All right, to each his own. You have a few valid points, granted, and I have a few valid points about Linux as well. (Though it's a nice OS that I have used for some time, but don't use often any more.) But that's a topic for another thread. I don't want to be party to an OS war right now. Let's just leave it at that.
However, I do want to clear up some misconceptions you may have, and give some advice as to how you can become better at using OS X. Knowledge is power and all.:-)
And as you mentioned, virtual desktops *is* possible under Mac OS X if you buy software for it. Let's just leave it at that.;-)
In a similar way, your point about k3b being better than Finder's disk burning is a bit flawed. Finder's disk burning support is just for when you want to burn a few files to a CD.
For one, if you just want to burn ISO files, it's possible with the bundled tools in Mac OS X as well, using Disk Utility. (Like so.). It's just a case of knowing the operating system. If I didn't know what K3B was, I'd never guess it was for burning CDs -- just like I wouldn't know that Disk Utility couldn't burn ISOs if I weren't a seasoned Mac user.
If you want a more flexible program, there's always Roxio Toast, which is even more flexible and easier to use. (Screenshot.) The Titanium edition does pretty much everything you "need" to do, even more advanced stuff like burning VCDs and stuff. But, sure, that costs money. But the functionality is there if you want it.
Hope this helps in any of your future usage of Mac OS X.:-)
I've got the solution to a few of your annoyances:
Task switching (I want to cycle through all windows with one key sequence, rather than alt-tab switch apps, alt-` switch windows w/in apps. Plus, you cant alt-anything into a docked window).
Possible. You press F9 to activate Exposé, and then use tab to cycle through the windows one by one.
Middle click paste (nuff said -- only works with X11, not native mac apps).
Should be possible using an application such as USB Overdrive, to remap the middle mouse button to left click, followed by Apple+V, or just Apple+V depending on whether you want the pasting to be xemacs-like or terminal-like. I haven't tried this though, and it's a bit of a hack. (Okay. It's a lot of a hack.;-) But it should be possible. IF you have a multibutton mouse you could probably bind one of your n mouse buttons to do this for you to preserve middle-click for other apps. (New tabs in Safari?)
Mouse focus (being able to scroll a background window without losing focus on the foreground is sweeter than sex).
As another poster in this thread said, I think you're doing sex wrong.;-) Though if you really do get orgasmic release from scrolling and moving windows in the background, try holding the Apple key while doing this. I was able to move background windows as well as scroll in them while holding the apple key. Not quite the same, but different. Personally, I like being able to focus, raise a window and drag it to the middle of the screen with one fluid motion.
Don't know about your firewire drive, but burning discs is easier with k3b than with finder.
Uh. Put disc in. Get a volume of a "burnable folder". Drag files in. Drag file on the trash which becomes a "burn" icon. Wait. Repeat to eject. Done. If that's too "simple" for you (it is for me at times), you can always get an application such as Toast.
1000 accounts per hour for an hour isn't outside the realm of possibility at all.
There are 3600 seconds in an hour. If you were to streamline the process of registering the accounts, so that the only human process were to decode the CAPTCHA image, I could definitely see myself performing one of these tests every 3.6 seconds, especially with some practice. (Depending on the difficulty of the test of course.)
This is where you employ people at minimum wage, or even illegal immigrants below minimum wage. I'm not that in to the exact figures for the United States, but I'd guess minimum wage would be somewhere around $5/hour. This makes it pretty cheap to create 1000 accounts.:-)
Now, going beyond say 1000 by a few orders of magnitude, the cost of passing CAPTCHA tests goes up the same way.
This, of course, is ignoring advances in AI technology that are starting to be able to identify and pass CAPTCHAs. It doesn't matter if they suck. Even if you only get 1% accuracy on them (lowball estimate), that only slows down an automated account generation attack by a factor of 100, and with *cough* clandestine grid computing *cough*, this becomes a quite effective attack in todays world with zombies etc.
Gotta say ebay is very good for getting genuine CDs very very cheap.
</logic type="riaa">You do realize that by buying used CD:s on eBay you're STEALING from those starving artists that made the CD's? After all, by buying a CD on eBay you're going to pay the artist only once for the privilege of listening to the music for two people! You criminal mind you! You're just as bad as all the P2Pers. <logic>
There is one advantage. I don't know if this is what snipers want to acheive, but...
I'm guessing it's to keep the bid count low, and the auction "under the radar" with a low bid count, leading to less interest in the auction, and by extention, a lower ending price. A crowd draws a crowd and all.
It's the exact opposite reason of why people put up auctions with a starting price of 1 $CURRENCY.
If you tax manufacturers to pay the recycling bill, the cost increases will just be passed on to the consumers, either directly or indirectly.
Adding a surcharge on buying electronics is perfectly reasonable. After all, it's not like those "EVIL MANUFACTURERS" are alone responsible for creating this awful toxic waste that has to be recycled. If nobody were to buy the items, the manufacturer wouldn't manufacture them. The manufacturer only manufactures to satisfy a need in the market.
I'm not sure about Windows (haven't used that seriously in years), but on a Mac, you can prefix the name with a space and have it appear first in the listing. Almost invisible, but still slightly annoying if you're pedantic.:-)
All right. Windows is a rancid operating system in this respect.
However, what do you say? A poor craftman blames his tools.
My point is, he didn't *have* to reinstall from scratch if he had used imaging software to start with. The fact is that there *is* a way to save the time he spent, and he chose not to use it. Now, you can argue until you're blue in the face about how much Windows sucks for not providing scripted installs, but the fact is, that the real dumbass here is the admin who didn't recognise this limitation, and work around it.
Imagine a hammer. A hammer of some kind of solid gold alloy that's the best hammer in the world. It set you back $74,000 -- but it's a damn good hammer. Now, you need to build something requiring you to hammer three nails and screw in a screw. You have a cheap screwdriver lying around as well.
Do you:
- Use the hammer to hammer in the three nails, and then try hammering in the screw with the hammer, blaming the hammer manufacturer for being incompetent for not making a hammer that works with screws? After all, you paid $74,000 for the hammer, and you have to get your money's worth, right?
- Use the hammer to hammer in the nails, and the screwdriver to screw the screw in.
For me, the choice is obvious. For you, it seems it isn't quite as obvious.
... because you can save 2 hours of messing with parted by spending 8 hours every time your computer goes down. Makes perfect sense.
There's no reason not to use open source software just because you're using Windows.
The space to install said image? Come. On. Are you seriously saying that a single DVD-R costs more than a 8 hours of consultant time? Where are you getting your DVD-Rs? They must be made from solid gold or something.
Sure. It's a suboptimal solution, but it's good enough to do what you describe and save a bunch of time, and it's certainly better than configuring everything from scratch.
If a company wants to reinstall from scratch to "save" time on not building a reinstall DVD, sure, and to "save" money on not buying one of those Real Expensive DVD-Rs, sure, let them.
And that's not even counting the cost in lost productivity for computer downtime.
It's convenient though. You can blame Bill Gates whenever something goes wrong. That's one big advantage of working with Microsoft software.
Have you ever considered that the TCO for Windows servers is higher because there are more unskilled administrators (like your dad's IT consultant/tech) for it taking way too long time to perform even the simplest task?
Windows 2003 Server can be and is used in some very high-security applications, as long as you administrate it properly and have a high security network with firewalls and stuff to connect it to in the first place. There are competent Windows 2003 Server administrators out there, and one in particular that I know consistently amazes me with the stuff he can make Windows 2003 do.
But then he works at a very high-budget data center with redundant internal networks, 3 layers of firewalls and a very rigorous security policy.
If you're going to correct somebody correcting somebody, make sure that what you're correcting isn't in fact correct to start with, and that "correcting" the correction won't make the correction wrong.
Whew.
Yes, the mode is 1. The median, however, is also 1, in the case of the data set "10 2 1 1 1", which is what the great grandparent post specified.
Except this doesn't happen in Mac OS X by default. Also, a virus doesn't actually have to be executable to be... well... executable. It could be written in, say, Applescript, and a program would open the file and execute the commands contained in it. No +x bit required.
OTOH, in a Linux or MacOSX environment, the worst that would happen is that the user's settings get lost or wiped.
The worst that could happen is the program e-mailing your most secret files to your enemies. Think outside the computer. (This is what this story is about, anyway, trojans for industrial espionage.)
1. E-mail the user a "Free Porn" program. This program is then set to launch every time the user logs in. (To make it more plausible, the program then launches a Safari window pointing at your favorite porn site.)
2. The program is basically a glorified FTP server, allowing the attacker to log into it and retreive any files accessible from the account. To get past firewalls, it could evenly actively connect outward to another host to receive instructions, or even be controlled via e-mail.
Voilà, corporate espionage on Mac OS X or Linux per social engineering.
We, the non-Microsoft users, shouldn't lull ourselves into a false sense of security against spyware and trojan threats just like this one, just because we happen to be non-Microsoft users, or even because we tend not to be logged in as root when we do our work.
Are trojans stoppable? Well, you can try. You can filter out executable types from getting through your e-mail, you can disallow downloading of executable files through your corporate proxy. You can even use software that re-images your computer on every boot to erase trojan software that gets on there as often as possible to prevent from local attacks.
You can even educate users in the risks of using a computer, or checking your keyboard plug for suspiscious devices, but practically none of this is platform-specific.
In the case of industrial espionage, you have a determined attacker attacking a specific target. They're not going to stop attacking you just because you don't use Windows XP.
As I said in another thread, the problem isn't computer insecurity, but the fact that people will install anything given enough social engineering. Even if you use an operating system like Mac OS X or Linux or something else similar, where the users aren't typically logged in as root, you can still spy on the user whose account you've infected, which is enough damage right there.
Slashdot Mirror
All right, to each his own. You have a few valid points, granted, and I have a few valid points about Linux as well. (Though it's a nice OS that I have used for some time, but don't use often any more.) But that's a topic for another thread. I don't want to be party to an OS war right now. Let's just leave it at that.
:-)
;-)
:-)
However, I do want to clear up some misconceptions you may have, and give some advice as to how you can become better at using OS X. Knowledge is power and all.
And as you mentioned, virtual desktops *is* possible under Mac OS X if you buy software for it. Let's just leave it at that.
In a similar way, your point about k3b being better than Finder's disk burning is a bit flawed. Finder's disk burning support is just for when you want to burn a few files to a CD.
For one, if you just want to burn ISO files, it's possible with the bundled tools in Mac OS X as well, using Disk Utility. (Like so.). It's just a case of knowing the operating system. If I didn't know what K3B was, I'd never guess it was for burning CDs -- just like I wouldn't know that Disk Utility couldn't burn ISOs if I weren't a seasoned Mac user.
If you want a more flexible program, there's always Roxio Toast, which is even more flexible and easier to use. (Screenshot.) The Titanium edition does pretty much everything you "need" to do, even more advanced stuff like burning VCDs and stuff. But, sure, that costs money. But the functionality is there if you want it.
Hope this helps in any of your future usage of Mac OS X.
Possible. You press F9 to activate Exposé, and then use tab to cycle through the windows one by one.
Should be possible using an application such as USB Overdrive, to remap the middle mouse button to left click, followed by Apple+V, or just Apple+V depending on whether you want the pasting to be xemacs-like or terminal-like. I haven't tried this though, and it's a bit of a hack. (Okay. It's a lot of a hack.
As another poster in this thread said, I think you're doing sex wrong.
Uh. Put disc in. Get a volume of a "burnable folder". Drag files in. Drag file on the trash which becomes a "burn" icon. Wait. Repeat to eject. Done. If that's too "simple" for you (it is for me at times), you can always get an application such as Toast.
1000 accounts per hour for an hour isn't outside the realm of possibility at all.
:-)
There are 3600 seconds in an hour. If you were to streamline the process of registering the accounts, so that the only human process were to decode the CAPTCHA image, I could definitely see myself performing one of these tests every 3.6 seconds, especially with some practice. (Depending on the difficulty of the test of course.)
This is where you employ people at minimum wage, or even illegal immigrants below minimum wage. I'm not that in to the exact figures for the United States, but I'd guess minimum wage would be somewhere around $5/hour. This makes it pretty cheap to create 1000 accounts.
Now, going beyond say 1000 by a few orders of magnitude, the cost of passing CAPTCHA tests goes up the same way.
This, of course, is ignoring advances in AI technology that are starting to be able to identify and pass CAPTCHAs. It doesn't matter if they suck. Even if you only get 1% accuracy on them (lowball estimate), that only slows down an automated account generation attack by a factor of 100, and with *cough* clandestine grid computing *cough*, this becomes a quite effective attack in todays world with zombies etc.
Indeed. Nothing sucks like an Electrolux.
But then Italian television sucks exceptionally much.
(Yes. I'm being silly.)
There is one advantage. I don't know if this is what snipers want to acheive, but...
I'm guessing it's to keep the bid count low, and the auction "under the radar" with a low bid count, leading to less interest in the auction, and by extention, a lower ending price. A crowd draws a crowd and all.
It's the exact opposite reason of why people put up auctions with a starting price of 1 $CURRENCY.
You have been outbid.
eBay sniper skillz
Time zones?
If you tax manufacturers to pay the recycling bill, the cost increases will just be passed on to the consumers, either directly or indirectly.
Adding a surcharge on buying electronics is perfectly reasonable. After all, it's not like those "EVIL MANUFACTURERS" are alone responsible for creating this awful toxic waste that has to be recycled. If nobody were to buy the items, the manufacturer wouldn't manufacture them. The manufacturer only manufactures to satisfy a need in the market.
I'm not sure about Windows (haven't used that seriously in years), but on a Mac, you can prefix the name with a space and have it appear first in the listing. Almost invisible, but still slightly annoying if you're pedantic. :-)
From what I've heard the word average can mean either a mean value, a median or even a mode.
This is how Darrell Huff uses the word in his excellent book How to lie with statistics. (If you haven't read it, pick it up. Right now.)
All right. Windows is a rancid operating system in this respect.
However, what do you say? A poor craftman blames his tools.
My point is, he didn't *have* to reinstall from scratch if he had used imaging software to start with. The fact is that there *is* a way to save the time he spent, and he chose not to use it. Now, you can argue until you're blue in the face about how much Windows sucks for not providing scripted installs, but the fact is, that the real dumbass here is the admin who didn't recognise this limitation, and work around it.
Imagine a hammer. A hammer of some kind of solid gold alloy that's the best hammer in the world. It set you back $74,000 -- but it's a damn good hammer. Now, you need to build something requiring you to hammer three nails and screw in a screw. You have a cheap screwdriver lying around as well.
Do you:
- Use the hammer to hammer in the three nails, and then try hammering in the screw with the hammer, blaming the hammer manufacturer for being incompetent for not making a hammer that works with screws? After all, you paid $74,000 for the hammer, and you have to get your money's worth, right?
- Use the hammer to hammer in the nails, and the screwdriver to screw the screw in.
For me, the choice is obvious. For you, it seems it isn't quite as obvious.
... because you can save 2 hours of messing with parted by spending 8 hours every time your computer goes down. Makes perfect sense.
There's no reason not to use open source software just because you're using Windows.
The space to install said image? Come. On. Are you seriously saying that a single DVD-R costs more than a 8 hours of consultant time? Where are you getting your DVD-Rs? They must be made from solid gold or something.
Sure. It's a suboptimal solution, but it's good enough to do what you describe and save a bunch of time, and it's certainly better than configuring everything from scratch.
If a company wants to reinstall from scratch to "save" time on not building a reinstall DVD, sure, and to "save" money on not buying one of those Real Expensive DVD-Rs, sure, let them.
And that's not even counting the cost in lost productivity for computer downtime.
It's convenient though. You can blame Bill Gates whenever something goes wrong. That's one big advantage of working with Microsoft software.
What costs money? Norton Ghost? Or even a copy of GNU Parted?
Also, heard of sysprep?
Penny wise and pound foolish...
Dude, imaging. Heard of it?
Have you ever considered that the TCO for Windows servers is higher because there are more unskilled administrators (like your dad's IT consultant/tech) for it taking way too long time to perform even the simplest task?
Windows 2003 Server can be and is used in some very high-security applications, as long as you administrate it properly and have a high security network with firewalls and stuff to connect it to in the first place. There are competent Windows 2003 Server administrators out there, and one in particular that I know consistently amazes me with the stuff he can make Windows 2003 do.
But then he works at a very high-budget data center with redundant internal networks, 3 layers of firewalls and a very rigorous security policy.
sh evilscript.sh
The execution then is of "sh", which reads evilscript.sh as a file containing commands. evilscript.sh doesn't need to be +x for this to work.
Hehe.
If you're going to correct somebody correcting somebody, make sure that what you're correcting isn't in fact correct to start with, and that "correcting" the correction won't make the correction wrong.
Whew.
Yes, the mode is 1. The median, however, is also 1, in the case of the data set "10 2 1 1 1", which is what the great grandparent post specified.
Except this doesn't happen in Mac OS X by default. Also, a virus doesn't actually have to be executable to be... well... executable. It could be written in, say, Applescript, and a program would open the file and execute the commands contained in it. No +x bit required.
What you just calculated was the mean value.
The median in this case is 1.
Social engineering.
1. E-mail the user a "Free Porn" program. This program is then set to launch every time the user logs in. (To make it more plausible, the program then launches a Safari window pointing at your favorite porn site.)
2. The program is basically a glorified FTP server, allowing the attacker to log into it and retreive any files accessible from the account. To get past firewalls, it could evenly actively connect outward to another host to receive instructions, or even be controlled via e-mail.
Voilà, corporate espionage on Mac OS X or Linux per social engineering.
Not very subtle, but very effective.
This is so correct. I've been saying the same thing over at another thread.
We, the non-Microsoft users, shouldn't lull ourselves into a false sense of security against spyware and trojan threats just like this one, just because we happen to be non-Microsoft users, or even because we tend not to be logged in as root when we do our work.
Are trojans stoppable? Well, you can try. You can filter out executable types from getting through your e-mail, you can disallow downloading of executable files through your corporate proxy. You can even use software that re-images your computer on every boot to erase trojan software that gets on there as often as possible to prevent from local attacks.
You can even educate users in the risks of using a computer, or checking your keyboard plug for suspiscious devices, but practically none of this is platform-specific.
In the case of industrial espionage, you have a determined attacker attacking a specific target. They're not going to stop attacking you just because you don't use Windows XP.
As I said in another thread, the problem isn't computer insecurity, but the fact that people will install anything given enough social engineering. Even if you use an operating system like Mac OS X or Linux or something else similar, where the users aren't typically logged in as root, you can still spy on the user whose account you've infected, which is enough damage right there.