quote: In the real world Mac's have a firmly entrenched reputation for security, mostly because actual existing malicious security problems occur on another platform.
quote: In the real world it is extremely unlikely that there is going to be a magic moment, magic event or turning point which will somehow demolish the brand reputation Apple has.
quote: But MS are learning, little by little and have made some progress in their AV software, but now its Apples turn. They shouldn't be blind to the fact that the need to be more responsive to possible threats the more market share they get.
quote: No one can have missed the commotion caused by Microsoft Windows of late. It began with the announcement by Google that they'd been hacked by China. Then the revelation that way too many Google computers were running Windows and way too many of them were running the intergalactically shunned IE6 web browser, bane of web designers and security consultants everywhere.
quote: Here's what's important to understand: if a Windows system bottoms out in a BSOD, then there's something very wrong at kernel level.
quote: Windows programmers like to talk about processor ring levels. Intel processors have different so-called rings. The Intel processors run code at different levels and keep track of where they are at all times. Apple computers of today use Intel processors too, so the concept is applicable on Mac OS X as well.
quote: Mac OS X is a variation on a vanilla Unix theme. All the important system files are locked away and out of bounds to ordinary users. Take a look yourself.
quote: So take the time now to pay a visit to the other side of town. See how the poor unfortunate live. The recent issues with Windows BSODs have to do with a rootkit that seems to have spread to a lot of computers. What's a rootkit?
quote: The most powerful file attribute in MS-DOS is the 'read-only' attribute. With this attribute set, applications can't write to files. But because MS-DOS is a single user system, anyone - any process - can remove this attribute on a whim.
quote: Unix systems have several ways to achieve this, such as su ('substitute user') and the even more effective sudo ('substitute user and do'). Users need not log in to Unix systems with the root account but can temporarily escalate to root status provided they are able to supply the proper credentials.
quote: Windows doesn't have a good way to do this. Windows doesn't have a secure way to do this. Windows doesn't have a viable counterpart at all.
quote: Watching those Windows fools panic everytime there's a catastrophe can be infuriating or frustrating or enervating. But sitting on a secure system where none of this ever applies has to elicit a smile. Slashdot had a huge thread on the topic the other day. Some of the quotes there are precious. Precious few contain any helpful insights. But they're all extraordinarily amusing.
quote: In past jobs I left my workstation on 24/7 and would always find it at the login screen after a set of updates along with the stupid balloon about how Windows happily restarted itself for me once I was logged in. My user account was centrally managed with limited privileges of course. And since the company had no IT person pushing out updates, MS was doing all of the work.So yes EVEN IF you're only logged in as a LUA, Windows will still perform the updates and reboot itself. If you decide to shut down, Windows will apply the updates without any privilege escalation, even as a limited user (and you'll get the 'do not turn off or unplug your computer' warnings).
quote: windows xp: control panel -> automatic updates. Here you can turn off automatic updates.
quote: All the world has gone Unix except the boys in Seattle and there is a reason for that.
quote: system preferences -> software update, check "check for updates" and set a schedule, check download updates automatically. It might not "install" them with out your authorization ".
quote: I've never heard of any virus/hacker exploiting the windows update system.
quote: If it is structurally possible in an OS to escalate permissions to the level where software can be actively installed and run on your system without your permission