Re:Many people feel Expose serves well enough
on
Hacking Quartz
·
· Score: 4, Insightful
I'm still waiting for Expose to have a way to move windows around with the mouse. At least as an option. I like the feature, but often I find myself wanting to reorder the windows after it does so (put all the important stuff on one side, web stuff on the other, etc. If I could do that, AND Expose could remember it, the feature would be an absolute godsend. It would literally be like having a physical desk organized by work.
Another poster got it right: disable USB support in the BIOS and lock each one with a password. If the motherboards don't support that, get some that do (if they're that worried about security). End of discussion.
A company I interned for had a strict no-use of CD-ROM policy (for music or otherwise). To that end, they yanked the IDE cables, pulled the power on the drives. They locked the case, enabled intrusion-detection on it and then locked the BIOS with a password. If they needed to use a workstation's CD-ROM, IT would come over with an IDE cable and set things up. Otherwise, only the daft would bring in their own IDE cables, attempt to pry open the case's lock, foil the intrusion-detection and erase all evidence that they were there. Policy worked extremely well.
And what did this company produce? Kitchen supplies. The hardware/systems adminstrator was overzealous, but brilliant.
Wow. Whoever marked this as "insightful" needs to take off their Bondi Blue glasses.
You guys do know that the minute an employee enters a "secure" network, they're pretty much clear to do whatever they want, right? The security is on the perimeter: getting in is the hard part. If employees needed to type a password for every keystroke, they're be a mass-exodus of white-collar workers.
I'm not saying conditions like that don't exist. I'm sure the computers that run missles and the like have multiple passwords that have to be entered all the time, but the average worker isn't going to be subjected to something like this.
Now, disable USB drives from being connected hardware-wise: that's an idea. Not sure if there's a way to do that in software, but I'm sure there's a way in the BIOS.
I think you're missing the point. It's a deterant. They're basically saying "You bring that in here, we'll be watching you." Coupled with security cameras throughout the building (which a company like this would likely have) the average thief would think twice.
It's similar to those guys with automatic weapons at airports. Do you think they'd ever fire one off in a crowd? No. But it's a deterant to bombers and the like, because it's basically saying "we'll shoot you before you get to your mission". Ditto on the X-ray scans and other crazy security measures in place. Thiefs/criminals like to stay hidden, not be put in the spotlight.
"Statistics don't change the facts that after running Mac OS X since it's inception, I've not had one OS X virus, or any of these exploits used against my machines."
Means nothing. I could create an OS that runs on only one machine, stick it on the Internet, and call it ChrisX. Chances are it would never be broken into. Why? There are millions of other machines out on the net with easily identifiable OSes and vulnerabilities. Bigger attack range.
If Apple ever manages to increase market share, then we'll see how long the "no virus" argument holds. Until that happens, security on OS X has partly to do with the fact that so few run it.
"That OS X doesn't have any network service running when first installed!!"
Uh, if that were the case, you won't be able to access networks without configuration. Considering the default behavior of OS X is to have all ethernet cards set by DHCP (like most OSes) that argument goes out the window.
I think what you meant to say was "easily exploitable ports". That I could kind of agree with.
"I don't know just where you were living, but Unix and Linux grew up on networked systems where multiple college students shared the same machines (well, Linux less than Unix here) because they were too expensive."
And I don't know just where you were living, but the first timeshare systems had passwords with no other security, and all users basically had access to all files. Read "Hackers". The primary goal was to share information -- security takes that away.
And the grandparent poster was right. We've only "given a fuck" since now home computers are being targetted, en masse. It used to be corporate servers, then corporate workstations. Virus/worm writers are deliberately trying to take over home machines, and that's where the real danger comes out.
"You forgot to add, "IMHO." Not all developers feel as you do."
Many do, actually. Read the feedback Apple has been getting on their own discussion boards.
"Better yet, read John Gruber's take [daringfireball.net] on this non-issue, and see if you still feel the same way."
Two points. First: the guy is a jerk (IMHO). Second: more importantly, he's talking about small apps and desk widgets. Yes, they've been around forever. The issue here is Konfabulator created a very distinct look with very specific apps that Apple essentially copied. And before you say "looks aren't everything", remember that part of Apple's marketing plan is completely based on looks.
Like I said: easily corrected. At least address the Konfabulator issue. They're handling it the same way they handled the recent security updates: incorrectly.
No matter what code Apple releases with OS X 10.4, there will forever be the stain of the Konfabulator. What's worse to developers: leaving code proprietary or not giving credit where credit is due?
All Apple has to say is "We were inspired by such and such" or cut a check to the Konfabulator guys. Instead, we have an OS on the cusp of massive developer influx (a lot of UNIX guys, like myself, have looked at Mac OS X and like what we see) struck down by a dumb software PR move. It would be a very simple thing to rectify, but watch Apple (unfortunately) not do it.
"Windows is like a flashy SUV. Looks great, illusion of safety,easy to drive, buts WILL tip over at a moments notice. Linux is like a Space Rocket. Yes it can get you home, hell it can get you into space. there's just a hell of a lot of buttons, and controls, and warnings and a NASA geek on the radio telling you to recompile the booster rocket software."
And then there's Mac OS X, the new Beetle with a turbo-charged engine but only 2 buttons (on/off and "let me drive for you"). Heaven forbid you want to change the color of the interior -- their lawyers will be all over you. But you can lick the seat covers.
Yeah, but then we get into the whole issue of "is this right"?
I don't recall the page, but somewhere in Apple's user interface guidelines for OS X they talked about the "appearance" of being ready for input. I seem to recall it was a page added after the first few revisions (including the pretty, but mind-numbingly slow 10.0). They talked about eliminating the "colored wheel", getting apps to bounce less when you start them up, etc. They also mentioned that the majority of CPU work your app does can be done after the load.
To me, this is kind of shady. As a developer/IT dude, I know certain programs that use this technique tend to actually take longer to work than apps that take the time at load to get everything in order -- and don't always work right.
Off the top of my head, Windows XP (which you mentioned) and Safari try to do this. However, Windows XP is deadly slow once the Explorer taskbar starts up, and I've seen Safari crash more times in that first 5 minutes than anytime else in a browsing session. As my college professor would probably argue: get your stuff in order BEFORE you hand it to the user.
"Then my brother got a PowerBook, and I've gotten to use OS X once or twice. I want it even MORE now. I already resolved a year or two ago that my next computer would be a Mac so I could get OS X...
I want OS X. It's worth it. It's head-and-shoulders above everything else out there."
So let me understand this correctly: you've used an OS twice, and for that reason, you're willing to shell out a grand or two to use it? Wow. That's incredibly foolish. People initially liked Windows 95, until a few months later they saw all the apps crashing and systems needing reboots.
"...OS X is so worth it, I'll switch platforms to get it. Now that's good software."
To be honest, this entire post sounded like a Mac fan trying to sway others by peppering his post with Linux programs and terminology. Caveat: I'm typing this on an iBook right now (excellent GUI, average company). Mod me down if you will, but this post is awfully suspicious.
Except when you break critical apps by deselecting files that rely on them. For whatever reason, 10.3 didn't check for this. I run into this all the time when I'm formatting iBooks at my company.
"Jaguar seemed pretty polished to me, and Panther is simply the bomb. Tiger, I think, is going to be utterly and undeniably HOT."
Oh God. Can we talk objectively for once? This nonsense of admonishing everything Apple creates on Slashdot is getting a little insane. And this is coming from someone currently typing on an iBook.
Apple makes very good UIs. They also tends to come out with some hardware hits (iPod) and misses (tie-dye iMac anyone)? They're a corporation like everyone else. They remain silent on security issues, continue to charge an arm and a leg for software updates (10.3, despite what some people felt, wasn't worth $100), and steal from the few developers that actively support the platform.
The fact that I'm hearing people say "I'd pay $100 just for Dashboard" is absolutely nuts. Look at what you're getting. Think sensibly for once.
It's not that at all. It's using XML metadata all over the hard drive. The system still has to search the (now larger) index to find the results it wants. Underneath is the same old FS.
Longhorn, supposedly, was going to go with a SQL-like file system, but I've heard so many varying reports of what exactly WinFS is that I'm not even sure Microsoft knows. A true SQL-like file system would be lightning-quick, allow joins to compare across FS's, and would have all the foibles SQL has currently. Tiger does not have this.
"As banks produce better and better online banking systems, is there still a place for Money / Quicken?"
Yes. You've got to remember the difference in goals. Banks want you to stick money in their vaults and keep it there. They also want you to take out high-interest loans. Basically, they don't want you leaving the bank.
Money/Quicken, on the other hand, have become competition-laden marketing tools. Each touts loan offers and banks from a gazillion vendors. The more they fight, the more MS and Intuit win. They don't lose a red cent from sponsoring banks battling each other into oblivion, whereas your local bank will do anything on their website to avoid competition.
"Perhaps those firms should stop trying to sell millions of copies to customers and instead try and sell server based software to the banks to produce a customer interface, or are they already doing thatas well?"
Yes. Actually, more MS has. One of the selling features of.NET was you could connect to all kinds of old systems (read: bank mainframes) and put up a web presence. Think how often you've seen ASP pages on bank account sites. The blog author hit the nail on the head with Intuit: they don't care about banks. Instead, they're making a ton of money through tax software/sites and the like (cold hard cash on every tax filing). Quicken, at this point, is just a shuttle to their tax software/sites.
Right. Have you ever seen a Mac user try to figure out what that button is for? I have. Generally, they know where the power button is on the tower. I've seen people literally point to both and tell me it's not the same thing. I've also seen new Mac users push it and get a shutdown request, thinking they "triggered a virus". It's NOT obvious to everyone.
We're not talking about "simple automatic transmissions". We're talking about deleting one icon or moving one Word document into a folder by accident. Basic stuff that people can't even come close to grasping. I'm not saying people should know how to take their computer apart, but at least know where the POWER BUTTON is for God sakes.
You know why people don't bother: if they make a mistake with their car, they crash and die. If they make a mistake with their computer, Mr. IT comes over and fixes the booboos. Big mistake.
Again: attack surface, workarounds, app compatibility... where? Where is the information actual IT administrators need to deploy these to thousands of machines?
That's exactly my point: they link to other sources of information and provide little information IT people value.
What degree of vulnerability does each security update affect (serious, critical, not that big a deal)? What's the attack vector? What are the workarounds? How do these changes affect other apps that may rely on them? Why do I have to rely on Apple's discussion forums for this information instead of hearing it from the company's mouth?
"Are you sure about that? Years ago, I read a study that said that most people never open their PCs, from purchase to disposal. They treat it as an appliance. I know people like that, they don't want to know what's inside the magic box and they don't care."
And guess what? It isn't right. There, I said it (and I work IT support practically all day). This willful ignorance of all things computer by people who use them has got to stop.
People don't purchase cars they can't open the hood. They know when the clothes drier is making funny noises they need to take a look inside and see what's causing the blockage. Yet when someone's Outlook toolbar "magically" disappears, they don't bother to look at all for the right-click menu they just used. They call support, we come over, show them for the 80th time how to turn menus on and off, then they immediately choose to forget it.
Why? I don't know, I'm not a psychologist. But having to explain to people things repeatedly is NOT how humans generally learn. You drive a car for the first time, you bump into things, you maybe get into an accident, it happens less and less as time progresses. Meanwhile, I have friends that KNOW they have viruses on their machine but WILLINGLY leave them there because "it's not affecting them" (although it's probably sending out a great deal of spam).
Or lack of communication. The silence over the recent security updates (and the resulting mocking of one-paragraph summaries Apple then decided to release) has lost a lot of people's respect.
They're luring UNIX geeks (like myself) then release updates with little information outside "read what others have said". This is not how open source or Sun does it with Solaris. Hell, it's not even how Microsoft does it.
Message to Steve: part of playing the "lets lure UNIX geeks "card is playing the WHOLE game. We're not satisfied with just the kernel being open and able to run a terminal. We want transparency, and we won't deploy Mac hardware en masse until we get it.
For what? An iMac? You're Slashdot: the technological elite. Pity those who have mere iMacs! I myself have a Cray from the 1990s I bought from eBay (sure, it's about as slow as my Pocket PC, but it was featured in Jurassic Park!)
Slashdot Mirror
I'm still waiting for Expose to have a way to move windows around with the mouse. At least as an option. I like the feature, but often I find myself wanting to reorder the windows after it does so (put all the important stuff on one side, web stuff on the other, etc. If I could do that, AND Expose could remember it, the feature would be an absolute godsend. It would literally be like having a physical desk organized by work.
Another poster got it right: disable USB support in the BIOS and lock each one with a password. If the motherboards don't support that, get some that do (if they're that worried about security). End of discussion.
A company I interned for had a strict no-use of CD-ROM policy (for music or otherwise). To that end, they yanked the IDE cables, pulled the power on the drives. They locked the case, enabled intrusion-detection on it and then locked the BIOS with a password. If they needed to use a workstation's CD-ROM, IT would come over with an IDE cable and set things up. Otherwise, only the daft would bring in their own IDE cables, attempt to pry open the case's lock, foil the intrusion-detection and erase all evidence that they were there. Policy worked extremely well.
And what did this company produce? Kitchen supplies. The hardware/systems adminstrator was overzealous, but brilliant.
Wow. Whoever marked this as "insightful" needs to take off their Bondi Blue glasses.
You guys do know that the minute an employee enters a "secure" network, they're pretty much clear to do whatever they want, right? The security is on the perimeter: getting in is the hard part. If employees needed to type a password for every keystroke, they're be a mass-exodus of white-collar workers.
I'm not saying conditions like that don't exist. I'm sure the computers that run missles and the like have multiple passwords that have to be entered all the time, but the average worker isn't going to be subjected to something like this.
Now, disable USB drives from being connected hardware-wise: that's an idea. Not sure if there's a way to do that in software, but I'm sure there's a way in the BIOS.
I think you're missing the point. It's a deterant. They're basically saying "You bring that in here, we'll be watching you." Coupled with security cameras throughout the building (which a company like this would likely have) the average thief would think twice.
It's similar to those guys with automatic weapons at airports. Do you think they'd ever fire one off in a crowd? No. But it's a deterant to bombers and the like, because it's basically saying "we'll shoot you before you get to your mission". Ditto on the X-ray scans and other crazy security measures in place. Thiefs/criminals like to stay hidden, not be put in the spotlight.
"This just seems like Apple bashing"
"M$"
Wow, way to be unbiased. Try leaving the $ out. People will listen to the argument more.
"Statistics don't change the facts that after running Mac OS X since it's inception, I've not had one OS X virus, or any of these exploits used against my machines."
Means nothing. I could create an OS that runs on only one machine, stick it on the Internet, and call it ChrisX. Chances are it would never be broken into. Why? There are millions of other machines out on the net with easily identifiable OSes and vulnerabilities. Bigger attack range.
If Apple ever manages to increase market share, then we'll see how long the "no virus" argument holds. Until that happens, security on OS X has partly to do with the fact that so few run it.
"That OS X doesn't have any network service running when first installed!!"
Uh, if that were the case, you won't be able to access networks without configuration. Considering the default behavior of OS X is to have all ethernet cards set by DHCP (like most OSes) that argument goes out the window.
I think what you meant to say was "easily exploitable ports". That I could kind of agree with.
"I don't know just where you were living, but Unix and Linux grew up on networked systems where multiple college students shared the same machines (well, Linux less than Unix here) because they were too expensive."
And I don't know just where you were living, but the first timeshare systems had passwords with no other security, and all users basically had access to all files. Read "Hackers". The primary goal was to share information -- security takes that away.
And the grandparent poster was right. We've only "given a fuck" since now home computers are being targetted, en masse. It used to be corporate servers, then corporate workstations. Virus/worm writers are deliberately trying to take over home machines, and that's where the real danger comes out.
"You forgot to add, "IMHO." Not all developers feel as you do."
Many do, actually. Read the feedback Apple has been getting on their own discussion boards.
"Better yet, read John Gruber's take [daringfireball.net] on this non-issue, and see if you still feel the same way."
Two points. First: the guy is a jerk (IMHO). Second: more importantly, he's talking about small apps and desk widgets. Yes, they've been around forever. The issue here is Konfabulator created a very distinct look with very specific apps that Apple essentially copied. And before you say "looks aren't everything", remember that part of Apple's marketing plan is completely based on looks.
Like I said: easily corrected. At least address the Konfabulator issue. They're handling it the same way they handled the recent security updates: incorrectly.
No matter what code Apple releases with OS X 10.4, there will forever be the stain of the Konfabulator. What's worse to developers: leaving code proprietary or not giving credit where credit is due?
All Apple has to say is "We were inspired by such and such" or cut a check to the Konfabulator guys. Instead, we have an OS on the cusp of massive developer influx (a lot of UNIX guys, like myself, have looked at Mac OS X and like what we see) struck down by a dumb software PR move. It would be a very simple thing to rectify, but watch Apple (unfortunately) not do it.
"Windows is like a flashy SUV. Looks great, illusion of safety,easy to drive, buts WILL tip over at a moments notice.
Linux is like a Space Rocket. Yes it can get you home, hell it can get you into space. there's just a hell of a lot of buttons, and controls, and warnings and a NASA geek on the radio telling you to recompile the booster rocket software."
And then there's Mac OS X, the new Beetle with a turbo-charged engine but only 2 buttons (on/off and "let me drive for you"). Heaven forbid you want to change the color of the interior -- their lawyers will be all over you. But you can lick the seat covers.
Yeah, but then we get into the whole issue of "is this right"?
I don't recall the page, but somewhere in Apple's user interface guidelines for OS X they talked about the "appearance" of being ready for input. I seem to recall it was a page added after the first few revisions (including the pretty, but mind-numbingly slow 10.0). They talked about eliminating the "colored wheel", getting apps to bounce less when you start them up, etc. They also mentioned that the majority of CPU work your app does can be done after the load.
To me, this is kind of shady. As a developer/IT dude, I know certain programs that use this technique tend to actually take longer to work than apps that take the time at load to get everything in order -- and don't always work right.
Off the top of my head, Windows XP (which you mentioned) and Safari try to do this. However, Windows XP is deadly slow once the Explorer taskbar starts up, and I've seen Safari crash more times in that first 5 minutes than anytime else in a browsing session. As my college professor would probably argue: get your stuff in order BEFORE you hand it to the user.
"Then my brother got a PowerBook, and I've gotten to use OS X once or twice. I want it even MORE now. I already resolved a year or two ago that my next computer would be a Mac so I could get OS X...
I want OS X. It's worth it. It's head-and-shoulders above everything else out there."
So let me understand this correctly: you've used an OS twice, and for that reason, you're willing to shell out a grand or two to use it? Wow. That's incredibly foolish. People initially liked Windows 95, until a few months later they saw all the apps crashing and systems needing reboots.
"...OS X is so worth it, I'll switch platforms to get it. Now that's good software."
To be honest, this entire post sounded like a Mac fan trying to sway others by peppering his post with Linux programs and terminology. Caveat: I'm typing this on an iBook right now (excellent GUI, average company). Mod me down if you will, but this post is awfully suspicious.
Except when you break critical apps by deselecting files that rely on them. For whatever reason, 10.3 didn't check for this. I run into this all the time when I'm formatting iBooks at my company.
"Jaguar seemed pretty polished to me, and Panther is simply the bomb. Tiger, I think, is going to be utterly and undeniably HOT."
Oh God. Can we talk objectively for once? This nonsense of admonishing everything Apple creates on Slashdot is getting a little insane. And this is coming from someone currently typing on an iBook.
Apple makes very good UIs. They also tends to come out with some hardware hits (iPod) and misses (tie-dye iMac anyone)? They're a corporation like everyone else. They remain silent on security issues, continue to charge an arm and a leg for software updates (10.3, despite what some people felt, wasn't worth $100), and steal from the few developers that actively support the platform.
The fact that I'm hearing people say "I'd pay $100 just for Dashboard" is absolutely nuts. Look at what you're getting. Think sensibly for once.
"having a "SQL" like file system"
It's not that at all. It's using XML metadata all over the hard drive. The system still has to search the (now larger) index to find the results it wants. Underneath is the same old FS.
Longhorn, supposedly, was going to go with a SQL-like file system, but I've heard so many varying reports of what exactly WinFS is that I'm not even sure Microsoft knows. A true SQL-like file system would be lightning-quick, allow joins to compare across FS's, and would have all the foibles SQL has currently. Tiger does not have this.
"As banks produce better and better online banking systems, is there still a place for Money / Quicken?"
.NET was you could connect to all kinds of old systems (read: bank mainframes) and put up a web presence. Think how often you've seen ASP pages on bank account sites. The blog author hit the nail on the head with Intuit: they don't care about banks. Instead, they're making a ton of money through tax software/sites and the like (cold hard cash on every tax filing). Quicken, at this point, is just a shuttle to their tax software/sites.
Yes. You've got to remember the difference in goals. Banks want you to stick money in their vaults and keep it there. They also want you to take out high-interest loans. Basically, they don't want you leaving the bank.
Money/Quicken, on the other hand, have become competition-laden marketing tools. Each touts loan offers and banks from a gazillion vendors. The more they fight, the more MS and Intuit win. They don't lose a red cent from sponsoring banks battling each other into oblivion, whereas your local bank will do anything on their website to avoid competition.
"Perhaps those firms should stop trying to sell millions of copies to customers and instead try and sell server based software to the banks to produce a customer interface, or are they already doing thatas well?"
Yes. Actually, more MS has. One of the selling features of
Right. Have you ever seen a Mac user try to figure out what that button is for? I have. Generally, they know where the power button is on the tower. I've seen people literally point to both and tell me it's not the same thing. I've also seen new Mac users push it and get a shutdown request, thinking they "triggered a virus". It's NOT obvious to everyone.
We're not talking about "simple automatic transmissions". We're talking about deleting one icon or moving one Word document into a folder by accident. Basic stuff that people can't even come close to grasping. I'm not saying people should know how to take their computer apart, but at least know where the POWER BUTTON is for God sakes.
You know why people don't bother: if they make a mistake with their car, they crash and die. If they make a mistake with their computer, Mr. IT comes over and fixes the booboos. Big mistake.
Again: attack surface, workarounds, app compatibility... where? Where is the information actual IT administrators need to deploy these to thousands of machines?
That's exactly my point: they link to other sources of information and provide little information IT people value.
What degree of vulnerability does each security update affect (serious, critical, not that big a deal)? What's the attack vector? What are the workarounds? How do these changes affect other apps that may rely on them? Why do I have to rely on Apple's discussion forums for this information instead of hearing it from the company's mouth?
"Are you sure about that? Years ago, I read a study that said that most people never open their PCs, from purchase to disposal. They treat it as an appliance. I know people like that, they don't want to know what's inside the magic box and they don't care."
And guess what? It isn't right. There, I said it (and I work IT support practically all day). This willful ignorance of all things computer by people who use them has got to stop.
People don't purchase cars they can't open the hood. They know when the clothes drier is making funny noises they need to take a look inside and see what's causing the blockage. Yet when someone's Outlook toolbar "magically" disappears, they don't bother to look at all for the right-click menu they just used. They call support, we come over, show them for the 80th time how to turn menus on and off, then they immediately choose to forget it.
Why? I don't know, I'm not a psychologist. But having to explain to people things repeatedly is NOT how humans generally learn. You drive a car for the first time, you bump into things, you maybe get into an accident, it happens less and less as time progresses. Meanwhile, I have friends that KNOW they have viruses on their machine but WILLINGLY leave them there because "it's not affecting them" (although it's probably sending out a great deal of spam).
Enough is enough.
Or lack of communication. The silence over the recent security updates (and the resulting mocking of one-paragraph summaries Apple then decided to release) has lost a lot of people's respect.
They're luring UNIX geeks (like myself) then release updates with little information outside "read what others have said". This is not how open source or Sun does it with Solaris. Hell, it's not even how Microsoft does it.
Message to Steve: part of playing the "lets lure UNIX geeks "card is playing the WHOLE game. We're not satisfied with just the kernel being open and able to run a terminal. We want transparency, and we won't deploy Mac hardware en masse until we get it.
For what? An iMac? You're Slashdot: the technological elite. Pity those who have mere iMacs! I myself have a Cray from the 1990s I bought from eBay (sure, it's about as slow as my Pocket PC, but it was featured in Jurassic Park!)
Who's going to file a case? The Xfree86 committee? Sun? BeOS (which I also read had prior art)? There is no company even interested in fighting this.