The only reason to have two accounts like that is if you need to sandbox an application. You don't have to fear an application installing without you knowing it since Admin or not it will still prompt you for approval and a password. As an admin nothing will install without you knowing about it and asking for your permission.
There is no reason to run as a non-admin user to protect yourself like a windows user does. The system is not that vulnerable.
Thank you for the link that was extremely informative and debunked what the grand parent stated. Now it is clear that a repeater will put additional load on the wi-fi channel (expected) but will not "cuts your throughput in half".
But based on your comments, you are assuming based on how a wired network works. That answers my question, you don't know, you are assuming. Thank you for clarifying.
If there can only be one transmitter at a time how in the world do multiple computers talk to the same base station? All wi-fi cards are transmitters and receivers.
I would love to see some documentation on this as it sounds like BS to me.
Yes this has a single port that can be used on a WAN or a LAN but saying that it has this port to work in a hotel is well just wrong.
The port is clearly capable of being a downstream port (normal ethernet port) or a cross-over/uplink port. When people call a port a WAN port it is an uplink port. When you connect this device to a network in a hotel or anywhere else it will be in uplink mode and thus the port would be a WAN port.
It will only be in a downstream configuration when you are connecting another ethernet device to it such as another computer, printer, etc.
I would be very interested in knowing about these Java spyware programs you refer to. I have never heard of any spyware that can run in a browser that is written in Java. With Java's sandbox I find it very hard to believe that someone could come up with any spyware that would work behind the site that hosted the code.
As far as I know there are no worms or viruses that attach apache.
However a quick google turns up at least 36 known viruses/worms that attach IIS. Here is a link to a small list.
The market share of the operating system has little bearing on the number of exploits the system has. That is a false myth that has been going around the net for years. Not sure who started it but it is clearly false.
The large audience argument has been mentioned many many times in the past and personally I disagree with it. There is a real world example of this exact situation. Microsoft IIS. It's "market percentage" is very tiny and yet it gets hit with worms because it is insecure. On the other hand, Apache which has a huge market percentage does not get it because it is secure.
Granted this is dumbing down the details by a HUGE amount but the point is still there. Microsoft software does not have the most worms/viruses/etc because it has the most market share, it has the most worms/viruses/etc because it is the most poorly written. Granted, if their market share was zero, then obviously the exploits would not be big news, but the clear point that is made is that if OS X were as vulnerable as Windows we would be seeing worms and viruses. The fact that there are none reported goes a long way to show the strength of the operating system.
BTW you could easily replace OS X with BSD, Linux in this statement and the statement still holds true. Software written with security in mind is clearly more secure. Windows was clearly not written with security in mind.
Your approach is one that is a bit more cautious than mine in the anti-virus arena. Yes I know that I have Virex available to me and once there is an actual virus for OS X I will probably install it. However, until there is a need for it, I will stick with my firewall and backups.
Right now buying and installing anti-virus software for OS X is like buying flood insurance in the Rockies. Until it actually happens or is needed, it seems like a horrible waste of money and resources.
No matter what computer system you use, it's clear that you can barely read. What I said was that the windows zealots WOULD come out of the woodwork. Keep you flaming insults to yourself. Resorting to insults just shows your immaturity no matter what your physical age is supposed to be.
Security is measured by virus counts. It is measured by how many exploits for the system there are in the wild. Not how many could potentially exist, although that is also important. Obscurity of the operating system is a factor in how much exposure the system gets, this is obvious. But it is NOT the leading factor nor is it the only factor. If that were the only determining factor then Apache and Linux would be virus ridden, but they are not. No matter what the market percentage that OS X has, I am confident in saying that it IS going to have less exploits than current windows systems. The inherent security in the system alone guarantees that.
Now please, before you bother to waste more of your saturday afternoon replying, realize that no personal attacks were made against you personally since I don't know you from adam. Try responding in an intelligent and civilized manner. Also, read my comments at least twice before you respond.
I suggest you take a look at track records before spouting off about who is better at what.
I am not saying that OS X is perfect. Far from it, I am a programmer myself and I understand the realities of software design. However based on track records alone, OS X is far ahead of even the most current windows implementation. How many exploits are there that auto install software on OS X? None. How many worms are there for OS X? None. How many pieces of auto-installing spyware are there for OS X? None. How many viruses? None. OS X IS more secure that windows. It's not perfect but I will put my money behind the security in OS X any day.
In any event, it was completely expected that the Windows zealots would come out of the woodwork as soon as the first vulnerability was found in OS X. Now it begins. We will see plenty of zealots crying how no operating system is safe. Guess what, windows is still a poorly written piece of garbage and no amount of throwing mud (or fud) is going to change that.
The original idea would be to place disk: mounted images into a non-executable sandbox. Not images that you download and mount. These are two different things. Currently they are not being treated differnetly and the suggestion was/is that they should be handled slightly differently.
Trying to do one blanket change to fix everything is not the right answer in my opinion. The built-in protocols need to be looked at but sandboxing disk:// mounted images would solve the issue of maliciously created protocol handlers.
I have tested a lot of software on my OSX machine and I do not recall anyone ever using the disk:// protocol for an installer.
Forcing the user to launch an application just to register it's handlers would put a serious dent in the way that OSX handles applications. Personally that is a piece of functionality I would rather not lose.
I love the way this comment was presented. Sounds like some finely crafted FUD more than anything else. Yes an exploit has been found in OSX. Does that make OSX as vulnerable as Windows, not even close, not even on the same planet.
Windows has had so many exploits that I can't even keep track. One exploit, not even a root exploit (a very important distinction) does not make OSX as vulnerable as Windows. There still are no worms, no viruses attributed to OSX.
Yes this was due. It was going to happen. But OSX is still infinitely more secure than windows and more than likely always will be. Lets not fly off half-cocked and make wild statements like this.
The best idea I have heard so far was proposed somewhere else on this discussion thread. Simply make disk: mounted images non-executable. That would require the user to drag an application off the disk image to "somewhere else" and then execute it manually.
To me this seems to be the cleanest solution. No pop-up windows warning you of dire consequences (ala windows crap) just a simple can't execute this from here chance to the protocol handlers.
Not my idea but I think it is the cleanest and most elegant I have heard so far.
how many times have you downloaded something from Safari, to have it automount, and even run the installer?
Hmmm...Never. I have had Safari automount more disk images than I can count. Some of them have a EULA auto pop-up but never have I seen one run the installer automatically. If that were to happen, we would have seen a trojan on OSX a lot sooner.
At this point buying anti-virus software for OSX is a total waste of money. There still has yet to be a virus written for OS X. Chances are there won't be one for a long time to come if ever.
Yes this is a vulnerability. Yes it is bad. But a virus program would not protect you from this without altering the way that your system runs.
Does this need to be fixed? yes it does, but anti-virus software for OSX is still snake oil.
One simple difference. A "normal" trojan horse program generally requires some human intervention, at least on OSX. This requires that you merely go to a malicious website and that is it. As opposed to the Office 2k4 trojan which required you to run a program you downloaded.
And you shoud be modded as a mindless Microsoft drone. The security in Windows is to blame for all of the problems not it's market percentage. This has been proven over and over again.
There is another option for you. Albums that I want to hear in order I merge into one track. Then I know that itunes will not shuffle the album. Also removes whitespace from the albums where there shouldn't be any.
Sun makes it's money by selling server class hardware. It is amazing that a lot of people on/. seem to think that an x86 machine can replace a server class piece of hardware from Sun, HP or IBM.
These server companies have nothing to fear from x86 hardware for quite some time yet.
Sun is not going anywhere any time soon. Sun makes their money from selling serious hardware, not workstations.
Just because a JRE is not written by Sun does not mean that it is not blessed by Sun. The original plan was that Sun would only write an implementiation JVM and the OS vendors would write the JVM for their OS. Unfortunately MS screwed themselves on this one.
However, there are JVM's that are blessed by Sun for other operating systems that run great. Apple's implementaiton is one prime example. Also look at HP and IBM.
Slashdot Mirror
The only reason to have two accounts like that is if you need to sandbox an application. You don't have to fear an application installing without you knowing it since Admin or not it will still prompt you for approval and a password. As an admin nothing will install without you knowing about it and asking for your permission.
There is no reason to run as a non-admin user to protect yourself like a windows user does. The system is not that vulnerable.
Thank you for the link that was extremely informative and debunked what the grand parent stated. Now it is clear that a repeater will put additional load on the wi-fi channel (expected) but will not "cuts your throughput in half".
But based on your comments, you are assuming based on how a wired network works. That answers my question, you don't know, you are assuming. Thank you for clarifying.
I would love to see some documentation on this as it sounds like BS to me.
The port is clearly capable of being a downstream port (normal ethernet port) or a cross-over/uplink port. When people call a port a WAN port it is an uplink port. When you connect this device to a network in a hotel or anywhere else it will be in uplink mode and thus the port would be a WAN port.
It will only be in a downstream configuration when you are connecting another ethernet device to it such as another computer, printer, etc.
I would be very interested in knowing about these Java spyware programs you refer to. I have never heard of any spyware that can run in a browser that is written in Java. With Java's sandbox I find it very hard to believe that someone could come up with any spyware that would work behind the site that hosted the code.
However a quick google turns up at least 36 known viruses/worms that attach IIS. Here is a link to a small list.
The market share of the operating system has little bearing on the number of exploits the system has. That is a false myth that has been going around the net for years. Not sure who started it but it is clearly false.
Granted this is dumbing down the details by a HUGE amount but the point is still there. Microsoft software does not have the most worms/viruses/etc because it has the most market share, it has the most worms/viruses/etc because it is the most poorly written. Granted, if their market share was zero, then obviously the exploits would not be big news, but the clear point that is made is that if OS X were as vulnerable as Windows we would be seeing worms and viruses. The fact that there are none reported goes a long way to show the strength of the operating system.
BTW you could easily replace OS X with BSD, Linux in this statement and the statement still holds true. Software written with security in mind is clearly more secure. Windows was clearly not written with security in mind.
Right now buying and installing anti-virus software for OS X is like buying flood insurance in the Rockies. Until it actually happens or is needed, it seems like a horrible waste of money and resources.
Security is measured by virus counts. It is measured by how many exploits for the system there are in the wild. Not how many could potentially exist, although that is also important. Obscurity of the operating system is a factor in how much exposure the system gets, this is obvious. But it is NOT the leading factor nor is it the only factor. If that were the only determining factor then Apache and Linux would be virus ridden, but they are not. No matter what the market percentage that OS X has, I am confident in saying that it IS going to have less exploits than current windows systems. The inherent security in the system alone guarantees that.
Now please, before you bother to waste more of your saturday afternoon replying, realize that no personal attacks were made against you personally since I don't know you from adam. Try responding in an intelligent and civilized manner. Also, read my comments at least twice before you respond.
I am not saying that OS X is perfect. Far from it, I am a programmer myself and I understand the realities of software design. However based on track records alone, OS X is far ahead of even the most current windows implementation. How many exploits are there that auto install software on OS X? None. How many worms are there for OS X? None. How many pieces of auto-installing spyware are there for OS X? None. How many viruses? None. OS X IS more secure that windows. It's not perfect but I will put my money behind the security in OS X any day.
In any event, it was completely expected that the Windows zealots would come out of the woodwork as soon as the first vulnerability was found in OS X. Now it begins. We will see plenty of zealots crying how no operating system is safe. Guess what, windows is still a poorly written piece of garbage and no amount of throwing mud (or fud) is going to change that.
Trying to do one blanket change to fix everything is not the right answer in my opinion. The built-in protocols need to be looked at but sandboxing disk:// mounted images would solve the issue of maliciously created protocol handlers.
I have tested a lot of software on my OSX machine and I do not recall anyone ever using the disk:// protocol for an installer.
Forcing the user to launch an application just to register it's handlers would put a serious dent in the way that OSX handles applications. Personally that is a piece of functionality I would rather not lose.
Windows has had so many exploits that I can't even keep track. One exploit, not even a root exploit (a very important distinction) does not make OSX as vulnerable as Windows. There still are no worms, no viruses attributed to OSX.
Yes this was due. It was going to happen. But OSX is still infinitely more secure than windows and more than likely always will be. Lets not fly off half-cocked and make wild statements like this.
To me this seems to be the cleanest solution. No pop-up windows warning you of dire consequences (ala windows crap) just a simple can't execute this from here chance to the protocol handlers.
Not my idea but I think it is the cleanest and most elegant I have heard so far.
Hmmm...Never. I have had Safari automount more disk images than I can count. Some of them have a EULA auto pop-up but never have I seen one run the installer automatically. If that were to happen, we would have seen a trojan on OSX a lot sooner.
Yes this is a vulnerability. Yes it is bad. But a virus program would not protect you from this without altering the way that your system runs.
Does this need to be fixed? yes it does, but anti-virus software for OSX is still snake oil.
One simple difference. A "normal" trojan horse program generally requires some human intervention, at least on OSX. This requires that you merely go to a malicious website and that is it. As opposed to the Office 2k4 trojan which required you to run a program you downloaded.
Could not have said it better myself.
Other than the obligatory statement -- if you don't like it, don't watch the movie!
And you shoud be modded as a mindless Microsoft drone. The security in Windows is to blame for all of the problems not it's market percentage. This has been proven over and over again.
Exposing ANY database directly to the net is dangerous at best.
There is another option for you. Albums that I want to hear in order I merge into one track. Then I know that itunes will not shuffle the album. Also removes whitespace from the albums where there shouldn't be any.
These server companies have nothing to fear from x86 hardware for quite some time yet.
Sun is not going anywhere any time soon. Sun makes their money from selling serious hardware, not workstations.
Just because a JRE is not written by Sun does not mean that it is not blessed by Sun. The original plan was that Sun would only write an implementiation JVM and the OS vendors would write the JVM for their OS. Unfortunately MS screwed themselves on this one. However, there are JVM's that are blessed by Sun for other operating systems that run great. Apple's implementaiton is one prime example. Also look at HP and IBM.
I have two words for you.
Breath....
and Preview
Your rant might carry a bit more weight if you previewed it and fixed all of the horrible mistakes to make it a readable.
Just trying to help, I am sure you will flame me next.