You jest, but this is a decent point; while the thought of a web-app that can use more than 4GB of RAM at once is frightening, it's not terribly unlikely that browsers will start moving to x64 in the next few years. IE is already available in both architectures, and I think Firefox is too. Konqueror definitely is. Not sure about Safari or Chrome, and I don't think Opera is. Nonetheless, 64-bit is the direction of the future.
Speaking of which, there are still Itaniums out there being sold and used. Admittedly they're being sold and used for servers, which really ought not run a web browser if they can help it, but IE, most likely Konqueror, and probably Firefox (and probably at least a few other browsers) all have Itanium ports.
Why not use google's javascript engine. Isn't it the fastest? Open source too...
Actually, it looks like Opera is *still* faster than Chrome, even the nightly builds. Consider the data on this page (last updated a week or so ago). Yes, it's focused on IE9, but MS has no reason at all to try and make Opera look better than it is. http://ie.microsoft.com/testdrive/benchmarks/SunSpider/Default.html
It's also worth considering that both Chrome (via WebKit) and Firefox have come from even older beginnings. Konqueror, and KHTML, is probably not as old as Netscape and Gecko, but neither modern browser (Firefox or Chrome) is using an engine that was created from scratch.
Admittedly it's not even in beta yet, but I think you sorely misunderstand the improvements that IE9's JavaScript engine has made. It's more accurate to say that it's clawing with Safari for 3th place, and as of the most recent preview it's winning. Firefox has been left far, far behind. Opera and Chrome are still ahead, but it's down to less than 100ms difference between IE9 and Opera 10.6.
Maybe even IE9, if it doesn't skew the Y-scale too much.
Last I checked, IE9 was faster than Firefox 4 beta by a substantial margin, and has in fact also passed Safari 5 (WebKit-based, of course). Chrome and Opera are still very slightly ahead, but not by much.
KDE 4.x already available on Windows, and probably on OS X as well (never tried). The first ports of Konqueror were pretty weak, but these days it works nicely enough. I wouldn't call it a must-have program on Windows, but if you like the KDE apps (ark, kate, and amorak are some others that I like) then you can get them from http://windows.kde.org/ (it includes a package manager for updating, which is really nice). It looks like the current version is KDE 4.4.0.
Dammit, now I'm feeling bizarrely tempted to write a IE plugin that contains emacs. I have no idea why I'd want to do this; I don't even really like emacs. The idea is truly bizarrely compelling, though.
I know that IronPython was originally started outside of MS, and is an open-source project. I suspect the same is true of IronRuby. I very much doubt that these projects are going to simply die just because MS has reduced the people working on them internally. They might get a little less assistance, but I wouldn't even count on that; maybe it simply wasn't necessary to have that many people.
Visual Studio 2010 uses managed code, including C#, quite extensively. I've heard that Windows Media Center is almost entirely C#. The vast majority of Microsoft development jobs seem to want managed code experience.
Oh, also: if you're interested in a highly customizable browser, Konqueror can run on Windows these days. It's not a small install footprint (KDE base libraries are required) and it still has some quirks to iron out, but it works as a day-to-day browser.
Are these supposed to convince me that what he did was valuable? I've visited Alaska. It's a beautiful area. However, I really don't care whether or not it's part of the US. It could have been its own country, or part of Canada, or part of Russia for all I care. As a state, it consumes far more federal money than it provides. It's a huge blob of very under-developed land with almost no population and numerous little villages that can't be reached by land, where it's an open secret that the owner of the store beats his wife (but nobody cares). I'd visit again, but I have no desire to live there, and I *love* the outdoors. I'm just having a hard time understanding why Alaska being part of the USA is something I'm supposed to commend this guy for.
Oh please, knowing nothing at all except that he flew during the war, you're willing to give him a free pass on everything else he did? You'll even inject the adverb "bravely" as though you have even the slightest inkling of what his service was like. Mabe he shot down 20 enemy planes coming to bomb allied cities, or maybe he flew one combat mission, accidentally bombed a library full of schoolkids instead of the military target he was supposed to hit, got scared, made up some bullshit reason, and fled back to base abandoning his wingmates. Maybe he never flew combat at all - doesn't mean that he didn't contribute, but it does mean that what he did could hardly be described as "brave. Perhaps, given his predilection for corruption and feeding at the public trough, he was a supply pilot who pocketed some portion of every flight he made to sell on the black market, denying those supplies to people on the front line. Did he even volunteer, or was he drafted?
I have no evidence one way or the other on any of the above, but I'm not going to give him a free pass on anything. At best, he might have done something to counter-balance the harm he did later in life. At worst, he might have exemplified the worst of the American military and avoided a military prison only due to political influence and undeserved wealth. I will judge him as I saw him, based on what I know. The fact that he apparently served in the military (no surprise, given his age) gets him a very, very small bit of respect, but nearly enough to compensate for what I *know* he did.
On the other hand, I'm at least partially agreeing with you; I too could care less (a whole lot less, in fact) about his politics, his pork projects, his corruption, his attempt to block net neutrality, and those other things he has done. In fact, without knowing more, I almost couldn't care less. Seriously, even if the rest of your post were completely valid and not arguable, you'd have looked like an idiot for using that expression form anyhow.
My university (UW Seattle, not exactly a small or unknown school) apparently requires OS X for the DXArts courses. I didn't take them, but I have a friend who did, and he was not amused by the price of the new computer he was expected to buy in order to pursue his intended major.
This was 4 years ago and he changed majors within two years, so I don't actually recall exactly why, but the class specifically required a Mac running specific software (don't know if there was a Windows version or an OSS clone of that software, you had to have it and it had to be on a Mac).
Sure. Short version: you're wrong; it's about *relative* install base, i.e market share. For the TL:DR folks, read the last line.
Malware is business. It's about making money. A good install base doesn't mean much when the other option has 9x the install base. Windows (6.0 and up) is now harder to exploit than OS X, but it's not that much harder (and over half of Windows installs are still pre-version-6, usually run as Admin, and less likely to be fully patched). Until it is, it's generally just not worth the malware author's time to go after the less popular target.
It's all about the return on investment. ROI = (N * V) - C, where N is the number of machines you compromise C is the cost to develop and deploy the malware V is the value of each compromised machine (essentially identical between OS X and Windows, from the malware author's perspective).
Taking V out of the equation as a constant, ROI is a function of N and C. Lets say you have 10M vulnerable computers, either OS X or Windows (ignore Linux and all for this) that you can exploit before the vulnerability gets patched. The current market share breakdown will be about 1M running OS X and 9M running Windows (all versions). Since we're targeting all versions of Windows, it's going to be a really expansive exploit - gotta get around DEP and ASLR and the different included software versions... let's say it costs you $5M to develop this exploit (given what I've heard of the prices a Windows exploit can get on the black market, this sounds about right). Now, let's suppose that you randomly wander across a major vulnerability in OS X's PDF Preview app, and your total cost to weaponize it is a measly $10K. Suppose V is about $1.00 either way (which is incredibly low, you could make that back in a few days selling it as a node in DDoS attacks; a bit of spyware or adware will net you several times that per target).
For Windows: ROI = (9M * $1) - $5M = $4M For OS X: ROI = (1M * $1) - $10K = $990K
End result: paying 500x as much to compromise 9x as many machines it totally worth it when we are talking about *millions* of computers.
I realize this may seem like sacrilege on/. but IE8 plus an extension called IE7Pro (which despite its name works great on 8) gives Firefox a good run for its money. It's actually more secure in some important ways (sandboxing, ASLR), includes ad-blocking out of the box (set the registry key to enable InPrivate Filtering on every startup) and Flash filtering (under the Flash add-on options, delete the Use on sites: *.* then you can manually add sites when they request it) and while its JS engine is weak compared to Firefox, it works fine on 99.9 percent of the sites I've seen (Acid3 being pretty much the other 0.1%). Plus, call me weird but I actually find its Accelerators feature handy, and feel its tabbed browsing is a lot better than Firefox's.
IE7Pro ( http://ie7pro.com/ ) gives you more ad-block and flash-block options, spell checking, a download manager, user agent switching, customizable mouse gestures and keyboard shortcuts, fast proxy switching, pre-fetching options, GreaseMonkey-style user scripts, and a lot more.
Firefox still wins on JS and HTML5, but I find the advantages worth it.
This is exactly why UAC exists... if you're not running an OS with UAC, your OS is at least 7 years old since its last major update (and I doubt you're running Server 2003). Maybe you should upgrade to an OS with a modern featureset, including security features (ASLR, for example) that are completely unavailable on your current OS?
NEWS: Mozilla today announced that they were also going to be adding the automatic silent updater to Linux builds. Slashdot reader Crock23A was quoted as asking "I wonder how they're going to get around the fact that only root can write to/bin, a substantially annoying feature of Linux.
Seriously, people like you are what's wrong with computer security in the world today. There will always be bugs in code, that's inevitable. It takes true stupidity to think that running with full permissions is a good idea.
In answer to your question, there are plenty of ways to fix this. The simplest are to install to a user-writable location, or to modify the ACLs on the install location so that it is user-writable. This isn't exactly rocket science, people.
Is there any particular reason a Nuclear Lightbulb (gas-core engine using uranium hexafluoride) design has to *stay* sci-fi? This seems like the kind of thing that is eminently practical (no inherent problems of "we just have no way of doing that"). I'm not a physicist, so I'm probably missing something here... why *doesn't* this idea get more effort behind it?
Something very cool that might be possible to build with that kind of mass: practical-sized spacecraft with new engines that are either incapable or cannot legally be used for launching from the surface. Examples include VASIMR (a plasma rocket, far more powerful than modern ion drives but also capable of long-term thrust, but mass-intensive and not capable of lifting its own mass into orbit) or a Project Orion-style nuclear pulse rocket (requires a truly absurd mass for the pusher plate and shock absorbers to smooth out the thrust from the blast wave, but capable of capable of putting out more than 1G of acceleration with a reasonable design. Unfortunately, it would violate the nuclear test ban treaty).
For that matter, even if we just launched more conventional spacecraft, this engine could be a great basic launch platform for defeating the steepest part of the gravity well. Imagine multiple smaller craft (that still have full fuel tanks) taking off to pursue independent missions once in orbit.
I'm sure if we develop that kind of lift capacity, or even get close enough that there's some confidence it *will* get developed, people will come up with all kinds of uses. For example, how many flights would it have taken to put the current mass of the ISS into orbit? How about it's complete design mass?
No surprise, but... holy shit, I cannot conceive of why you'd want to use an IMAP client *without* those features. I mean, I switched *off* of Thunderbird specifically because it lacked instant full-text search (there are a few other things I didn't like, but that was the deal-breaker). If you want to get me to come back, and to recommend it to others, you need to provide that feature in a functional way. In the meantime, Outlook works just fine for me. Admittedly, it doesn't cost me anything and I spend 90%+ of my time on Windows now due to work, so that may not be the solution for everybody.
The PS3 *had* the ability to run other OSes (Linux), even though you were locked out of the GPU. That was good enough for most people. I don't know if you read the relevant threads on here or not, but people are mightily pissed about that feature being removed.
The Xbox 360 has an officially supported channel for homebrew software. It's free to develop (assuming you have a copy of Windows) and I think it's $100/year if you want to publish via MS. It doesn't give full control over the hardware; you're limited to a subset of C# (in particular, no unsafe code), but you do get hardware acceleration.
The Wii is in the same constant flux of exploits being found, homebrew being installed, and the manufacturer cracking down via patches. It's earned its fair share of complaints too.
All that said, it's worth noting that the use cases for a game console and a smartphone are very different. A game console is designed to do one thing as well as possible: play games. Everything else it can do, even stuff like play movies, is secondary to that goal. Generally speaking, people buy them for this purpose. Smartphones, on the other hand, are marketed as hand-held always-connected devices that are brimming with apps - i.e. they're marketed as small computers which happen to be able to make phone calls too. The success of the iPod Touch, which is just an iPhone without the phone (and bears no resemblance to an iPod; it's a PDA/Internet tablet with a with a name that meets Apple's coolness guidelines) shows what it really is about: the computer in your hand, not the making calls or listening to music.
Don't get me wrong, consoles being more open would be great. However, on a console the main things that more openness gets you is cheating and piracy (this has been fairly well demonstrated in the Xbox's history). Smartphones get some app piracy, of course, but they also benefit a lot more from unrestricted development.
(Sorry to reply to myself, but the second line - the 5.6% crash rate and 61 exploitable bugs - is in Apple's Preview app. I also got the factor wrong (it's closer to 60x as many crashes). Sorry, I really need to stop posting on/. at work; I'm too distracted to double-check before hitting Submit.
Found that in a casual glance down a completely unrelated story (on browser privacy). Is there any malware that is actively exploiting a genuine 0-day in OS X at present? I don't know, but I wouldn't count the possibility out.
Not only is it native, it's really, really insecure. A security researcher named Charlie Miller wrote a 5-line Python script to generate fuzzed (slightly corrupted) PDF files from valid templates. He created roughly 2.8 million of these, and then ran them through Apple's Preview program, and through Adobe Reader. His findings:
0.09% crash rate on Reader, and 4 exploitable bugs found. 5.6% crash rate (52x as many), and 61 exploitable bugs found (15x as many). When your security is more than an order of magnitude worse than Adobe's, you've got a major problem.
By the way, this is the guy who won an iPhone at Pwn2Own. He's presented at CanSecWest and Blackhat, and possibly elsewhere. He knows his stuff.
Slashdot Mirror
You jest, but this is a decent point; while the thought of a web-app that can use more than 4GB of RAM at once is frightening, it's not terribly unlikely that browsers will start moving to x64 in the next few years. IE is already available in both architectures, and I think Firefox is too. Konqueror definitely is. Not sure about Safari or Chrome, and I don't think Opera is. Nonetheless, 64-bit is the direction of the future.
Speaking of which, there are still Itaniums out there being sold and used. Admittedly they're being sold and used for servers, which really ought not run a web browser if they can help it, but IE, most likely Konqueror, and probably Firefox (and probably at least a few other browsers) all have Itanium ports.
Why not use google's javascript engine. Isn't it the fastest? Open source too...
Actually, it looks like Opera is *still* faster than Chrome, even the nightly builds. Consider the data on this page (last updated a week or so ago). Yes, it's focused on IE9, but MS has no reason at all to try and make Opera look better than it is. http://ie.microsoft.com/testdrive/benchmarks/SunSpider/Default.html
It's also worth considering that both Chrome (via WebKit) and Firefox have come from even older beginnings. Konqueror, and KHTML, is probably not as old as Netscape and Gecko, but neither modern browser (Firefox or Chrome) is using an engine that was created from scratch.
Admittedly it's not even in beta yet, but I think you sorely misunderstand the improvements that IE9's JavaScript engine has made. It's more accurate to say that it's clawing with Safari for 3th place, and as of the most recent preview it's winning. Firefox has been left far, far behind. Opera and Chrome are still ahead, but it's down to less than 100ms difference between IE9 and Opera 10.6.
Maybe even IE9, if it doesn't skew the Y-scale too much.
Last I checked, IE9 was faster than Firefox 4 beta by a substantial margin, and has in fact also passed Safari 5 (WebKit-based, of course). Chrome and Opera are still very slightly ahead, but not by much.
http://ie.microsoft.com/testdrive/benchmarks/SunSpider/Default.html
KDE 4.x already available on Windows, and probably on OS X as well (never tried). The first ports of Konqueror were pretty weak, but these days it works nicely enough. I wouldn't call it a must-have program on Windows, but if you like the KDE apps (ark, kate, and amorak are some others that I like) then you can get them from http://windows.kde.org/ (it includes a package manager for updating, which is really nice). It looks like the current version is KDE 4.4.0.
Dammit, now I'm feeling bizarrely tempted to write a IE plugin that contains emacs. I have no idea why I'd want to do this; I don't even really like emacs. The idea is truly bizarrely compelling, though.
I know that IronPython was originally started outside of MS, and is an open-source project. I suspect the same is true of IronRuby. I very much doubt that these projects are going to simply die just because MS has reduced the people working on them internally. They might get a little less assistance, but I wouldn't even count on that; maybe it simply wasn't necessary to have that many people.
Visual Studio 2010 uses managed code, including C#, quite extensively.
I've heard that Windows Media Center is almost entirely C#.
The vast majority of Microsoft development jobs seem to want managed code experience.
Oh, also: if you're interested in a highly customizable browser, Konqueror can run on Windows these days. It's not a small install footprint (KDE base libraries are required) and it still has some quirks to iron out, but it works as a day-to-day browser.
Not sure about other browsers, but this was fixed over a month ago with the latest version of Flash if you're running IE8.
Are these supposed to convince me that what he did was valuable? I've visited Alaska. It's a beautiful area. However, I really don't care whether or not it's part of the US. It could have been its own country, or part of Canada, or part of Russia for all I care. As a state, it consumes far more federal money than it provides. It's a huge blob of very under-developed land with almost no population and numerous little villages that can't be reached by land, where it's an open secret that the owner of the store beats his wife (but nobody cares). I'd visit again, but I have no desire to live there, and I *love* the outdoors. I'm just having a hard time understanding why Alaska being part of the USA is something I'm supposed to commend this guy for.
Oh please, knowing nothing at all except that he flew during the war, you're willing to give him a free pass on everything else he did? You'll even inject the adverb "bravely" as though you have even the slightest inkling of what his service was like. Mabe he shot down 20 enemy planes coming to bomb allied cities, or maybe he flew one combat mission, accidentally bombed a library full of schoolkids instead of the military target he was supposed to hit, got scared, made up some bullshit reason, and fled back to base abandoning his wingmates. Maybe he never flew combat at all - doesn't mean that he didn't contribute, but it does mean that what he did could hardly be described as "brave. Perhaps, given his predilection for corruption and feeding at the public trough, he was a supply pilot who pocketed some portion of every flight he made to sell on the black market, denying those supplies to people on the front line. Did he even volunteer, or was he drafted?
I have no evidence one way or the other on any of the above, but I'm not going to give him a free pass on anything. At best, he might have done something to counter-balance the harm he did later in life. At worst, he might have exemplified the worst of the American military and avoided a military prison only due to political influence and undeserved wealth. I will judge him as I saw him, based on what I know. The fact that he apparently served in the military (no surprise, given his age) gets him a very, very small bit of respect, but nearly enough to compensate for what I *know* he did.
On the other hand, I'm at least partially agreeing with you; I too could care less (a whole lot less, in fact) about his politics, his pork projects, his corruption, his attempt to block net neutrality, and those other things he has done. In fact, without knowing more, I almost couldn't care less. Seriously, even if the rest of your post were completely valid and not arguable, you'd have looked like an idiot for using that expression form anyhow.
My university (UW Seattle, not exactly a small or unknown school) apparently requires OS X for the DXArts courses. I didn't take them, but I have a friend who did, and he was not amused by the price of the new computer he was expected to buy in order to pursue his intended major.
This was 4 years ago and he changed majors within two years, so I don't actually recall exactly why, but the class specifically required a Mac running specific software (don't know if there was a Windows version or an OSS clone of that software, you had to have it and it had to be on a Mac).
Sure. Short version: you're wrong; it's about *relative* install base, i.e market share. For the TL:DR folks, read the last line.
Malware is business. It's about making money. A good install base doesn't mean much when the other option has 9x the install base. Windows (6.0 and up) is now harder to exploit than OS X, but it's not that much harder (and over half of Windows installs are still pre-version-6, usually run as Admin, and less likely to be fully patched). Until it is, it's generally just not worth the malware author's time to go after the less popular target.
It's all about the return on investment. ROI = (N * V) - C, where
N is the number of machines you compromise
C is the cost to develop and deploy the malware
V is the value of each compromised machine (essentially identical between OS X and Windows, from the malware author's perspective).
Taking V out of the equation as a constant, ROI is a function of N and C. Lets say you have 10M vulnerable computers, either OS X or Windows (ignore Linux and all for this) that you can exploit before the vulnerability gets patched. The current market share breakdown will be about 1M running OS X and 9M running Windows (all versions). Since we're targeting all versions of Windows, it's going to be a really expansive exploit - gotta get around DEP and ASLR and the different included software versions... let's say it costs you $5M to develop this exploit (given what I've heard of the prices a Windows exploit can get on the black market, this sounds about right). Now, let's suppose that you randomly wander across a major vulnerability in OS X's PDF Preview app, and your total cost to weaponize it is a measly $10K. Suppose V is about $1.00 either way (which is incredibly low, you could make that back in a few days selling it as a node in DDoS attacks; a bit of spyware or adware will net you several times that per target).
For Windows: ROI = (9M * $1) - $5M = $4M
For OS X: ROI = (1M * $1) - $10K = $990K
End result: paying 500x as much to compromise 9x as many machines it totally worth it when we are talking about *millions* of computers.
I realize this may seem like sacrilege on /. but IE8 plus an extension called IE7Pro (which despite its name works great on 8) gives Firefox a good run for its money. It's actually more secure in some important ways (sandboxing, ASLR), includes ad-blocking out of the box (set the registry key to enable InPrivate Filtering on every startup) and Flash filtering (under the Flash add-on options, delete the Use on sites: *.* then you can manually add sites when they request it) and while its JS engine is weak compared to Firefox, it works fine on 99.9 percent of the sites I've seen (Acid3 being pretty much the other 0.1%). Plus, call me weird but I actually find its Accelerators feature handy, and feel its tabbed browsing is a lot better than Firefox's.
IE7Pro ( http://ie7pro.com/ ) gives you more ad-block and flash-block options, spell checking, a download manager, user agent switching, customizable mouse gestures and keyboard shortcuts, fast proxy switching, pre-fetching options, GreaseMonkey-style user scripts, and a lot more.
Firefox still wins on JS and HTML5, but I find the advantages worth it.
This is exactly why UAC exists... if you're not running an OS with UAC, your OS is at least 7 years old since its last major update (and I doubt you're running Server 2003). Maybe you should upgrade to an OS with a modern featureset, including security features (ASLR, for example) that are completely unavailable on your current OS?
NEWS: Mozilla today announced that they were also going to be adding the automatic silent updater to Linux builds. /bin, a substantially annoying feature of Linux.
Slashdot reader Crock23A was quoted as asking "I wonder how they're going to get around the fact that only root can write to
Seriously, people like you are what's wrong with computer security in the world today. There will always be bugs in code, that's inevitable. It takes true stupidity to think that running with full permissions is a good idea.
In answer to your question, there are plenty of ways to fix this. The simplest are to install to a user-writable location, or to modify the ACLs on the install location so that it is user-writable. This isn't exactly rocket science, people.
Is there any particular reason a Nuclear Lightbulb (gas-core engine using uranium hexafluoride) design has to *stay* sci-fi? This seems like the kind of thing that is eminently practical (no inherent problems of "we just have no way of doing that"). I'm not a physicist, so I'm probably missing something here... why *doesn't* this idea get more effort behind it?
Something very cool that might be possible to build with that kind of mass: practical-sized spacecraft with new engines that are either incapable or cannot legally be used for launching from the surface. Examples include VASIMR (a plasma rocket, far more powerful than modern ion drives but also capable of long-term thrust, but mass-intensive and not capable of lifting its own mass into orbit) or a Project Orion-style nuclear pulse rocket (requires a truly absurd mass for the pusher plate and shock absorbers to smooth out the thrust from the blast wave, but capable of capable of putting out more than 1G of acceleration with a reasonable design. Unfortunately, it would violate the nuclear test ban treaty).
For that matter, even if we just launched more conventional spacecraft, this engine could be a great basic launch platform for defeating the steepest part of the gravity well. Imagine multiple smaller craft (that still have full fuel tanks) taking off to pursue independent missions once in orbit.
I'm sure if we develop that kind of lift capacity, or even get close enough that there's some confidence it *will* get developed, people will come up with all kinds of uses. For example, how many flights would it have taken to put the current mass of the ISS into orbit? How about it's complete design mass?
No surprise, but... holy shit, I cannot conceive of why you'd want to use an IMAP client *without* those features. I mean, I switched *off* of Thunderbird specifically because it lacked instant full-text search (there are a few other things I didn't like, but that was the deal-breaker). If you want to get me to come back, and to recommend it to others, you need to provide that feature in a functional way. In the meantime, Outlook works just fine for me. Admittedly, it doesn't cost me anything and I spend 90%+ of my time on Windows now due to work, so that may not be the solution for everybody.
The PS3 *had* the ability to run other OSes (Linux), even though you were locked out of the GPU. That was good enough for most people. I don't know if you read the relevant threads on here or not, but people are mightily pissed about that feature being removed.
The Xbox 360 has an officially supported channel for homebrew software. It's free to develop (assuming you have a copy of Windows) and I think it's $100/year if you want to publish via MS. It doesn't give full control over the hardware; you're limited to a subset of C# (in particular, no unsafe code), but you do get hardware acceleration.
The Wii is in the same constant flux of exploits being found, homebrew being installed, and the manufacturer cracking down via patches. It's earned its fair share of complaints too.
All that said, it's worth noting that the use cases for a game console and a smartphone are very different. A game console is designed to do one thing as well as possible: play games. Everything else it can do, even stuff like play movies, is secondary to that goal. Generally speaking, people buy them for this purpose. Smartphones, on the other hand, are marketed as hand-held always-connected devices that are brimming with apps - i.e. they're marketed as small computers which happen to be able to make phone calls too. The success of the iPod Touch, which is just an iPhone without the phone (and bears no resemblance to an iPod; it's a PDA/Internet tablet with a with a name that meets Apple's coolness guidelines) shows what it really is about: the computer in your hand, not the making calls or listening to music.
Don't get me wrong, consoles being more open would be great. However, on a console the main things that more openness gets you is cheating and piracy (this has been fairly well demonstrated in the Xbox's history). Smartphones get some app piracy, of course, but they also benefit a lot more from unrestricted development.
(Sorry to reply to myself, but the second line - the 5.6% crash rate and 61 exploitable bugs - is in Apple's Preview app. I also got the factor wrong (it's closer to 60x as many crashes). Sorry, I really need to stop posting on /. at work; I'm too distracted to double-check before hitting Submit.
For sufficiently loose definitions of "virus" (i.e. any malware, which is what most users mean) there actually is some in the wild at present.
http://www.intego.com/news/osx-opinionspy-spyware-installed-by-freely-distributed-mac-applications.asp
http://blog.intego.com/2009/06/19/new-rsplug-trojan-horse-variant-found-on-game-sites/
Found that in a casual glance down a completely unrelated story (on browser privacy). Is there any malware that is actively exploiting a genuine 0-day in OS X at present? I don't know, but I wouldn't count the possibility out.
Not only is it native, it's really, really insecure. A security researcher named Charlie Miller wrote a 5-line Python script to generate fuzzed (slightly corrupted) PDF files from valid templates. He created roughly 2.8 million of these, and then ran them through Apple's Preview program, and through Adobe Reader. His findings:
0.09% crash rate on Reader, and 4 exploitable bugs found.
5.6% crash rate (52x as many), and 61 exploitable bugs found (15x as many).
When your security is more than an order of magnitude worse than Adobe's, you've got a major problem.
By the way, this is the guy who won an iPhone at Pwn2Own. He's presented at CanSecWest and Blackhat, and possibly elsewhere. He knows his stuff.