Look, GTA:SA is a great fun game to play but let's be realistic here - on both sides, this is just a marketing exercise in hype and money.
Personally, I don't care whether or not an adult rated game has sex scenes in it or not. But the reason the scene was included in the first place was JUST to create controversy at some point so that more people would go out & buy the game. It's a clever marketing exercise, nothing more.
And as for the court case, that's just pure and simple greed - i.e. "They have a heap of money due to selling lots of copies of their game so I want some of it".
Yes, only 3000 people claimed it - but I bet none of the lawyers involved forgot to take their fees, did they?
I don't refute anything that you've said in your last posting but you are still missing my point entirely.
The discussion was concerning the purposes to which you would put a "netbook" type device to. And it still boils down to the fact that on a device that probably has a lower resolution screen anyway, as well as limited storage, that you probably wouldn't play HD video on it anyway - especially if you were using it on a flight or for portability.
I do fully understand that people find Linux difficult and perhaps a bit too different to Windows to want to try it - but for what an average person would do on a netbook, I don't see why it would be much different.
Again, each to his own, I'm not an Anime fan so for you it is probably a big issue.
The same way I care about my DVDs, not my dvd player.
Terrible analogy, I'm afraid. You don't need to have a backup of a DVD to be able to play it if you lose your DVD player.
People don't want to know about security updates and malware crap, they want to access facebook and their bank, copy their photos, and manage their ipods, they don't care how it's done.
Running a virus or port scanner does not mean I have to understand how they work - just that I can deal with the problems produced by either. Still, don't take my word for it, do it your way.
Because menu items (how people load firefox), point to/usr/bin/firefox. You could change the menu, but that's only root-writable so the same thing applies.
Rubbish. Menu settings are usually stored in your home directory and can be changed as easily as your path can be. Besides which, they might not need to changed if the specific path to the executable is not specified. If it just says "firefox" for the binary that's run, then it will use the $PATH settings as I said earlier.
I've not heard of anyone running IIS on OSX or Linux,
And in none of my posts did I talk specifically about Linux - I was making generic statements about security.
Most people don't need to run a server though, so a client exploit (which involves some form of user interaction) in a web browser or email client is more likely to cause an issue.
You are correct to a point but simply going to a web site may cause a nasty Javascript or CGI script to run without you necessarily realising it.
Why would I go to my distro (Ubuntu, Microsoft, Apple)'s website? A debian repository with secure-apt is (probably) better than Apple's auto-update, but the point is it's an unlikely, but feasable, way to breach.
This is simply about one word - "confidence". I would never download a Windows XP update from BitTorrent but if I had the checksum for an ISO for a Linux distro then I would - because running the checksum on the ISO once I got it would allow me to verify its authenticity.
You sound like you work for Norton so can I state here and now that I stopped using both Symantec's and Mcafee's products several years ago because they are both bloated pieces of adware that only care about signing you up to a subscription. They are bloated, resource hungry and overly intrusive.
I now use a range of both free and commercial products that are cheaper, better and just run pretty silently in the background without bothering me every five minutes. I am an experienced computer user but I have fixed at least a dozen friend's a realtives PCs over the years that came pre-installed with Symantec software that was bugging the hell out of them for more subscription money. Having removed it completely and replaced it with legitimate versions of the products I use, each and every one of them has said their PCs run faster and they are no longer constantly interrupted with update messages.
Both Symantec & Mcafee products serve a purpose for a price - but half the stuff in the "Internet Security Suite" packages are redundant and the other half can be bought cheaper elsewhere without the nagging.
I break into your machine over a network (irrelevant to what OS is running) and I wipe all of your files. I can't total your system because I need root/administrator access to it and although I can see that you run backups regularly to an external disk, it's not mounted or maybe unplugged - I can't mount it because I'm not an administrator and, of course, I'm not nest to your machine to be able to plug the disk in.
So now I do the same thing having broken in as root/administrator. I *could* trash the complete system but instead I'm going to wipe your files. I then see you run backups regularly to an external disk. Can I mount it? Well, if I can then I can wipe that also - bye bye backups. If it's unplugged, I can't get to it - yet. But what I can do is maybe modify your backup program to just wipe the disk as soon as you plug it in, then trash the system completely.
Yes, it's a specific scenario but entirely realistic so do you now see my point? The latter case is much more devastating than the former.
Very well - apologies for the assumption about you being an OS X user.
As to your other point, I see your argument but you need to look at the broader picture.
Security is all about applying layers of barriers against the person(s) unknown who want to get to your data and/or screw your PC up. So standard stuff like applying updates regularly, running port scanners and running malware scanners are all entirely relevant but there comes a point where additional stuff you can do might not be cost/time effective to do based on the additional protection doing it might give you.
So therefore it all boils down to working out "risk" - what is the risk of your PC or data being compromised compared to the cost of putting in an additional security barrier. You will never get to 0% risk (i.e. being fully secure) but that can still be a target to aim for.
The fact is that on just about any OS currently, a user, no matter how experienced, is always more likely to do more damage to a system running as administrator than as a normal user. Therefore, running as a normal user as much as possible reduces the risk of something untoward happening to the overall system - and since it costs nothing more than the time to educate yourself or other users to do this, then it's a "freebie" way of reducing risk to your system.
So that's my point - it may not be seen by many people here as an important issue but the fact is that it is easy to do and does mean that you have a more secure system as a result of doing it.
Irellevent. I can reinstall my OS and all applications in under an hour, and as long as I have a recent backup of/home it's easy to recover. This isn't the 90's, people dont care about their computer, they care about their data.
Your statement is a paradox. How can you care about your data and NOT care about the computer you store it on??? Do you mean to tell me that applying security updates, running security scanners and malware checkers are not relevant??? Remind me never to give you any of MY data to keep safe then...
More worrying is something that replaces the/usr/bin/firefox with a keylogging version. You'd need root access for that, which is why local exploits are important.
Huh??? Why do you need to REPLACE/usr/bin/firefox??? Why not just put another (keylogging) Firefox binary into the user's $PATH so that version is run first? Why would you need root access to do this?
This is where the local exploit in conjuction with a vulnerability in apache (which gives hardly any access to an exploiting program) is dangerous.
What relevance does Apache have here? What about an exploit using Microsoft IIS? Or Safari? Or SAMBA? Any client/server application that can be accessed over a network can be theoretically exploited...
and the biggest threat to the average aware Linux user.
Why would the average aware Linux user be running Apache? Sure, it can be installed easily enough but it's not installed by default on the Linux distros designed for desktop users that I'm aware of.
The other main threat is a breach of you distro's repositories.
Why is this any different to a breach of Apple's update web site? Or Microsoft's? I could argue this entirely the other way that since OS X and Windows are commercial OSes, there a lot more people torrenting and installing pirated copies of both that are infested with malware. At least with a Linux distro, the official web site will publish a checksum for the.ISO so at least you can check it with md5sum before you trust it.
Are you really that blinkered that you cannot see that every point you have made can be levelled at every OS equally well?
It has nothing to do with "what" was stolen and you know it. It's just a diversionary tactic you are employing because you have taken everything I have said as being a criticism of your wonderful OS X. In reality, had you pushed the raw emotion aside, you would have read my comments for what they are - namely, the fact that inexperienced users are part of the problem by doing stuff using too high permissions and that is the case whatever OS they care to use.
Your opinion is your opinion but nothing you've said convinces me that you know much about Linux in reality.
For starters, why tie up OpenOffice with Linux? OpenOffice is an Open Source suite of applications that run equally well on Windows. And I would argue that for most people who don't need the complex scripting and macros of MS Office, then OpenOffice is a totally viable alternative. Besides which, why would you work with complex MS Office macros on an ultra-portable device anyway?
And VLC is not the be-all-and-end-all of media players on Linux, there are a large number of them including mplayer, xine, totem, etc. etc. As for MKVs, I've not seen any problems with it on my Gentoo PCs but then again I don't use subtitling much & it's still a minority video format compared to MPGs and AVIs. In fact, I seem to recall putting VLC onto my XP PC in order to handkle MKVs properly because WMP couldn't - sure, it might just have been a video codec issue but then that would have been irrelevant to VLC.
HD video on an ultra-portable??? Why??? Okay, I accept you might use one to view a movie or two on a flight, but why would you pack the limited storage capacities of an ultra-portable with HD videos??? What's the point???
So you don't want to use the command line? That's your first valid point. But then you talk about "interface changes" and once again drift off into a demonstration that you know little about Linux in the first place. I can tell you know that the core design of the common GUIs I use (XFCE, Gnome and KDE) has really not changed that much in years, certainly far less than the changes between Windows 2000 and Vista. And then you talk about waiting for Windows 7 where, by all accounts, the interface will change quite dramatically due to its more modular nature.
In truth, I don't believe you know much about Linux at all. I don't think you've used much Open Source software because you automatically tie OSS with Linux without realising that most of the OSS stuff runs happily on Windows anyway. Plus you assume command-line reliance without realising that yes, you need to understand the shell to become a power user but that the shell is also very useful in Windows as well - and, again, isn't Windows 7 going to be more shell-based anyway?
By all means have an opinion and voice it - but please base it on fact rather than FUD.
I can't comment, I actually know of nobody that uses OS X - but that's an aside.
However, I do accept that "sudo" can have a use in true multi-user environments but I suspect Ubuntu and OS X are mostly run by single users who have both a normal and root account on their systems. In that specific scenario, using "sudo" seems a little pointless to me as it's probably more use to better understand the pitfalls of using root if you hit the wrong key rather than worrying about configuring "sudo" to cover all the bases when it comes to not letting you do everything at root.
So is the fact that most malware can do most of what it wants to do even if its confined to the user profile, so trumpeting about Linux/OSX's superior security model is almost irrelevant.
Rather than acting on emotion, I suggest you need to reread my original post because not at one point did I trumpet about security models.
What I did say in response to another posting was that because of marketing by Apple and Microsoft, OS X and Windows are sold as "easy for newbies" to use &, likewise, people like you trumpet constantly about how difficult Linux is to use. Therefore, it is logical to suggest that more newbie users use OS X and Windows than they do Linux and therefore are part of the problem when it comes to insecurities in ANY OS.
I also use XP and because I know about security, I do not get any problems with it and cannot recall the last time I got a virus on it. I do find the Windows security model overly complex compared to UNIX/Linux but that's just opinion and I'm sure there are plenty of better qualified Windows sysadmins than me who could argue the opposite.
If you are going to respond to my comments then please read them properly first and then stay on topic. Thanks.
Quite frankly, I think you OS X people need to do a little less hero worshipping and a little more reading of technical manuals.
Let's get this entirely out in the open, okay? An inexperienced user is potentially a danger on ANY operating system, including your beloved OS X. If you make an executable or email attachment seem valid enough, then there ARE Windows/Linux/OS X users who will run it, just like there have been a lot of surprised people on Slashdot previously when they installed Apple Quicktime updates and discovered it had also installed Safari - this does NOT happen if you know what you are doing and pay attention to what is being shown to you on the screen. No debate, it's fact.
The additional hurdles that both Windows and OS X have to overcome are twofold:
1. Both make money for their respective companies who (understandably) want to shift as much volume as possible. Therefore, the core marketing strategies of both Apple and MS have been to convince Joe Public that you don't need a computer degree in order to use their OSes. Also, rightly or wrongly, the perception of Joe Public is that Linux is difficult to use. Therefore the net result is that in all probability, people who use Windows or OS X are more likely to be newbie users who are more prone to running everything with admin privileges or being duped into running a Trojan.
2. Windows and OS X present nice fat targets for people who write malware because in both cases you have big populations of users running essentially the same systems. This means that the propagation of malware within Windows or within OS X is potentially much better than it is through disparate sets of systems. Again, if Ubuntu, for example, becomes the de facto standard Linux OS then it too could also present a nice fat target to malware writers - but the fact is that at this moment in time, there are that many different distros running that it makes it very difficult to target a single Linux application with malware that would propogate to the same degree as it would potentially do on Windows or OS X.
So please don't get defensive about OS X because if you just bury your head in the sand and do nothing about it, then you put yourself more at risk of a malware attack getting onto your system.
Any piece of malware is a risk to any system but good security is about limiting that risk as much as possible - so it's about putting firewalls in place, putting updates on systems regularly, scanning systems regularly, etc. etc.
In which case, take it from someone who is experienced and maybe learn something.
Unfortunately, you're leading this argument in a big circle because if you are an inexperienced user who then just happens to do everything with administrator priveliges without realising the consequences (whether that's in Windows, OS X, Linux, whatever) then I am telling you now, as a matter of plain fact as someone who works in OS security, that you are at more risk of bad effects from a Trojan than if you do most stuff with normal priveliges.
On the basis that as a good administrator you are already backing up user files regularly, then you restrict any damage to "just" those files meaning that you still will have a core working system to restore back onto.
Please go read an appropriate book - this really is "standard" sysadmin stuff.
I'm not trying to be clever here but if that's the case then I strongly recommend you change that configuration. You may well be as experienced a UNIX/Linux user as I am but even I only ever drop to root permissions when I absolutely need to.
To be perfectly honest with you, if you use a Linux PC as a file server (like I do) such that there are occasions when you need to delete a directory in "one hit" using rm -Rf, then you're much better off changing the ownership of those files to you first and just tightening up NFS or SAMBA (depending on how you make those files available over the LAN).
It's more about who you are on the system when you run it.
I don't know OS X at all but if most people log in with adminstrator or root permissions like they do in Windows, then it's a problem because the Trojan can do it's dirty work all over your system - otherwise it can just damage the same stuff that the user has write permissions to.
I think you'll find that only a complete idiot would allow "sudo" access to "rm" such that it runs with root permissions. I don't use Ubuntu much (which does a lot via "sudo" by default) but would be very surprised if such a glaring security hole existed on it. You need to remember that the operation of "sudo" is controlled by a configuration file which, by default, is usually quite locked down.
If you're interested in Windows 7 on a low-powered system, why then would you not just run Linux and save some money in the process? Because on a low-powered system, gaming is not going to be an issue (therefore the "perceived" lack of games on Linux issue no longer applies) and because of the adoption of ODF within MS Office, by the time Windows 7 comes out in 2010 (even if that is the realistic release date) there will also have been considerable advancements in Linux also.
Believe me, I'm no Linux zealot but I just find it odd that so many people in the Windows camp seem to automatically exclude it from any consideration without at least considering it and maybe just giving it a try first.
On a low-powered system, it's not even as though you'll be running some big "must have" Windows application on it anyway.
If nothing else, O'Reilly books invariably have samples of code and shell commands that are a lot easier to use if you can cut and paste them from a PDF (especially if you buy O'Reilly shell programming and UNIX/Linux books like I do).
Having said that, I still prefer the paper versions of the books but can't fault O'Reilly for consistent quality & interesting subject matter.
Although I never buy the latest hardware anyway, from my point of view it's "too little too late" when it comes to ATI.
Up until a couple of weeks ago, my four home PCs all had ATI cards ranging from a Radeon X1950 down to a Radeon 9500 - but I got so sick and tired of the crap, poor performance Linux drivers from ATI that I stuck all the boards on eBay and bought NVidia 7600s instead.
A few quick kernel changes and the nVidia cards have been fine with 3D acceleration and, game-for-game, seem to have an equal performance to Windows when it comes to frame rates.
ATI will have an uphill battle trying to convince me to return to their fold.
Slashdot Mirror
Yes, Jobs just makes you download his crap browser when you just need an update to Quicktime or iTunes!
And no, I'm no Microsoft fanboi either.
Personally, I don't care whether or not an adult rated game has sex scenes in it or not. But the reason the scene was included in the first place was JUST to create controversy at some point so that more people would go out & buy the game. It's a clever marketing exercise, nothing more.
And as for the court case, that's just pure and simple greed - i.e. "They have a heap of money due to selling lots of copies of their game so I want some of it".
Yes, only 3000 people claimed it - but I bet none of the lawyers involved forgot to take their fees, did they?
The discussion was concerning the purposes to which you would put a "netbook" type device to. And it still boils down to the fact that on a device that probably has a lower resolution screen anyway, as well as limited storage, that you probably wouldn't play HD video on it anyway - especially if you were using it on a flight or for portability.
I do fully understand that people find Linux difficult and perhaps a bit too different to Windows to want to try it - but for what an average person would do on a netbook, I don't see why it would be much different.
Again, each to his own, I'm not an Anime fan so for you it is probably a big issue.
Terrible analogy, I'm afraid. You don't need to have a backup of a DVD to be able to play it if you lose your DVD player.
People don't want to know about security updates and malware crap, they want to access facebook and their bank, copy their photos, and manage their ipods, they don't care how it's done.
Running a virus or port scanner does not mean I have to understand how they work - just that I can deal with the problems produced by either. Still, don't take my word for it, do it your way.
Because menu items (how people load firefox), point to /usr/bin/firefox. You could change the menu, but that's only root-writable so the same thing applies.
Rubbish. Menu settings are usually stored in your home directory and can be changed as easily as your path can be. Besides which, they might not need to changed if the specific path to the executable is not specified. If it just says "firefox" for the binary that's run, then it will use the $PATH settings as I said earlier.
I've not heard of anyone running IIS on OSX or Linux,
And in none of my posts did I talk specifically about Linux - I was making generic statements about security.
Most people don't need to run a server though, so a client exploit (which involves some form of user interaction) in a web browser or email client is more likely to cause an issue.
You are correct to a point but simply going to a web site may cause a nasty Javascript or CGI script to run without you necessarily realising it.
Why would I go to my distro (Ubuntu, Microsoft, Apple)'s website? A debian repository with secure-apt is (probably) better than Apple's auto-update, but the point is it's an unlikely, but feasable, way to breach.
This is simply about one word - "confidence". I would never download a Windows XP update from BitTorrent but if I had the checksum for an ISO for a Linux distro then I would - because running the checksum on the ISO once I got it would allow me to verify its authenticity.
... and when you get out of prison after a spell of being "Bubba's bitch", you'll be able to hide a whole hard disk up there as well!
I now use a range of both free and commercial products that are cheaper, better and just run pretty silently in the background without bothering me every five minutes. I am an experienced computer user but I have fixed at least a dozen friend's a realtives PCs over the years that came pre-installed with Symantec software that was bugging the hell out of them for more subscription money. Having removed it completely and replaced it with legitimate versions of the products I use, each and every one of them has said their PCs run faster and they are no longer constantly interrupted with update messages.
Both Symantec & Mcafee products serve a purpose for a price - but half the stuff in the "Internet Security Suite" packages are redundant and the other half can be bought cheaper elsewhere without the nagging.
I break into your machine over a network (irrelevant to what OS is running) and I wipe all of your files. I can't total your system because I need root/administrator access to it and although I can see that you run backups regularly to an external disk, it's not mounted or maybe unplugged - I can't mount it because I'm not an administrator and, of course, I'm not nest to your machine to be able to plug the disk in.
So now I do the same thing having broken in as root/administrator. I *could* trash the complete system but instead I'm going to wipe your files. I then see you run backups regularly to an external disk. Can I mount it? Well, if I can then I can wipe that also - bye bye backups. If it's unplugged, I can't get to it - yet. But what I can do is maybe modify your backup program to just wipe the disk as soon as you plug it in, then trash the system completely.
Yes, it's a specific scenario but entirely realistic so do you now see my point? The latter case is much more devastating than the former.
As to your other point, I see your argument but you need to look at the broader picture.
Security is all about applying layers of barriers against the person(s) unknown who want to get to your data and/or screw your PC up. So standard stuff like applying updates regularly, running port scanners and running malware scanners are all entirely relevant but there comes a point where additional stuff you can do might not be cost/time effective to do based on the additional protection doing it might give you.
So therefore it all boils down to working out "risk" - what is the risk of your PC or data being compromised compared to the cost of putting in an additional security barrier. You will never get to 0% risk (i.e. being fully secure) but that can still be a target to aim for.
The fact is that on just about any OS currently, a user, no matter how experienced, is always more likely to do more damage to a system running as administrator than as a normal user. Therefore, running as a normal user as much as possible reduces the risk of something untoward happening to the overall system - and since it costs nothing more than the time to educate yourself or other users to do this, then it's a "freebie" way of reducing risk to your system.
So that's my point - it may not be seen by many people here as an important issue but the fact is that it is easy to do and does mean that you have a more secure system as a result of doing it.
Your statement is a paradox. How can you care about your data and NOT care about the computer you store it on??? Do you mean to tell me that applying security updates, running security scanners and malware checkers are not relevant??? Remind me never to give you any of MY data to keep safe then...
More worrying is something that replaces the /usr/bin/firefox with a keylogging version. You'd need root access for that, which is why local exploits are important.
Huh??? Why do you need to REPLACE /usr/bin/firefox??? Why not just put another (keylogging) Firefox binary into the user's $PATH so that version is run first? Why would you need root access to do this?
This is where the local exploit in conjuction with a vulnerability in apache (which gives hardly any access to an exploiting program) is dangerous.
What relevance does Apache have here? What about an exploit using Microsoft IIS? Or Safari? Or SAMBA? Any client/server application that can be accessed over a network can be theoretically exploited...
and the biggest threat to the average aware Linux user.
Why would the average aware Linux user be running Apache? Sure, it can be installed easily enough but it's not installed by default on the Linux distros designed for desktop users that I'm aware of.
The other main threat is a breach of you distro's repositories.
Why is this any different to a breach of Apple's update web site? Or Microsoft's? I could argue this entirely the other way that since OS X and Windows are commercial OSes, there a lot more people torrenting and installing pirated copies of both that are infested with malware. At least with a Linux distro, the official web site will publish a checksum for the .ISO so at least you can check it with md5sum before you trust it.
Are you really that blinkered that you cannot see that every point you have made can be levelled at every OS equally well?
It has nothing to do with "what" was stolen and you know it. It's just a diversionary tactic you are employing because you have taken everything I have said as being a criticism of your wonderful OS X. In reality, had you pushed the raw emotion aside, you would have read my comments for what they are - namely, the fact that inexperienced users are part of the problem by doing stuff using too high permissions and that is the case whatever OS they care to use.
For starters, why tie up OpenOffice with Linux? OpenOffice is an Open Source suite of applications that run equally well on Windows. And I would argue that for most people who don't need the complex scripting and macros of MS Office, then OpenOffice is a totally viable alternative. Besides which, why would you work with complex MS Office macros on an ultra-portable device anyway?
And VLC is not the be-all-and-end-all of media players on Linux, there are a large number of them including mplayer, xine, totem, etc. etc. As for MKVs, I've not seen any problems with it on my Gentoo PCs but then again I don't use subtitling much & it's still a minority video format compared to MPGs and AVIs. In fact, I seem to recall putting VLC onto my XP PC in order to handkle MKVs properly because WMP couldn't - sure, it might just have been a video codec issue but then that would have been irrelevant to VLC.
HD video on an ultra-portable??? Why??? Okay, I accept you might use one to view a movie or two on a flight, but why would you pack the limited storage capacities of an ultra-portable with HD videos??? What's the point???
So you don't want to use the command line? That's your first valid point. But then you talk about "interface changes" and once again drift off into a demonstration that you know little about Linux in the first place. I can tell you know that the core design of the common GUIs I use (XFCE, Gnome and KDE) has really not changed that much in years, certainly far less than the changes between Windows 2000 and Vista. And then you talk about waiting for Windows 7 where, by all accounts, the interface will change quite dramatically due to its more modular nature.
In truth, I don't believe you know much about Linux at all. I don't think you've used much Open Source software because you automatically tie OSS with Linux without realising that most of the OSS stuff runs happily on Windows anyway. Plus you assume command-line reliance without realising that yes, you need to understand the shell to become a power user but that the shell is also very useful in Windows as well - and, again, isn't Windows 7 going to be more shell-based anyway?
By all means have an opinion and voice it - but please base it on fact rather than FUD.
However, I do accept that "sudo" can have a use in true multi-user environments but I suspect Ubuntu and OS X are mostly run by single users who have both a normal and root account on their systems. In that specific scenario, using "sudo" seems a little pointless to me as it's probably more use to better understand the pitfalls of using root if you hit the wrong key rather than worrying about configuring "sudo" to cover all the bases when it comes to not letting you do everything at root.
Rather than acting on emotion, I suggest you need to reread my original post because not at one point did I trumpet about security models.
What I did say in response to another posting was that because of marketing by Apple and Microsoft, OS X and Windows are sold as "easy for newbies" to use &, likewise, people like you trumpet constantly about how difficult Linux is to use. Therefore, it is logical to suggest that more newbie users use OS X and Windows than they do Linux and therefore are part of the problem when it comes to insecurities in ANY OS.
I also use XP and because I know about security, I do not get any problems with it and cannot recall the last time I got a virus on it. I do find the Windows security model overly complex compared to UNIX/Linux but that's just opinion and I'm sure there are plenty of better qualified Windows sysadmins than me who could argue the opposite.
If you are going to respond to my comments then please read them properly first and then stay on topic. Thanks.
Let's get this entirely out in the open, okay? An inexperienced user is potentially a danger on ANY operating system, including your beloved OS X. If you make an executable or email attachment seem valid enough, then there ARE Windows/Linux/OS X users who will run it, just like there have been a lot of surprised people on Slashdot previously when they installed Apple Quicktime updates and discovered it had also installed Safari - this does NOT happen if you know what you are doing and pay attention to what is being shown to you on the screen. No debate, it's fact.
The additional hurdles that both Windows and OS X have to overcome are twofold:
1. Both make money for their respective companies who (understandably) want to shift as much volume as possible. Therefore, the core marketing strategies of both Apple and MS have been to convince Joe Public that you don't need a computer degree in order to use their OSes. Also, rightly or wrongly, the perception of Joe Public is that Linux is difficult to use. Therefore the net result is that in all probability, people who use Windows or OS X are more likely to be newbie users who are more prone to running everything with admin privileges or being duped into running a Trojan.
2. Windows and OS X present nice fat targets for people who write malware because in both cases you have big populations of users running essentially the same systems. This means that the propagation of malware within Windows or within OS X is potentially much better than it is through disparate sets of systems. Again, if Ubuntu, for example, becomes the de facto standard Linux OS then it too could also present a nice fat target to malware writers - but the fact is that at this moment in time, there are that many different distros running that it makes it very difficult to target a single Linux application with malware that would propogate to the same degree as it would potentially do on Windows or OS X.
So please don't get defensive about OS X because if you just bury your head in the sand and do nothing about it, then you put yourself more at risk of a malware attack getting onto your system.
Any piece of malware is a risk to any system but good security is about limiting that risk as much as possible - so it's about putting firewalls in place, putting updates on systems regularly, scanning systems regularly, etc. etc.
I agree entirely - but what's easier to recover? Just damaged user files or the whole system plus the damaged user files?
Unfortunately, you're leading this argument in a big circle because if you are an inexperienced user who then just happens to do everything with administrator priveliges without realising the consequences (whether that's in Windows, OS X, Linux, whatever) then I am telling you now, as a matter of plain fact as someone who works in OS security, that you are at more risk of bad effects from a Trojan than if you do most stuff with normal priveliges.
Take it or leave it, it's up to you.
Please go read an appropriate book - this really is "standard" sysadmin stuff.
To be perfectly honest with you, if you use a Linux PC as a file server (like I do) such that there are occasions when you need to delete a directory in "one hit" using rm -Rf, then you're much better off changing the ownership of those files to you first and just tightening up NFS or SAMBA (depending on how you make those files available over the LAN).
I don't know OS X at all but if most people log in with adminstrator or root permissions like they do in Windows, then it's a problem because the Trojan can do it's dirty work all over your system - otherwise it can just damage the same stuff that the user has write permissions to.
I think you'll find that only a complete idiot would allow "sudo" access to "rm" such that it runs with root permissions. I don't use Ubuntu much (which does a lot via "sudo" by default) but would be very surprised if such a glaring security hole existed on it. You need to remember that the operation of "sudo" is controlled by a configuration file which, by default, is usually quite locked down.
If you're interested in Windows 7 on a low-powered system, why then would you not just run Linux and save some money in the process? Because on a low-powered system, gaming is not going to be an issue (therefore the "perceived" lack of games on Linux issue no longer applies) and because of the adoption of ODF within MS Office, by the time Windows 7 comes out in 2010 (even if that is the realistic release date) there will also have been considerable advancements in Linux also.
Believe me, I'm no Linux zealot but I just find it odd that so many people in the Windows camp seem to automatically exclude it from any consideration without at least considering it and maybe just giving it a try first.
On a low-powered system, it's not even as though you'll be running some big "must have" Windows application on it anyway.
Don't let the door hit you in the arse as you leave.
If nothing else, O'Reilly books invariably have samples of code and shell commands that are a lot easier to use if you can cut and paste them from a PDF (especially if you buy O'Reilly shell programming and UNIX/Linux books like I do).
Having said that, I still prefer the paper versions of the books but can't fault O'Reilly for consistent quality & interesting subject matter.
...so many studients here in the UK are doing "Media Studies" that if you need anyone to interview a games programmer, then definitely give us a call.
Up until a couple of weeks ago, my four home PCs all had ATI cards ranging from a Radeon X1950 down to a Radeon 9500 - but I got so sick and tired of the crap, poor performance Linux drivers from ATI that I stuck all the boards on eBay and bought NVidia 7600s instead.
A few quick kernel changes and the nVidia cards have been fine with 3D acceleration and, game-for-game, seem to have an equal performance to Windows when it comes to frame rates.
ATI will have an uphill battle trying to convince me to return to their fold.