Mac OS X Security Criticisms Countered

← Back to Stories (view on slashdot.org)

Mac OS X Security Criticisms Countered

Posted by simoniker on Monday December 15, 2003 @07:35AM from the second-round-knockout dept.

Paradox writes "In response to the recent PC Magazine story criticizing Mac OS X security, technologist/author Richard Forno has written a rebuttal criticizing the author and raising some good points about the fundamental differences between Windows and Mac OS X. Considering Lance Ulanoff's tone during his article, a rebuttal from the Mac OS X community was inevitable." Forno's conclusion: "Trustworthy computing must be more than a catchy marketing phrase. Ironically, despite a few hiccups along the way, it's becoming clear that Mac OS, not Windows, epitomizes Microsoft's new mantra of 'secure by design, default, and deployment'."

14 of 464 comments (clear)

Min score:

Reason:

Sort:

Attacking the author by goldspider · 2003-12-15 07:41 · Score: 5, Insightful

I did RTFA, and it would seem to me that the rebuttal would have sufficiently stood on the merit of the facts, without all the sniping at Ulanoff.

Tho Forno is mostly correct in his assertions, I would take him MUCH more seriously if his argument wasn't riddled with immature name-calling.

--
"Ask not what your country can do for you." --John F. Kennedy
1. Re:Attacking the author by Oculus+Habent · 2003-12-15 07:54 · Score: 5, Insightful
  
  Every work day, I use Mac OS X 10.3, Windows XP Pro, 2k Pro, NT 4, and 98 - sometimes 95, too. I like my Mac. I could go into why, but no one asked me, so I won't. How the original story managed to make some sort of grade for acceptability at PC Magazine makes me less interested in the publication.
  
  I concur will your view - the correct answer, said rudely, still isn't right.
  
  --
  That what was all this school was for... to teach us how to solve our own problems. -- janeowit
*sigh* by Oculus+Habent · 2003-12-15 07:43 · Score: 5, Insightful

The PC Magazine story was just about that - a story.

It wasn't a report. It wasn't an account. It wasn't an investigation. It wasn't supported by facts. It wasn't supported by logic. It was an opinion piece that, from my view, wasn't well thought or well written.

It's unfortunate that people need to write rebuttals to this sort of journalism, but some naive readers out there will simply take it at face value because it's in print, so it must be true.

--
That what was all this school was for... to teach us how to solve our own problems. -- janeowit
1. Re:*sigh* by ack154 · 2003-12-15 07:50 · Score: 5, Insightful
  
  But what if many people read that and don't see it as just a "story"? What if people take it for what he wrote? (Essentially saying Mac is "as bad as" Windows based on this one vulnerability he mentioned).
  
  While this new article does take maybe too much aim at the original author, it should at least help clarify what is really going on.
  
  I'm far from a security expert or anything, but I would be far more apt to trust Mac OS security out of the box than Windows security...
2. Re:*sigh* by Ringel · 2003-12-15 07:57 · Score: 5, Insightful
  
  It wasn't a report. It wasn't an account. It wasn't an investigation. It wasn't supported by facts. It wasn't supported by logic. It was an opinion piece that, from my view, wasn't well thought or well written.
  Unfortunately, it is exactly that type of disingenuousness that is the hallmark of yellow journalism. You don't get to ex post facto decide whether something is a story or journalism. I assure you that there is no field for "story" or "journalism" in any standard bibliographic form. This is how people like Ann Coulter get away with slander, and then take a "ha ha only kidding just my opinion" stance to defend themselves.
  As soon as a story is referenced, it becomes a reference, regardless of what the original motivations were.
3. Re:*sigh* by hellfire · 2003-12-15 08:03 · Score: 5, Insightful
  
  I disagree with you for several reasons:
  
  1) If Lance can post something regarding his opinion of an operating system, then Richard can post his opinion of Lance's article.
  
  2) Everyone's entitled to an opinion, but not all opinions are equally valid. This is a fundamental point of epistomology. Lance is spreading FUD. What his motivation is, is unclear. But that doesn't give Lance the right to be spreading false accusations. Someone has to stand up and say so. If I were as good a writer as Richard I might have done it.
  
  3) Lance KNOWS what he's doing, and either he know he's wrong or he's so blinded by his opinion that he can't reason properly. However, some people are going to think he's right. That's not fair to anyone who enjoys using Apple products or is one of these "mac zealots" who want to expand the user base.
  
  4) This isn't in the same degree as some gross mischaracterizations that the media is known for (such as overblowing safety warnings or terrorism alerts, or incorrectly running news stories on urban legends and hoaxes which aren't true; yes that has happened before and continues to do so!), but every article, factual or opinionated, that contains false facts must be refuted. The journalism industry is taken for granted, at least in America, and when one of them screws up in order to get more money or get a promotion or because someone ordered them to, or some other sleazy means, then better journalists, or the public in general, should stand up and say the media is dead wrong.
  
  --
  "All great wisdom is contained in .signature files"
Re:Don't always assume a smear campaing by proj_2501 · 2003-12-15 07:55 · Score: 5, Insightful

"or wrong, never fully read it or the rebuttal"

so why comment on the relationship between the two if you are obviously misinformed and you admit it?
Audit. WAS: Re:trust by voixderaison · 2003-12-15 07:57 · Score: 5, Insightful

If you work in a place where "security is EVERYTHING", then you should know that trust is *not* the bottom line.

Don't trust vendors.
Don't trust open source.
Trust no one.
Audit.

--
Things should be made as simple as possible, but not any simpler. -- Albert Einstein
Re:Don't always assume a smear campaing by pyros · 2003-12-15 07:59 · Score: 5, Insightful

Not to say the original article was right (or wrong, never fully read it or the rebuttal) but it's shortsighted to assume criticism comes from zealous hate.

It's not too much of an assumption. The author of the orinigal piece said he was glad that there was finally a big vulnerability for Mac OS, and that he was tired of Mac users looking smug when SAMS edition Conquer the Internet in 12 Hours outlook viruses pass them over. The whole piece just had a tone of "I'm really sick of people bragging about Mac OS."
MS should learn from ship builders by nv5 · 2003-12-15 08:08 · Score: 5, Insightful

One of the great breakthroughs in safety design came when ships started to be built with compartments, which would prevent a single hull puncture to sink the whole ship. (Sadly the Titanic's compartments were all aligned in one dimension, so when the puncture was very long, it compromised all compartments).

One of my greatest concerns with MS attitude towards design of their "ships", especially Windows and Office is, that they are integrated way too much. So any security "puncture" spills over way too easily into the rest of the ship. As a very annoying side effect, one ends up re-booting for way too many MS patches. Why should I have to reboot, if I patch my browser or e-mail client?

Of course, MSIE, Outlook and MS Office vulnerabilities have been a lot less worrying for me, since fully switching to Mozilla and OpenOffice over a year ago!
a few things by BigBir3d · 2003-12-15 08:10 · Score: 5, Insightful

Firstly, my new office machine is a Dell with XP Pro. My home machines are iBook with 10.3, and a ThinkPad with Mandrake 9.x (uptime near 60 days now). All 3 are stable machines that do what I want, when I want. The Thinkpad was the #1 machine until I had enough scratch to buy the iBook (apple.com does nice refurb sales from time to time). When sobig and the other malicious worms of 2003 came out, my office was all win98 machines, and a NT 4.0 server. Due to reading /. and using Norton Antivirus, the only machine affected by the onslaught were the machines I was not "allowed" to touch (#1 computer guy {I am the secondary guy}, and the owner of the company {"I did that already"}. In short, you can run any of these machines safely, with most all of the latest software. It just helps if you are not an idiot.

PEBKAC
Mac Zealots or AnitMac Zealots by Salvo · 2003-12-15 08:37 · Score: 5, Insightful

I recently switched to MacOSX from BeOS. In my experience chatting to the Mac Community out there, they are not more fanatical than Any other Community. I've know Car Clubs who are more obsessive than the Macintosh Community.

The only fanatics I've ran accross in the MacOSX World are the AntiMac Fanatics. For whatever reason, these individuals *hate* Macs. Not just Dislike Macs, but actively *hate* them, with a passion remeniscant of Religious Fundamentalists.

People who rebute these AntiMac Fanatics are Labeled Mac Zealots. This is only a half truth, they are really just qualifiers of the AntiMac FUD.

Anti-OS sentiments aren't restricted to MacOS, though, There are plenty of AntiMS, AntiLinux, AntiBSD and Anti[insert favourite OS here] Fanatics. Are you one of them?
Re:Not a fair comparison by danigiri · 2003-12-15 08:51 · Score: 5, Insightful

Look, I'm no MS fan, but they have not released an operating system since they started their "trustworthy" initiative. The Windows operating systems being discussed are old (WinXP came out in 2001), and obviously full of holes--so full of holes that MS had to start this whole focus on security.
XP might be old, but it is what people are allowed to buy *now*, so your point does not apply. It is insecure *now* and it is being sold *now* (read, not discontinued or the like).
So, how about we give MS a chance and at least wait for them to release an OS under their "secure by design, default, and deployment" banner before we start ripping it. We may be pleasantly surprised (although I doubt it).
I have just installed a network of computers, loaded with MS software I just bought. I need to be secure now, not in 2-3 years time.
dani++
Re:Don't always assume a smear campaing by azav · 2003-12-15 10:21 · Score: 5, Insightful

Macs CAN get virii. True. However, I was one of the first ten people in the world to identify the mac WDEF virus in 1990-1991. I've followed the virus trail since 1989 to this day on macs and pcs. I even did virus protection for fortune 500 companies once.

PCs are open holes with regards to virii.

Macs are a dream in this respect. Even the old OS 9 & lesser.

Obscurity DOES play a part. A small part. The win 95/98 verisons of windows that are STILL being used are horrors. The newer versions are much better (Me, 2000, XP) but still, the win computer ships with the doors unlocked and open. And the solutions made to close them are subpar. What if I WANT to email a .exe to a coworker?

I could regail you with tales of the reocurring Scsvr/brasil/ops32 virus at our old office but and all the times our pcs went down but I won't. The time wasted cost us enough.

The original reporter is a bitter man who is upset that the one part of the mac he chooses to address is much better than the same area on the pc and is despirate to "fight back" and say "nyah, nyah, I tooold you" to the mac crowd, painting them as elitist pinkie pointing beret toting espresso drinkers.

We need more rebuttals like the one that started this thread. I know many who claim that "less macs = less mac virii you stooge" without closely examining the situation.

At last check, there were about 60 mac virii. At most 100.
How many win virii are there out there? 50 thousand? 60 thousand?

The more the correct message gets published by competent professionals, the less win/mac virii FUD will be going around.

Cheers,

--
- Zav - Imagine a Beowulf cluster of insensitive clods...