But the thing is...every single one of us, to a man, would be ashamed to show something like that in public. Seriously, we'd hang our heads in embarrassment.
That seems excessive. It's just a bloody dropshadow.
Microsoft's position, of course, is,
I don't think you're qualified to comment on "Microsoft's position", in so far as there even is such a thing.
Don't just slap something on there and say, "Oh, this'll all come out before we ship." That's not fair to your product or your customers.
Despite ever increasing demand for bandwidth the cost of network traffic has only gone down over the past decade. There is nothing to suggest this trend will not continue into the foreseeable future. So in so far as spam is a real problem it doesn't seem to affect what is arguably the most important metric here, namely end user cost.
From one kind of economic perspective, yes, it might make sense to differentiate between network services and users, and to mandate elaborate tariff structures, authorization mechanisms, etc. But it is just as likely to lead to the creation of cartels and innovative sclerosis: witness the slow uptake of multimedia services in the mobile phone market, which are widely recognized as too expensive and lacking in interoperability.
The Internet is a dumb network which solves problems by brute force. It is exactly this property which caused it to win out over smarter networks such as Minitel or the various X.25 implementations. (a fairly comprehensive account of this development is given in the following web lecture by Paul Kunz)
But since the Internet is dumb, there's nothing stopping you from offering a prepaid email service. If spam is really as big a problem as you make it out to be then people will flock to your service. But I don't think they will.
Between SpamAssassin, procmail, and MUA filtering rules, I rarely get to see spam anymore. The spam which does slip through is so absurd and surreal that it's more hilarious than annoying.
If everybody did this, the volume of spam would quickly dry up. Because when people don't see the spam, they can't respond to it, and when they don't respond to it, the spammer doesn't have a business.
Educate the people around you and help them reduce the spam that gets to their inbox. Don't support solutions which effectively render nodes at the network periphery to second-class status.
It doesn't matter if the postage is two cents, the spammers can't afford it. Two cents against 50,000,000 spams turns out to be *REAL* money.
This doesn't seem to be a major issue for telemarketers and direct-mail advertisers. All it will do is make the spam glossier.
Well, that's not entirely true. It will reduce the volume of spam. But in the process it will reduce the volume of email, period. It's a bit like fighting crime by decimating the population.
. I work in front of typically 3, 19" CRT's for 12 - 16 hours per day at an average distance of 18". Can these magnetic fields cause Leukemia, or anything else?
Don't worry, you'll probably die of a heart attack long before the leukemia kills you.
Well, I must say I'm surprised. Frankly I didn't think you would reply and I think that may have contributed to a number of rather sloppy statements, which you nailed ruthlessly:
You are also confusing "act", "crime", and "evil"/"wrong".
True, true...
I wasn't lecturing, I was providing counterpoints to your claims.
A rhetorical device on my part:)
I heard of this effect in mice, and I only know of one study in humans, which has seemingly contradicted that claim.
The scientific evidence for reduced T-cell count is inconclusive. But there is quite a bit of anecdotal evidence which suggests that smoking weed lowers the effectiveness of the body's immune response system, of which T-cell count is of course only one aspect. Simple colds develop into full blown anginas, normally impotent fungi manage to take hold on the skin, latent herpes infections start to "bloom".
I'm not qualified to comment on the significance of all this. It may correlate with lifestyle or a thousand other factors. But I would like to ask you to not dismiss it out of hand. Consider it as a perspective. See if and when it makes sense for yourself.
I certainly haven't heard of any painkilling or sedative effects of it though, and those would seem counterintuitive since it's an amphetamine.
She claims that it makes her feel warm and comfortable, sense of wholeness and all that. It may have to do with the fact that she obtains her XTC in liquid form straight from the lab. Purportedly it's extremely pure MDMA.
In fact, the illegal cannabis trade wants nothing more than for cannabis to remain illegal, because it guarantees their profit margins.
It's more complicated than that... There have been frequent public calls for legalization from a number of big coffeeshop owners here in Amsterdam (names you might even be familiar with, such as Greenhouse, Grasshopper and the Bulldog). Some of these (i.e. those with roots in the hippie-ethos, like Greenhouse) on rather idealistic grounds, others on mercantilist grounds (reduced tax hassles, protection under the law, regulation).
A former acquaintance of mine used to ship hashish from Morocco by the quarter tonne (kg). He also supported legalization, complaining that the illegality attracted lots of shady characters (there's an irony here, but that's another story) and that it made the business too volatile; despite your claims to the contrary, when a shipment with a street value of around EUR 1.25 million goes missing, this makes a lot of people very nervous.
On the other hand, those in the business who don't favor legalization (or couldn't care either way) are those guys (otherwise upstanding, law-abiding citizens) who have a few dozen plants in their attic, netting them 2 or 3 grand every few months. (as an aside, the widespread presence of these small time entrepreneurs helps keep prices low).
Legalization would destroy the profit motive of the black market.
It takes guns out of the equation, if that's what you mean. But this is not something the user has to deal with anyway.
You claim there is "no indication" but you simply have to look at the end of alcohol prohibition for strong evidence that things will turn out exactly the same.
I said, there is no indication that the situation would improve. Of course the situation I am referring to is one in which anyone can step into a licensed coffeeshop and buy any of a wide variety of cannabis products at reasonable cost, as is the case in Amsterdam. The sale and use of small quantities is legal; everything else is punishable under criminal law. However, law enforcement officials, at their discretion, may and will condone large-scale production and distribution to some degree. (This is a famously peculiar bit of Dutch lawmaking).
As far as I'm concerned this is a brilliantly engineered setup: the cannabi
"But right now!" you yell, "I'm just as safe as you!" The problem is, that your safety is an illusion, and history has shown that you have only so many steps until you hit the next mine.
Perhaps surprisingly, I don't run Windows. I've been a GNU/Linux user and developer since 1996. During that time I've seen Windows evolve from a sorry piece of unfixable rubbish to a painful but technically salvageable marketing instrument.
History has also shown that no mine has ever exploded for the Mac OS X user.
I don't know. Several viruses could have been written to exploit this vulnerability. It's issues like these that lead me to question the significance of OS X's BSD heritage wrt security.
And so we don't go through this again, it's absolutely certain that some of this is due to market share, but not all of it. Mac OS X is harder to exploit.
Windows XP SP2 is pretty hard to exploit as well (if we discount trojans, even though these cause the most problems). What's more I see no reason to assume, as you do, that Microsoft's past performance can be extrapolated into the future. I expect the opposite, really.
On Windows, you make life hard if you are not an Administrator,
I agree that this is one of the biggest remaining issues with Windows security, and I cede the "softer" points as well (use of verbs in dialog boxes, ActiveX, etc.).
Oh, you mean they are all OS's? I guess Firefox and IE are equally exploitable as well, since they both "are integrated multimedia/hyperlink graphical viewiers with a pretty UI and integrated plug-in architectures"?
They are both susceptible to a range of phishing and spoofing attacks. IE has been vulnerable to a number of nasty other attacks as well, but I am not aware of any such glaring flaws in recent versions of IE.
That's absurd. What do you think the odds are that you have seen the last Windows virus/worm, that MS has finally fixed the last of their mistakes?
It stands to reason that we will see another Windows exploit at some point. But this is no different from the bugs that turn up periodically in Apache, SSH, PHP, sendmail, wuftpd, BIND, &c. What ultimately makes a Windows exploit so much more disruptive than all the others is the fact that Windows commands such a large portion of the market.
They were all jokes, trojans,
No, not all of them. The Switchback virus seems quite real. And of course Mac OS X has been vulnerable through flaws in Apache and SSH.
If you did, you'd realize that market share doesn't account for the disparity.
Market share doesn't account for everything. Older versions of Windows, in particular Windows 9x, suffered from a large number of exploitable flaws, which certainly has contributed to the abundance of viruses targetting that platform. But as far as I am aware no such glaring holes exist in recent versions of Windows.
What was stated was that because OS X has a BSD foundation (and is, in fact, based directly on BSD, and OS X is Unix), it has certain design features which are, in practice, far more secure than those of Windows.
Such as a God-like root user who can do everything? Such as a user/group/world security model which can't express anything but the simplest policies? Such as the necessity for setuid executables because there is no provision for proper capabilities? Unix access control is a joke and it's absurd that you should hold it up as a paragon of security.
Those things are all vectors, easily exploited vectors, for infecting Windows.
As far as I am aware these have all been addressed.
Right, and here in lies your problem and the problem with this entire entire line of argument, which is based on logical falicy.
Until you qualify the nature and kind of the purported "incontravertably" flawed Windows design and demonstrate that other operating systems do not have these same flaws, there is no reason for me to assume otherwise.
I work at a shop where the service techs deal with a non-stop stream of infected Windows systems so I draw my statements from direct experience.
The abundance of viruses and trojans targetting Windows is only to be expected given its market share.
Only a person ignorant of the issues could claim that OS X is just as insecure as Windows.
There really isn't that much to distinguish modern operating systems. They all have integrated networking, more or less elaborate means of access control, a pretty GUI and some utility apps like a web browser and an email client. They're all written in C-derivative languages by people who've studied largely the same curriculum.
But the proof is in the pudding, as they say. So where are the Mac viruses and worms?
A number of them have been mentioned by another poster in this thread.
Think about it for a second: your premise is that all OS's are equally exploitable?
No, I contend that Windows is subjected to the most attacks because it has the largest market share.
OS X is not "vaguely" based on "BSD-ish" origins.
The largest and most important parts of OS X don't derive from BSD. At it's lowest level, OS X runs a Mach kernel, which was originally developed at CMU. Quartz, Cocoa and Carbon are NEXT/Apple developments. The "BSD heritage" of OS X is mostly a syscall table and some commandline tools that nobody uses.
While SP2 has gone a long way to improving security, even with it Windows is paricularly suseptable to exploits.
Such as?
As for needing the user to run an attachment or something it's not that simple. Browsing the web and installing popular well known and used software can start a slow slide into total destruction.
Dramatic. Evidence?
Finally, please note you are still not understanding my argument which is that just because Windows has been brought to it's knees by the Internet does not mean that other OS's are just as insecure because they do not have the same market share.
Since other operating systems and their application software provide much the same functionality that Windows offers (such as executing email attachments or browsing the web), I don't see why the inference cannot be made.
The fact that Windows is exploted is proof that it is insecure.
No, it is not. Most Windows exploits require the user to execute an email attachment. The fact that Windows allows the user to do so does not make it insecure, since the same applies to all other operating systems, which renders the definition useless in terms of distinguishing power.
There have been a relatively small number of viruses which exploited flaws in the programming or design of Windows itself, or in some popular Windows software, but these flaws have all been satisfactorily adressed as far as I am aware. Moreover this is not a problem that is limited to Windows or Windows software. So if Windows is "incontravertibly (sic)" insecure because of this, then the same judgment should apply to all other operating systems which have ever required security patches and bugfixes.
With these being the case, it seems that the most important distinguishing factor which makes the impact of viruses so much more potent on Windows than on other operating system is the widespread use of Windows and Windows software, in other words, its market share.
Irrelevant to the question, "is BSD+Apache more secure than Windows+IIS?" The answer to that is quite clear, and has been consistent throughout the history of both pairs of products.
I already addressed this contingency. Even if the BSD/Apache combo is categorically more secure than the Windows/IIS combo, it remains an open question as to how this improves OS X's ability to thwart the mostly email propagated attacks that Windows users are subjected to.
Because OS X is based on BSD, it's built upon a more firm foundation than Windows is.
Impossible to tell, since you didn't specify which versions of BSD and Windows you are referring to, nor did you mention what criteria you use to determine "firmness", nor did you provide so much as an outline of how this "firmness" relates to the issue at hand.
This is important because e.g. the Windows NT-based kernels provide a number of theoretically security enhancing features not present in any of the BSD kernels, such as pervasive object-scoped ACLs, kernel preemptibility, and a highly segmented microkernel design. In so far as the OS X kernel matches or bests these Windows NT kernel features, it differs from BSD, which means that at least in those areas it can't lay claim to any real or perceived security benefits provided by the BSD heritage.
regarding my "baseless" claim, someone reported that there are indeed more than 100 000 viruses,
OK, so it's not baseless. But is it meaningful?
Of the top 10 viruses mentioned in the article you refer to, 5 of them are merely variations on a strain ("Netsky"). They do not differ significantly in the means they use propagate themselves. And this is just from looking at their names: a code-level analysis would reveal many more similarities between the different strains.
So while there may be as many as 100000 viruses,
they all propagate by means of the same handful of attack vectors (email, ActiveX, default passwords, SMB/IIS holes). In itself this just proves that the virus writing community is very dynamic and productive (if derivative). It doesn't mean, as you seem to be suggesting, that there are 100000 security issues in Windows and none in OS X.
As far as I'm aware there is no conclusive evidence that the "Windows Market Share" theory of exploitation holds any water at all.
Only if you choose to ignore the preponderance of evidence in the form of viruses targetting Windows.
From a _design_ perspective Windows has been shown to be less secure than other operating systems.
From a "design perspective" both Classic Mac OS and DOS are "less secure" than Windows. By your argument they should be drowning in viruses. But they're not. How do you explain this?
It just brings to light that it is insecure, incontravertably and demonstratably insecure.
All that's been brought to light is that you believe that fact-free hystrionics constitute an argument.
The conclusive evidence is that OS X is a flavour of *BSD.
This is a meaningless statement. It is unclear what bearing the BSD heritage has on the ability of OS X to thwart the kind of trojan/malware attacks that Windows users are subjected to.
If that doesn't strike you as conclusive, then feel free to explain how it is that Apache running on *BSD has such a better security record than IIS running on Windows
Without knowing which versions of Apache, BSD, IIS and Windows you are referring to, it is impossible to establish whether your assertion that the Apache/BSD combo is more secure than the IIS/Windows combo is actually true.
And even if it were universally true, it is unclear what bearing any purported security benefit of Apache/BSD over IIS/Windows has on the ability of OS X to thwart the mostly email-propagated attacks that Windows users are subjected to.
That certainly strikes *me* as being a pretty compelling counterargument to the greater market share theory of hacker victimization, anyway...
If you think a non-sequitur based on unsubstantiated premises qualifies as a "compelling counterargument" of any sort, I suppose.
This assumes a linear relationship between market share and virus propagation. There is no evidence for such a relationship (one could plausible suggest a treshold model, for example). Furthermore the quoted number of "100000 viruses/trojans/worms" is baseless.
Slashdot Mirror
five years ago [...] a woman came up to me
And you still haven't quite gotten over it, have you?
Tell her that her computer might be used to distribute of kiddie porn and/or terrorist plans and that she might conceivably end up a suspect.
But the thing is...every single one of us, to a man, would be ashamed to show something like that in public. Seriously, we'd hang our heads in embarrassment.
That seems excessive. It's just a bloody dropshadow.
Microsoft's position, of course, is,
I don't think you're qualified to comment on "Microsoft's position", in so far as there even is such a thing.
Don't just slap something on there and say, "Oh, this'll all come out before we ship." That's not fair to your product or your customers.
Why?
Despite ever increasing demand for bandwidth the cost of network traffic has only gone down over the past decade. There is nothing to suggest this trend will not continue into the foreseeable future. So in so far as spam is a real problem it doesn't seem to affect what is arguably the most important metric here, namely end user cost.
From one kind of economic perspective, yes, it might make sense to differentiate between network services and users, and to mandate elaborate tariff structures, authorization mechanisms, etc. But it is just as likely to lead to the creation of cartels and innovative sclerosis: witness the slow uptake of multimedia services in the mobile phone market, which are widely recognized as too expensive and lacking in interoperability.
The Internet is a dumb network which solves problems by brute force. It is exactly this property which caused it to win out over smarter networks such as Minitel or the various X.25 implementations. (a fairly comprehensive account of this development is given in the following web lecture by Paul Kunz)
But since the Internet is dumb, there's nothing stopping you from offering a prepaid email service. If spam is really as big a problem as you make it out to be then people will flock to your service. But I don't think they will.
It's remarkable how you manage to write so many words yet not a single one of them seems to be in response to my comment.
Between SpamAssassin, procmail, and MUA filtering rules, I rarely get to see spam anymore. The spam which does slip through is so absurd and surreal that it's more hilarious than annoying.
If everybody did this, the volume of spam would quickly dry up. Because when people don't see the spam, they can't respond to it, and when they don't respond to it, the spammer doesn't have a business.
Educate the people around you and help them reduce the spam that gets to their inbox. Don't support solutions which effectively render nodes at the network periphery to second-class status.
It doesn't matter if the postage is two cents, the spammers can't afford it. Two cents against 50,000,000 spams turns out to be *REAL* money.
This doesn't seem to be a major issue for telemarketers and direct-mail advertisers. All it will do is make the spam glossier.
Well, that's not entirely true. It will reduce the volume of spam. But in the process it will reduce the volume of email, period. It's a bit like fighting crime by decimating the population.
This is just wrong. The benefits are huge! This would reduce cost to orbit by orders of magnitude.
But what benefits does that bring?
Taco didn't write the summary. marksilverman did.
The people who are willing to take chances with their lives are not the people you want flying a billion dollar spacecraft.
Also, it's unclear exactly what tangible benefits space travels really offers. It's not like the moon is made of gold.
. I work in front of typically 3, 19" CRT's for 12 - 16 hours per day at an average distance of 18". Can these magnetic fields cause Leukemia, or anything else?
Don't worry, you'll probably die of a heart attack long before the leukemia kills you.
Sorry about the late reply
:)
Well, I must say I'm surprised. Frankly I didn't think you would reply and I think that may have contributed to a number of rather sloppy statements, which you nailed ruthlessly:
You are also confusing "act", "crime", and "evil"/"wrong".
True, true...
I wasn't lecturing, I was providing counterpoints to your claims.
A rhetorical device on my part
I heard of this effect in mice, and I only know of one study in humans, which has seemingly contradicted that claim.
The scientific evidence for reduced T-cell count is inconclusive. But there is quite a bit of anecdotal evidence which suggests that smoking weed lowers the effectiveness of the body's immune response system, of which T-cell count is of course only one aspect. Simple colds develop into full blown anginas, normally impotent fungi manage to take hold on the skin, latent herpes infections start to "bloom".
I'm not qualified to comment on the significance of all this. It may correlate with lifestyle or a thousand other factors. But I would like to ask you to not dismiss it out of hand. Consider it as a perspective. See if and when it makes sense for yourself.
I certainly haven't heard of any painkilling or sedative effects of it though, and those would seem counterintuitive since it's an amphetamine.
She claims that it makes her feel warm and comfortable, sense of wholeness and all that. It may have to do with the fact that she obtains her XTC in liquid form straight from the lab. Purportedly it's extremely pure MDMA.
In fact, the illegal cannabis trade wants nothing more than for cannabis to remain illegal, because it guarantees their profit margins.
It's more complicated than that... There have been frequent public calls for legalization from a number of big coffeeshop owners here in Amsterdam (names you might even be familiar with, such as Greenhouse, Grasshopper and the Bulldog). Some of these (i.e. those with roots in the hippie-ethos, like Greenhouse) on rather idealistic grounds, others on mercantilist grounds (reduced tax hassles, protection under the law, regulation).
A former acquaintance of mine used to ship hashish from Morocco by the quarter tonne (kg). He also supported legalization, complaining that the illegality attracted lots of shady characters (there's an irony here, but that's another story) and that it made the business too volatile; despite your claims to the contrary, when a shipment with a street value of around EUR 1.25 million goes missing, this makes a lot of people very nervous.
On the other hand, those in the business who don't favor legalization (or couldn't care either way) are those guys (otherwise upstanding, law-abiding citizens) who have a few dozen plants in their attic, netting them 2 or 3 grand every few months. (as an aside, the widespread presence of these small time entrepreneurs helps keep prices low).
Legalization would destroy the profit motive of the black market.
It takes guns out of the equation, if that's what you mean. But this is not something the user has to deal with anyway.
You claim there is "no indication" but you simply have to look at the end of alcohol prohibition for strong evidence that things will turn out exactly the same.
I said, there is no indication that the situation would improve. Of course the situation I am referring to is one in which anyone can step into a licensed coffeeshop and buy any of a wide variety of cannabis products at reasonable cost, as is the case in Amsterdam. The sale and use of small quantities is legal; everything else is punishable under criminal law. However, law enforcement officials, at their discretion, may and will condone large-scale production and distribution to some degree. (This is a famously peculiar bit of Dutch lawmaking).
As far as I'm concerned this is a brilliantly engineered setup: the cannabi
Thanks for dropping the insults.
"But right now!" you yell, "I'm just as safe as you!" The problem is, that your safety is an illusion, and history has shown that you have only so many steps until you hit the next mine.
Perhaps surprisingly, I don't run Windows. I've been a GNU/Linux user and developer since 1996. During that time I've seen Windows evolve from a sorry piece of unfixable rubbish to a painful but technically salvageable marketing instrument.
History has also shown that no mine has ever exploded for the Mac OS X user.
I don't know. Several viruses could have been written to exploit this vulnerability. It's issues like these that lead me to question the significance of OS X's BSD heritage wrt security.
And so we don't go through this again, it's absolutely certain that some of this is due to market share, but not all of it. Mac OS X is harder to exploit.
Windows XP SP2 is pretty hard to exploit as well (if we discount trojans, even though these cause the most problems). What's more I see no reason to assume, as you do, that Microsoft's past performance can be extrapolated into the future. I expect the opposite, really.
On Windows, you make life hard if you are not an Administrator,
I agree that this is one of the biggest remaining issues with Windows security, and I cede the "softer" points as well (use of verbs in dialog boxes, ActiveX, etc.).
Unfortunately, you keep mistaking your ignorance for fact.
But the fact is that Windows has ways of being exploited that are far easier to take advantage of.
Enlighten me. What issues remain which have not been addressed? Which viruses can take control of a Windows XP SP2 machine without user intervention?
The problem is, they all require more effort to succeed than just sending an email, or hosting an ActiveX control.
By what mechanism does sending an email or hosting an ActiveX control compromise recent versions of Windows?
Oh, you mean they are all OS's? I guess Firefox and IE are equally exploitable as well, since they both "are integrated multimedia/hyperlink graphical viewiers with a pretty UI and integrated plug-in architectures"?
They are both susceptible to a range of phishing and spoofing attacks. IE has been vulnerable to a number of nasty other attacks as well, but I am not aware of any such glaring flaws in recent versions of IE.
That's absurd. What do you think the odds are that you have seen the last Windows virus/worm, that MS has finally fixed the last of their mistakes?
It stands to reason that we will see another Windows exploit at some point. But this is no different from the bugs that turn up periodically in Apache, SSH, PHP, sendmail, wuftpd, BIND, &c. What ultimately makes a Windows exploit so much more disruptive than all the others is the fact that Windows commands such a large portion of the market.
They were all jokes, trojans,
No, not all of them. The Switchback virus seems quite real. And of course Mac OS X has been vulnerable through flaws in Apache and SSH.
If you did, you'd realize that market share doesn't account for the disparity.
Market share doesn't account for everything. Older versions of Windows, in particular Windows 9x, suffered from a large number of exploitable flaws, which certainly has contributed to the abundance of viruses targetting that platform. But as far as I am aware no such glaring holes exist in recent versions of Windows.
What was stated was that because OS X has a BSD foundation (and is, in fact, based directly on BSD, and OS X is Unix), it has certain design features which are, in practice, far more secure than those of Windows.
Such as a God-like root user who can do everything? Such as a user/group/world security model which can't express anything but the simplest policies? Such as the necessity for setuid executables because there is no provision for proper capabilities? Unix access control is a joke and it's absurd that you should hold it up as a paragon of security.
Those things are all vectors, easily exploited vectors, for infecting Windows.
As far as I am aware these have all been addressed.
Right, and here in lies your problem and the problem with this entire entire line of argument, which is based on logical falicy.
Until you qualify the nature and kind of the purported "incontravertably" flawed Windows design and demonstrate that other operating systems do not have these same flaws, there is no reason for me to assume otherwise.
I work at a shop where the service techs deal with a non-stop stream of infected Windows systems so I draw my statements from direct experience.
The abundance of viruses and trojans targetting Windows is only to be expected given its market share.
Only a person ignorant of the issues could claim that OS X is just as insecure as Windows.
There really isn't that much to distinguish modern operating systems. They all have integrated networking, more or less elaborate means of access control, a pretty GUI and some utility apps like a web browser and an email client. They're all written in C-derivative languages by people who've studied largely the same curriculum.
Microsoft has made some baffling mistakes wrt to the implementation of some of it's userland software, but has ultimately fixed all of them as far as I'm aware. On the other hand Apple doesn't seem to take privilege escalation very seriously.
But the proof is in the pudding, as they say. So where are the Mac viruses and worms?
A number of them have been mentioned by another poster in this thread.
Think about it for a second: your premise is that all OS's are equally exploitable?
No, I contend that Windows is subjected to the most attacks because it has the largest market share.
OS X is not "vaguely" based on "BSD-ish" origins.
The largest and most important parts of OS X don't derive from BSD. At it's lowest level, OS X runs a Mach kernel, which was originally developed at CMU. Quartz, Cocoa and Carbon are NEXT/Apple developments. The "BSD heritage" of OS X is mostly a syscall table and some commandline tools that nobody uses.
While SP2 has gone a long way to improving security, even with it Windows is paricularly suseptable to exploits.
Such as?
As for needing the user to run an attachment or something it's not that simple. Browsing the web and installing popular well known and used software can start a slow slide into total destruction.
Dramatic. Evidence?
Finally, please note you are still not understanding my argument which is that just because Windows has been brought to it's knees by the Internet does not mean that other OS's are just as insecure because they do not have the same market share.
Since other operating systems and their application software provide much the same functionality that Windows offers (such as executing email attachments or browsing the web), I don't see why the inference cannot be made.
And that's just it, isn't it? You are talking theory, and I'm talking practice.
The practice is that the OS with the largest market share is targetted by the largest number of trojans.
Arguing that OS X's vaguely BSD-ish origins endow it with resistance (of unspecified nature) against such attacks is superstition.
The fact that Windows is exploted is proof that it is insecure.
No, it is not. Most Windows exploits require the user to execute an email attachment. The fact that Windows allows the user to do so does not make it insecure, since the same applies to all other operating systems, which renders the definition useless in terms of distinguishing power.
There have been a relatively small number of viruses which exploited flaws in the programming or design of Windows itself, or in some popular Windows software, but these flaws have all been satisfactorily adressed as far as I am aware. Moreover this is not a problem that is limited to Windows or Windows software. So if Windows is "incontravertibly (sic)" insecure because of this, then the same judgment should apply to all other operating systems which have ever required security patches and bugfixes.
With these being the case, it seems that the most important distinguishing factor which makes the impact of viruses so much more potent on Windows than on other operating system is the widespread use of Windows and Windows software, in other words, its market share.
Irrelevant to the question, "is BSD+Apache more secure than Windows+IIS?" The answer to that is quite clear, and has been consistent throughout the history of both pairs of products.
I already addressed this contingency. Even if the BSD/Apache combo is categorically more secure than the Windows/IIS combo, it remains an open question as to how this improves OS X's ability to thwart the mostly email propagated attacks that Windows users are subjected to.
Because OS X is based on BSD, it's built upon a more firm foundation than Windows is.
Impossible to tell, since you didn't specify which versions of BSD and Windows you are referring to, nor did you mention what criteria you use to determine "firmness", nor did you provide so much as an outline of how this "firmness" relates to the issue at hand.
This is important because e.g. the Windows NT-based kernels provide a number of theoretically security enhancing features not present in any of the BSD kernels, such as pervasive object-scoped ACLs, kernel preemptibility, and a highly segmented microkernel design. In so far as the OS X kernel matches or bests these Windows NT kernel features, it differs from BSD, which means that at least in those areas it can't lay claim to any real or perceived security benefits provided by the BSD heritage.
OK, so it's not baseless. But is it meaningful?
Of the top 10 viruses mentioned in the article you refer to, 5 of them are merely variations on a strain ("Netsky"). They do not differ significantly in the means they use propagate themselves. And this is just from looking at their names: a code-level analysis would reveal many more similarities between the different strains.
So while there may be as many as 100000 viruses, they all propagate by means of the same handful of attack vectors (email, ActiveX, default passwords, SMB/IIS holes). In itself this just proves that the virus writing community is very dynamic and productive (if derivative). It doesn't mean, as you seem to be suggesting, that there are 100000 security issues in Windows and none in OS X.
As far as I'm aware there is no conclusive evidence that the "Windows Market Share" theory of exploitation holds any water at all.
Only if you choose to ignore the preponderance of evidence in the form of viruses targetting Windows.
From a _design_ perspective Windows has been shown to be less secure than other operating systems.
From a "design perspective" both Classic Mac OS and DOS are "less secure" than Windows. By your argument they should be drowning in viruses. But they're not. How do you explain this?
It just brings to light that it is insecure, incontravertably and demonstratably insecure.
All that's been brought to light is that you believe that fact-free hystrionics constitute an argument.
The conclusive evidence is that OS X is a flavour of *BSD.
This is a meaningless statement. It is unclear what bearing the BSD heritage has on the ability of OS X to thwart the kind of trojan/malware attacks that Windows users are subjected to.
If that doesn't strike you as conclusive, then feel free to explain how it is that Apache running on *BSD has such a better security record than IIS running on Windows
Without knowing which versions of Apache, BSD, IIS and Windows you are referring to, it is impossible to establish whether your assertion that the Apache/BSD combo is more secure than the IIS/Windows combo is actually true.
And even if it were universally true, it is unclear what bearing any purported security benefit of Apache/BSD over IIS/Windows has on the ability of OS X to thwart the mostly email-propagated attacks that Windows users are subjected to.
That certainly strikes *me* as being a pretty compelling counterargument to the greater market share theory of hacker victimization, anyway...
If you think a non-sequitur based on unsubstantiated premises qualifies as a "compelling counterargument" of any sort, I suppose.
This assumes a linear relationship between market share and virus propagation. There is no evidence for such a relationship (one could plausible suggest a treshold model, for example). Furthermore the quoted number of "100000 viruses/trojans/worms" is baseless.