security realities are blah blah blah on Windows, then we can draw similar conclusions concerning OS X.
I'm saying that you haven't disproven your arguments as equally applying to recent Windows versions. Client malware before 1995 or so was delivered almost exclusively through trojans (including bootsector etc); then there was a period of about 10 years where insecurities in networking stacks/client networking apps allowed a machine to be infected without a physical user action; and now we're edging back to where we were before 1995. Windows exploits today are mostly straight download-me trojans, with a sprinkle of browser/plugin exploits.
My opinion is that OS X is hard to remotely exploit. The fact that it hasn't been done even one single time backs that up.
I'll give you one to stop you whining. It's especially important because it describes what I've said about ethical hackers not being prepared to put their freedom on the line to impress kids. Contrary to what you think, many people care about the difference between showing that a gun can be guilt and building a gun for anyone to use.
No, it isn't. But it sure invalidates the myth that marketshare=exploits which is what practically your entire argument hinges on.
Argh. Webserver = server software. There are a few web servers most of which have administrators, many of whom will notice suspicious activity eventually. There are hundreds of millions of desktops/workstations on the net, very few of which have competent administrators. The content of an individual web server may be valuable, while the content of an individual client machine is likely not; the sum of bandwidths of web servers over time is likely not so impressive; whereas the sum of bandwidths of millions of distributed machines in a large botnet is very impressive.
Targeting a server and targeting a client are two very different goals.
. At the end of the day, the only way to prove an OS is insecure is to exploit it. Anything else is just talk. And from where I'm sitting, OS X looks pretty good.
But it's been exploited many times in proof-of-concepts. What you're asking people to do is break the law and tell the world about it like the dumbest kind of criminal just to please you - not even for financial reward. That's not going to happen.
Students and geeks have no empathy any more. They're no longer the elite 10%, but tools in extended training to prepare themselves for debt, servitude and an unsatisfying family. Cooperation with China in academia IME is not to improve local academic talent with the best Chinese minds but because Chinese coming to the West are the sons and daughters of rich, well-connected families who pay full fees and more to the Universities concerned (this is even worse in the EU than US, where some Universities are dying for cash and it is official policy to send senior staff over to China to court students).
You can mod down my posts as much as you want because you are too ashamed to admit there might be a problem with a cooperation between US and Chinese academia+government on improving artifically intelligent surveillance tools, but it won't stop the fruits of their labours being used to watch your movements within a decade or two.
Another time. Right now, I'm really just talking about OSX though I may tangentially refer to other platforms.
If you have no evidence that people are still writing purely mischievous viruses for recent Windows versions and releasing them into the wild such that they're picked up by antivirus researchers, then it's fairly certain you've not done enough research or are misidentifying the problem.
Recall that before the late '90s, a virus "in the wild" meant on install/magazine floppies/CDs or passed between friends - every virus essentially began as a trojan, in that the user explicitly executed a piece of software which at some time did something sneaky. With networked computers, no more.
Let's start with Charlie Miller [zdnet.com], the vaunted pwn2own OSX cracker.
He's worth reading, but I'd not read anything into what he doesn't say. The man's a previous employee of an intelligence agency, and knows where his bread is buttered.
Unless someone has spoke with every malware author on the planet there is no way to know with absolute certainty why these authors target Windows OS's.
But that's, of course, ridiculous - no test involves measuring every member of a population. OTOH, you can ask malware authors about the kind of successes they achieve with Windows botnets, and whether there's a dearth of machines to fulfil their needs. If supply of exploitable Windows boxes outpaces demand, there's absolutely no reason to even consider targeting alternative platforms for botnet zombies.
My sensibilities tell me that the sheer number of remotely exploitable vulnerabilities found for Windows versus those for OSX might be a more likely reason for Windows to be the more common target.
Except that most vulnerabilities refer to services which are disabled (and which wouldn't be enabled in the average client scenario), and we can't tell how many vulnerabilities exist on either platform because neither MS nor Apple give full disclosure. MS is known to fix apparent security bugs without announcing them, and Apple have been known to not issue a response to some critical vulnerability announcement with some BSD utilities (e.g. ssh/ssl), but Darwin and binaries are magically updated months later at the next point release.
In some ways, then, it's easy to target a particular Apple system you know is configured a particular way, because you know it has a still vulnerable version of some software installed - I tried this on my own Apple workstation using a published ssh vulnerability years ago. So anyone with sufficiently valuable data is at risk, as always.
Apache vs. IIS.
Apache isn't OS X or even much to do with Apple at all, and IIS isn't Windows. Evidently Apache's historical security record beats IIS into the ground - not sure about recently, as I've not touched IIS in a few years.
Any dope can write a trojan and find somebody dumb enough to run it.
And this is how almost every single recent client machine infection begins.
Why would you go to the effort to outsmart technically adept developers when there are so many ways of exploiting technically less able end users? I really don't see the point. There are enough proof of concept exploits out there for every operating system, but there is very little reason to turn them into workable viruses when their method of entry will be blocked at the next patch Tuesday - or patch rar-e-ly for Apple. Since a combination of MS and router vendors getting their shit together means that the average computer had no open ports open to the net, there's less benefit in replication intelligence. (This was all way different 5-10 years ago, of course, and the mainsteam Apple and Microsoft operating systems in 2001 both were as holy as the average Church minister isn't - XP kinda lingers, but SP2 + home routers made things sane.)
The only time it may be worth it is when you're attacking servers, which potentially give you access to a potentially great amount of data and bandwidth - hence viruses for Linux and Windows but barely any for OS X, which has an almost invisible server marketshare.
Go for it. But as part of your answer, and without desperately researching (you seem fairly confident of your reasoning, so I assume you're knowledgeable on this topic!), please name 8 in-the-wild viruses (i.e. not trojans) written in the past 5 years which targeted post-Vista SP1 workstations/desktops in their default configuration and which were not ostensibly written for profit.
IOW, they must cause some sort of apparently pointless mischief, but do not either include a payload for botnet/similar operations or open a backdoor for later payload delivery.
I need to understand whether you're coming from the position of someone who is aware of recent virus trends, or who just likes the fact that Macs have fewer viruses.
(b) Google are freely offering Chrome (+ChromeOS maybe) on the home page to users of their search service: "A faster way to browse the web - install Google Chrome".
(c) When you search for terms such as "browser" their browser appears top of the sponsored listings. I guess they just paid themselves more than anyone else did to get that top position.
(d) Google are not similarly offering competitor browsers (+operating systems) to users of their search service.
OS8 and OS9 both had less marketshare than OSX yet they had viruses and OSX has none.
In case you didn't notice, viruses written in the '80s and '90s were mostly by cheeky kids looking to get a kick out of finding vulnerabilities and frightening clueless users. Today, that's very rare when compared to the organised efficiency with which fraudsters deploy botnets for profit.
IOW, when you're doing it for fun, you write a virus for whatever machine's sitting on your desk. When you do it for money, you write a virus for whatever machines will guarantee you a good RoI. Why would eliminating 19 of every 20 targets be a smart move? Especially when your remaining 5% includes an awful lot of laptopping students and hipsters who aren't providing you with hours of continuous botnet operation. Win32 is familiar, widely available, and everyone seems to have cycles and bandwidth to spare. A few iMacs are of no use.
If Google's holding all the data and not throwing up a fuss when any agency demands access to the data without judicial oversight then it's providing the tools - i.e. storage, network connection - to help government surveil you. Whether it has actually written down that it allows ABC to use its datamining tools or just gives them administrator access to read whatever data and take whatever code they want is entirely irrelevant - in the same way that a bribe is a bribe even if I just drop an envelope on the floor and shuffle my feet.
If it bothered Google (or any other information dataminer, though I am not sure there is any overt operation as large), it could tomorrow stand up and say, "I'm not giving any more help to any government agency, here or abroad, without judicial oversight." Then it has the opportunity to rally public support, or force a change in America's approach to surveillance, or die. Of course, it will do none of these, and even if it did its directors might change policy in the future, which is one why it's impossible to consider allowing Google to process all my data.
It seemed pointless to highlight one as any more significant than the other. But if you want at least one related to application layer surveillance, how about ex-Chancellor Lamont and ex-Ofcom (UK telecoms regulator) executive Meek - who was IIRC before that at BT! - on the BoD of Phorm?
It'd be a lot scarier if government did have enough clever people that there wasn't an exchange between elected ministers, civil servants and industry directors, as then no-one would be able to follow the flow of power.
Cheques are mostly being phased out in Western Europe over the next decade in favour of debit and credit cards, the latter of which at least offers quite a bit in terms of "not being ripped off" protection - the UK government for example requires joint liability between retailer and card provider for any purchases between £100 and £30,000.
As for the government's curiosity, it is in the mind of a geek (I've been guilty of this too) to try to reduce problems to a theoretical position and then argue on that basis. In this case, you seem to have argued that the government can get its hands on any piece of information about you which is physically represented if it tries hard enough, so what does it matter whether it's in a centralised database or on your desktop?
Well, the difference is the whole point. It's extremely easy to datamine without any judicial oversight from a centralised database. Your behaviour can be observed as part of a dragnet/statistical threat operation or your specific behaviours monitored if you're even remotely suspicious (not necessarily in an "illegal" sense, but in an "unsavoury" sense, e.g. attending demonstrations / writing anti-government-policy articles). But a whole deal more work is required to physically enter your property and install monitoring equipment or take your tools. People throw up a fuss because it's often obvious when it's done. Moreover there are clear protections (e.g. US 4th Amendment) against whimsical physical investigations created when certain governments were young and idealistic which haven't been properly applied to recent technologies.
(My comment didn't appear successfully submitted and hasn't appeared, yet I get: "This exact comment has already been posted. Try to be more original..." Transaction integrity, or update latency?)
Cheques are mostly being phased out in Western Europe over the next decade in favour of debit and credit cards, the latter of which at least offers quite a bit in terms of "not being ripped off" protection - the UK government for example requires joint liability between retailer and card provider for any purchases between £100 and £30,000.
As for the government's curiosity, it is in the mind of a geek (I've been guilty of this too) to try to reduce problems to a theoretical position and then argue on that basis. In this case, you seem to have argued that the government can get its hands on any piece of information about you which is physically represented if it tries hard enough, so what does it matter whether it's in a centralised database or on your desktop?
Well, the difference is the whole point. It's extremely easy to datamine without any judicial oversight from a centralised database. Your behaviour can be observed as part of a dragnet/statistical threat operation or your specific behaviours monitored if you're even remotely suspicious (not necessarily in an "illegal" sense, but in an "unsavoury" sense, e.g. attending demonstrations / writing anti-government-policy articles). But a whole deal more work is required to physically enter your property and install monitoring equipment or take your tools. People throw up a fuss because it's often obvious when it's done. Moreover there are clear protections (e.g. US 4th Amendment) against whimsical physical investigations created when certain governments were young and idealistic which haven't been properly applied to recent technologies.
Anyone with Windows could always use any Win32-compliant web browser. Are Google using their dominant position in search/advertising to dump Chrome, ChromeOS and Google Apps on the market?
What does "applefan" have to do with this?
See this post. Whatever belief system seems to think that Apple's behaviour is OK, ends up thinking Google's behaviour is OK. They're two journeymen in the same boat.
That was to be read in the sense of, "Would you like me to wipe for you, or can you wipe yourself?" You appeared to choose the former:-).
Why don't you pick a country, select a particular aspect of the country supposedly managed by the state (e.g. prison, military, police, security, healthcare) and find out who are the major government contractors. Identify symbiotic lobbying efforts. Identify individuals on boards of directors who have had previous involvement in government.
N.B. Don't assume that a Western military merely affects people abroad. Apart from the direct cost in soldiers' lives and national debt, you have resultant hostility toward your country and, most insidiously, an inability to compete locally with firms with ties with the military.
The privacy implication for banking is that banks, and by extension the government, know what amounts of money are coming and going - not always precisely when you pay cash or know which offshore banks to use.
The privacy implication for the cloud is that Google, selected third parties and the government know every detail about all work you do on a computer.
You are doing what is typical of a layperson when they're met with technical language, which is to take two different phrases with some similar words then to assume they mean the same thing. Tech geeks hate it when non-geeks do this but somehow think it's acceptable for them to do it in other fields.
I asserted, "MS didn't have an effective monopoly."
You asserted, "MS enjoyed monopoly power." You will notice throughout the document that MS is described never as a monopoly but repeatedly as having "monpoly power".
A "monopoly" can be identified by market share - it's an everyday term, and a term which is defined more precisely by economists (with market share taken into account).
"Monopoly power" has a specific legal definition in Sherman which is not constructed in terms of market share.
Obviously that information has already been "sucked up" if it's on their servers. OP seems to have been thinking more of what info it will suck up even when you're on non-Google owned websites.
But the purpose of ChromeOS is to ensure that all your data - documents, spreadsheets, etc. - are stored/manipulated/analysed by Google's servers. Current Windows systems aren't like this. Unless you are really interesting, what's on your drive remains on your drive.
American liberties are being eroded on many fronts with stuff like the PATRIOT act, and these guys are more worried about Google improving the relevance of their advertisements instead of going out and killing the government,
Who do you think builds the tools that government uses to follow and exploit its people? Would you like a list?
You were as forced to buy the Microsoft OS then as you are to use Google today. Giving away your OS/browser on your home page is akin in today's terms to supplying a browser on the install CD. "But you have to consciously install it!" I hear you retort. Well, do you have to consciously install Google Apps? And, if not, does it count as always installed, or never installed? The point is, whether it's installed is a technical point only relevant to admin/developers - what matters is how available it is.
Not crying for MS, just applying standards evenly. Unfortunately they became much more political after the anti-trust nonsense, which was to the detriment of business in general. This decade barely recognises a difference between corporation and government, and the MS anti-trust trial was just bringing MS in line.
I see I got modded down for mentioning Apple, who is really the initiator of the client end of the current wave of disposable/cloud computing. For the record, Jobs sucks and is far worse than MS, and it's a shame that people feel the need to mod down when they disagree rather than arguing their point.
I can safely guess that the processor in my computer doesn't even have a networking stack built in.
Why? Did you analyse it? Do you have a good reason to trust AMD and Intel? You're constructing a strawman, anyway, as you don't need something that sophisticated to backdoor a seemingly secure system. What would be entirely unreasonable to "guess" is that there are no undocumented opcodes or sequences of fetched memory values which will cause the processor to bypass its current protection settings.
Perhaps if you're so confident in the security of windows you'd like to explain why 98% of the email hitting my server comes from windows botnets?
Wait, Google's servers (where the data is stored) are open source? Can I audit their deployment too?
And it can't suck up any information you don't enter.
What? Afaict, your argument reduces to, "It's secure because at least if I want to keep something private they don't force me to give it to them." Similarly, every government guarantees freedom of expression because they can't do anything about internalised expression (dreaming?), I guess.
You might want to check over your shoulders whenever you go out in public to make sure nobody is following you - you never know, they may find out what brand of toilet paper you buy, or see what type of films you enjoy watching at the cinema!
Ah, the second prong on the anti-privacy trident. When it's not, "If you have something to hide, you shouldn't be doing it," it's, "actually I've decided you have nothing worthwhile to hide anyway!"
We can only guess that you haven't analysed every component in your CPU, and every line of source in the compiled version of your copy of Lunix which you run (betcha didn't build from source from scratch).
This is why, contrary to Google's nonsense about Windows being too insecure to use, it's never appropriate to decide that one operating system is too insecure because it may be made to leak data while another implicitly will not. You should assume that every workstation may leak data, and deal with the problem at the border by analysing everything going in and out using sophisticated off-the-shelf and custom IDS, etc.
This is also why Google Apps are *never* appropriate.
No, no. That was at a time when Microsoft wasn't doing the "correct" thing for a large corporation and filling Washington with lobbyists. Much as people may hate Microsoft, they were shockingly apolitical (and progressive in matters of equality, e.g. gay employment rights) before Clinton saw a way to try to squeeze them.
Google caught on to that early and are already sorting out the troughs.
ChromeOS is not general competition "with Microsoft Windows". Windows has always been about delivering services on your desktop using the native CPU power and full set of UI capabilities, ensuring availability, low latency, full features and (relative) privacy.
Google Apps deliver a quite limited subset of general office suite features available only under certain environments. They are completely inadequate where privacy is of concern.
ChromeOS is another option for Netbooks - i.e. it might be suitable as another alternative in the already harmfully and unnecessarily flooded market of Netbook operating systems. But no firm should entertain using ChromeOS to prepare content.
Slashdot Mirror
security realities are blah blah blah on Windows, then we can draw similar conclusions concerning OS X.
I'm saying that you haven't disproven your arguments as equally applying to recent Windows versions. Client malware before 1995 or so was delivered almost exclusively through trojans (including bootsector etc); then there was a period of about 10 years where insecurities in networking stacks/client networking apps allowed a machine to be infected without a physical user action; and now we're edging back to where we were before 1995. Windows exploits today are mostly straight download-me trojans, with a sprinkle of browser/plugin exploits.
My opinion is that OS X is hard to remotely exploit. The fact that it hasn't been done even one single time backs that up.
I'll give you one to stop you whining. It's especially important because it describes what I've said about ethical hackers not being prepared to put their freedom on the line to impress kids. Contrary to what you think, many people care about the difference between showing that a gun can be guilt and building a gun for anyone to use.
No, it isn't. But it sure invalidates the myth that marketshare=exploits which is what practically your entire argument hinges on.
Argh. Webserver = server software. There are a few web servers most of which have administrators, many of whom will notice suspicious activity eventually. There are hundreds of millions of desktops/workstations on the net, very few of which have competent administrators. The content of an individual web server may be valuable, while the content of an individual client machine is likely not; the sum of bandwidths of web servers over time is likely not so impressive; whereas the sum of bandwidths of millions of distributed machines in a large botnet is very impressive.
Targeting a server and targeting a client are two very different goals.
. At the end of the day, the only way to prove an OS is insecure is to exploit it. Anything else is just talk. And from where I'm sitting, OS X looks pretty good.
But it's been exploited many times in proof-of-concepts. What you're asking people to do is break the law and tell the world about it like the dumbest kind of criminal just to please you - not even for financial reward. That's not going to happen.
Students and geeks have no empathy any more. They're no longer the elite 10%, but tools in extended training to prepare themselves for debt, servitude and an unsatisfying family. Cooperation with China in academia IME is not to improve local academic talent with the best Chinese minds but because Chinese coming to the West are the sons and daughters of rich, well-connected families who pay full fees and more to the Universities concerned (this is even worse in the EU than US, where some Universities are dying for cash and it is official policy to send senior staff over to China to court students).
You can mod down my posts as much as you want because you are too ashamed to admit there might be a problem with a cooperation between US and Chinese academia+government on improving artifically intelligent surveillance tools, but it won't stop the fruits of their labours being used to watch your movements within a decade or two.
Sorry, your arguments get weirder and weirder. This car analogy totally passes me by. If it helps, I know nothing about cars.
40 years ago you were where people retreated to if they didn't want to exploit the Far East as part of the political game.
Another time. Right now, I'm really just talking about OSX though I may tangentially refer to other platforms.
If you have no evidence that people are still writing purely mischievous viruses for recent Windows versions and releasing them into the wild such that they're picked up by antivirus researchers, then it's fairly certain you've not done enough research or are misidentifying the problem.
Recall that before the late '90s, a virus "in the wild" meant on install/magazine floppies/CDs or passed between friends - every virus essentially began as a trojan, in that the user explicitly executed a piece of software which at some time did something sneaky. With networked computers, no more.
Let's start with Charlie Miller [zdnet.com], the vaunted pwn2own OSX cracker.
He's worth reading, but I'd not read anything into what he doesn't say. The man's a previous employee of an intelligence agency, and knows where his bread is buttered.
Unless someone has spoke with every malware author on the planet there is no way to know with absolute certainty why these authors target Windows OS's.
But that's, of course, ridiculous - no test involves measuring every member of a population. OTOH, you can ask malware authors about the kind of successes they achieve with Windows botnets, and whether there's a dearth of machines to fulfil their needs. If supply of exploitable Windows boxes outpaces demand, there's absolutely no reason to even consider targeting alternative platforms for botnet zombies.
My sensibilities tell me that the sheer number of remotely exploitable vulnerabilities found for Windows versus those for OSX might be a more likely reason for Windows to be the more common target.
Except that most vulnerabilities refer to services which are disabled (and which wouldn't be enabled in the average client scenario), and we can't tell how many vulnerabilities exist on either platform because neither MS nor Apple give full disclosure. MS is known to fix apparent security bugs without announcing them, and Apple have been known to not issue a response to some critical vulnerability announcement with some BSD utilities (e.g. ssh/ssl), but Darwin and binaries are magically updated months later at the next point release.
In some ways, then, it's easy to target a particular Apple system you know is configured a particular way, because you know it has a still vulnerable version of some software installed - I tried this on my own Apple workstation using a published ssh vulnerability years ago. So anyone with sufficiently valuable data is at risk, as always.
Apache vs. IIS.
Apache isn't OS X or even much to do with Apple at all, and IIS isn't Windows. Evidently Apache's historical security record beats IIS into the ground - not sure about recently, as I've not touched IIS in a few years.
Any dope can write a trojan and find somebody dumb enough to run it.
And this is how almost every single recent client machine infection begins.
Why would you go to the effort to outsmart technically adept developers when there are so many ways of exploiting technically less able end users? I really don't see the point. There are enough proof of concept exploits out there for every operating system, but there is very little reason to turn them into workable viruses when their method of entry will be blocked at the next patch Tuesday - or patch rar-e-ly for Apple. Since a combination of MS and router vendors getting their shit together means that the average computer had no open ports open to the net, there's less benefit in replication intelligence. (This was all way different 5-10 years ago, of course, and the mainsteam Apple and Microsoft operating systems in 2001 both were as holy as the average Church minister isn't - XP kinda lingers, but SP2 + home routers made things sane.)
The only time it may be worth it is when you're attacking servers, which potentially give you access to a potentially great amount of data and bandwidth - hence viruses for Linux and Windows but barely any for OS X, which has an almost invisible server marketshare.
Go for it. But as part of your answer, and without desperately researching (you seem fairly confident of your reasoning, so I assume you're knowledgeable on this topic!), please name 8 in-the-wild viruses (i.e. not trojans) written in the past 5 years which targeted post-Vista SP1 workstations/desktops in their default configuration and which were not ostensibly written for profit.
IOW, they must cause some sort of apparently pointless mischief, but do not either include a payload for botnet/similar operations or open a backdoor for later payload delivery.
I need to understand whether you're coming from the position of someone who is aware of recent virus trends, or who just likes the fact that Macs have fewer viruses.
Is the Moon made of cheese? In a word, Yes!
(a) Google have dominant position in search.
(b) Google are freely offering Chrome (+ChromeOS maybe) on the home page to users of their search service: "A faster way to browse the web - install Google Chrome".
(c) When you search for terms such as "browser" their browser appears top of the sponsored listings. I guess they just paid themselves more than anyone else did to get that top position.
(d) Google are not similarly offering competitor browsers (+operating systems) to users of their search service.
OS8 and OS9 both had less marketshare than OSX yet they had viruses and OSX has none.
In case you didn't notice, viruses written in the '80s and '90s were mostly by cheeky kids looking to get a kick out of finding vulnerabilities and frightening clueless users. Today, that's very rare when compared to the organised efficiency with which fraudsters deploy botnets for profit.
IOW, when you're doing it for fun, you write a virus for whatever machine's sitting on your desk. When you do it for money, you write a virus for whatever machines will guarantee you a good RoI. Why would eliminating 19 of every 20 targets be a smart move? Especially when your remaining 5% includes an awful lot of laptopping students and hipsters who aren't providing you with hours of continuous botnet operation. Win32 is familiar, widely available, and everyone seems to have cycles and bandwidth to spare. A few iMacs are of no use.
If Google's holding all the data and not throwing up a fuss when any agency demands access to the data without judicial oversight then it's providing the tools - i.e. storage, network connection - to help government surveil you. Whether it has actually written down that it allows ABC to use its datamining tools or just gives them administrator access to read whatever data and take whatever code they want is entirely irrelevant - in the same way that a bribe is a bribe even if I just drop an envelope on the floor and shuffle my feet.
If it bothered Google (or any other information dataminer, though I am not sure there is any overt operation as large), it could tomorrow stand up and say, "I'm not giving any more help to any government agency, here or abroad, without judicial oversight." Then it has the opportunity to rally public support, or force a change in America's approach to surveillance, or die. Of course, it will do none of these, and even if it did its directors might change policy in the future, which is one why it's impossible to consider allowing Google to process all my data.
It seemed pointless to highlight one as any more significant than the other. But if you want at least one related to application layer surveillance, how about ex-Chancellor Lamont and ex-Ofcom (UK telecoms regulator) executive Meek - who was IIRC before that at BT! - on the BoD of Phorm?
It'd be a lot scarier if government did have enough clever people that there wasn't an exchange between elected ministers, civil servants and industry directors, as then no-one would be able to follow the flow of power.
Cheques are mostly being phased out in Western Europe over the next decade in favour of debit and credit cards, the latter of which at least offers quite a bit in terms of "not being ripped off" protection - the UK government for example requires joint liability between retailer and card provider for any purchases between £100 and £30,000.
As for the government's curiosity, it is in the mind of a geek (I've been guilty of this too) to try to reduce problems to a theoretical position and then argue on that basis. In this case, you seem to have argued that the government can get its hands on any piece of information about you which is physically represented if it tries hard enough, so what does it matter whether it's in a centralised database or on your desktop?
Well, the difference is the whole point. It's extremely easy to datamine without any judicial oversight from a centralised database. Your behaviour can be observed as part of a dragnet/statistical threat operation or your specific behaviours monitored if you're even remotely suspicious (not necessarily in an "illegal" sense, but in an "unsavoury" sense, e.g. attending demonstrations / writing anti-government-policy articles). But a whole deal more work is required to physically enter your property and install monitoring equipment or take your tools. People throw up a fuss because it's often obvious when it's done. Moreover there are clear protections (e.g. US 4th Amendment) against whimsical physical investigations created when certain governments were young and idealistic which haven't been properly applied to recent technologies.
(My comment didn't appear successfully submitted and hasn't appeared, yet I get: "This exact comment has already been posted. Try to be more original..." Transaction integrity, or update latency?)
Cheques are mostly being phased out in Western Europe over the next decade in favour of debit and credit cards, the latter of which at least offers quite a bit in terms of "not being ripped off" protection - the UK government for example requires joint liability between retailer and card provider for any purchases between £100 and £30,000.
As for the government's curiosity, it is in the mind of a geek (I've been guilty of this too) to try to reduce problems to a theoretical position and then argue on that basis. In this case, you seem to have argued that the government can get its hands on any piece of information about you which is physically represented if it tries hard enough, so what does it matter whether it's in a centralised database or on your desktop?
Well, the difference is the whole point. It's extremely easy to datamine without any judicial oversight from a centralised database. Your behaviour can be observed as part of a dragnet/statistical threat operation or your specific behaviours monitored if you're even remotely suspicious (not necessarily in an "illegal" sense, but in an "unsavoury" sense, e.g. attending demonstrations / writing anti-government-policy articles). But a whole deal more work is required to physically enter your property and install monitoring equipment or take your tools. People throw up a fuss because it's often obvious when it's done. Moreover there are clear protections (e.g. US 4th Amendment) against whimsical physical investigations created when certain governments were young and idealistic which haven't been properly applied to recent technologies.
Anyone with Windows could always use any Win32-compliant web browser. Are Google using their dominant position in search/advertising to dump Chrome, ChromeOS and Google Apps on the market?
What does "applefan" have to do with this?
See this post. Whatever belief system seems to think that Apple's behaviour is OK, ends up thinking Google's behaviour is OK. They're two journeymen in the same boat.
That was to be read in the sense of, "Would you like me to wipe for you, or can you wipe yourself?" You appeared to choose the former :-).
Why don't you pick a country, select a particular aspect of the country supposedly managed by the state (e.g. prison, military, police, security, healthcare) and find out who are the major government contractors. Identify symbiotic lobbying efforts. Identify individuals on boards of directors who have had previous involvement in government.
N.B. Don't assume that a Western military merely affects people abroad. Apart from the direct cost in soldiers' lives and national debt, you have resultant hostility toward your country and, most insidiously, an inability to compete locally with firms with ties with the military.
The privacy implication for banking is that banks, and by extension the government, know what amounts of money are coming and going - not always precisely when you pay cash or know which offshore banks to use.
The privacy implication for the cloud is that Google, selected third parties and the government know every detail about all work you do on a computer.
You are doing what is typical of a layperson when they're met with technical language, which is to take two different phrases with some similar words then to assume they mean the same thing. Tech geeks hate it when non-geeks do this but somehow think it's acceptable for them to do it in other fields.
I asserted, "MS didn't have an effective monopoly."
You asserted, "MS enjoyed monopoly power." You will notice throughout the document that MS is described never as a monopoly but repeatedly as having "monpoly power".
A "monopoly" can be identified by market share - it's an everyday term, and a term which is defined more precisely by economists (with market share taken into account).
"Monopoly power" has a specific legal definition in Sherman which is not constructed in terms of market share.
Obviously that information has already been "sucked up" if it's on their servers. OP seems to have been thinking more of what info it will suck up even when you're on non-Google owned websites.
But the purpose of ChromeOS is to ensure that all your data - documents, spreadsheets, etc. - are stored/manipulated/analysed by Google's servers. Current Windows systems aren't like this. Unless you are really interesting, what's on your drive remains on your drive.
American liberties are being eroded on many fronts with stuff like the PATRIOT act, and these guys are more worried about Google improving the relevance of their advertisements instead of going out and killing the government,
Who do you think builds the tools that government uses to follow and exploit its people? Would you like a list?
You were as forced to buy the Microsoft OS then as you are to use Google today. Giving away your OS/browser on your home page is akin in today's terms to supplying a browser on the install CD. "But you have to consciously install it!" I hear you retort. Well, do you have to consciously install Google Apps? And, if not, does it count as always installed, or never installed? The point is, whether it's installed is a technical point only relevant to admin/developers - what matters is how available it is.
Not crying for MS, just applying standards evenly. Unfortunately they became much more political after the anti-trust nonsense, which was to the detriment of business in general. This decade barely recognises a difference between corporation and government, and the MS anti-trust trial was just bringing MS in line.
I see I got modded down for mentioning Apple, who is really the initiator of the client end of the current wave of disposable/cloud computing. For the record, Jobs sucks and is far worse than MS, and it's a shame that people feel the need to mod down when they disagree rather than arguing their point.
I can safely guess that the processor in my computer doesn't even have a networking stack built in.
Why? Did you analyse it? Do you have a good reason to trust AMD and Intel? You're constructing a strawman, anyway, as you don't need something that sophisticated to backdoor a seemingly secure system. What would be entirely unreasonable to "guess" is that there are no undocumented opcodes or sequences of fetched memory values which will cause the processor to bypass its current protection settings.
Perhaps if you're so confident in the security of windows you'd like to explain why 98% of the email hitting my server comes from windows botnets?
Because 90% of unmanaged desktops run Windows.
Except it's open source.
Wait, Google's servers (where the data is stored) are open source? Can I audit their deployment too?
And it can't suck up any information you don't enter.
What? Afaict, your argument reduces to, "It's secure because at least if I want to keep something private they don't force me to give it to them." Similarly, every government guarantees freedom of expression because they can't do anything about internalised expression (dreaming?), I guess.
You might want to check over your shoulders whenever you go out in public to make sure nobody is following you - you never know, they may find out what brand of toilet paper you buy, or see what type of films you enjoy watching at the cinema!
Ah, the second prong on the anti-privacy trident. When it's not, "If you have something to hide, you shouldn't be doing it," it's, "actually I've decided you have nothing worthwhile to hide anyway!"
We can only guess that you haven't analysed every component in your CPU, and every line of source in the compiled version of your copy of Lunix which you run (betcha didn't build from source from scratch).
This is why, contrary to Google's nonsense about Windows being too insecure to use, it's never appropriate to decide that one operating system is too insecure because it may be made to leak data while another implicitly will not. You should assume that every workstation may leak data, and deal with the problem at the border by analysing everything going in and out using sophisticated off-the-shelf and custom IDS, etc.
This is also why Google Apps are *never* appropriate.
Applefan,
(1) Monopolising behaviour is not the same as having "an effective monopoly" - indeed, MS didn't have an effective monopoly either. Read your Sherman.
(2) MS didn't "require" IE for its browser under Windows.
(3) In the late '90s, check out the share of Windows desktops and compare with today's share by Google of the search market.
No, no. That was at a time when Microsoft wasn't doing the "correct" thing for a large corporation and filling Washington with lobbyists. Much as people may hate Microsoft, they were shockingly apolitical (and progressive in matters of equality, e.g. gay employment rights) before Clinton saw a way to try to squeeze them.
Google caught on to that early and are already sorting out the troughs.
ChromeOS is not general competition "with Microsoft Windows". Windows has always been about delivering services on your desktop using the native CPU power and full set of UI capabilities, ensuring availability, low latency, full features and (relative) privacy.
Google Apps deliver a quite limited subset of general office suite features available only under certain environments. They are completely inadequate where privacy is of concern.
ChromeOS is another option for Netbooks - i.e. it might be suitable as another alternative in the already harmfully and unnecessarily flooded market of Netbook operating systems. But no firm should entertain using ChromeOS to prepare content.