sit tight, apply all the patches, worry about all the viruses and hope that the spring's Service Pack will solve most of the security problems without breaking other key features of Windows or interfering with programs you use.
Er.. you mean like that OSX 10.2.8 update completely breaking many people's OS X install? Like that you mean?
The 10.2.8 broke a VERY small subset of people's machines. The only machines that were affected (and not all of these even were) are the dual 450-500 G4 machines. But - yes you have a point.
Or, if the security issues are important to you, you could just buy a Mac when you shop for your next computer.
You see many PC hardware users dont have to shop for a new computer because upgrading the old one is possible. OS X is only "secure" until people start targetting it.
People don't shop for com
...And when they came for me, there was no one left to speak out for me." - Martin Niemoeller (1892-1984)
Actually, users quickly become accustomed to thinking, "asking for my password means it's about to either install software, or edit my operating system," which will hopefully lead to thoughts like, "hmmm... why would a jpeg of Anna Kournakova need to do that? I should ask one of my computer geek friends before doing this."
Information wants to be anthropomorphized.
Granted no one can protect a computer from a dumb user but this comes pretty close.
seSales, Point of Sale software for OS X.
I wasn't really implying that I agreed with the "marketshare" argument, I was trying to point out though the rather ironic fact that using that argument as a selling point to attract "switchers" would, if successful, ultimately eliminate any benefit of it.
Impressive response, nonetheless.
fuck you.
"If you're tired of the virus wars, the Mac can be an island of serenity." Until everyone else shows up, and you have to start voting them off the island.
- billn
perhaps they should stick their nose to 'Wall Street' stuff and let sites like Ars[arstechnica.com] to provide factual review
:-)
You mean, quote, "Ars Technica - The PC enthusiast's resource", end quote? Sounds like an exellent place to find some unbiased information on Apple
Your post sounds like a troll (certainly not a flame), but your name isn't A. Coward, so I'm guessing you didn't mean it that way. (your mistaken implication being that the quote in the parent you responded to was incorrect.) So, I'll respond:
You forgot one MS app--internet explorer. There have been a couple security updates in the last year that dealt with internet explorer vulnerabilities. IIRC, not biggies, but there all the same.
p.s. outlook 2001 (and outlook express do "exist for the mac". They're os9 apps though--outlook works just fine in classic.
I was trying to point out that while Macs can get Word/Excel/PowerPoint-based viruses, there really aren't that many being produced anymore. If you look at Symantec's Latest Virus Threats list (W32.Marque@mm is the newest listed), there's only two that uses Word/Excel/PowerPoint as it's carrier: W97M.Rochitz.C and W97M.Tabi.Trojan. W97M.Rochitz.C doesn't do anything but spread. W97M.Tabi.Trojan downloads an EXE file which won't work on a Mac.
I had forgotten about the OS 9 Office package. I switched to OS X and haven't looked back.
But the point is that even if it is a target, it is much harder to write a virus for OS X at this point in time
Well, maybe. No-one actually knows, because OSX hasn't attracted much attention from virus writers. It might be harder solely because OSX is newer and virus writers have less experience of it, I suppose, but as of yet, that's the only reason that can be known with any degree of certainty.
Not really. Representatives from anti virus companies and security experts have stated that it is much harder to write viruses for OS X.
It also has been out for several years. Don't you think that any enterprising visur writer would have written one by now?
- Zav - Imagine a Beowulf cluster of insensitive clods...
And if you've gone to the trouble of creating an installer and asking for the password, then recording it, and affecting some part of the os with it, don't you think they would have thought of some bullsh*t to add to the info tab. I've had a PC for a while and there are plenty of spyware apps that put regestry entries in that have false and important sounding names. check out the parasite section of doxdesk.com
Two different things entirely.
seSales, Point of Sale software for OS X.
I started a point-by-point refutation of everything that you said, but then I realized that it would be pointless because you are just spreading FUD.
...and how you claim that the author's statement that there are no Mac viruses in part because there aren't enough Macs is wrong, because there would be viruses if there were more Macs).
Actually I'm debunking FUD but lets carry on.
Most of it doesn't even make sense, as when you claim that hardware for Linux is free ("typical computing tasks? Linux can do all that too - for free"),
I didn't say hardware for Linux is free - that would be extremely silly now wouldn't it? There are certain things I think that we can take for granted, such as I'm 96.5% certain that readers here understand what Linux is and that computer hardware is not "free". Fair comment one must always take the cost of the hardware into account but its the OS that we are talking about here.
I said people attack the most prevailant system, which is presently Windows. If OS X was as prevailant as Windows is now, there would be more attacks targetted at it. the amount of attacks scales with popularity.
I don't believe you actually own a Mac, because you are about as hostile toward Macs as some of the most rabid Windows fanboys I've run into. If you do actually own an iBook, here's my suggestion: sell it. We don't need people like you spreading this sort of FUD.
Well I certainly do own an iBook and how you can call me hostile towards Macs I find quite frankly confusing (did you READ what I wrote? I like OSX). I like OS X a lot - (I certainly wouldn't have bought an iBook if I didn't, and I definitely would not be thinking about a G5) plus I do support (amongst other things) a 200 host Mac network complete with XServe (which I personally recommended & installed).
The article I debunked is FUD - it makes contradictory points. For example, this paragraph:
So, if you're a Windows user, you could sit tight, apply all the patches, worry about all the viruses and hope that the spring's Service Pack will solve most of the security problems without breaking other key features of Windows or interfering with programs you use.
This is clearly putting the concept of patches in a negative light, and inserting FUD into the process by implying that applying a patch may cause problems. Some facts:
OS X needs patching, (as do all other current operating systems.)
Applying patches can be risky, however its important to keep up to date. Apple suffered from this exact issue recently with the 10.2.8 update causing problems for many users.
So Apple are "guilty" of two of the alleged "crimes" of Windows.
It would be like an airline saying something like "So if you fly with our competitors, sit tight and hope there are no bombs or terrorists on the plane with you" while trying to sell plane tickets. It's ridiculous.
It says that Microsoft release patches and puts that in a negative light and later on says that Apple release patches but it's "ok" because they are less frequent!
It also says (correctly, unless the "switchback" "virus" isnt a hoax) that there are no viruses for OSX, yet you should still run antivirus. Sophos, Symantec and Network Associates all produce OS X antivirus, which you have to admit is a little strange. I suppose they are selling insurance against future incidents.
If I've posted anything factually incorrect, then please set the record straight.
What is it with all the anonymous postings anyway? Why are people afraid to put their names to their opinions?
I won't try and defend this article because basically your analysis regarding the patches is correct, however it should be noted that Apple Security patches are delivered to you via Software Update, and installed with the click of a button. Does Windows do this? Hell to be honest I don't know, but it seems to me that if it DID do this, wouldn't most people have installed the security patches Microsoft releases and thereby reducing the effectiveness of the virii or security breaches in question?
Microsoft has Windows Update (Which unless I'm mistaken, they came up with before Apple). Unfortuantely automatic updating is turned off by default however, whereas Apple have this functionality turned on by default (which was a very good move). Microsoft are changing this behaviour as basically as Apple obviously understand, unless you have things happen for people automatically and bug them about it constantly, they simply will not do it.
I'm also forced to question your reasoning with regard to the recommendation to use an anti-virus program being strange. With OS X, as I hope you too can attest, data loss isn't a big problem, but that doesn't mean I still don't back up regularly. It's a matter of prudence, I pray that I don't lose data, but I expect that I will. I pray that my Mac won't get a virus, but I expect that eventually it will. For you to say it seems stranges strikes me as a little odd, especially since you administer such a large network. Redundancy is what it's all about in the computer biz, because the "better safe than sorry" attitude saves money in the long run.
I agree totally - antivirus is a very good idea, yet - there are no OSX viruses - if there are no viruses, then how does the antivirus even work?? what sort of signature library does it have? That's the strange part!
You seem to suggest XP and OS X are equally vulnerable (or secure) but since XP is the OS du jour, there's viruses and worms for XP and since OS X is obscure, there are none (0) for OS X.
eheheheheheh
I'm actually not going to argue with that. It has been done before by quite knowledgeable people. Just following your logic here, which is more fun.
OK, and with this huge crowd of mac-haters out there, there's none with just a smidgen of intelligence to write an OS X virus.
Which should be just as easy to do as writing an XP virus.
It has now been three months since the fact is widely spread on the internet: to date ZERO virusses for OS X.
And since only 8 milion people use OS X, that's going to stay that way, I mean, 8 milion. Ffffff, nothing!
Regardless of everybody now at least knowing of the mac (what with iTunes and iPod).
Regardless of all the media attention it would get - probably a LOT more than "Hey, here's another Windows virus".
Finally, while not using any real arguments, allow me to say your arguments are baseless. The 'security through obscurity' myth has been debunked with many a good argument and more flair than I have in me.
How can you own an iBook, be into OS X and yet know so little about it's best features: security and stability...
But thank you for this moment of fun.
BTW: errr yes, there are virusses you can get on your mac. Some obsolete macro viruses for word that somehow still infect word for OS X. But Let's just assume for the sake of (my) argument that by virus we mean something that wreaks havoc on your computer.
I think, therefore I am...I think.