No, because of bugs in the virtual machine. That runs java. Windows HAS known security bugs. Thousands over the years, I'd say. Anything that runs code (be it a browser - there goes your marvelous html5 file API or Java or the OS) has the potential of running code outside of it's scope. Even the most secure browsers have known exploits (as proven by the recent pwn2own results - http://www.zdnet.com/blog/security/pwn2own-2012-google-chrome-browser-sandbox-first-to-fall/10588 - so no, you have no fucking idea of what you're talking about.
Second of all, having Java enabled will not hurt your computer, running a Mac that has java updated by apple might. If you had read the article in the post you linked, you'd see it exploits something Oracle already fixed for other OS's - just not for the mac, since Apple won't let them.
If you won't run Java because it's not safe, then you better uninstall flash (even worse), your browser (that's hard, since you're here!), your OS (remember, viruses won't run in a computer that ain't on). While you're at it, you can breath virus in, so I'd stop breathing altogether. Better safe than sorry!
And nowadays browsers will even ask you if you trust an applet before they run it (Chrome) and will only enable it if you want to. So don't fucking click yes if you're somewhere you don't trust.
Again, it was a ridiculous comment. But I'm sure you'll do your best to up your security by just leaving the internet altogether and doing everyone else (and yourself) a favor. You never know when you might get ridiculed again.
Ignore this, since it wouldn't help all that much. I'd say that https://www.varnish-cache.org/ can help, but to be honest, if you want to be up, just stick them on Amazon Cloud services or something. They'll have a really hard time getting to that, and you'll leave all the defending and whatnot to be someone elses' job
Surprised no one mentioned this. On long overnight trips all the lights go out, and there are times when you can't (or shouldn't) use the seat lights. I already use the cover that provides light, but it provides very little in the way of protection to the kindle, so it's a hassle keep putting it on and off.
I'd trade my kindle for a new one if they came up with a lighted one.
The article still fails on showing what google gets out of all of this - Information. By using an Android phone you pretty much become a google centric person. You'll use their mail, calendar, contacts, news, etc on mobile and even shift your PC habits to google. In turn that will allow them to give you better adds and to charge more from the companies that serve them.
Google's approach at android is pretty much the same as google's approach at e-mail. They gave you an e-mail service better than most payed services offered at the time (for free) just so they could profit from the information they gathered.
This kind of news is misleading since Google pretty much has been using that business model everywhere with enough success to keep betting at it. It might not generate as much raw money as apple from each handset (even though they might get some from the Nexus line), but they still make more than enough from each smartphone.
No, he said the attempts at encryption should not be made using java because a story showed that you could run code on a computer via an applet.
It's ridiculous. Or even worse than that, it's someone so ignorant it hurts, but that feels entitled to do statements like that. I should have used my modpoints instead of commenting, since people might take him seriously and he needs to get downvoted and hidden fast.
His comment is akin to saying that since C and C++ has been used on viruses that get delivered as windows executables, you should not use anything written in C, C++ or windows.
You completely missed the point. Our elementary school children all got computers. Their teachers were normal teachers and they had no idea (nor education) on how to use them. It had nothing to do with retardation, but with lobbying that convinced the government it was a great idea/because they wanted to sell computers). But they obviously didn't care about the teachers education, they just wanted to build machines. In economic terms, it was actually good... These cheap ass computers were sold to other countries (wouldn't be surprised to learn that this OLPC was a variation of our product).
And coming from a country that is ruled by lobbies, its kind of ironic that you find the morals to call anyone retarded.
And computer teachers not knowing computers must be a local problem. Around here you need to have graduated on "computers" if you're going to teach computers. The problem was with the other teachers that had no fking idea on how to use a linux computer.
Most encryption algorithms and libraries in java follow the standards implementation. If used properly they are as secure as possible.
Don't confuse the relative security of a language (in allowing you to run code outside of the VM) with encryption algorithms. That's completely idiotic. It's like saying you should not eat meat because it's raining (yep, as idiotic as that).
I don't know if you're serious or not, but in Portugal that was considered one of the main failures (Linux). Most teachers had no idea on how to use their heavily modified linux distro ( custom flavor of http://www.caixamagica.pt/ ) so they simply ignored the computers, that in turn became more of a plaything than a teaching tool.
It's not enough to get Linux to computers, laymen need to be educated or an intuitive shell needs to be developed (like OS X did with unix).
I disagree, I don't think they are more or less pure, they are just a lot more vocal and seem to feel entitled to push their view onto other people. Most countries won't allow any kind of radical thinking anywhere near power, but the US and UK political system and media do, so, you hear about these freaks a lot more there.
I honestly don't get how could an unlock combination bog them down. In the end it is just a numerical combination with a guarantee that no number is ever repeated. There aren't that many numbers from 0 to 9876543210 without repetition (or well, there are a lot, but way less than a pure number that a pin could be).
I see your point, but I don't agree with you (at all)
Those protocols were design for computing power lower than a calculators'. They would have run on pretty much anything. What RIM did was construct a whole network to provide secure communications to the users of their phones, while having a great UI for it (at the time), and that was revolutionary. It was never that you couldn't get e-mail on phones, just they went the extra mile. They were what other players aspired to be...
On the other hand, now they are not doing it. Pretty much everything RIM has done in the past few years has been trying to catch up, and when they do, their competitors are already miles ahead.
The only way RIM will ever reach the pack is if they skip trying to develop everything from scratch and just add their ideas to Android (Nokia is living proof that windows mobile 7 will not sell, even if you do great handsets). With it they can take advantage of everything Android already does and differentiate themselves by doing some of the things better (much like they did in the past).
No, I dislike shills as much as the next one, but I'm capable of independent thought and I don't accept or reject things based on simple hatred.
As I said, just google it. There are hundreds of websites with similar comparisons made by people not affiliated with microsoft that tell the same story. Furthermore, this article is careful enough to cite outside sources and base his analysis on facts.
You read "Microsoft" and the blind hatred started, plain and simple. Last time I checked, shills don't disclose their affiliation, they try to pass their stories as impartial, when they aren't. If someone starts by admitting he's a microsoft employee, then he's no shill. And maybe, just maybe, you should read what he has to say before assuming it is propaganda - it isn't. Security experts are also quoted in the article, with no Microsoft affiliation whatsoever.
Oh, and the fact that it receives and transmits data doesn't mean it is insecure. A simple key exchange protocol will allow you to communicate securely without having to store anything on your phone but RIM's public key.
I think it is obvious that not ALL the disk gets encrypted. Your system wouldn't boot if that happened. Is that insecure also? They simply leave the e-mail and appointments warnings out of it. It's the tradeoff of full security and usability.
And I've seen more than one tool that is able to access an iPhone and some Android phones in minutes, but I've also seen news of countries demanding the key from RIM because they can't access a BB.
And all throughout the article you said "it is possible". show links to a compromised BB phone that didn't have a 12345 PIN and I'll bow down... I just haven't seen any of those.
I was quoting the top google result (out of thousands). I thought it illustrated the problem because it actually explained the problems in laymen terms. But everything you and your ilk read was "he's from microsoft! It doens't matter if he has a point!!!!".
Please do share those tests where mac os X (not linux) beat windows. The whole tests. Please do tell me how can an os that until lion didn't encrypt the whole disk, for example, or didn't have ASLR be more secure those that did.
In terms of architecture, windows has been one step ahead of the mac due to the sheer need of protection to a constant wave of attacks.
And no, companies DO NOT trust those inside. Actually, any first year network security class in university will teach you that YOUR people are your biggest security risk. It doesn't matter if you have 256 byte passwords if they are written under the keyboard. It doesn't matter if you implement a secure WPA2 and firewalled access to your network if an employee will open an ad-hoc connection that provides an entry point. A honeypot can make an employee leak confidential information without even noticing. No serious sysadmin will trust the users, ever.
I really want to know where did you conduct your security auditing. Actually, I want to talk to your boss. Or, you're just full of shit.
it has NOTHING to do with microsoft. Windows, since it has been the target of more threats has been dumping resources to construct a more secure architecture, using every trick in the book.
Apple, on the other hand, has been skimming by due to sheer lack of interest in the platform.
Your argument is akin to US military being weaker than the one from the fiji islands, simply because there have been more attacks to the US. Damn, how I hate ignorant fanboys. And, again, i OWN a macbook pro. Actually, I own a Power G4 macbook, a white macbook, a 13" mbp and a 15" macbook pro. I've also offered a mabook air and advised more than one person to buy mac.
I LOVE OS X. But i know that in terms of architecture, only lion brought features like ASLR or full disk encryption, things that windows has had for years, for example.
Exploits can be patched (since it is a closed system and rim controls it). RIM also encrypts everything, so it doesn't really matter if you think you have gone past it, only exploit I've found that I've found for a RIM handset (in order to get the info inside) had to do with the backups you store in your pc and not the phones.
Please do show where are those exploitable RIM phones because the secret services of half the world would love to know them.
You're ignoring the security features present in each OS. In terms of architecture, windows is ahead of mac os x. It has been for a while. But, once again, you're using the argument of "there are more, so it must be true!!!!".
This is a falacy. The article explains the features in laymen terms.
And don't take the microsoft's guy word, just google it yourself. Feature by feature, windows has more. That's a FACT. More threats only reflects the popularity of the OS, not the number of features to stop those threats it applies.
Already put a link in this thread. In terms of security features, windows has been lightyears ahead of OS X since the beggining, you just don't notice it because it is constantly under attack. But it feature by feature, windows is ahead.
The question was security, not how reliable the network was. A single point of failure architecture is a shitty architecture by any reasonable measure, but that was not the question (:
Slashdot Mirror
No, because of bugs in the virtual machine. That runs java. Windows HAS known security bugs. Thousands over the years, I'd say. Anything that runs code (be it a browser - there goes your marvelous html5 file API or Java or the OS) has the potential of running code outside of it's scope. Even the most secure browsers have known exploits (as proven by the recent pwn2own results - http://www.zdnet.com/blog/security/pwn2own-2012-google-chrome-browser-sandbox-first-to-fall/10588 - so no, you have no fucking idea of what you're talking about.
Second of all, having Java enabled will not hurt your computer, running a Mac that has java updated by apple might. If you had read the article in the post you linked, you'd see it exploits something Oracle already fixed for other OS's - just not for the mac, since Apple won't let them.
If you won't run Java because it's not safe, then you better uninstall flash (even worse), your browser (that's hard, since you're here!), your OS (remember, viruses won't run in a computer that ain't on). While you're at it, you can breath virus in, so I'd stop breathing altogether. Better safe than sorry!
And nowadays browsers will even ask you if you trust an applet before they run it (Chrome) and will only enable it if you want to. So don't fucking click yes if you're somewhere you don't trust.
Again, it was a ridiculous comment. But I'm sure you'll do your best to up your security by just leaving the internet altogether and doing everyone else (and yourself) a favor. You never know when you might get ridiculed again.
this is not true anymore, amazon does not charge for inbound traffic.
Ignore this, since it wouldn't help all that much. I'd say that https://www.varnish-cache.org/ can help, but to be honest, if you want to be up, just stick them on Amazon Cloud services or something. They'll have a really hard time getting to that, and you'll leave all the defending and whatnot to be someone elses' job
Surprised no one mentioned this. On long overnight trips all the lights go out, and there are times when you can't (or shouldn't) use the seat lights. I already use the cover that provides light, but it provides very little in the way of protection to the kindle, so it's a hassle keep putting it on and off.
I'd trade my kindle for a new one if they came up with a lighted one.
The article still fails on showing what google gets out of all of this - Information. By using an Android phone you pretty much become a google centric person. You'll use their mail, calendar, contacts, news, etc on mobile and even shift your PC habits to google. In turn that will allow them to give you better adds and to charge more from the companies that serve them.
Google's approach at android is pretty much the same as google's approach at e-mail. They gave you an e-mail service better than most payed services offered at the time (for free) just so they could profit from the information they gathered.
This kind of news is misleading since Google pretty much has been using that business model everywhere with enough success to keep betting at it. It might not generate as much raw money as apple from each handset (even though they might get some from the Nexus line), but they still make more than enough from each smartphone.
No, he said the attempts at encryption should not be made using java because a story showed that you could run code on a computer via an applet.
It's ridiculous. Or even worse than that, it's someone so ignorant it hurts, but that feels entitled to do statements like that. I should have used my modpoints instead of commenting, since people might take him seriously and he needs to get downvoted and hidden fast.
His comment is akin to saying that since C and C++ has been used on viruses that get delivered as windows executables, you should not use anything written in C, C++ or windows.
You completely missed the point. Our elementary school children all got computers. Their teachers were normal teachers and they had no idea (nor education) on how to use them. It had nothing to do with retardation, but with lobbying that convinced the government it was a great idea /because they wanted to sell computers). But they obviously didn't care about the teachers education, they just wanted to build machines. In economic terms, it was actually good... These cheap ass computers were sold to other countries (wouldn't be surprised to learn that this OLPC was a variation of our product).
And coming from a country that is ruled by lobbies, its kind of ironic that you find the morals to call anyone retarded.
And computer teachers not knowing computers must be a local problem. Around here you need to have graduated on "computers" if you're going to teach computers. The problem was with the other teachers that had no fking idea on how to use a linux computer.
Because they are, clearly, associated.
Most encryption algorithms and libraries in java follow the standards implementation. If used properly they are as secure as possible.
Don't confuse the relative security of a language (in allowing you to run code outside of the VM) with encryption algorithms. That's completely idiotic. It's like saying you should not eat meat because it's raining (yep, as idiotic as that).
I don't know if you're serious or not, but in Portugal that was considered one of the main failures (Linux). Most teachers had no idea on how to use their heavily modified linux distro ( custom flavor of http://www.caixamagica.pt/ ) so they simply ignored the computers, that in turn became more of a plaything than a teaching tool.
It's not enough to get Linux to computers, laymen need to be educated or an intuitive shell needs to be developed (like OS X did with unix).
I disagree, I don't think they are more or less pure, they are just a lot more vocal and seem to feel entitled to push their view onto other people. Most countries won't allow any kind of radical thinking anywhere near power, but the US and UK political system and media do, so, you hear about these freaks a lot more there.
I honestly don't get how could an unlock combination bog them down. In the end it is just a numerical combination with a guarantee that no number is ever repeated. There aren't that many numbers from 0 to 9876543210 without repetition (or well, there are a lot, but way less than a pure number that a pin could be).
I see your point, but I don't agree with you (at all)
Those protocols were design for computing power lower than a calculators'. They would have run on pretty much anything. What RIM did was construct a whole network to provide secure communications to the users of their phones, while having a great UI for it (at the time), and that was revolutionary. It was never that you couldn't get e-mail on phones, just they went the extra mile. They were what other players aspired to be...
On the other hand, now they are not doing it. Pretty much everything RIM has done in the past few years has been trying to catch up, and when they do, their competitors are already miles ahead.
The only way RIM will ever reach the pack is if they skip trying to develop everything from scratch and just add their ideas to Android (Nokia is living proof that windows mobile 7 will not sell, even if you do great handsets). With it they can take advantage of everything Android already does and differentiate themselves by doing some of the things better (much like they did in the past).
Did I reject your argument? But I do hate you! (:
No, I dislike shills as much as the next one, but I'm capable of independent thought and I don't accept or reject things based on simple hatred.
As I said, just google it. There are hundreds of websites with similar comparisons made by people not affiliated with microsoft that tell the same story. Furthermore, this article is careful enough to cite outside sources and base his analysis on facts.
You read "Microsoft" and the blind hatred started, plain and simple. Last time I checked, shills don't disclose their affiliation, they try to pass their stories as impartial, when they aren't. If someone starts by admitting he's a microsoft employee, then he's no shill. And maybe, just maybe, you should read what he has to say before assuming it is propaganda - it isn't. Security experts are also quoted in the article, with no Microsoft affiliation whatsoever.
Oh, and the fact that it receives and transmits data doesn't mean it is insecure. A simple key exchange protocol will allow you to communicate securely without having to store anything on your phone but RIM's public key.
I think it is obvious that not ALL the disk gets encrypted. Your system wouldn't boot if that happened. Is that insecure also? They simply leave the e-mail and appointments warnings out of it. It's the tradeoff of full security and usability.
And I've seen more than one tool that is able to access an iPhone and some Android phones in minutes, but I've also seen news of countries demanding the key from RIM because they can't access a BB.
And all throughout the article you said "it is possible". show links to a compromised BB phone that didn't have a 12345 PIN and I'll bow down... I just haven't seen any of those.
I was quoting the top google result (out of thousands). I thought it illustrated the problem because it actually explained the problems in laymen terms. But everything you and your ilk read was "he's from microsoft! It doens't matter if he has a point!!!!".
Shame on all of you.
Please do share those tests where mac os X (not linux) beat windows. The whole tests. Please do tell me how can an os that until lion didn't encrypt the whole disk, for example, or didn't have ASLR be more secure those that did.
In terms of architecture, windows has been one step ahead of the mac due to the sheer need of protection to a constant wave of attacks.
And no, companies DO NOT trust those inside. Actually, any first year network security class in university will teach you that YOUR people are your biggest security risk. It doesn't matter if you have 256 byte passwords if they are written under the keyboard. It doesn't matter if you implement a secure WPA2 and firewalled access to your network if an employee will open an ad-hoc connection that provides an entry point. A honeypot can make an employee leak confidential information without even noticing.
No serious sysadmin will trust the users, ever.
I really want to know where did you conduct your security auditing. Actually, I want to talk to your boss. Or, you're just full of shit.
it has NOTHING to do with microsoft. Windows, since it has been the target of more threats has been dumping resources to construct a more secure architecture, using every trick in the book.
Apple, on the other hand, has been skimming by due to sheer lack of interest in the platform.
Your argument is akin to US military being weaker than the one from the fiji islands, simply because there have been more attacks to the US. Damn, how I hate ignorant fanboys. And, again, i OWN a macbook pro. Actually, I own a Power G4 macbook, a white macbook, a 13" mbp and a 15" macbook pro. I've also offered a mabook air and advised more than one person to buy mac.
I LOVE OS X. But i know that in terms of architecture, only lion brought features like ASLR or full disk encryption, things that windows has had for years, for example.
Exploits can be patched (since it is a closed system and rim controls it). RIM also encrypts everything, so it doesn't really matter if you think you have gone past it, only exploit I've found that I've found for a RIM handset (in order to get the info inside) had to do with the backups you store in your pc and not the phones.
Please do show where are those exploitable RIM phones because the secret services of half the world would love to know them.
You're ignoring the security features present in each OS. In terms of architecture, windows is ahead of mac os x. It has been for a while. But, once again, you're using the argument of "there are more, so it must be true!!!!".
This is a falacy. The article explains the features in laymen terms.
And don't take the microsoft's guy word, just google it yourself. Feature by feature, windows has more. That's a FACT. More threats only reflects the popularity of the OS, not the number of features to stop those threats it applies.
See the quotes. Independent contractors also verify this.
I happen to own a MBP and I love OS X. But I'm also not blind. Lots of facts there to entertain anyone.
Already put a link in this thread. In terms of security features, windows has been lightyears ahead of OS X since the beggining, you just don't notice it because it is constantly under attack. But it feature by feature, windows is ahead.
The question was security, not how reliable the network was. A single point of failure architecture is a shitty architecture by any reasonable measure, but that was not the question (:
yes: http://www.infoworld.com/t/hacking/apple-security-under-attack-the-view-windows-169586