Spending a few hundred on a mini or used imac is well worth the piece of mind.
I'll second that. I convinced my parents to buy a candy colored imac about the time OS X was coming out. Since then I've answered about ten tech support for them. The answer to three of them was, "yeah you kicked the plug out again."
If a user is dead set on running something then he is going to run it. There is little that can done to fix that. Implementing a TPM system where the user simply can't run unsigned binaries without flipping some switch is the only solution I can think of, and you can be sure most users will flip that switch as soon as whatever piece of malware they are attempting to install requests it.
The solution is to increase the granularity of control and the feedback from the OS. Right now you can run a piece of software that may or may not be malware. You can run it as an admin with pretty much all permission or you can run it as a normal user (well some people can, maybe not most). Either way, it has significant access to be valuable to a botnet operator. If you're an expert you can run it in a special, locked down user account but that may or may not work. Ditto for a VM.
What users need, is the ability to run it with greatly restricted privileges and then pertinent feedback when it tries to exceed those privileges. We're not talking about a dialogue box that says, "explorerhelp2.exe needs administrative privileges (OK)(Cancel)." Something like "MarsRaid.exe is from an unknown publisher and would like access tot he internet in a way normally used to send e-mail (Stop it from sending e-mail)(Let it send e-mail once)(Always let it send e-mail)(Advanced Options)."
By providing granular security for each application, restricting by default the network, filesystem, and other resources that program can access in accordance with the level of trust given to that program users are told what i going on and given the tools to make reasonable choices. Sure some will agree to let anything do anything, but at that point user education has a manageable task. There is no technical reason why this system won't work and the plumbing is already there on numerous OS's
Well, I think we've pretty much exhausted the discussion. We have a few fundamental disagreements. I don't think it is possible to create a perfectly secure OS, given the nature of the system. I think we can come close but anything happening in the physical world is subject to randomness and complexity at higher levels. I also feel that past exploitation is one good indication of future exploitation. It does not make it certain, but OS's are created by process and individuals. Past exploitation shows behavioral patterns of both attackers and designers and as far as I've seen provides a fairly reliable way to predict rates of future exploitation.
Unless some other predictor drastically changes the probability of a random OS X box being compromised is small while that of a random Windows box is high.
Unfortunately it's not in OS X either, though it's long overdue.
We'll have to see what exactly is in OS X 10.5.
They should pay the author of Little Snitch and just incorporate it, but extend it to file access too (don't think it does that, if it did I'd buy it). Very easy to do, and the payoff would be huge for security against simple trojans and spyware.
Well, little snitch is sort of an add on for the firewall and not a good basis for ubiquitous system level security. Apple announced a month or two ago that they had ported to 10.5 the Mandatory Access Controls (designed for exactly this purpose) from TrustedBSD, which is itself a port of SELinux controls from the NSA, I believe. The trick with such a system is designing the UI component (which Little Snitch does provide a good model for) and designing good defaults. Since they also announced an application signing framework at the same time my hope is that they will provide ACLs for pre-installed apps, give certified and verified apps an ACL included with that app, give certified apps a fairly restrictive default ACL, and give unsigned apps a very restrictive ACL as the default settings. As for the filesystem access, I'd like to see the most restrictive default be access only to files created by that program itself. I think more granular access than you present would be nice as well and if proper defaults are provided it should be easy to change them with a simple violation notice ala Little Snitch, or by editing that program's restrictions.
Anyway, at least the frameworks for this look to be coming soon. Hopefully the OS integration, UI, and defaults are as well.
You say: ``If a vulnerability hasn't been found, it can't be used. If a vulnerability exists in a package, but no one ever finds it, does it make a sound... err make me less secure? Nope.'' To me, that is tantamount on saying "Our voting machines are perfectly secure; there is absolutely no evidence they have ever been exploited.".
This is not true. We were discussing vulnerabilities that have been discovered, not vulnerabilities that we know have been discovered. I can see where you are confused by the distinction.
I trust a system if I'm satisfied that it _can't_ be exploited, not if it _hasn't_ been exploited. The point of security is not that it protects against attacks that have already succeeded, but that it prevents future attacks from succeeding.
Any and all systems can be compromised. What concerns a rational person is not this fact, but the probability of that happening. Past exploitation is a good indicator of possible future exploitation.
Same with security: you can't run _every_ attack, so you will never know the system is secure, but someday, somebody might run an attack that succeeds, and your system will have been compromised. If it can be compromised, it's not secure. At least, that's my definition.
Okay, but since it is an unknowable quantity it is also completely useless. By that definition all OS's are insecure. How does that help me make decisions?
"More secure" and "less secure" implies that you have some scale on which you put systems, so that one system can be higher on the scale than another. I claim there is no such scale.
Fine, but then the proper response to the question "is it more secure" is not "no." The proper response is "your question makes no sense according my definition of security since nothing can be 'more secure' than anything else."
Is Windows less secure than OS X, because we know more vulnerabilities in the former than in the latter?
According a useful definition, yes. A reasonable assessment of the two indicates that in general use the former is more likely to be compromised than the latter. That's how people make decisions, by using reasonable predictions based upon the current information.
If OS/X or Linux owned the desktop marketshare that Windows does, it still would not improve the behavior of the users and admins. I haven't found an O/S yet that trains people not to do stupid things on their computers.
For OS X, it might not make a big difference. If Linux had the same market share, however, it would also certainly adapt to allow less competent users to safely do what they want. You can't provide a user with a lousy user interface that doesn't bother to tell him when his computer starts sending thousands of spam messages and that makes it nearly impossible to run some random, untrusted software safely, despite that being one of the main he reasons he bought a computer, and expect the user to change. It's not going to happen. OS's need to be made to accommodate the needs of the user safely, not to force users to stop doing what they want to.
When you have behavior like computer users with administrator rights clicking "OK" on the "Install smiley faces now!" pop up
Allow me to explain in how many ways your OS has already failed. It presented an "OK" dialogue, which is worse than useless, not an actual action, and only conditions users to click the meaningless button. Your user doesn't know they have administrator rights, or even what administrator rights are. They should, by default be logging into a less privileged account. Finally, installing some program called "smiley faces" should not compromise a computer or cause it to be able to silently start sending spam messages without the user's explicit approval. By default any new programs not signed and verified as kosher by a trusted certifier should be run with extremely limited access to all system resources and possibly run in a VM.
Once these issues are solved and the user is presented with a dialogue like 'the program 'smiley_faces.exe' is from an unknown and untrusted manufacturer and would like permission to access the internet in a way normally used to send e-mail and would like access to completely control your computer in every way from this point forward. (stop it from completely taking over my computer forever and sending e-mail)(let it do anything it wants from now on and send e-mail)(advanced options)" and the user clicks the button that lets it take control of the computer forever you can again start complaining about user's behavior. Until that time, please direct your disdain at the improperly designed OS that does not deal with the realities of who their users are or what the computing environment is like.
Oh. Maybe then you can fix that wikipedia article..
Why, it looks fine to me. It specifically addresses the user interface and even GUI as part of the OS. Part of a user interface is effectively communicating what is happening to the user. As for giving them the ability to do what they want within it, that is clearly the responsibility of the OS as it is program management as described by that Wikipedia article. I guess I don't understand what your issues are.
Any piece of software attempting to open an outbound connection, particularly to common port like SMTP, needs to flag the fact to the user and explain, in English, what's going on.
Yup. It's the last part that I haven't seen done right. As I see it there are four fundamental chunks to this technology
Application level security restrictions by resource/service
An index of trust levels for applications, based upon application signing, user specified values, etc.
A good set of default restrictions based upon those trust levels and tailored for pre-installed apps
A good GUI that ties into the OS and explains things in English
OS X 10.5 is slated to include at least the first two and I'm hoping for the latter two.
If you define security as the inverse of how much something gets exploited, you're right.
Yeah, that's pretty much how I define security all right.
However, I care about security as in all vulnerabilities, not just the ones that have been found and are actively and widely being exploited, but also the ones that remain to be discovered or the ones that aren't actively being exploited, but could be used by a determined attacker to gain access to my system.
If a vulnerability hasn't been found, it can't be used. If a vulnerability exists in a package, but no one ever finds it, does it make a sound... err make me less secure? Nope. Security by obscurity is a valid type of security, just not an ideal one. If you're looking for a desktop OS that is highly unlikely to be exploited for an average user, OS X is a very good choice. It is a much better choice than Windows. If, however, you're not a typical user and you face an extra high risk of some particular threat, like direct attack by talented hackers trying to get your top secret whatever, then you should consider a system designed to counter that threat. Perhaps SELinux or some other locked down system designed with security as the top priority. Most people don't want to use such a system because it sacrifices a lot of functionality and ease of use to gain that security.
All of this, however, sidesteps the issue being addressed which is, "Is OS X 'more secure'." If you're comparing it to Windows, yes it is for general users. If you're comparing it to Solaris for an application in an environment full of homocidal security experts that hate all macs and will instantly attack any user of such a system physically with Uzi's, then no it is not "more secure." I think it is a bit unreasonable, however, to apply those criteria. In the general case OS X is much more secure than Windows.
It has nothing to do with the OS or security. It's all about market share.
Congratulations. As the 100th person in this thread to repeat this assertion it falls upon you to prove it, or at least provide any support for it, since no one else has.
If OSX had 90% of the home user market as Windows does, then it'd be hit just as hard.
Well, this is a possibility, but since it doesn't have 90% market share, why should I care? It's like saying, "Bob's house is no more secure than mine. The locks were made using almost the same process. His doesn't get broken in as much as mine, just because he doesn't live next to a crack house in Detroit." Umm, great, but for anyone considering a real estate purchase, we don't care so much why it doesn't get broken into, only that it doesn't.
Since OSX is closer to 5% of the market, what is the point in exploiting the vulnerabilities?
Well thousands of crackers would love the bragging rights and to shut the mouths of all those smug Mac users who brag about their security all the time. Also, new worm variants are implementing data mining techniques and there are a lot of credit card numbers and passwords on macs. Finally, if making a mac worm is just as easy as Windows, why not add the exploit to an existing worm and grab that 5% rather than adding another Windows exploit that will likely just duplicate the bots you have now?
No system is perfect.
True.
I am going to laugh at the stupid people that download whatever they want on OSX without fear.
So far, those people have been pretty safe, so why laugh at them? Going forward, it looks like they might remain safe since the new MAC framework in OS X 10.5 will likely make downloading and running even random trojans fairly safe.
Most of the OSX people that I know do not even run antivirus.
Most people in Sweden don't carry a gun everywhere since they're more likely to have an accident with it than do something useful. The same is true with Antivirus on OS X. So far there have been two antivirus programs for the system with serious security holes, and no malware for OS X mitigated by them. If malware becomes a problem, OS X will adapt to solve that problem. That's what happens when the manufacturer is not a monopoly and has money on the line.
Sure it did. The "more secure" applies versus Windows though, which is what most people use as the goal post.
First of all, you can't compare security of operating systems, because you can't eliminate bias from your tests.
Select 100 random users of each system and see how much malware they have. It is simple and practical as a real world evaluation.
Secondly, Apple's OS is closed source, which you can never trust.
Lots of software is closed source. Lots of software which is open source is too long and convoluted for any person to properly audit. It's not a matter of trust, just results.
Thirdly, much of the OS is written in unsafe languages (particularly C, C++, and, perhaps, Objective C - I don't know if the last is unsafe), and thus, the statistical probability that it will contain security holes is high.
So? Can you show me an OS where this is not the case? We're talking about "more secure" which is to say relative security.
Finally, I don't think Mac OS X has been so thouroughly scrutinized by security experts as Windows has.
Half of what people think of as the OS, in OS X is both open source and derived from code that has been tested more thoroughly and regularly than Windows. Much of the rest has little room for security holes because it is simply not in any position to cause security problems. OS X is by no means a poster child for a super secure OS, but compared to Windows it is no contest. I know people who have worked at Microsoft and it has given me little or no faith in the thoroughness of their security testing. My understanding is every hole is rated by how serious it is and how many people it effects and more than half of them MS knows about are not even fixed. Apple, on the other hand, has just fixed some holes that affect maybe one in a thousand of their customers and only cause a denial of service then.
OS X is "more secure" than Windows and that's just the way it is. You'd be hard pressed to find an expert that disagrees.
Spyware and Viruses however usually have NOTHING to do with the security of the OS.
Okay, take a deep breath and reread what you wrote. Spyware and viruses are security problems. If the OS does not handle them, then it has not provided ideal security. The OS is responsible for telling users what it is doing and letting them do what they want. If it is sending thousands of e-mails and they don't know, but would like to, it has failed. If they wanted to run a game, but did not want that game to have permission to send e-mail, and the OS did not give them that option, it has failed.
There are just less spyware and viruses for OS X since not as many people use it, thus it is not a primary target.
There isn't as much malware for OS X, but I don't think that matters, fundamentally. That is because if there was as much malware, it still wouldn't be a problem because the OS would deal with it better. Partly this is because the current design is better and partly this is because it would adapt to the threat in response to users. Apple has sales on the line, a lot of them. MS loses little of nothing by not fixing the problem.
Spyware/viruses do not mean the OS is insecure, but that the users of it are.
An OS that is designed to be used by some mythical perfect user in a mythical perfect world and which is not designed for real users in the real world is an insecure failure.
A computer is a tool to let you do things, it is not supposed to do thinking for you.
A tool should be designed for a given skill level and environment so it works properly for most people. You wouldn't design a new blowtorch that superheats the air in lower latitudes and kills everyone when you turn it on. By default, it should behave reasonably and if some freak wants to mess with it, they can. That said, Windows in particular does a terrible job of doing what users expect it to safely. OS X does a better job, partly because the ecosystem in which it operates is different and partly for technical reasons. It does, however, do a good job of working by default for that set of users and ecosystem.
Some really common tasks, like running a random game from a Web page when I'm not sure I can trust it, are really, really, really hard on Windows. Given that so much malware is out there, this should not be the case. The computer does not have to "think for you" in order to sensibly inform the user and give them the choices they need. For example, no program not pre-installed on Windows should be able to read your e-mail address book or send e-mail messages without the user specifically authorizing that behavior. "The program 'Marsblast.exe' would like to read your e-mail addresses and connect to the internet in a way normally used to send e-mail. (Stop it from reading my addresses and sending mail)(let it read my addresses and send mail once)(always let it read my e-mail addresses and send e-mail)(advanced options)." This functionality is not impossible to create and if MS were in a competitive market where they had to give customers what they want, this would have been in Windows 2000.
I thought it was a pretty well-established fact at this point that Mac OS X is considered to be more secure not because it is less vulnerable to attacks, but because it is a less desirable target for attacks.
It's both. Macs don't have the numbers that make botnet operators look to make a worm. They do, however, have a lot of valuable data and make just as nice of control channels as a Linux box somewhere. There are a lot of credit card numbers and the like on Macs. The thing is, they're also a lot harder to get to than on a typical Windows box, so people go for the easy target.
Windows, according to this analogy, would be more like the U.S.: A huge defense system, but every hole in the security matters, because people are actually trying to get through.
Okay, I can see that analogy. And malware is like the Mexican immigrants walking across the border without any problems. It's not in the best economic interests of the US to stop them, just as Microsoft has no real motivation to stop malware. They both like to make noise about it for PR reasons though.
That said, what I really want to know is why big companies like MS and Apple don't explain more fully WHY they aren't releasing patches to known issues.
I think most people don't care. I mean the average Joe says, "they found a hole and fixed it, cool." The security geek already knows the score. So who are they targeting with this info? And what info, exactly do you want?
Is it possible for the Macintosh to have a major security flaw in the Apache Server?
Of course, in fact it has already happened.
If the Macintosh had a major security flaw in Apache, could there be a Code Red style of attack?
It's possible if the exploit was coded before the patch (which is rare in the extreme on OS X). Also, since Apache is not running by default on OS X, it would hit a tiny number of users and most would not care.
Would Apple release a patch to address the flaw in Apache, even though it's not their software per se?
Apple is an Apache contributor and has released security patches in the past. They also can make fixes to the version they ship, which is a little nonstandard as it must deal with Apple's filesystem quirks.
How many users would actually be vulnerable to this exploit?
Hmm, i would be, maybe. I have a Web server on my laptop I run occasionally to test things and sometimes open it up in a coffee shop while collaborating.
If you know the answers to those questions (the real ones, not the projections from Windows users) then you know why Mac users feel invulnerable, even though they're not.
Yeah, I know a lot of Mac users and most certainly don't feel invulnerable. At the same time, however, they don't have any qualms about telling a clueless relative to just get a Mac and not worry about it.
Arnt[sic] most of the "flaws" actually trojans? In which case you have to execute them (and thus give your username and password or do some other action) to even run them and let them do their bad things?
These are potential holes that have been fixed. Some are issues where data (like a font or disk image) despite being just data could execute code. Some are remote holes that could lead to a remote compromise without user interaction. Some are ways to locally or remotely crash something or locally escalate privileges.
As for trojans, they are a serious consideration that should be addressed by the OS, but are not related to this security fix. It looks like 10.5 will include at least the security frameworks needed to mitigate most of them.
There was one at blackhat this year and two at Nanog. There was one at the ISP conference (whose name I forget) Canada last month. Pick up any trade journal and find me a study that doesn't show this.
Not that the default config - the infamous "Administrator by default" - ends up making a huge difference in practical terms.
If that were the only default config, maybe not. It isn't. Combine that with basically no use of the application specific security controls, really lousy UI defaults (hiding extensions anyone?), unneeded services enabled by default, etc. and you have a disaster.
Sure they are. They suffer basically the same problems Windows does only with one or two more dialog boxes in the way.
No they don't. Even if they are as vulnerable to the problems as Windows they don't suffer from them because they are not exploited.
Moreso, if anything, since code executing as root has more power than code executing as "administrator".
How odd. I'm logged into an administrative account right now (on another machine) and it is not a root account.
The primary contributor to the "lack of widespread compromises" on Linux is the relatively tiny number of suitably ignorant users. On OS X, it's the relatively tiny marketshare.
You know, repeating unsupported assertions over and over again doesn't actually lend them any more credibility. You actually have to present support for them, like facts.
"Failing to contain trojans" is what happens when you allow ignorant users the ability to execute arbitrary code.
Failing to contain trojans is what happens when you let the users that exist use Windows. You can argue that the user has failed, but it doesn't matter because so has the OS by not being designed to work properly for said user.
So you're saying OS X won't let users run unsigned code ? Because that's going to be a legacy support cutoff so brutal I don't think even Apple would be game to carry it out.
No, I'm not saying that. I'm saying they ported TrustedBSD's MAC system and combined it in some unspecified way with application signing trust levels. It would be stupid to try to stop users from running unsigned code. It makes a lot of sense to restrict the access of unsigned code by default.
Should be funny watching the anti-Microsoft zealots try and spin mandatory signing of code it as suddenly being a good thing, as well.
It is funny watching some Microsoft fanboy make up shit like "mandatory signing of code" when no one ever even suggested such a thing. Seriously though, you can tell me. Do you get paid to try to spin every failure of MS and Windows as someone else's fault while at the same time always referring to all of the security improvements from everyone else as impossible?
Remote vulnerabilities for Windows - like most platforms - are few, far between and quickly fixed. Indeed, the vulnerabilities behind most high-profile remote exploits for Windows were typically fixed *before* those exploits occurred. A brief cruise around the various "security" sites shows this.
So what? They also account for most infections, since worms and Website exploits affect so many more targets than other malware. Every study I've seen shows this and it is supported by my own data.
I don't believe anyone has said "market share" is the only factor.
Yeah, I think it was "bigger target, more problems" which he showed was not a truism.
The only elaboration of the term "system" comes from... Which seems to be referring to "the system" at a pretty low level by my interpretation.
So what part of "the default security model" did you think did not apply to your argument about the security model? I think it was pretty clear he was referring to default settings of that system.
Of course it is - every platform is.
No it isn't. OS X and Linux desktops both are not seriously flawed as they appear to the average user. This is evidenced by the lack of widespread compromises on said platforms.
That doesn't change the fact that the vast majority of Windows exploits do not originate from coding or security infrastructure flaws.
Buffer overflows are the result of coding flaws. Failing to contain trojans and said overflows is a infrastructure security flaw.
You cannot secure a general-purpose platform where ignorant end users have the ability to run arbitrary code, and have it remain usable.
Well it looks as though Apple will make eat those words with OS X 10.5 which looks to include default mandatory access control settings based upon application signing levels. Care to bet how long it takes most Linux distros to do the same?
If the State is to make an informed decision then it needs to hear the Microsoft argument for sticking with the Office formats.
True... but completely beside the point. Microsoft salespeople and engineers will definitely be presenting information, just like every other vendor looking to sell things to the state. That is completely different from one of their employees being on the state payroll to help make decision about whether or not buy things from their employer. It's like hiring an executive from Colt firearms to sit on the board deciding what the army's next assault rifle will be. It is a blatant conflict of interest. No one on MS's payroll should be part of the decision making body.
Strange. I've never felt the need to run untrusted programs. I'm not sure why you feel that need and I don't.
Probably because either I'm less trusting than you are or because I use my computer differently than you do. I don't know about you but I don't have the time to audit all the code from all the programs I use. I don't have the code for dozens of commercial applications. The average person wants to run programs they don't know if they can trust. Can you trust World of Warcraft? Who is to say? Any OS that requires you to trust all the software you run on top of it, in this software ecosystem, is fatally flawed.
If using MS Word and Windows allows them to do thier jobs quicker and/or do them more efficiently then so be it. But if you want to switch away from it, you'd better be able to PROVE it's all going to be worth it, and frankly I haven't seen that, or believe it.
Government officials evaluated their needs and then made a policy based upon what they felt was best for the state. That was ODF. That is not a special interest. A special interest is when some group or company tries to convince the state to do something. That is not necessarily a good thing or a bad thing, but it is suspect especially when the stated goal of that interest is to make money. Thus MS is a special interest. The ODF format and its external supporters are not.
As for doing things better, allowing people to access government documents without paying a fee is beneficial. Ensuring those documents will be readable in the future is beneficial. Standardizing on a format that allows competitive bids from any and all parties is beneficial. There are all clear benefits of ODF. Standards simply make sense, especially for public applications. If MS wants to be a supplier they should conform to the specifications of the contract as the state stipulated, not try to bribe public officials into changing the contract so that they are the only possible bidder. That is called corruption, whether it is Microsoft or the mob doing it.
The question is, is he still employed by the same lobbyist firm?
It is my understanding that he works for Microsoft directly and is still employed by them as a regional director of PR. I read something about a comment where he would be acting as a private individual not an MS employee for that issue. It seems a clear conflict of interest.
You are right alarm systems are largely useless. However my point is that the deterring factor of an alarm system is the risk of getting caught. It may be rare that police respond however, that small chance adds to the risk.
Alarm systems draw attention that might lead to them being punished. Alarm systems alert both the home/business owner and neighbors increasing the chances one of them will grab a shotgun and come after them. They aren't afraid the police will stop them in most cases.
Just because something is "easy" (picking quality locks is not easy), or can be done doesn't mean people have the skill to do it.
No it doesn't, but usually there is no need. Most burglars just break the lock or door or window. And I taught my girlfriend to pick locks in five minutes. She managed with a little work to easily pick the average outdoor lock on our rental home. Most locks are not that hard to pick. The point, however, is that alarms and locks are deterrents, but not for the reasons you cite. Mostly it is a matter of convenience.
I would really love to see a reference for that study. What I have seen, however is studies that people are far more willing to do crimes when they believe they will not get caught, which is quite different then what you are saying.
I wish I had a handy reference for the one really good study on this I read, but in a pinch the book "Freakonomics" has a study in it that covers the basics of the point pretty well. (And it is a wonderful, quick read anyway. Pick it up.) Basically, most people don't think they will be caught if they try to commit a theft or murder. Adding obvious surveillance equipment is shown to be less effective than a sign that says, "please be honest, don't steal" in preventing theft.
Absolutely, and another correlations is education level. However I have never heard of a correlation between crime/education/wealth and morality. Could it be that when a person is desperate they will risk imprisonment because they have to eat where someone who has a skill wouldn't risk imprisonment? Laws, just as much as morality are at play here.
Local laws, relative punishments, the effectiveness and perceived effectiveness of the police, education, and wealth all show a less direct correlation with theft and violent crime than wealth disparity in the locality. This can be seen within localities and thus normalized for other factors as wealth disparity increases or decreases. The effects, for example, of very progressive inheritance taxes in northern Europe demonstrated a profound affect upon crime rates, even when the money was just collected and had not been used in socialist programs.
There is quite a bit of literature on the subject, particularly if you look at some of the research on corporate psychology. Companies invested a lot of money in the last few decades trying to figure out how to stop employees from robbing them from the inside and while the studies have largely been ignored, the consensus was clear. Don't pay a person's boss an order of magnitude more than them. Don't pay the CEO more than everyone else put together. Treat the employee ethically, and they respond in kind. Treat them in a mercenary fashion and the chances of their robbing the company increase a huge amount. Demonstrate you don't trust them through very restrictive and visible security and they are more, not less likely to steal.
You're pointing out a situation that's particularly difficult on Windows, because Windows was never designed from the start with security in mind.
Well that and because Windows does not change to make common tasks like these easy to do safely. I mean, technically the granularity of control is built in. This is very doable and the user would never need to know in most cases. It just would take a little work and MS has no reason to do it
I've never run any application from a user that I didn't have reason to trust.
Users want to run programs. That's why they got a computer. Users will have different levels of trust for different programs. I've audited the code of about three of the hundreds of applications I run on a regular basis. Some I trust more than others, but if I don't run programs I don't have some distrust for, my computer is a paperweight.
That's really a problem with the limited choice of trustworthy software on Windows, not a problem with Windows's security per se.
I think you have the same, very wrongheaded mindset that MS does. As designer of the monopoly OS everyone uses, MS has a lot of influence on the applications that run on top of it, but they don't have the power to dictate to everyone how they make and sell software. They do have the ability to design their OS to deal with the realities of the market today. The problem is, they don't make Windows easy to use for a normal person doing normal tasks safely. You might as well say, "the real problem is people are malicious and write malware." Sure it is, but there's nothing we can do about that and a hell of a lot that can be done to secure our computers. I blame Microsoft for not taking those steps.
In summary, I assume you now concede that safely performing normal task, given the state of application on Windows, is not akin to knowing how to change your car's oil?
Of course, if I understand you correctly, your point was that International wealth disparity is even greater than that within the US, and therefore, increased globalization results in increased (property) crime. It "makes perfect sense" to me, but I'm having trouble finding the stats to back it up.
Let me clear up a few points. I'm not talking about crime rates. I'm specifically talking about theft and violent crimes. Make drinking beer a crime in Ireland and try to enforce it and it will have the highest crime rate in the world. Since laws are not uniform, we have to limit this to particular crimes.
Also, there are many factors to these crime rates that need to be normalized. For example, are citizens armed? Are drugs criminalized or a health care issue? What is the rate of socialism and job security? What is the rate of employment? All these factors are important and correlate to some degree.
The best studies are usually within a single country or region which is already normalized for the above factors. When wealth disparity changes, what happens to theft and violent crime rates? Studies have pretty well established the correlation in these circumstances. It is a bit of a jump to extrapolate an online community where that is the only interaction, but if you ascribe to the motivational theories I mentioned, you'd predict even higher rates of these crimes based upon wealth disparity between online individuals. As far as I know, there is no data to prove one way or another if those rates are higher since it would require finding a significant number of said criminals and putting together the numbers. It seems to be supported by the evidence so far, but there is not enough of it to claim it as support for the theory.
Spending a few hundred on a mini or used imac is well worth the piece of mind.
I'll second that. I convinced my parents to buy a candy colored imac about the time OS X was coming out. Since then I've answered about ten tech support for them. The answer to three of them was, "yeah you kicked the plug out again."
If a user is dead set on running something then he is going to run it. There is little that can done to fix that. Implementing a TPM system where the user simply can't run unsigned binaries without flipping some switch is the only solution I can think of, and you can be sure most users will flip that switch as soon as whatever piece of malware they are attempting to install requests it.
The solution is to increase the granularity of control and the feedback from the OS. Right now you can run a piece of software that may or may not be malware. You can run it as an admin with pretty much all permission or you can run it as a normal user (well some people can, maybe not most). Either way, it has significant access to be valuable to a botnet operator. If you're an expert you can run it in a special, locked down user account but that may or may not work. Ditto for a VM.
What users need, is the ability to run it with greatly restricted privileges and then pertinent feedback when it tries to exceed those privileges. We're not talking about a dialogue box that says, "explorerhelp2.exe needs administrative privileges (OK)(Cancel)." Something like "MarsRaid.exe is from an unknown publisher and would like access tot he internet in a way normally used to send e-mail (Stop it from sending e-mail)(Let it send e-mail once)(Always let it send e-mail)(Advanced Options)."
By providing granular security for each application, restricting by default the network, filesystem, and other resources that program can access in accordance with the level of trust given to that program users are told what i going on and given the tools to make reasonable choices. Sure some will agree to let anything do anything, but at that point user education has a manageable task. There is no technical reason why this system won't work and the plumbing is already there on numerous OS's
Well, I think we've pretty much exhausted the discussion. We have a few fundamental disagreements. I don't think it is possible to create a perfectly secure OS, given the nature of the system. I think we can come close but anything happening in the physical world is subject to randomness and complexity at higher levels. I also feel that past exploitation is one good indication of future exploitation. It does not make it certain, but OS's are created by process and individuals. Past exploitation shows behavioral patterns of both attackers and designers and as far as I've seen provides a fairly reliable way to predict rates of future exploitation.
Unless some other predictor drastically changes the probability of a random OS X box being compromised is small while that of a random Windows box is high.
Unfortunately it's not in OS X either, though it's long overdue.
We'll have to see what exactly is in OS X 10.5.
They should pay the author of Little Snitch and just incorporate it, but extend it to file access too (don't think it does that, if it did I'd buy it). Very easy to do, and the payoff would be huge for security against simple trojans and spyware.
Well, little snitch is sort of an add on for the firewall and not a good basis for ubiquitous system level security. Apple announced a month or two ago that they had ported to 10.5 the Mandatory Access Controls (designed for exactly this purpose) from TrustedBSD, which is itself a port of SELinux controls from the NSA, I believe. The trick with such a system is designing the UI component (which Little Snitch does provide a good model for) and designing good defaults. Since they also announced an application signing framework at the same time my hope is that they will provide ACLs for pre-installed apps, give certified and verified apps an ACL included with that app, give certified apps a fairly restrictive default ACL, and give unsigned apps a very restrictive ACL as the default settings. As for the filesystem access, I'd like to see the most restrictive default be access only to files created by that program itself. I think more granular access than you present would be nice as well and if proper defaults are provided it should be easy to change them with a simple violation notice ala Little Snitch, or by editing that program's restrictions.
Anyway, at least the frameworks for this look to be coming soon. Hopefully the OS integration, UI, and defaults are as well.
You say: ``If a vulnerability hasn't been found, it can't be used. If a vulnerability exists in a package, but no one ever finds it, does it make a sound... err make me less secure? Nope.'' To me, that is tantamount on saying "Our voting machines are perfectly secure; there is absolutely no evidence they have ever been exploited.".
This is not true. We were discussing vulnerabilities that have been discovered, not vulnerabilities that we know have been discovered. I can see where you are confused by the distinction.
I trust a system if I'm satisfied that it _can't_ be exploited, not if it _hasn't_ been exploited. The point of security is not that it protects against attacks that have already succeeded, but that it prevents future attacks from succeeding.
Any and all systems can be compromised. What concerns a rational person is not this fact, but the probability of that happening. Past exploitation is a good indicator of possible future exploitation.
Same with security: you can't run _every_ attack, so you will never know the system is secure, but someday, somebody might run an attack that succeeds, and your system will have been compromised. If it can be compromised, it's not secure. At least, that's my definition.
Okay, but since it is an unknowable quantity it is also completely useless. By that definition all OS's are insecure. How does that help me make decisions?
"More secure" and "less secure" implies that you have some scale on which you put systems, so that one system can be higher on the scale than another. I claim there is no such scale.
Fine, but then the proper response to the question "is it more secure" is not "no." The proper response is "your question makes no sense according my definition of security since nothing can be 'more secure' than anything else."
Is Windows less secure than OS X, because we know more vulnerabilities in the former than in the latter?
According a useful definition, yes. A reasonable assessment of the two indicates that in general use the former is more likely to be compromised than the latter. That's how people make decisions, by using reasonable predictions based upon the current information.
If OS/X or Linux owned the desktop marketshare that Windows does, it still would not improve the behavior of the users and admins. I haven't found an O/S yet that trains people not to do stupid things on their computers.
For OS X, it might not make a big difference. If Linux had the same market share, however, it would also certainly adapt to allow less competent users to safely do what they want. You can't provide a user with a lousy user interface that doesn't bother to tell him when his computer starts sending thousands of spam messages and that makes it nearly impossible to run some random, untrusted software safely, despite that being one of the main he reasons he bought a computer, and expect the user to change. It's not going to happen. OS's need to be made to accommodate the needs of the user safely, not to force users to stop doing what they want to.
When you have behavior like computer users with administrator rights clicking "OK" on the "Install smiley faces now!" pop up
Allow me to explain in how many ways your OS has already failed. It presented an "OK" dialogue, which is worse than useless, not an actual action, and only conditions users to click the meaningless button. Your user doesn't know they have administrator rights, or even what administrator rights are. They should, by default be logging into a less privileged account. Finally, installing some program called "smiley faces" should not compromise a computer or cause it to be able to silently start sending spam messages without the user's explicit approval. By default any new programs not signed and verified as kosher by a trusted certifier should be run with extremely limited access to all system resources and possibly run in a VM.
Once these issues are solved and the user is presented with a dialogue like 'the program 'smiley_faces.exe' is from an unknown and untrusted manufacturer and would like permission to access the internet in a way normally used to send e-mail and would like access to completely control your computer in every way from this point forward. (stop it from completely taking over my computer forever and sending e-mail)(let it do anything it wants from now on and send e-mail)(advanced options)" and the user clicks the button that lets it take control of the computer forever you can again start complaining about user's behavior. Until that time, please direct your disdain at the improperly designed OS that does not deal with the realities of who their users are or what the computing environment is like.
Oh. Maybe then you can fix that wikipedia article..
Why, it looks fine to me. It specifically addresses the user interface and even GUI as part of the OS. Part of a user interface is effectively communicating what is happening to the user. As for giving them the ability to do what they want within it, that is clearly the responsibility of the OS as it is program management as described by that Wikipedia article. I guess I don't understand what your issues are.
Any piece of software attempting to open an outbound connection, particularly to common port like SMTP, needs to flag the fact to the user and explain, in English, what's going on.
Yup. It's the last part that I haven't seen done right. As I see it there are four fundamental chunks to this technology
OS X 10.5 is slated to include at least the first two and I'm hoping for the latter two.
If you define security as the inverse of how much something gets exploited, you're right.
Yeah, that's pretty much how I define security all right.
However, I care about security as in all vulnerabilities, not just the ones that have been found and are actively and widely being exploited, but also the ones that remain to be discovered or the ones that aren't actively being exploited, but could be used by a determined attacker to gain access to my system.
If a vulnerability hasn't been found, it can't be used. If a vulnerability exists in a package, but no one ever finds it, does it make a sound... err make me less secure? Nope. Security by obscurity is a valid type of security, just not an ideal one. If you're looking for a desktop OS that is highly unlikely to be exploited for an average user, OS X is a very good choice. It is a much better choice than Windows. If, however, you're not a typical user and you face an extra high risk of some particular threat, like direct attack by talented hackers trying to get your top secret whatever, then you should consider a system designed to counter that threat. Perhaps SELinux or some other locked down system designed with security as the top priority. Most people don't want to use such a system because it sacrifices a lot of functionality and ease of use to gain that security.
All of this, however, sidesteps the issue being addressed which is, "Is OS X 'more secure'." If you're comparing it to Windows, yes it is for general users. If you're comparing it to Solaris for an application in an environment full of homocidal security experts that hate all macs and will instantly attack any user of such a system physically with Uzi's, then no it is not "more secure." I think it is a bit unreasonable, however, to apply those criteria. In the general case OS X is much more secure than Windows.
It has nothing to do with the OS or security. It's all about market share.
Congratulations. As the 100th person in this thread to repeat this assertion it falls upon you to prove it, or at least provide any support for it, since no one else has.
If OSX had 90% of the home user market as Windows does, then it'd be hit just as hard.
Well, this is a possibility, but since it doesn't have 90% market share, why should I care? It's like saying, "Bob's house is no more secure than mine. The locks were made using almost the same process. His doesn't get broken in as much as mine, just because he doesn't live next to a crack house in Detroit." Umm, great, but for anyone considering a real estate purchase, we don't care so much why it doesn't get broken into, only that it doesn't.
Since OSX is closer to 5% of the market, what is the point in exploiting the vulnerabilities?
Well thousands of crackers would love the bragging rights and to shut the mouths of all those smug Mac users who brag about their security all the time. Also, new worm variants are implementing data mining techniques and there are a lot of credit card numbers and passwords on macs. Finally, if making a mac worm is just as easy as Windows, why not add the exploit to an existing worm and grab that 5% rather than adding another Windows exploit that will likely just duplicate the bots you have now?
No system is perfect.
True.
I am going to laugh at the stupid people that download whatever they want on OSX without fear.
So far, those people have been pretty safe, so why laugh at them? Going forward, it looks like they might remain safe since the new MAC framework in OS X 10.5 will likely make downloading and running even random trojans fairly safe.
Most of the OSX people that I know do not even run antivirus.
Most people in Sweden don't carry a gun everywhere since they're more likely to have an accident with it than do something useful. The same is true with Antivirus on OS X. So far there have been two antivirus programs for the system with serious security holes, and no malware for OS X mitigated by them. If malware becomes a problem, OS X will adapt to solve that problem. That's what happens when the manufacturer is not a monopoly and has money on the line.
It never did.
Sure it did. The "more secure" applies versus Windows though, which is what most people use as the goal post.
First of all, you can't compare security of operating systems, because you can't eliminate bias from your tests.
Select 100 random users of each system and see how much malware they have. It is simple and practical as a real world evaluation.
Secondly, Apple's OS is closed source, which you can never trust.
Lots of software is closed source. Lots of software which is open source is too long and convoluted for any person to properly audit. It's not a matter of trust, just results.
Thirdly, much of the OS is written in unsafe languages (particularly C, C++, and, perhaps, Objective C - I don't know if the last is unsafe), and thus, the statistical probability that it will contain security holes is high.
So? Can you show me an OS where this is not the case? We're talking about "more secure" which is to say relative security.
Finally, I don't think Mac OS X has been so thouroughly scrutinized by security experts as Windows has.
Half of what people think of as the OS, in OS X is both open source and derived from code that has been tested more thoroughly and regularly than Windows. Much of the rest has little room for security holes because it is simply not in any position to cause security problems. OS X is by no means a poster child for a super secure OS, but compared to Windows it is no contest. I know people who have worked at Microsoft and it has given me little or no faith in the thoroughness of their security testing. My understanding is every hole is rated by how serious it is and how many people it effects and more than half of them MS knows about are not even fixed. Apple, on the other hand, has just fixed some holes that affect maybe one in a thousand of their customers and only cause a denial of service then.
OS X is "more secure" than Windows and that's just the way it is. You'd be hard pressed to find an expert that disagrees.
Spyware and Viruses however usually have NOTHING to do with the security of the OS.
Okay, take a deep breath and reread what you wrote. Spyware and viruses are security problems. If the OS does not handle them, then it has not provided ideal security. The OS is responsible for telling users what it is doing and letting them do what they want. If it is sending thousands of e-mails and they don't know, but would like to, it has failed. If they wanted to run a game, but did not want that game to have permission to send e-mail, and the OS did not give them that option, it has failed.
There are just less spyware and viruses for OS X since not as many people use it, thus it is not a primary target.
There isn't as much malware for OS X, but I don't think that matters, fundamentally. That is because if there was as much malware, it still wouldn't be a problem because the OS would deal with it better. Partly this is because the current design is better and partly this is because it would adapt to the threat in response to users. Apple has sales on the line, a lot of them. MS loses little of nothing by not fixing the problem.
Spyware/viruses do not mean the OS is insecure, but that the users of it are.
An OS that is designed to be used by some mythical perfect user in a mythical perfect world and which is not designed for real users in the real world is an insecure failure.
A computer is a tool to let you do things, it is not supposed to do thinking for you.
A tool should be designed for a given skill level and environment so it works properly for most people. You wouldn't design a new blowtorch that superheats the air in lower latitudes and kills everyone when you turn it on. By default, it should behave reasonably and if some freak wants to mess with it, they can. That said, Windows in particular does a terrible job of doing what users expect it to safely. OS X does a better job, partly because the ecosystem in which it operates is different and partly for technical reasons. It does, however, do a good job of working by default for that set of users and ecosystem.
Some really common tasks, like running a random game from a Web page when I'm not sure I can trust it, are really, really, really hard on Windows. Given that so much malware is out there, this should not be the case. The computer does not have to "think for you" in order to sensibly inform the user and give them the choices they need. For example, no program not pre-installed on Windows should be able to read your e-mail address book or send e-mail messages without the user specifically authorizing that behavior. "The program 'Marsblast.exe' would like to read your e-mail addresses and connect to the internet in a way normally used to send e-mail. (Stop it from reading my addresses and sending mail)(let it read my addresses and send mail once)(always let it read my e-mail addresses and send e-mail)(advanced options)." This functionality is not impossible to create and if MS were in a competitive market where they had to give customers what they want, this would have been in Windows 2000.
I thought it was a pretty well-established fact at this point that Mac OS X is considered to be more secure not because it is less vulnerable to attacks, but because it is a less desirable target for attacks.
It's both. Macs don't have the numbers that make botnet operators look to make a worm. They do, however, have a lot of valuable data and make just as nice of control channels as a Linux box somewhere. There are a lot of credit card numbers and the like on Macs. The thing is, they're also a lot harder to get to than on a typical Windows box, so people go for the easy target.
Windows, according to this analogy, would be more like the U.S.: A huge defense system, but every hole in the security matters, because people are actually trying to get through.
Okay, I can see that analogy. And malware is like the Mexican immigrants walking across the border without any problems. It's not in the best economic interests of the US to stop them, just as Microsoft has no real motivation to stop malware. They both like to make noise about it for PR reasons though.
That said, what I really want to know is why big companies like MS and Apple don't explain more fully WHY they aren't releasing patches to known issues.
I think most people don't care. I mean the average Joe says, "they found a hole and fixed it, cool." The security geek already knows the score. So who are they targeting with this info? And what info, exactly do you want?
Is it possible for the Macintosh to have a major security flaw in the Apache Server?
Of course, in fact it has already happened.
If the Macintosh had a major security flaw in Apache, could there be a Code Red style of attack?
It's possible if the exploit was coded before the patch (which is rare in the extreme on OS X). Also, since Apache is not running by default on OS X, it would hit a tiny number of users and most would not care.
Would Apple release a patch to address the flaw in Apache, even though it's not their software per se?
Apple is an Apache contributor and has released security patches in the past. They also can make fixes to the version they ship, which is a little nonstandard as it must deal with Apple's filesystem quirks.
How many users would actually be vulnerable to this exploit?
Hmm, i would be, maybe. I have a Web server on my laptop I run occasionally to test things and sometimes open it up in a coffee shop while collaborating.
If you know the answers to those questions (the real ones, not the projections from Windows users) then you know why Mac users feel invulnerable, even though they're not.
Yeah, I know a lot of Mac users and most certainly don't feel invulnerable. At the same time, however, they don't have any qualms about telling a clueless relative to just get a Mac and not worry about it.
Arnt[sic] most of the "flaws" actually trojans? In which case you have to execute them (and thus give your username and password or do some other action) to even run them and let them do their bad things?
These are potential holes that have been fixed. Some are issues where data (like a font or disk image) despite being just data could execute code. Some are remote holes that could lead to a remote compromise without user interaction. Some are ways to locally or remotely crash something or locally escalate privileges.
As for trojans, they are a serious consideration that should be addressed by the OS, but are not related to this security fix. It looks like 10.5 will include at least the security frameworks needed to mitigate most of them.
What studies ?
There was one at blackhat this year and two at Nanog. There was one at the ISP conference (whose name I forget) Canada last month. Pick up any trade journal and find me a study that doesn't show this.
Not that the default config - the infamous "Administrator by default" - ends up making a huge difference in practical terms.
If that were the only default config, maybe not. It isn't. Combine that with basically no use of the application specific security controls, really lousy UI defaults (hiding extensions anyone?), unneeded services enabled by default, etc. and you have a disaster.
Sure they are. They suffer basically the same problems Windows does only with one or two more dialog boxes in the way.
No they don't. Even if they are as vulnerable to the problems as Windows they don't suffer from them because they are not exploited.
Moreso, if anything, since code executing as root has more power than code executing as "administrator".
How odd. I'm logged into an administrative account right now (on another machine) and it is not a root account.
The primary contributor to the "lack of widespread compromises" on Linux is the relatively tiny number of suitably ignorant users. On OS X, it's the relatively tiny marketshare.
You know, repeating unsupported assertions over and over again doesn't actually lend them any more credibility. You actually have to present support for them, like facts.
"Failing to contain trojans" is what happens when you allow ignorant users the ability to execute arbitrary code.
Failing to contain trojans is what happens when you let the users that exist use Windows. You can argue that the user has failed, but it doesn't matter because so has the OS by not being designed to work properly for said user.
So you're saying OS X won't let users run unsigned code ? Because that's going to be a legacy support cutoff so brutal I don't think even Apple would be game to carry it out.
No, I'm not saying that. I'm saying they ported TrustedBSD's MAC system and combined it in some unspecified way with application signing trust levels. It would be stupid to try to stop users from running unsigned code. It makes a lot of sense to restrict the access of unsigned code by default.
Should be funny watching the anti-Microsoft zealots try and spin mandatory signing of code it as suddenly being a good thing, as well.
It is funny watching some Microsoft fanboy make up shit like "mandatory signing of code" when no one ever even suggested such a thing. Seriously though, you can tell me. Do you get paid to try to spin every failure of MS and Windows as someone else's fault while at the same time always referring to all of the security improvements from everyone else as impossible?
Remote vulnerabilities for Windows - like most platforms - are few, far between and quickly fixed. Indeed, the vulnerabilities behind most high-profile remote exploits for Windows were typically fixed *before* those exploits occurred. A brief cruise around the various "security" sites shows this.
So what? They also account for most infections, since worms and Website exploits affect so many more targets than other malware. Every study I've seen shows this and it is supported by my own data.
I don't believe anyone has said "market share" is the only factor.
Yeah, I think it was "bigger target, more problems" which he showed was not a truism.
The only elaboration of the term "system" comes from... Which seems to be referring to "the system" at a pretty low level by my interpretation.
So what part of "the default security model" did you think did not apply to your argument about the security model? I think it was pretty clear he was referring to default settings of that system.
Of course it is - every platform is.
No it isn't. OS X and Linux desktops both are not seriously flawed as they appear to the average user. This is evidenced by the lack of widespread compromises on said platforms.
That doesn't change the fact that the vast majority of Windows exploits do not originate from coding or security infrastructure flaws.
Buffer overflows are the result of coding flaws. Failing to contain trojans and said overflows is a infrastructure security flaw.
You cannot secure a general-purpose platform where ignorant end users have the ability to run arbitrary code, and have it remain usable.
Well it looks as though Apple will make eat those words with OS X 10.5 which looks to include default mandatory access control settings based upon application signing levels. Care to bet how long it takes most Linux distros to do the same?
If the State is to make an informed decision then it needs to hear the Microsoft argument for sticking with the Office formats.
True... but completely beside the point. Microsoft salespeople and engineers will definitely be presenting information, just like every other vendor looking to sell things to the state. That is completely different from one of their employees being on the state payroll to help make decision about whether or not buy things from their employer. It's like hiring an executive from Colt firearms to sit on the board deciding what the army's next assault rifle will be. It is a blatant conflict of interest. No one on MS's payroll should be part of the decision making body.
Strange. I've never felt the need to run untrusted programs. I'm not sure why you feel that need and I don't.
Probably because either I'm less trusting than you are or because I use my computer differently than you do. I don't know about you but I don't have the time to audit all the code from all the programs I use. I don't have the code for dozens of commercial applications. The average person wants to run programs they don't know if they can trust. Can you trust World of Warcraft? Who is to say? Any OS that requires you to trust all the software you run on top of it, in this software ecosystem, is fatally flawed.
If using MS Word and Windows allows them to do thier jobs quicker and/or do them more efficiently then so be it. But if you want to switch away from it, you'd better be able to PROVE it's all going to be worth it, and frankly I haven't seen that, or believe it.
Government officials evaluated their needs and then made a policy based upon what they felt was best for the state. That was ODF. That is not a special interest. A special interest is when some group or company tries to convince the state to do something. That is not necessarily a good thing or a bad thing, but it is suspect especially when the stated goal of that interest is to make money. Thus MS is a special interest. The ODF format and its external supporters are not.
As for doing things better, allowing people to access government documents without paying a fee is beneficial. Ensuring those documents will be readable in the future is beneficial. Standardizing on a format that allows competitive bids from any and all parties is beneficial. There are all clear benefits of ODF. Standards simply make sense, especially for public applications. If MS wants to be a supplier they should conform to the specifications of the contract as the state stipulated, not try to bribe public officials into changing the contract so that they are the only possible bidder. That is called corruption, whether it is Microsoft or the mob doing it.
The question is, is he still employed by the same lobbyist firm?
It is my understanding that he works for Microsoft directly and is still employed by them as a regional director of PR. I read something about a comment where he would be acting as a private individual not an MS employee for that issue. It seems a clear conflict of interest.
You are right alarm systems are largely useless. However my point is that the deterring factor of an alarm system is the risk of getting caught. It may be rare that police respond however, that small chance adds to the risk.
Alarm systems draw attention that might lead to them being punished. Alarm systems alert both the home/business owner and neighbors increasing the chances one of them will grab a shotgun and come after them. They aren't afraid the police will stop them in most cases.
Just because something is "easy" (picking quality locks is not easy), or can be done doesn't mean people have the skill to do it.
No it doesn't, but usually there is no need. Most burglars just break the lock or door or window. And I taught my girlfriend to pick locks in five minutes. She managed with a little work to easily pick the average outdoor lock on our rental home. Most locks are not that hard to pick. The point, however, is that alarms and locks are deterrents, but not for the reasons you cite. Mostly it is a matter of convenience.
I would really love to see a reference for that study. What I have seen, however is studies that people are far more willing to do crimes when they believe they will not get caught, which is quite different then what you are saying.
I wish I had a handy reference for the one really good study on this I read, but in a pinch the book "Freakonomics" has a study in it that covers the basics of the point pretty well. (And it is a wonderful, quick read anyway. Pick it up.) Basically, most people don't think they will be caught if they try to commit a theft or murder. Adding obvious surveillance equipment is shown to be less effective than a sign that says, "please be honest, don't steal" in preventing theft.
Absolutely, and another correlations is education level. However I have never heard of a correlation between crime/education/wealth and morality. Could it be that when a person is desperate they will risk imprisonment because they have to eat where someone who has a skill wouldn't risk imprisonment? Laws, just as much as morality are at play here.
Local laws, relative punishments, the effectiveness and perceived effectiveness of the police, education, and wealth all show a less direct correlation with theft and violent crime than wealth disparity in the locality. This can be seen within localities and thus normalized for other factors as wealth disparity increases or decreases. The effects, for example, of very progressive inheritance taxes in northern Europe demonstrated a profound affect upon crime rates, even when the money was just collected and had not been used in socialist programs.
There is quite a bit of literature on the subject, particularly if you look at some of the research on corporate psychology. Companies invested a lot of money in the last few decades trying to figure out how to stop employees from robbing them from the inside and while the studies have largely been ignored, the consensus was clear. Don't pay a person's boss an order of magnitude more than them. Don't pay the CEO more than everyone else put together. Treat the employee ethically, and they respond in kind. Treat them in a mercenary fashion and the chances of their robbing the company increase a huge amount. Demonstrate you don't trust them through very restrictive and visible security and they are more, not less likely to steal.
You're pointing out a situation that's particularly difficult on Windows, because Windows was never designed from the start with security in mind.
Well that and because Windows does not change to make common tasks like these easy to do safely. I mean, technically the granularity of control is built in. This is very doable and the user would never need to know in most cases. It just would take a little work and MS has no reason to do it
I've never run any application from a user that I didn't have reason to trust.
Users want to run programs. That's why they got a computer. Users will have different levels of trust for different programs. I've audited the code of about three of the hundreds of applications I run on a regular basis. Some I trust more than others, but if I don't run programs I don't have some distrust for, my computer is a paperweight.
That's really a problem with the limited choice of trustworthy software on Windows, not a problem with Windows's security per se.
I think you have the same, very wrongheaded mindset that MS does. As designer of the monopoly OS everyone uses, MS has a lot of influence on the applications that run on top of it, but they don't have the power to dictate to everyone how they make and sell software. They do have the ability to design their OS to deal with the realities of the market today. The problem is, they don't make Windows easy to use for a normal person doing normal tasks safely. You might as well say, "the real problem is people are malicious and write malware." Sure it is, but there's nothing we can do about that and a hell of a lot that can be done to secure our computers. I blame Microsoft for not taking those steps.
In summary, I assume you now concede that safely performing normal task, given the state of application on Windows, is not akin to knowing how to change your car's oil?
Of course, if I understand you correctly, your point was that International wealth disparity is even greater than that within the US, and therefore, increased globalization results in increased (property) crime. It "makes perfect sense" to me, but I'm having trouble finding the stats to back it up.
Let me clear up a few points. I'm not talking about crime rates. I'm specifically talking about theft and violent crimes. Make drinking beer a crime in Ireland and try to enforce it and it will have the highest crime rate in the world. Since laws are not uniform, we have to limit this to particular crimes.
Also, there are many factors to these crime rates that need to be normalized. For example, are citizens armed? Are drugs criminalized or a health care issue? What is the rate of socialism and job security? What is the rate of employment? All these factors are important and correlate to some degree.
The best studies are usually within a single country or region which is already normalized for the above factors. When wealth disparity changes, what happens to theft and violent crime rates? Studies have pretty well established the correlation in these circumstances. It is a bit of a jump to extrapolate an online community where that is the only interaction, but if you ascribe to the motivational theories I mentioned, you'd predict even higher rates of these crimes based upon wealth disparity between online individuals. As far as I know, there is no data to prove one way or another if those rates are higher since it would require finding a significant number of said criminals and putting together the numbers. It seems to be supported by the evidence so far, but there is not enough of it to claim it as support for the theory.