Is this anything other than an attempt to dis Windows for no other reason than 'Because'?
I think it is a valid issue. There are some files in a CVS module I simply cannot use on Windows because the filesystem chokes when CVS tries to write them in Windows and the rest of the CVS commit is aborted. It is a huge pain in the ass, even though these files do not contain any capital letters. This happens with ever CVS client on Windows, even Cygwin. MS needs to get off their butts and fix this crap once and for all.
No, they go in "/Applications" and "/Library" and one or more users' "~/Library".
Technically, no. The files that go in the Library directories are not programs, but configuration files (data), so tossing an old program and dropping in a new one can easily maintain the same configuration. (With the possible exception of Widgets and Services which may or may not be classified as "programs" but are really better classified as data used to provide application like features via the dashboard and OS).
And buying a gun is a process that takes several weeks and has to be approved by a store manager.
Umm, yeah, not the one time I bought a gun there. Anyway, here are my amusing Walmart/gun anecdotes.
I go into Walmart and pick up a box of.22 bullets. The clerk asks me, "Is that for a pistol or a rifle" (.22 rounds are common in a variety of firearms). I say, "well, both." The cashier tells me he can't sell me the bullets unless I promise not to use them in a pistol, since by store policy (nothing to do with the laws) they won't sell pistol rounds to people under 21. Does this make any sense to anyone? You can only shoot people with rifles or something?
Story number two:
My brother goes in to pick up a.22 rifle he plans to modify. He also buys a box of shells. They give him the shells, but tell him they have to walk him out of the store with the rifle rather than handing it to him "for security reasons." So as they walk out of the store my brother says, "so what is the point? I mean, how does walking me out of the store inhibit me from slapping a clip into it now and walking right back in and shooting everyone?" They demand he stand right where he is and call the cops (he has the gun and ammo at this point). My brother complies and the cops show up. The clerk tells them what he said and the cops go aver and chat with my brother trying to figure out what crime he thinks was committed. I imagine they might have been a little more concerned had my brother not been a cop and known all of the officers that arrived. Still, it is all pointless PR. These ineffective "security" measures do nothing but try to cover their asses should they get hauled into court in a civil suit but is enforced by morons that don't even understand how pointless what they are doing is. It reminds me of the airport.
I can understand why slashdot geeks wouldn't want their DNS servers messed with, I'm among you, however most of the internet users out there aren't nearly as computer literate as we are, and this service I believe would be really good for them.
Most internet users don't know or care what a DNS server is. For this to succeed you need to capture the hearts and minds of the ISPs. Luckily for them, ISPs are very concerned about DNS right now as it is critical, somewhat vulnerable, and they are lacking visibility into it. Unluckily for them, the entrenched players have all started jumping on this and providing real solutions. Why block all requests to a DNS name when legitimate researchers and security people might need to get there? What about when a cracked server that still hosts legitimate content as well? what about when the FQD is a forum with 99% legitimate traffic and 1% worms and phishing?
This solution is a shotgun where a scalpel is needed. Block worm traffic as detected by the DNS request, not all traffic to that domain. Also, contrary to what people seem to be thinking here, the main DNS issue is not worms or phishing (ISPs don't care that much) but they do care about large chunks of their traffic to the DNS servers coming from misconfigured servers repeatedly querying them. Since, in many cases, these servers are their own, blocking them with a fancy, broken DNS server is not the best plan. Redirecting other ISPs' server to an ad a million times a day will not yield any long-term profit (since no person sees them) Rather, fixing their own servers and notifying others/filtering at the peering edge is the way to go. Since ISPs are now able to do that, I foresee a large yawn when operators see OpenDNS (what a misleading name, kind of like OpenXML).
I'm not saying we do have a free market, but surely the best way to get one is not more laws and regulations.
We certainly don't have a free market and in most locations in the US there is a government enforced monopoly, one cable company and one phone company get to run lines in the public right of ways. I have an excellent proof that we don't have a free market. For me to purchase cable broadband access costs $65. For me to purchase cable broadband access bundled with basic cable TV service costs $50. No free market would let this continue, especially for the many years it has.
So what is the solution? Do we change the laws so anyone can run lines anywhere and deal with the hideous mess and less reliable service it will create? Or do we regulate the industry so that in exchange for being government sponsored monopolies granted billions of dollars in tax dollars as subsidies and exempted from many laws as common carriers, we actually force them to act as common carriers and carry whatever data they are handed the same as any other data? Or do we have the government take over the whole net and run it as a public utility, like the highways?
I bet you can guess which one I think is workable.
Quite simply, the telecoms want to control what is sent over their networks. If they want to care about what data is passed over their network, then they need to take full responsibility for that data.
Actually, this is not really correct. Telecos already charge different prices for ensuring the quality of different kinds of traffic. What they want to do now is not look at the content, per se, but at the people who can be extorted from. For example, they don't want to charge more for porn. What they want to do is charge someone who is not one of their customers an added fee for not intentionally degrading the service of someone who is their customer. They don't want to degrade traffic to search engines. They want to threaten to degrade traffic to each individual search engine unless they pay up. Give us a million bucks or we'll make your site so slow for a huge bunch of people that are our customers that they all go to a competitor. Since end users have no choice (because of government enforced geographical monopolies) there is no free market to correct this.
I think it's surprising that there are still people believing MACs are much securer than Windows...[quote from company trying to sell a "security" product for the Mac that basically wastes cycles looking for a handful of signatures for worms that never propagated in the wild]
I don't know if you are trolling, or just very uninformed. OS X has had a few vulnerabilities, but basically no in the wild exploits exploited by malware. That means there have been theoretical holes, but nothing to take advantage of them. Compare this to Window's huge number of both vulnerabilities and exploits actively attacking them.
OS X is not a super secure OS, but it is a full weight class above Windows and on par with other, normal UNIX workstation OSs.
And finally an unpatched Mac OS X bug:
Except it was patched two months ago and no one has yet seen any malware trying to exploit it, unlike the numerous outstanding Windows flaws being actively attacked. You might note Secunia has not bothered to update their page since March
Summary: Everyone who claims Mac OS X is secure...... has no fucking idea what he is talking about or... is a OS X fanboy
Security is relative. OS X is far, far more secure that Windows. It is probably quite a bit less secure than OpenBSD.
Of course at the moment there are far less people targeting OS X with their trojans/viruses/... but this could change.
Sure it could, but then again maybe it won't. It doesn't matter. Unlike MS, Apple does not have a monopoly. That means in order to make money, they have to respond to their customers' desires. If malware becomes a problem, Apple will tighten up the ship and make it more secure. Right now, it isn't an issue and they have been responding pretty rapidly and well. I don't agree with all their tradeoffs, but compared to Windows they shine.
Is OS X's attack surface smaller than Windows? Sure it is. Is it impervious to user stupidity? Absolutely not. No operating system is. Linux and OS X will probably eventually get there, and the complain we'll be hearing instead of M$ is teh fuxxorz will be well, what do you expect? users are stupid!!.
I strongly disagree. You see, there is one fundamental difference between Windows and Mac OS X or Linux. It is not user space, permissions, network services, or better defaults. The difference is, both Linux and OS X adapt to the user's needs. If something is causing poor security to the point where users are frustrated, Apple or IBM or the OS community will respond and fix it. The reason for this is that they have motivation because they use it and need it and their business models rely upon it. Microsoft's monopoly makes them impervious to those pressures, so they don't respond, or if they do it is with glacial slowness.
This post is brought to you courtesy of the 300 million absolutely clueless Windows users who think it's OK to run executables in password-protected ZIP files that arrive in their inboxes with lead-ins such as "hello, teh info yuo requesteded is in the attachments". We can't wait for you to take them away...
Right now, neither Linux, nor OS X has a big problem with this. Sure, it happens, but with nowhere near the frequency as Windows. The demand to fix it on Linux and OS X is still small, compared to Windows. Even so, some Linux distributions have already implemented a solution to this problem, albeit in a fairly rudimentary form.
The proper behavior for the OS in this instance is to run the software the user double clicked on, but not to let it do anything the user would not expect it to be able to. This means, the OS should have clear indications to the user that what they are running is a program, not data. The user may very well assume it is a program that will extract the data. Fine. When the new executable runs, with the user knowing that is what it is, it should still run in a VM or sandbox by default. That means it has no access to the internet, any files it did not create, or any files or directories outside its own dedicated folder/sandbox. It should probably have some access to certain rudimentary services provided by the OS as defaults (like a spell checker and the like).
So what is the malware going to do now? It can't overwrite the registry or cause any damage. It can't propagate. It can't send spam or harvest data. It can't launch a DoS attack. If it tries any of these things the OS will tell the user, in plain English what it is trying to do and ask what the user would like it to allow. "The program 'attachments_for_you' would like to read your e-mail address book. (stop it from reading my addresses)(let it read my addresses this once)(always let it read my addresses)(advanced options)."
You see, most normal people assume computers already do this and if they don't they don't understand why not. Users' inexpert expectations are not being met. Why would you let any old program read all your addresses and send mail without telling the user? It is not that people are stupid, it is just that they are not educated on the matter and computers in general are so poorly made that users need a great deal of information and understanding to use them safely. Expecting them to obtain that level of education is unrealistic. Fix the computers first, then educate users when that education needed is a reasonable amount.
Another thing about this is users have to learn that no matter what they choose, the software will work. If they say yes or no, it does not matter to the program they are running. The VM can hand over the real e-mail addresses or a bunch of dummy ones to the program. Either way, it will run, thus users are not given incentive to take risks.
I know you mean to be comical, but truly you are just demonstrating the obvious truth that OS's deal very poorly with malware.
Any DVR manufacturer that goes along with making a DVR less useful than a VCR is going to suffer in a huge way.
I'm not sure that this is true. In a free market that would happen, but the DVR market is not really a free market anymore. Most users are using a box supplied by their cable provider at below cost to watch programming whose price has been jacked up to compensate. Maybe disabling the fast forward is bad enough that people will pay the jacked up cable fee and full price for a DVR as well (effectively subsidizing the crippled DVR in the process), but I'm by no means certain of that. Expect DVRs provided by the cable company to dominate for the near future due to their monopoly abuse and expect those DVRs to provide the bare minimum amount of functionality needed to keep users from overcoming the price barriers I mentioned. The cable companies would rather no one had DVRs at all, but the best they can swing is to use their monopoly to make sure most are crippled. I'd like to believe that consumers won't stand for this, but I don't.
Without a large number of potential targets, the virus's growth is very slow, and a fix is released before the virus has speread beyone a small number of people.
The most obvious ways around this are cross-platform viruses that affect both Windows and Linux or OS X and/or targeting your worm at a cluster of known users of your victim OS. Both add a level of difficulty, which, combined with the better default configurations and architectural choices make Linux/Mac viruses a non-trivial task, especially for the majority of malware authors who only have skills with the Windows OS.
Hmm. I just realized that this is a potential problem -- a major potential problem -- with the OSX and now Vista (and, I believe, some Linux) GUI security paradigms. We're training people to be ready to enter their administrator passwords whenever they're prompted to.
This comes back to the failure of the OS to inform the user why the software wants the password (what exactly it is doing) and the failure of the OS to provide granular control. VMs may well be the answer to this problem. Building containers into the OS will let the user get what they want, regardless of what the software demands. For example, if Photoshop asks for the root password and access to to absolutely anything to my kernel it wants, a VM allows me to say "no" while the OS tells the Adobe application "yes" within the sandbox. My machine is safe from whatever they want to do, but the software still works.
There is one major caveat to this. Internet access for authentication. There are ways of detecting a VM and developers will demand that they have the ability to phone home for authentication/serial number checking etc. This issue needs to be defanged by the OS providing an official service to each VM by which programs can (with the user's permission) authenticate either on a regular basis or just once and in such a way that it balances the user's interests with the risks. This is a solvable problem, but it really needs someone to take the lead and show everyone the way.
Don't let anyone tell you macs have no malware, it's just not true. from Renepo the rootkit, to php worms that send out spam infecting message boards, to word macro viruses to the recent oompaloompa, they affect macs as badly as they can affect windows.
You are obviously very clueless. There are 60 or more mac workstations here in the office and we have yet to see one piece of malware actually affect any of them. Most are laptops that are outside the firewall regularly. The same is true for pretty much everyone I've ever spoken to and I am right now monitoring a class A for virus propagation signatures, including every piece of mac malware I've ever heard of (including proof of concepts) and there are no recorded matches and two unknowns that are obviously hitting Window's services and are just new variants of the same old crap.
A friend of mine works in a mac shop and often people will come in with bizarre problems with their macs. No networking working, slow networking, random crashes, won't wake properly from sleep. Scanning with an antivirus package shows no viruses, yet a software reinstall fresh from scratch fixes many of those problems. What does that tell you caused the problems?
Umm, corrupted system files or borked permissions most likely.
Some malware running on the machine is what.
I see, but neither you, nor your friend, nor the dozens of antivirus companies out there have ever been able to actually find that malware on the machine, because it is so cleverly hidden, huh? Please. There are a lot of security experts on macs these days and when their machines screw up like you describe, they certainly don't reinstall. They find the problem, whatever it is, even if it means running tools to compare the install to a known good image and checking out each and every difference. If there was malware in the wild causing enough problems for your friend to notice, it would have been found and classified by now. Of all the honeypots and honeynets, and dark IP monitors and IDS's, and other virus monitoring tools, the majority don't care what OS the virus is trying to reach and they certainly would have detected a new worm and it would be big news.
When mac software gets up to scratch in detecting the worms that are out there for macs, that is the only time people will get the truth about maleware infections.
The software out there is fine. There are just not much for it to detect. All your wild assumptions to the contrary aren't going to change that. I hope you are being paid to spread FUD, because otherwise you need to be whacked with a clue-by-four.
If that were true, it would more likely be the Mac's downfall. Why would developers (That is, developers who aren't already developing ON a Mac) port or support their applications for MacOS if Macs can run Windows software.
This depends upon a number of factors. Is the VM environment installed by default? Does it have the same look and feel as OS X or Windows? Is it fast? Does it run graphics at nearly full speed or greatly slowed? What is the market share of the mac after a couple of years of this technology being built in?
The application requirements will simply say "Requires MacOS 10.5 with Virtualization to Run"
Rather, I suspect regardless of whether or not Apple builds this the requirements of many apps will read, "Intel based mac, with OS X 10.5." This is because even if Apple does not build this in, someone is going to leverage the WINE codebase to make quick and dirty ports that will only work on Intel, especially for DirectX games.
Sorry, no. Building virtualization into Macs to run Windows programs would definitely not be a breakthrough.
While you may not foresee good results, it is a breakthrough if they do it. It adds functionality and lets users do more, like run apps that don't currently have mac versions at all, which is a lot of them. If it is built in and very easy to use, then I think Apple is taking a big gamble, that removing this barrier to entry will increase their market share enough so that there will not be a lot of companies dropping their mac versions, since it is a significant market that will gravitate to native, full featured solutions.
No matter what happens, virtualization will be coming to OS X, and I hope Apple builds it and integrates it appropriately to gain all of the advantages it offers. Even if they don't build a VM that runs Windows apps, I hope they build the equivalent of containers for native apps and I hope they build their architecture in such a way that someone else can plug-in Windows emulation/reimplementation for those containers, rather than having to run all Windows apps in one container or suffer serious performance hits.
I'd love to see some of those studies you mentioned. Do you have a link?
Most of them were actually in bound books, rather than on the Web. I think I mentioned "Freakonomics" before as a light read that contains one of the studies I mentioned. Aside from that, there is an author named Mark Johnson I recall reading some good things from. Looking for books on organizational psychology and sociology and the psychology of corporate culture should find you the lion's share of work on the subject.
Wonderful sentiments, but how does this relate to the FBI?
Well, the person doing the actual exploiting was a contractor. You don't get much more of an impersonal, mercenary relationship than that. The person who handed over their account info was reportedly just trying to bypass red tape, which means someone wasn't listening to them and was treating them according to "the rules" instead of as a person who needs something.
Obviously it helps that there haven't been any worms on OS X, but in principle writing OS X viruses isn't technically difficult. Spreading them is.
This is true for all OS's. It is the propagation mechanism(s) that are the hard part. Most malware by infection number is not spread as trojans. Especially, most is not spread as trojans not disguised as data. With Windows, it is easier to disguise a program as data and it is easier to find a remote vulnerability to exploit. As you mentioned, it is also easier to find targets to propagate, but in this day and age of worms with many different propagation techniques built in, it would be easy to add another to attack macs as well as Windows machines, were such a vulnerability easy to find and exploit.
In addition, Microsoft finally appears to be concerned about security, as demonstrated with XP2 and as will probably be demonstrated in Vista.
There is a difference between "concerned" and doing what the hundreds of screaming security experts have been asking you to for ages. XP SP2 still runs RPC on a network port, even when it is a local service. It still runs the Web browser in privileged space. It still hides file extensions by default. Sure they've made a few improvements, but they are merely convenient, minor hacks. The main thing they ahve done is, the same as every other new OS release, announced that this time it is super-duper secure in every paper, interview, and industry rag they can in the hopes that some idiots will believe it this time too. It worked.
the security advantage of OS X is, I suspect, likely to dissipate over time.
That depends upon if Apple stands still on the security front (they don't have a big problem now so they might) or if they move forward and implement some of the new security technologies being pioneered in secure Linux variants, OpenBSD, and Solaris. MS is not quite standing still, but they are close and only grabbing fruit so low hanging it has been rotting on the ground for years. Apple is an unknown quantity.
You haven't once demonstrated that one can effectively script mainstream Mac apps from the Unix commandline -- which is the entire crux of your argument.
I told you how, what more do you want me to ship you a box with some commands in the terminal window for you? Well it is not going to happen. Go try it yourself already if you don't believe me. I'm sure there is a compusa with a mac somewhere in your state.
You want a point by point argument? Here it is: Wrong. Wrong. You don't know what monad is. Wrong. Wrong. Wrong. Wrong.
Brilliant. I'm sure your teachers are proud of you boy. Please go read up on the rhetorical method and then, when you know how to address points like a grown up, come on back and we can have an actual discussion instead of your foolishness.
This is exactly what America needs: something that allows the populace to think even less in their everyday lives. The aversion to expending a little extra effort seems to be a uniquely American thing.
Ever read, "the man who was too lazy to fail" by Heinlen? We should not avoid something because it is less work, when it is wasted work. There are plenty of tasks we can productively use our intellects and time accomplishing. But since you're so concerned with decreased use of the mind, how about instead of wasting all those brain cycles on phenomenally counterproductive and unintuitive spellings, based upon archaic and unused pronunciations of words, we instead learn a simplified spelling and vocabulary for two languages, or maybe think about ways to cure cancer, or some other worthy pursuit.
We invent all of these machines to save us from having to perform manual labor. Then we all get fat and develop health problems from lack of physical activity. So now we pack it into gyms where we run in place, climb fake staircases, and lift heavy pieces of iron up and down for no useful purpose. Mindboggling. Taking mental shortcuts will be just as beneficial.
Physical effort that is useful and mental effort that is useful are different in that the former is bounded by the physical constraints of the world, while the latter is not. Sure we can walk to and from work for a couple miles each way and get the same result while being more useful, but that only works for people in the right range and climate. A lot of people are happy to spend their physical effort learning a useful physical art, playing games, or performing labor for the less fortunate (mowing the lawns of the elderly or building homes with habitat for humanity). Even more would be happy to help people in the third world, if distance permitted.
The mistake I believe you are making, is blaming better ways of doing things on promoting laziness, but it is just not so. Before mechanization people used slaves, or hired help to promote laziness. Before that they lived hunter-gatherer lifestyles and were idle much of the time. It is human nature. Providing freedom from useless tasks will result in many being lazy with that freedom while others put that freedom to good use to think up amazing and wonderful things. The former is no reason to deny freedom to all, after all why would you object to others having the freedom to be idle, unless you have some sort of puritan belief system that says they should not be happy and unhealthy if that is their desire?
This is not a war. You can't have a war on terror, any more than you can have a war on good table manners or abstract thought.
And I'd like to be the first to support this war on good table manners, for the sake of the children. Food fights are needed to relieve stress, provide exercise, prevent overeating, and consume food to help our struggling agricultural sector. For the sake of the children's safety and our economy and the American way of life, please support the ban on good table manners so desperately needed to keep America great. Those who promote "table manners" are replacing our proud, American heritage with French and Jewish styles of eating and it is downright ungodly and un-American!
I appreciate your bringing this struggle to my attention and will write my congresscritter immediately.
Well, it happens here in the US too. There are plenty of stories regading people being put on the 'do not fly' list due to circumstances like this as well.
My personal favorite was Jonathan Linden, better known as Johnny Rotten from the popular punk band, the "Sex Pistols." He was detained because "Linden" is phonetically similar to "Ladin." When you have so many absurd false positives as identifying a British punk rocker as a potential arabic criminal mastermind, the noise is certainly enough to hide real positives. Anyone with any faith in these efforts to stop "terrorism" as anything more than scare tactics designed to win votes, is a moron.
And you can do it from the Windows CLI in hundreds of languages.
Not out of the box and not with the same functionality or versatility. You can't cat and pipe and string regxps and applications easily using the DOS command line. You can do it on a cygwin command line, but not while interacting with Windows applications. Windows simply does not have a full featured shell that allows this as MS themselves admitted when they announced their wonderful new shell environment for Vista, which has since been indefinitely postponed.
If you want to act like a willful ignoramus about this, I don't really care, you're only making yourself look like an idiot.
This type of petty, ad hominem attack does nothing to bolster the credibility of your weak and poorly contrived evasions of my points.
You did, when you brought up the Mac CLI and Cygwin.
Unix is not the only workable command line or way to accomplish the tasks usually performed with it. We're talking about the ability to easily and flexibly script on a platform in such a way that you are interacting with mainstream applications. Windows falls on its face in this particular field, but not because it is not Unix, but because it is not functional.
Automator is a neat end user tool, but it really has nothing to do with all of the other things you're bringing up.
Automator is an alternative way to gain some of the same functionality on the mac, which Windows is lacking.
I have to disagree with the above statement. It makes it sound like your average worker is one bad meeting or one lousy review away from ripping you off. In my experience that's not the case.
That is not what I am saying; so I'll clarify. By maintaining an impersonal and adversarial relationship with employees you are not driving each of them to look for an excuse to rip you off. You are, however, removing the strongest motivation for not doing so. Other motivations, including fear of punishment remain. You end up in a situation where each employee is a mercenary, looking out for their own best interests because they intentionally cut themselves off from personal feelings towards the company or their bosses. They are, furthermore, fully justified in so doing, since they are merely reciprocating that impersonalization.
At this stage most employees look at their own situation and think, "well I'm doing okay, but if I find a better opportunity, I'm gone." Some think, "I could take this place for everything they've got, but I don't want to risk my comfortable life and going to jail." A few, however, are a bit less risk averse or a bit more desperate. Those few think, "I'm going to lose my house and have to move into a little apartment. Maybe I should steal from the database. I probably would never be caught." Or they think, "I'm going to be outsourced in a month and not have a job anyway. The economy is crap. If they don't care that I'm out on the street, why shouldn't I take the credit card database and client list with me. After all, business is business and I can."
Most people I've worked with at least try to act honestly and fairly with others (if I've got enough anecdotes it proves something -- right?).
If you have a good relationship with your workers, this will often be the case. If you trick them into thinking you care about them and will do right by them, this may be the case. The problem is, when you lay off their friend while the CEO takes a a pay raise people realize they are not valued as people. At that point, they are a danger to the company as much as the company is to them. They are adversaries. They may do nothing, but it will cost more to watch them and be sure than it does to do right by all the employees in the first place.
To tweak your point slightly I'd say that there's always a certain small percentage of the workforce that, if given the opportunity, will act unethically in order to achieve some larger (either personal or corporate) goal.
True; however, that percentage grows drastically based upon how employees are treated.
I think the key distinction though is that these employees were already the type of people that would do whatever they could get away with (and they've just seen the bar for "what you can get away with" ascend into the stratosphere) and not your typical office worker.
This is demonstrably not true. Studies have repeatedly shown that the number of employees willing to steal or cheat the company rises greatly the more impersonally these employees are treated. The ethical motivation is the primary motivation that prevents workers from exploiting the company for their own gain. Also, those numbers skyrocket as you move higher in the typical company hierarchy, despite those employees not being treated as poorly as those below them.
The rates of insider theft in other cultures also provide great insight into this social phenomenon.
Right now I work at a company that does treat employees very well. It lets them recruit and retain (in most cases) some of the best people. Free beer in the fridge, no one checking up on your hours, flexible schedules to accommodate personal lives, and attention to each person's career make a huge difference. If an employee does not work out, everyone sits down to figure out why. Then, they are moved to a position that does fit their talents. Often these employees will look for other work that fits them better than our company, but no one is afraid
However, there is no legal justification to large scale theft, regardless of how good Office Space was.
Laws are not a very good way to motivate behavior. The death penalty is not a good deterrent because most killers are either desperate, emotionally driven, or believe they will not be caught anyway. Similarly, threat of punishment is a terribly way to motivate employees to not steal and that is what the laws are really. Don't steal or we'll throw you in jail is not nearly as effective as the ethical motivation of don't steal because you'll be betraying a trust and being a jerk. There have been some great studies and books written on the subject, detailing exactly how well various motivations work.
Regardless of your ethical beliefs, plenty of people feel no guilt whatsoever stealing from people who treat them not as a person, but as a worker. It changes the dynamic of a relationship from one between people to one between two impersonal machines, following predefined rules and policies. If they know you will fire them regardless of what they do and your feelings toward them, when the head office says to lay off 15 people, then they will react by treating you impersonally as well. That means the main motivation for their not stealing from you is gone.
Most good businessmen recognize the value of loyal, dedicated employees. In some places employees have worked without pay or any expectation of it for months to help out a struggling company to whom they are loyal. Unfortunately, most managers and executives these days are not actually interested in the welfare of the company that employs them, They too have an adversarial relationship and that means they will screw over the company's future for short term gains that allow them to move up or get more money. They are expected to regularly move on to other companies anyway and often looked down upon for being content where they are.
As a result, most employees have little loyalty to their company and this sort of theft is commonplace. One particularly interesting study I read was involving petty theft. When presented with an honor system, who steals and who pays and when. Theft rate was effected by holidays, bad weather, and company hierarchies. Theft spiked near the holidays, when the weather was bad, on floors where upper management was quartered. I think that particular study was in the book "Freakonomics." Pick it up if you have any interest.
Is this anything other than an attempt to dis Windows for no other reason than 'Because'?
I think it is a valid issue. There are some files in a CVS module I simply cannot use on Windows because the filesystem chokes when CVS tries to write them in Windows and the rest of the CVS commit is aborted. It is a huge pain in the ass, even though these files do not contain any capital letters. This happens with ever CVS client on Windows, even Cygwin. MS needs to get off their butts and fix this crap once and for all.
No, they go in "/Applications" and "/Library" and one or more users' "~/Library".
Technically, no. The files that go in the Library directories are not programs, but configuration files (data), so tossing an old program and dropping in a new one can easily maintain the same configuration. (With the possible exception of Widgets and Services which may or may not be classified as "programs" but are really better classified as data used to provide application like features via the dashboard and OS).
And buying a gun is a process that takes several weeks and has to be approved by a store manager.
Umm, yeah, not the one time I bought a gun there. Anyway, here are my amusing Walmart/gun anecdotes.
I go into Walmart and pick up a box of .22 bullets. The clerk asks me, "Is that for a pistol or a rifle" (.22 rounds are common in a variety of firearms). I say, "well, both." The cashier tells me he can't sell me the bullets unless I promise not to use them in a pistol, since by store policy (nothing to do with the laws) they won't sell pistol rounds to people under 21. Does this make any sense to anyone? You can only shoot people with rifles or something?
Story number two:
My brother goes in to pick up a .22 rifle he plans to modify. He also buys a box of shells. They give him the shells, but tell him they have to walk him out of the store with the rifle rather than handing it to him "for security reasons." So as they walk out of the store my brother says, "so what is the point? I mean, how does walking me out of the store inhibit me from slapping a clip into it now and walking right back in and shooting everyone?" They demand he stand right where he is and call the cops (he has the gun and ammo at this point). My brother complies and the cops show up. The clerk tells them what he said and the cops go aver and chat with my brother trying to figure out what crime he thinks was committed. I imagine they might have been a little more concerned had my brother not been a cop and known all of the officers that arrived. Still, it is all pointless PR. These ineffective "security" measures do nothing but try to cover their asses should they get hauled into court in a civil suit but is enforced by morons that don't even understand how pointless what they are doing is. It reminds me of the airport.
Linux is case sensitive, the others are not.
Hopefully you meant, OS X is case sensitive, the others are not?
I can understand why slashdot geeks wouldn't want their DNS servers messed with, I'm among you, however most of the internet users out there aren't nearly as computer literate as we are, and this service I believe would be really good for them.
Most internet users don't know or care what a DNS server is. For this to succeed you need to capture the hearts and minds of the ISPs. Luckily for them, ISPs are very concerned about DNS right now as it is critical, somewhat vulnerable, and they are lacking visibility into it. Unluckily for them, the entrenched players have all started jumping on this and providing real solutions. Why block all requests to a DNS name when legitimate researchers and security people might need to get there? What about when a cracked server that still hosts legitimate content as well? what about when the FQD is a forum with 99% legitimate traffic and 1% worms and phishing?
This solution is a shotgun where a scalpel is needed. Block worm traffic as detected by the DNS request, not all traffic to that domain. Also, contrary to what people seem to be thinking here, the main DNS issue is not worms or phishing (ISPs don't care that much) but they do care about large chunks of their traffic to the DNS servers coming from misconfigured servers repeatedly querying them. Since, in many cases, these servers are their own, blocking them with a fancy, broken DNS server is not the best plan. Redirecting other ISPs' server to an ad a million times a day will not yield any long-term profit (since no person sees them) Rather, fixing their own servers and notifying others/filtering at the peering edge is the way to go. Since ISPs are now able to do that, I foresee a large yawn when operators see OpenDNS (what a misleading name, kind of like OpenXML).
I'm not saying we do have a free market, but surely the best way to get one is not more laws and regulations.
We certainly don't have a free market and in most locations in the US there is a government enforced monopoly, one cable company and one phone company get to run lines in the public right of ways. I have an excellent proof that we don't have a free market. For me to purchase cable broadband access costs $65. For me to purchase cable broadband access bundled with basic cable TV service costs $50. No free market would let this continue, especially for the many years it has.
So what is the solution? Do we change the laws so anyone can run lines anywhere and deal with the hideous mess and less reliable service it will create? Or do we regulate the industry so that in exchange for being government sponsored monopolies granted billions of dollars in tax dollars as subsidies and exempted from many laws as common carriers, we actually force them to act as common carriers and carry whatever data they are handed the same as any other data? Or do we have the government take over the whole net and run it as a public utility, like the highways?
I bet you can guess which one I think is workable.
Quite simply, the telecoms want to control what is sent over their networks. If they want to care about what data is passed over their network, then they need to take full responsibility for that data.
Actually, this is not really correct. Telecos already charge different prices for ensuring the quality of different kinds of traffic. What they want to do now is not look at the content, per se, but at the people who can be extorted from. For example, they don't want to charge more for porn. What they want to do is charge someone who is not one of their customers an added fee for not intentionally degrading the service of someone who is their customer. They don't want to degrade traffic to search engines. They want to threaten to degrade traffic to each individual search engine unless they pay up. Give us a million bucks or we'll make your site so slow for a huge bunch of people that are our customers that they all go to a competitor. Since end users have no choice (because of government enforced geographical monopolies) there is no free market to correct this.
I think it's surprising that there are still people believing MACs are much securer than Windows...[quote from company trying to sell a "security" product for the Mac that basically wastes cycles looking for a handful of signatures for worms that never propagated in the wild]
I don't know if you are trolling, or just very uninformed. OS X has had a few vulnerabilities, but basically no in the wild exploits exploited by malware. That means there have been theoretical holes, but nothing to take advantage of them. Compare this to Window's huge number of both vulnerabilities and exploits actively attacking them.
OS X is not a super secure OS, but it is a full weight class above Windows and on par with other, normal UNIX workstation OSs.
And finally an unpatched Mac OS X bug:
Except it was patched two months ago and no one has yet seen any malware trying to exploit it, unlike the numerous outstanding Windows flaws being actively attacked. You might note Secunia has not bothered to update their page since March
Summary: Everyone who claims Mac OS X is secure ... ... has no fucking idea what he is talking about or ... is a OS X fanboy
Security is relative. OS X is far, far more secure that Windows. It is probably quite a bit less secure than OpenBSD.
Of course at the moment there are far less people targeting OS X with their trojans/viruses/... but this could change.
Sure it could, but then again maybe it won't. It doesn't matter. Unlike MS, Apple does not have a monopoly. That means in order to make money, they have to respond to their customers' desires. If malware becomes a problem, Apple will tighten up the ship and make it more secure. Right now, it isn't an issue and they have been responding pretty rapidly and well. I don't agree with all their tradeoffs, but compared to Windows they shine.
Is OS X's attack surface smaller than Windows? Sure it is. Is it impervious to user stupidity? Absolutely not. No operating system is. Linux and OS X will probably eventually get there, and the complain we'll be hearing instead of M$ is teh fuxxorz will be well, what do you expect? users are stupid!!.
I strongly disagree. You see, there is one fundamental difference between Windows and Mac OS X or Linux. It is not user space, permissions, network services, or better defaults. The difference is, both Linux and OS X adapt to the user's needs. If something is causing poor security to the point where users are frustrated, Apple or IBM or the OS community will respond and fix it. The reason for this is that they have motivation because they use it and need it and their business models rely upon it. Microsoft's monopoly makes them impervious to those pressures, so they don't respond, or if they do it is with glacial slowness.
This post is brought to you courtesy of the 300 million absolutely clueless Windows users who think it's OK to run executables in password-protected ZIP files that arrive in their inboxes with lead-ins such as "hello, teh info yuo requesteded is in the attachments". We can't wait for you to take them away...
Right now, neither Linux, nor OS X has a big problem with this. Sure, it happens, but with nowhere near the frequency as Windows. The demand to fix it on Linux and OS X is still small, compared to Windows. Even so, some Linux distributions have already implemented a solution to this problem, albeit in a fairly rudimentary form.
The proper behavior for the OS in this instance is to run the software the user double clicked on, but not to let it do anything the user would not expect it to be able to. This means, the OS should have clear indications to the user that what they are running is a program, not data. The user may very well assume it is a program that will extract the data. Fine. When the new executable runs, with the user knowing that is what it is, it should still run in a VM or sandbox by default. That means it has no access to the internet, any files it did not create, or any files or directories outside its own dedicated folder/sandbox. It should probably have some access to certain rudimentary services provided by the OS as defaults (like a spell checker and the like).
So what is the malware going to do now? It can't overwrite the registry or cause any damage. It can't propagate. It can't send spam or harvest data. It can't launch a DoS attack. If it tries any of these things the OS will tell the user, in plain English what it is trying to do and ask what the user would like it to allow. "The program 'attachments_for_you' would like to read your e-mail address book. (stop it from reading my addresses)(let it read my addresses this once)(always let it read my addresses)(advanced options)."
You see, most normal people assume computers already do this and if they don't they don't understand why not. Users' inexpert expectations are not being met. Why would you let any old program read all your addresses and send mail without telling the user? It is not that people are stupid, it is just that they are not educated on the matter and computers in general are so poorly made that users need a great deal of information and understanding to use them safely. Expecting them to obtain that level of education is unrealistic. Fix the computers first, then educate users when that education needed is a reasonable amount.
Another thing about this is users have to learn that no matter what they choose, the software will work. If they say yes or no, it does not matter to the program they are running. The VM can hand over the real e-mail addresses or a bunch of dummy ones to the program. Either way, it will run, thus users are not given incentive to take risks.
I know you mean to be comical, but truly you are just demonstrating the obvious truth that OS's deal very poorly with malware.
It is my contention that if malware becom
Any DVR manufacturer that goes along with making a DVR less useful than a VCR is going to suffer in a huge way.
I'm not sure that this is true. In a free market that would happen, but the DVR market is not really a free market anymore. Most users are using a box supplied by their cable provider at below cost to watch programming whose price has been jacked up to compensate. Maybe disabling the fast forward is bad enough that people will pay the jacked up cable fee and full price for a DVR as well (effectively subsidizing the crippled DVR in the process), but I'm by no means certain of that. Expect DVRs provided by the cable company to dominate for the near future due to their monopoly abuse and expect those DVRs to provide the bare minimum amount of functionality needed to keep users from overcoming the price barriers I mentioned. The cable companies would rather no one had DVRs at all, but the best they can swing is to use their monopoly to make sure most are crippled. I'd like to believe that consumers won't stand for this, but I don't.
Without a large number of potential targets, the virus's growth is very slow, and a fix is released before the virus has speread beyone a small number of people.
The most obvious ways around this are cross-platform viruses that affect both Windows and Linux or OS X and/or targeting your worm at a cluster of known users of your victim OS. Both add a level of difficulty, which, combined with the better default configurations and architectural choices make Linux/Mac viruses a non-trivial task, especially for the majority of malware authors who only have skills with the Windows OS.
Hmm. I just realized that this is a potential problem -- a major potential problem -- with the OSX and now Vista (and, I believe, some Linux) GUI security paradigms. We're training people to be ready to enter their administrator passwords whenever they're prompted to.
This comes back to the failure of the OS to inform the user why the software wants the password (what exactly it is doing) and the failure of the OS to provide granular control. VMs may well be the answer to this problem. Building containers into the OS will let the user get what they want, regardless of what the software demands. For example, if Photoshop asks for the root password and access to to absolutely anything to my kernel it wants, a VM allows me to say "no" while the OS tells the Adobe application "yes" within the sandbox. My machine is safe from whatever they want to do, but the software still works.
There is one major caveat to this. Internet access for authentication. There are ways of detecting a VM and developers will demand that they have the ability to phone home for authentication/serial number checking etc. This issue needs to be defanged by the OS providing an official service to each VM by which programs can (with the user's permission) authenticate either on a regular basis or just once and in such a way that it balances the user's interests with the risks. This is a solvable problem, but it really needs someone to take the lead and show everyone the way.
Don't let anyone tell you macs have no malware, it's just not true. from Renepo the rootkit, to php worms that send out spam infecting message boards, to word macro viruses to the recent oompaloompa, they affect macs as badly as they can affect windows.
You are obviously very clueless. There are 60 or more mac workstations here in the office and we have yet to see one piece of malware actually affect any of them. Most are laptops that are outside the firewall regularly. The same is true for pretty much everyone I've ever spoken to and I am right now monitoring a class A for virus propagation signatures, including every piece of mac malware I've ever heard of (including proof of concepts) and there are no recorded matches and two unknowns that are obviously hitting Window's services and are just new variants of the same old crap.
A friend of mine works in a mac shop and often people will come in with bizarre problems with their macs. No networking working, slow networking, random crashes, won't wake properly from sleep. Scanning with an antivirus package shows no viruses, yet a software reinstall fresh from scratch fixes many of those problems. What does that tell you caused the problems?
Umm, corrupted system files or borked permissions most likely.
Some malware running on the machine is what.
I see, but neither you, nor your friend, nor the dozens of antivirus companies out there have ever been able to actually find that malware on the machine, because it is so cleverly hidden, huh? Please. There are a lot of security experts on macs these days and when their machines screw up like you describe, they certainly don't reinstall. They find the problem, whatever it is, even if it means running tools to compare the install to a known good image and checking out each and every difference. If there was malware in the wild causing enough problems for your friend to notice, it would have been found and classified by now. Of all the honeypots and honeynets, and dark IP monitors and IDS's, and other virus monitoring tools, the majority don't care what OS the virus is trying to reach and they certainly would have detected a new worm and it would be big news.
When mac software gets up to scratch in detecting the worms that are out there for macs, that is the only time people will get the truth about maleware infections.
The software out there is fine. There are just not much for it to detect. All your wild assumptions to the contrary aren't going to change that. I hope you are being paid to spread FUD, because otherwise you need to be whacked with a clue-by-four.
If that were true, it would more likely be the Mac's downfall. Why would developers (That is, developers who aren't already developing ON a Mac) port or support their applications for MacOS if Macs can run Windows software.
This depends upon a number of factors. Is the VM environment installed by default? Does it have the same look and feel as OS X or Windows? Is it fast? Does it run graphics at nearly full speed or greatly slowed? What is the market share of the mac after a couple of years of this technology being built in?
The application requirements will simply say "Requires MacOS 10.5 with Virtualization to Run"
Rather, I suspect regardless of whether or not Apple builds this the requirements of many apps will read, "Intel based mac, with OS X 10.5." This is because even if Apple does not build this in, someone is going to leverage the WINE codebase to make quick and dirty ports that will only work on Intel, especially for DirectX games.
Sorry, no. Building virtualization into Macs to run Windows programs would definitely not be a breakthrough.
While you may not foresee good results, it is a breakthrough if they do it. It adds functionality and lets users do more, like run apps that don't currently have mac versions at all, which is a lot of them. If it is built in and very easy to use, then I think Apple is taking a big gamble, that removing this barrier to entry will increase their market share enough so that there will not be a lot of companies dropping their mac versions, since it is a significant market that will gravitate to native, full featured solutions.
No matter what happens, virtualization will be coming to OS X, and I hope Apple builds it and integrates it appropriately to gain all of the advantages it offers. Even if they don't build a VM that runs Windows apps, I hope they build the equivalent of containers for native apps and I hope they build their architecture in such a way that someone else can plug-in Windows emulation/reimplementation for those containers, rather than having to run all Windows apps in one container or suffer serious performance hits.
I'd love to see some of those studies you mentioned. Do you have a link?
Most of them were actually in bound books, rather than on the Web. I think I mentioned "Freakonomics" before as a light read that contains one of the studies I mentioned. Aside from that, there is an author named Mark Johnson I recall reading some good things from. Looking for books on organizational psychology and sociology and the psychology of corporate culture should find you the lion's share of work on the subject.
Wonderful sentiments, but how does this relate to the FBI?
Well, the person doing the actual exploiting was a contractor. You don't get much more of an impersonal, mercenary relationship than that. The person who handed over their account info was reportedly just trying to bypass red tape, which means someone wasn't listening to them and was treating them according to "the rules" instead of as a person who needs something.
Obviously it helps that there haven't been any worms on OS X, but in principle writing OS X viruses isn't technically difficult. Spreading them is.
This is true for all OS's. It is the propagation mechanism(s) that are the hard part. Most malware by infection number is not spread as trojans. Especially, most is not spread as trojans not disguised as data. With Windows, it is easier to disguise a program as data and it is easier to find a remote vulnerability to exploit. As you mentioned, it is also easier to find targets to propagate, but in this day and age of worms with many different propagation techniques built in, it would be easy to add another to attack macs as well as Windows machines, were such a vulnerability easy to find and exploit.
In addition, Microsoft finally appears to be concerned about security, as demonstrated with XP2 and as will probably be demonstrated in Vista.
There is a difference between "concerned" and doing what the hundreds of screaming security experts have been asking you to for ages. XP SP2 still runs RPC on a network port, even when it is a local service. It still runs the Web browser in privileged space. It still hides file extensions by default. Sure they've made a few improvements, but they are merely convenient, minor hacks. The main thing they ahve done is, the same as every other new OS release, announced that this time it is super-duper secure in every paper, interview, and industry rag they can in the hopes that some idiots will believe it this time too. It worked.
the security advantage of OS X is, I suspect, likely to dissipate over time.
That depends upon if Apple stands still on the security front (they don't have a big problem now so they might) or if they move forward and implement some of the new security technologies being pioneered in secure Linux variants, OpenBSD, and Solaris. MS is not quite standing still, but they are close and only grabbing fruit so low hanging it has been rotting on the ground for years. Apple is an unknown quantity.
You haven't once demonstrated that one can effectively script mainstream Mac apps from the Unix commandline -- which is the entire crux of your argument.
I told you how, what more do you want me to ship you a box with some commands in the terminal window for you? Well it is not going to happen. Go try it yourself already if you don't believe me. I'm sure there is a compusa with a mac somewhere in your state.
You want a point by point argument? Here it is: Wrong. Wrong. You don't know what monad is. Wrong. Wrong. Wrong. Wrong.
Brilliant. I'm sure your teachers are proud of you boy. Please go read up on the rhetorical method and then, when you know how to address points like a grown up, come on back and we can have an actual discussion instead of your foolishness.
This is exactly what America needs: something that allows the populace to think even less in their everyday lives. The aversion to expending a little extra effort seems to be a uniquely American thing.
Ever read, "the man who was too lazy to fail" by Heinlen? We should not avoid something because it is less work, when it is wasted work. There are plenty of tasks we can productively use our intellects and time accomplishing. But since you're so concerned with decreased use of the mind, how about instead of wasting all those brain cycles on phenomenally counterproductive and unintuitive spellings, based upon archaic and unused pronunciations of words, we instead learn a simplified spelling and vocabulary for two languages, or maybe think about ways to cure cancer, or some other worthy pursuit.
We invent all of these machines to save us from having to perform manual labor. Then we all get fat and develop health problems from lack of physical activity. So now we pack it into gyms where we run in place, climb fake staircases, and lift heavy pieces of iron up and down for no useful purpose. Mindboggling. Taking mental shortcuts will be just as beneficial.
Physical effort that is useful and mental effort that is useful are different in that the former is bounded by the physical constraints of the world, while the latter is not. Sure we can walk to and from work for a couple miles each way and get the same result while being more useful, but that only works for people in the right range and climate. A lot of people are happy to spend their physical effort learning a useful physical art, playing games, or performing labor for the less fortunate (mowing the lawns of the elderly or building homes with habitat for humanity). Even more would be happy to help people in the third world, if distance permitted.
The mistake I believe you are making, is blaming better ways of doing things on promoting laziness, but it is just not so. Before mechanization people used slaves, or hired help to promote laziness. Before that they lived hunter-gatherer lifestyles and were idle much of the time. It is human nature. Providing freedom from useless tasks will result in many being lazy with that freedom while others put that freedom to good use to think up amazing and wonderful things. The former is no reason to deny freedom to all, after all why would you object to others having the freedom to be idle, unless you have some sort of puritan belief system that says they should not be happy and unhealthy if that is their desire?
This is not a war. You can't have a war on terror, any more than you can have a war on good table manners or abstract thought.
And I'd like to be the first to support this war on good table manners, for the sake of the children. Food fights are needed to relieve stress, provide exercise, prevent overeating, and consume food to help our struggling agricultural sector. For the sake of the children's safety and our economy and the American way of life, please support the ban on good table manners so desperately needed to keep America great. Those who promote "table manners" are replacing our proud, American heritage with French and Jewish styles of eating and it is downright ungodly and un-American!
I appreciate your bringing this struggle to my attention and will write my congresscritter immediately.
Y wuld a punker kare aboot speeling? And me a whisky an we can go kick sum strate edgers!
Well, it happens here in the US too. There are plenty of stories regading people being put on the 'do not fly' list due to circumstances like this as well.
My personal favorite was Jonathan Linden, better known as Johnny Rotten from the popular punk band, the "Sex Pistols." He was detained because "Linden" is phonetically similar to "Ladin." When you have so many absurd false positives as identifying a British punk rocker as a potential arabic criminal mastermind, the noise is certainly enough to hide real positives. Anyone with any faith in these efforts to stop "terrorism" as anything more than scare tactics designed to win votes, is a moron.
And you can do it from the Windows CLI in hundreds of languages.
Not out of the box and not with the same functionality or versatility. You can't cat and pipe and string regxps and applications easily using the DOS command line. You can do it on a cygwin command line, but not while interacting with Windows applications. Windows simply does not have a full featured shell that allows this as MS themselves admitted when they announced their wonderful new shell environment for Vista, which has since been indefinitely postponed.
If you want to act like a willful ignoramus about this, I don't really care, you're only making yourself look like an idiot.
This type of petty, ad hominem attack does nothing to bolster the credibility of your weak and poorly contrived evasions of my points.
You did, when you brought up the Mac CLI and Cygwin.
Unix is not the only workable command line or way to accomplish the tasks usually performed with it. We're talking about the ability to easily and flexibly script on a platform in such a way that you are interacting with mainstream applications. Windows falls on its face in this particular field, but not because it is not Unix, but because it is not functional.
Automator is a neat end user tool, but it really has nothing to do with all of the other things you're bringing up.
Automator is an alternative way to gain some of the same functionality on the mac, which Windows is lacking.
I have to disagree with the above statement. It makes it sound like your average worker is one bad meeting or one lousy review away from ripping you off. In my experience that's not the case.
That is not what I am saying; so I'll clarify. By maintaining an impersonal and adversarial relationship with employees you are not driving each of them to look for an excuse to rip you off. You are, however, removing the strongest motivation for not doing so. Other motivations, including fear of punishment remain. You end up in a situation where each employee is a mercenary, looking out for their own best interests because they intentionally cut themselves off from personal feelings towards the company or their bosses. They are, furthermore, fully justified in so doing, since they are merely reciprocating that impersonalization.
At this stage most employees look at their own situation and think, "well I'm doing okay, but if I find a better opportunity, I'm gone." Some think, "I could take this place for everything they've got, but I don't want to risk my comfortable life and going to jail." A few, however, are a bit less risk averse or a bit more desperate. Those few think, "I'm going to lose my house and have to move into a little apartment. Maybe I should steal from the database. I probably would never be caught." Or they think, "I'm going to be outsourced in a month and not have a job anyway. The economy is crap. If they don't care that I'm out on the street, why shouldn't I take the credit card database and client list with me. After all, business is business and I can."
Most people I've worked with at least try to act honestly and fairly with others (if I've got enough anecdotes it proves something -- right?).
If you have a good relationship with your workers, this will often be the case. If you trick them into thinking you care about them and will do right by them, this may be the case. The problem is, when you lay off their friend while the CEO takes a a pay raise people realize they are not valued as people. At that point, they are a danger to the company as much as the company is to them. They are adversaries. They may do nothing, but it will cost more to watch them and be sure than it does to do right by all the employees in the first place.
To tweak your point slightly I'd say that there's always a certain small percentage of the workforce that, if given the opportunity, will act unethically in order to achieve some larger (either personal or corporate) goal.
True; however, that percentage grows drastically based upon how employees are treated.
I think the key distinction though is that these employees were already the type of people that would do whatever they could get away with (and they've just seen the bar for "what you can get away with" ascend into the stratosphere) and not your typical office worker.
This is demonstrably not true. Studies have repeatedly shown that the number of employees willing to steal or cheat the company rises greatly the more impersonally these employees are treated. The ethical motivation is the primary motivation that prevents workers from exploiting the company for their own gain. Also, those numbers skyrocket as you move higher in the typical company hierarchy, despite those employees not being treated as poorly as those below them.
The rates of insider theft in other cultures also provide great insight into this social phenomenon.
Right now I work at a company that does treat employees very well. It lets them recruit and retain (in most cases) some of the best people. Free beer in the fridge, no one checking up on your hours, flexible schedules to accommodate personal lives, and attention to each person's career make a huge difference. If an employee does not work out, everyone sits down to figure out why. Then, they are moved to a position that does fit their talents. Often these employees will look for other work that fits them better than our company, but no one is afraid
However, there is no legal justification to large scale theft, regardless of how good Office Space was.
Laws are not a very good way to motivate behavior. The death penalty is not a good deterrent because most killers are either desperate, emotionally driven, or believe they will not be caught anyway. Similarly, threat of punishment is a terribly way to motivate employees to not steal and that is what the laws are really. Don't steal or we'll throw you in jail is not nearly as effective as the ethical motivation of don't steal because you'll be betraying a trust and being a jerk. There have been some great studies and books written on the subject, detailing exactly how well various motivations work.
Regardless of your ethical beliefs, plenty of people feel no guilt whatsoever stealing from people who treat them not as a person, but as a worker. It changes the dynamic of a relationship from one between people to one between two impersonal machines, following predefined rules and policies. If they know you will fire them regardless of what they do and your feelings toward them, when the head office says to lay off 15 people, then they will react by treating you impersonally as well. That means the main motivation for their not stealing from you is gone.
Most good businessmen recognize the value of loyal, dedicated employees. In some places employees have worked without pay or any expectation of it for months to help out a struggling company to whom they are loyal. Unfortunately, most managers and executives these days are not actually interested in the welfare of the company that employs them, They too have an adversarial relationship and that means they will screw over the company's future for short term gains that allow them to move up or get more money. They are expected to regularly move on to other companies anyway and often looked down upon for being content where they are.
As a result, most employees have little loyalty to their company and this sort of theft is commonplace. One particularly interesting study I read was involving petty theft. When presented with an honor system, who steals and who pays and when. Theft rate was effected by holidays, bad weather, and company hierarchies. Theft spiked near the holidays, when the weather was bad, on floors where upper management was quartered. I think that particular study was in the book "Freakonomics." Pick it up if you have any interest.