I've never used antivirus on windows; nor have I ever gotten a virus on windows, so I feel like I'm justified in arriving at the conclusion that I don't need it.
I fully accept that argument on the basis that you're very careful on not going to dodgy web sites, never open any suspicious email attachments and probably don't use IE or Outlook for browsing and email respectively. But most normal users, including Mac ones, are not as careful as you or I.
have always been under the impression that OSX uses a fundamentally different (unix-style) security model that is inherently more secure, and that this will have more of an impact than any sort of after-the-fact antivirus software or defender programs.
Essentially there's two ways a computer can be compromised - either a self-propagating virus that get's in through a security hole in a piece of software running with high-level privileges or a directed attack trying to buffer overflow ("crash") a particular service to drop it to a shell prompt. The former are common Windows exploits, the latter are common UNIX exploits.
The reason why UNIX is considered "more secure" is that it takes a lot more work to compromise a UNIX system than it does a Windows one. Someone or some bot that is attacking a UNIX daemon ("service") usually has to know what version of the daemon is running on the system to know whether or not the exploit is open or closed. Bearing in mind the number of different flavours and architectures of UNIX (bearing in mind that a program that runs on a Sun Server with Solaris more than likely won't run on a Linux PC), the population of similar machines running the same exploitable software is quite small - not to mention the fact that, by their very nature, experienced UNIX people are a bit more hot on installing updates than an average home Windows user would be.
So yes, any OS can be susceptible to a virus or buffer overflow attack but how widespread that attack is depends on having a number of similar machines to be able to propagate that attack across - for Windows, that's a high number, for Linux (bearing in mind the differences between the various Linux distros out there), it's a much smaller number.
Because Macs essentially all run some version of OS X, from a risk perspective they would sit somewhere between Windows and UNIX.
Firstly, please do not get me started on global warning. I am fully prepared to accept any evidence that suggests this planet has gone through natural warming and cooling phases in the past because the last Ice Age happened before man ever appeared on the Earth.
Also, whilst I recognise the need to develop renewable energy resources and to recycle more, I refute man-made global warming on the basis that there is no evidence for it - Al Gore needed to fiddle the graphs by 60 years as the basis for any arguments he put across in "An Inconvenient Truth" and the fact is there's a political motivation to it - stop the Third World developing so that cheap imports are maintained to the Western World keeping the population therein fat, dumb and happy, resulting in the rich getting even richer and the poor getting poorer. And that's my view on the whole overblown issue summarised in a few lines.
Therefore, whilst I made no mention of renewable energy sources up until now, I do consider medical advancement to be more more important for the whole of mankind than renewable energy sources based on the fact that people are dying of horrible diseases at this very moment yet there's still going to be oil there for a few more decades.
You are free to donate to the American Cancer Society. Bonus because it's tax deductible and you can rest easy knowing that your money went to cancer research and not efficient vehicle research. Also, it makes you part of the solution instead of someone bitching about the problem.
With all respect to you, I'm British and between 1984 and 1988 I watched my own mother gradually die from liver cancer and my girlfriend's mother die from a brain tumour some 5 years ago. I don't expect any sympathy for stating that but, as a result, I make frequent donations both to Cancer Research UK and to the charitable hospice where she spent her last days. Personally, I don't give a sh*t if that money is tax deductable, it's the fact that I give to a worthy cause that's most important.
No, we don't put *EVERYTHING* into one field of research, we just prioritise things properly, that's all.
Then I hope you or anyone close to you ever gets cancer - I'm sure if you witness someone wasting away slowly as a result of it, I'm sure you will change your opinion.
Mac users really should stop being so blase about anti-virus software on their Macs because they should run it.
And if Rich Mogull is arrogant enough to believe he doesn't need it, then he shouldn't be calling himself a security expert. The fact is that virused propagate for two reasons:
1. Because an exploited security hole in the OS let's them get in and out, and
2. Because the virus has a similar enough system to propagate to.
Yep, Windows has security holes (but then so has OS X) but the greater issue is that Windows own levels of high compatibility going right from DOS up to Vista means that a well-written virus will probably be able to run on just about any PC.
Switch to a Mac, and you still have a population of similar-enough machines across which a virus can also propagate and it is very dangerous to assume anything otherwise.
Even though some nVidia fanboi has modded you down, I fully agree with you.
Go back 20 years when home computers were fixed boxes with minimal upgrade potential & limited memory/CPU power, truly smart programmers were doing things on those machines that weren't thought possible in order to get a bit more power for a demo or game on Commodore Amigas and C64s, Atari STs, etc. etc. because they didn't have the option of GPU upgrades and all that good stuff that they do now.
Yep, I sound like an old git but in those days the same guy that had an innovative idea for a new game probably also did most or all of the programming of it. That meant innovation in games like Elite, Doom and many others.
Nowadays, it just about commercial interest and assuming that the games player is going to make their machine meet the requirements of the game, even though it's just another linear rehash of an FPS or a slightly prettier sports game.
Personally, they can stick almost all of their new games where the sun don't shine because £35 for 8 hours of playing a linear rehash ain't worth the money - the Half-Life and Galactic Civilisations series are more than adequate to fill my tastes for modern games, and the mods and engine improvements for the likes of Doom, Duke Nukem 3 still make those older games great fun to play.
The project to develop the prototype of the COM-BAT some five years ago, the Operational Stealth Tiny Robotic Intelligent Combat Helicopter (OSTRICH) just didn't take off.
Read the Slashdot FAQ, it's clear these coments don't belong.
Read the Book Of Life, especially the chapter on "Finding A Sense Of Humour".
Slashdot's moderation system rewards postings which are "Funny", "Interesting" and "Insightful", not just those that happen to agree with your (presumably) pro-military opinions.
The only number you'll get L Ron Hubbard on is 1-800-6-FEET-UNDER as I believe said author has "f***ing snuffed it", in the immortal words of John Cleese.
Correct me if I'm wrong here, but as a regular Internet user myself, upon no occasion do I ever recall striding into your Portland-based psychiatric clinic, barging into your office during one of your consultancy sessions with a presumably rich local Oregon loony and delivering what would undoubtedly be my most unwelcome opinions on the size of your psychiatry couch, the colour of your office wallpaper or indeed the fact that you should not cross your legs whilst divesting said loony of hundreds of hard earned dollars for 30 minutes of giving you the pleasure of hearing him say that every one of your Rorshach ink blots looks like a vagina.
I would therefore very much appreciate it if you would maintain some consistency within your occupation and continue with that job for which you have been highly trained, namely the polite mugging of local Portland nutjobs of the contents of their wallets, and please keep your big fat psychiatrist's conk out of a subject area for which you can have no possible understanding.
Indeed, I can foresee a scenario where your lack of knowledge of the ways of the Internet may be a cause for extreme misinterpration on your part which would undoubtedly be of some embarrassment to us both - for example, were I to say to you "Excuse me while I unzip my attachment", I am sure that this simple description of the act of my saving the contents of an email to my hard disk would immediately have you reaching for one of your copious Sigmund Freud text books looking for some reference to the fact that my mother probably never breast fed me.
I hasten to add at this stage that equal embarrassment might also be garnered from such innocent requests as "Can you hold my floppy for a moment?", "Can I see which ports you have open?", "Do you inspect your logs regularly?" or "Have you fingered me yet?", to name but a few.
In conclusion, therefore, may I request that in future you exercise some restraint in your opinions of what I do whilst I shall continue not to tell you how to do your job.
At this time, I bid you fond farewell as I have some urgent command line work to undertake on my Linux computer - so please excuse me as I now need to go and "bash one out on my keyboard".
I'll be nice and say that there is a difference between teaching someone how to do something, and protecting something from unauthorized use.
There's more than a difference between the two, there's actually no overlap whatsoever between the two.
I also deal with the security of financial systems in as much as I'm a security consultant for my company which, amongst other things, deploys interactive response telephony servers in many banking environments - there is sensitive data on those systems if, for example, a customer has to use the keypad of their phone to put in an account number into the system before connecting to a live person; especially since those activities are usually logged on those systems also.
And whilst the sensitivity of such data is without question, securing one of these systems to ensure that the data is accessible to strictly authorised users is completely different to educating and training a user to do something right - and to do so in a polite and respectful fashion.
I'm not denying that users do some stupid things on occasions, but doing something through lack of understanding is much different to doing something with malicious intent and it's the job of the "techie" to determine which of the two has happened and act accordingly.
My comments so far are criticisms of needlessly dictatorial and heavy-handed sysadmins and nothing directly to do with security.
Dear Slashdot Friends
Thank you all for your wonderful support so far for my efforts in trying to get one of each Slashdot moderation type in a single day.
So far today my posts have achieved several "+1 Insightfuls", two "-1 Offtopics", one "+1 Funny" and one "-1 Redundant".
Keep them coming, we are almost there! This one alone must be worth a "-1 Troll"!
Yes and many thanks for the verbal Excel accounting spreadsheet.
However, my point is that it felt pretty good watching the thing fly just like it felt pretty good watching Armstrong walk on the moon and seeing the space shuttle orbiter take off and land that first time.
My taxes get wasted in far more boring ways & I doubt very much that with the absence of Concorde, I would now be paying any less tax.
So just let me get my little pleasures my own way, okay?
Your comment is self-deprecating - by virtue of being a geek, any spare time you have is spent on doing geekish things. Therefore geeks never have "too much time on their hands".
Still, give us geeks a shout in a couple of years time when you want to keep all those downloaded DRM-protected MP3s and movies you bought for a period of longer than two days - we'll see if we can help you out then.
What do I care? I could never have afforded to go on it anyway.
But it was pretty cool seeing it flying at airshows & having spent some time living in the Heathrow flight path, nice to go out in the garden occasionally and watch it fly over.
Slashdot Mirror
I fully accept that argument on the basis that you're very careful on not going to dodgy web sites, never open any suspicious email attachments and probably don't use IE or Outlook for browsing and email respectively. But most normal users, including Mac ones, are not as careful as you or I.
have always been under the impression that OSX uses a fundamentally different (unix-style) security model that is inherently more secure, and that this will have more of an impact than any sort of after-the-fact antivirus software or defender programs.
Essentially there's two ways a computer can be compromised - either a self-propagating virus that get's in through a security hole in a piece of software running with high-level privileges or a directed attack trying to buffer overflow ("crash") a particular service to drop it to a shell prompt. The former are common Windows exploits, the latter are common UNIX exploits.
The reason why UNIX is considered "more secure" is that it takes a lot more work to compromise a UNIX system than it does a Windows one. Someone or some bot that is attacking a UNIX daemon ("service") usually has to know what version of the daemon is running on the system to know whether or not the exploit is open or closed. Bearing in mind the number of different flavours and architectures of UNIX (bearing in mind that a program that runs on a Sun Server with Solaris more than likely won't run on a Linux PC), the population of similar machines running the same exploitable software is quite small - not to mention the fact that, by their very nature, experienced UNIX people are a bit more hot on installing updates than an average home Windows user would be.
So yes, any OS can be susceptible to a virus or buffer overflow attack but how widespread that attack is depends on having a number of similar machines to be able to propagate that attack across - for Windows, that's a high number, for Linux (bearing in mind the differences between the various Linux distros out there), it's a much smaller number.
Because Macs essentially all run some version of OS X, from a risk perspective they would sit somewhere between Windows and UNIX.
Also, whilst I recognise the need to develop renewable energy resources and to recycle more, I refute man-made global warming on the basis that there is no evidence for it - Al Gore needed to fiddle the graphs by 60 years as the basis for any arguments he put across in "An Inconvenient Truth" and the fact is there's a political motivation to it - stop the Third World developing so that cheap imports are maintained to the Western World keeping the population therein fat, dumb and happy, resulting in the rich getting even richer and the poor getting poorer. And that's my view on the whole overblown issue summarised in a few lines.
Therefore, whilst I made no mention of renewable energy sources up until now, I do consider medical advancement to be more more important for the whole of mankind than renewable energy sources based on the fact that people are dying of horrible diseases at this very moment yet there's still going to be oil there for a few more decades.
You are free to donate to the American Cancer Society. Bonus because it's tax deductible and you can rest easy knowing that your money went to cancer research and not efficient vehicle research. Also, it makes you part of the solution instead of someone bitching about the problem.
With all respect to you, I'm British and between 1984 and 1988 I watched my own mother gradually die from liver cancer and my girlfriend's mother die from a brain tumour some 5 years ago. I don't expect any sympathy for stating that but, as a result, I make frequent donations both to Cancer Research UK and to the charitable hospice where she spent her last days. Personally, I don't give a sh*t if that money is tax deductable, it's the fact that I give to a worthy cause that's most important.
No, we don't put *EVERYTHING* into one field of research, we just prioritise things properly, that's all.
Then I hope you or anyone close to you ever gets cancer - I'm sure if you witness someone wasting away slowly as a result of it, I'm sure you will change your opinion.
And if Rich Mogull is arrogant enough to believe he doesn't need it, then he shouldn't be calling himself a security expert. The fact is that virused propagate for two reasons:
1. Because an exploited security hole in the OS let's them get in and out, and
2. Because the virus has a similar enough system to propagate to.
Yep, Windows has security holes (but then so has OS X) but the greater issue is that Windows own levels of high compatibility going right from DOS up to Vista means that a well-written virus will probably be able to run on just about any PC.
Switch to a Mac, and you still have a population of similar-enough machines across which a virus can also propagate and it is very dangerous to assume anything otherwise.
Go back 20 years when home computers were fixed boxes with minimal upgrade potential & limited memory/CPU power, truly smart programmers were doing things on those machines that weren't thought possible in order to get a bit more power for a demo or game on Commodore Amigas and C64s, Atari STs, etc. etc. because they didn't have the option of GPU upgrades and all that good stuff that they do now.
Yep, I sound like an old git but in those days the same guy that had an innovative idea for a new game probably also did most or all of the programming of it. That meant innovation in games like Elite, Doom and many others.
Nowadays, it just about commercial interest and assuming that the games player is going to make their machine meet the requirements of the game, even though it's just another linear rehash of an FPS or a slightly prettier sports game.
Personally, they can stick almost all of their new games where the sun don't shine because £35 for 8 hours of playing a linear rehash ain't worth the money - the Half-Life and Galactic Civilisations series are more than adequate to fill my tastes for modern games, and the mods and engine improvements for the likes of Doom, Duke Nukem 3 still make those older games great fun to play.
So is the cure for cancer. And given the choice, I know where I'd want my taxes to be spent.
The project to develop the prototype of the COM-BAT some five years ago, the Operational Stealth Tiny Robotic Intelligent Combat Helicopter (OSTRICH) just didn't take off.
Read the Book Of Life, especially the chapter on "Finding A Sense Of Humour".
Slashdot's moderation system rewards postings which are "Funny", "Interesting" and "Insightful", not just those that happen to agree with your (presumably) pro-military opinions.
Personally, I don't believe in the existence of Attention Deficit Dis... Hey, look at that bird that just flew past my window!
The only number you'll get L Ron Hubbard on is 1-800-6-FEET-UNDER as I believe said author has "f***ing snuffed it", in the immortal words of John Cleese.
I wish I had the chance to discover this for myself.
I would therefore very much appreciate it if you would maintain some consistency within your occupation and continue with that job for which you have been highly trained, namely the polite mugging of local Portland nutjobs of the contents of their wallets, and please keep your big fat psychiatrist's conk out of a subject area for which you can have no possible understanding.
Indeed, I can foresee a scenario where your lack of knowledge of the ways of the Internet may be a cause for extreme misinterpration on your part which would undoubtedly be of some embarrassment to us both - for example, were I to say to you "Excuse me while I unzip my attachment", I am sure that this simple description of the act of my saving the contents of an email to my hard disk would immediately have you reaching for one of your copious Sigmund Freud text books looking for some reference to the fact that my mother probably never breast fed me.
I hasten to add at this stage that equal embarrassment might also be garnered from such innocent requests as "Can you hold my floppy for a moment?", "Can I see which ports you have open?", "Do you inspect your logs regularly?" or "Have you fingered me yet?", to name but a few.
In conclusion, therefore, may I request that in future you exercise some restraint in your opinions of what I do whilst I shall continue not to tell you how to do your job.
At this time, I bid you fond farewell as I have some urgent command line work to undertake on my Linux computer - so please excuse me as I now need to go and "bash one out on my keyboard".
I don't know if that helps with your definition.
There's more than a difference between the two, there's actually no overlap whatsoever between the two.
I also deal with the security of financial systems in as much as I'm a security consultant for my company which, amongst other things, deploys interactive response telephony servers in many banking environments - there is sensitive data on those systems if, for example, a customer has to use the keypad of their phone to put in an account number into the system before connecting to a live person; especially since those activities are usually logged on those systems also.
And whilst the sensitivity of such data is without question, securing one of these systems to ensure that the data is accessible to strictly authorised users is completely different to educating and training a user to do something right - and to do so in a polite and respectful fashion.
I'm not denying that users do some stupid things on occasions, but doing something through lack of understanding is much different to doing something with malicious intent and it's the job of the "techie" to determine which of the two has happened and act accordingly.
My comments so far are criticisms of needlessly dictatorial and heavy-handed sysadmins and nothing directly to do with security.
So far today my posts have achieved several "+1 Insightfuls", two "-1 Offtopics", one "+1 Funny" and one "-1 Redundant".
Keep them coming, we are almost there! This one alone must be worth a "-1 Troll"!
Nope, keep going - still a nice big pile of unburnt fuel in the "Ol' Karma Coalshed" yet!
Man, you're too clever for me.
Wake me up when they release the Open Source graphics drivers.
Now please stop scratching your rectum & sniffing your fingers & go read the dictionary definition of "Offtopic", will you?
However, my point is that it felt pretty good watching the thing fly just like it felt pretty good watching Armstrong walk on the moon and seeing the space shuttle orbiter take off and land that first time.
My taxes get wasted in far more boring ways & I doubt very much that with the absence of Concorde, I would now be paying any less tax.
So just let me get my little pleasures my own way, okay?
Still, give us geeks a shout in a couple of years time when you want to keep all those downloaded DRM-protected MP3s and movies you bought for a period of longer than two days - we'll see if we can help you out then.
You are The Weakest Link. Goodbye.
But keep shtum about the built-in DRM, okay?
But it was pretty cool seeing it flying at airshows & having spent some time living in the Heathrow flight path, nice to go out in the garden occasionally and watch it fly over.
If that bottle has the word "Budweiser" on it, that ain't beer.
You forgot to add "...but with a complete inability to brew anything remotely resembling beer" on the end of that sentence.