Thinking of my next PC upgrade being not so PC.

[RTHolmes]

In punishment we duct-taped a sign that said "I 'heart' Windows" to him and made him wear it for an entire day.

my OSX admin mate will definately be hearing about this  

[Skuzzy]

agreed, although I'm not sure what you're contradicting

You were talking about Apple being used for security reason by all those companies.  My point being, whether or not it is Apple or Microsoft or UNIX, those companies always will find a way to render any inherent security moot.

agreed, that's what I was hinting at with my quote. Plus MS "donate" on a massive scale, our civil service and health service in the UK will be fubar for years because Bill got friendly with Blair a few years back.

Yes Microsoft does donate software, but I am not aware of them ever donating hardware.  The hardware either preexisted or was purchased.  That may not always be the case as I do not keep a thumb on MS.

I'm sure they do, I was thinking more of university research depts than kids with computers.

Yes, the research departments is an area where Apple will donate huge amounts of hardware and software.

The whole crux of what I was saying is based off your claim Apple is chosen, by all those companies and institutions, for security reasons.  It simply is not the case.  Most companies, that chose Apple, do so for other reasons based on Apples marketing.  Or they got it for free from Apple.

Anyone claiming to buy an Apple computer for security reasons is inept or lazy or both.  Buy any computer for what it can do for you.  Then go from there.

[Vulcan]

... and with a MS OS you do it steves way.

glad you turned up to give us your impartial advice vulcan, we needed reminding that all windows users are security and OS experts, whereas all mac users are idiots.

so how long exactly have you been using, owning and administering macs? I asked you this before, never got an answer though ...

I've worked in an organisation with a large proportion of mac's for over 6 years now. I work along side mac enterpriserver engineers.

As for the MS OS comment, apple is far from innovative. I can look back and X Windows and Amigas OS and point out many of the 'innovations' apple have claimed to bring to market.

Yes mac users can be idiots, as I pointed out as windows users can be. Windows users have a safety net though, mac users don't. Spot the apple fanboi LOL.

[Vulcan]

Chase uses an Apple infrastructure, and yesterday their claims dept was "dead in the water" for a couple of hours from their system failing. ANY system is vulnerable to failure. Let me clarify, I'm not saying that OSX is more vulnerable from a system standpoint. It may indeed be more secure, I'm saying it's more vulnerable from a USER standpoint. In other words, the "I have a Mac, I'm bulletproof" mentality that seems to run rampant is the problem. I watched one guy run around our college accusing each of our CCNA class of messing with his Mac when he left it alone. It was working properly, it's a Mac, therefore we must have done something to it. First of all, we're specializing in Cisco systems, go to the Security guys, go accuse them. Second, why the hell did you leave it alone on the first place? His answer: It's a Mac, you can't break in; my answer: A pawn shop will still take it. We told him his OS was probably corrupt, go get it checked out. He denied that up and down till he took it in. His OS was corrupt.

I've seen a similar thing. The last release of Snow Leopard has some wierd DNS bugs in it (especially when used with an OSX Server). Because I'm the firewall guy everything got blamed on the network, because the sun shines out steves **** and apple can do no wrong. Til we threw some DNS settings that pointed... ironically... to our Windows AD Controller for DNS and everything worked.

RTholmes you can stick your head in the sand all you like about the security. Proof in the pudding is that there is an operation mac botnet.

I'm not anti mac, I've used many OS's over the years, my favourite being Amiga Workbench (which OS X is shaping to look a lot like). I'm anti the mac cult which seems to be isolated from reality.

[RTHolmes]

Proof in the pudding is that there is an operation mac botnet.

you're quite right, there is. and since OSX is less secure than any MS OS, by deduction there must have never been any botnets operational on MS systems.

[RTHolmes]

The whole crux of what I was saying is based off your claim Apple is chosen, by all those companies and institutions, for security reasons.  It simply is not the case.  Most companies, that chose Apple, do so for other reasons based on Apples marketing.  Or they got it for free from Apple.

I didnt say that companies chose apple stuff simply because its the most secure product on the market, companies obviously chose their os and hardware vendors for a wide range of different reasons. MadHatter suggested that OSX isnt used for any mission-critical applications, I was supplying examples of where they are and some reasons for the choices. I mentioned security because none of those institutions that chose apple stuff consider them to be such a massive security problem (like some here) that they ruled them out.



edit for vulcan:

Apple Inc CEO Steve Jobs
Microsoft CEO Steve Balmer
see what I did there?

[Vulcan]

you're quite right, there is. and since OSX is less secure than any MS OS, by deduction there must have never been any botnets operational on MS systems.

As I stated earlier, there are stupid people in both camps. If there weren't, I'd be out of a job

[Vulcan]

edit for vulcan:

Apple Inc CEO Steve Jobs
Microsoft CEO Steve Balmer
see what I did there?

Ahh ok. Well Steve Balmer doesn't tell me what hardware I should use, or prevent me from customizing my system in ways I like (too the extent of having Windows XP looking like an X-Windows or OS X gui).

Wait til the App Store hits the market for the desktops, then you'll be squealing

[MrRiplEy[H]]

As I stated earlier, there are stupid people in both camps. If there weren't, I'd be out of a job

The difference is that Windows is riddled with hundreds of remote exploits that require no user interaction and IMO that's about as bad as it gets. I remember making the mistake of plugging my box directly into a cablemodem while installing XP. Took 15 seconds to get infected during the first boot without moving a finger on my part.

When I reinstalled cable unplugged and went back firewalled I did a scan. About 2000 infiltration attempts a minute, all from infected windows machines doing active portscans. Imagine what kind of stress that alone puts to the network and how much they mess up with our ping times.

[MrRiplEy[H]]

Ahh ok. Well Steve Balmer doesn't tell me what hardware I should use, or prevent me from customizing my system in ways I like

And by doing so customers stay happy since they have no mysterious hardware incompatibility problems or malfunctioning software. Everything has to sides to it.

[Vulcan]

The difference is that Windows is riddled with hundreds of remote exploits that require no user interaction

No, malware on windows requires user interaction, same as OS X. To pick up a virus from a network segment you'd have to have enabled file sharing with open rights or something equally stupid. Good anti-virus also mitigates this risk.

OS X annually has many many exploitable bugs, until recently nobody has bothered as the market share for apple has been insignificant. Now the malware people are looking at apple users as easy pickings as they typically have no AV software. Why do you need AV Software? Because there is a lag between exploit and the patch, and apple are notorious for keeping quiet about these and being slow to patch (whereas microsoft are quick to respond due to bad press they get).

So you plugged an unpatched XP box with no AV directly into the net and got infected - if anything that proves my comment about users.

So, let me re-iterate, the same methodology requiring user interaction on OS X malware is used to infect Windows systems. Malware does not rely on exploits to infect systems, it relies on social engineering. OS X users have no AV safety net, windows users usually do. It wasn't even until 2009 that Safari got phishing protection of any kind.

As for the hardware comment, bollocks. I see this problem with mac's all the time - it may be what the sell you but it sure ain't reality. Want your 3G card to work with a Mac? Gotta install the 3rd party driver. Want your Mopier to work with your Mac? Gotta install the 3rd party driver.

In the last few years I've seen more Mac's brown screen than I've seen PC's blue screen. Mac's are nice, but they have their share of problems (look at Snow Leopard for that LOL).

[MrRiplEy[H]]

No, malware on windows requires user interaction, same as OS X. To pick up a virus from a network segment you'd have to have enabled file sharing with open rights or something equally stupid. Good anti-virus also mitigates this risk.

That's just plain wrong. IE is so embedded in the system that you can get totally owned simply by visiting a website. Same thing can happen with remote exploits where worms use system level weaknesses to infiltrate the box through net. It's a far cry from requiring to trick a user to actually install something - not that this kind of exploits are by the hundreds for Windows too.

OS X annually has many many exploitable bugs, until recently nobody has bothered as the market share for apple has been insignificant. Now the malware people are looking at apple users as easy pickings as they typically have no AV software. Why do you need AV Software? Because there is a lag between exploit and the patch, and apple are notorious for keeping quiet about these and being slow to patch (whereas microsoft are quick to respond due to bad press they get).

Yes nobody has bothered which is why the situation is infinitely better for the time being. Walk in the park opposed to battlefield where you're constantly under death threat.

So you plugged an unpatched XP box with no AV directly into the net and got infected - if anything that proves my comment about users.

Yep at that time I didn't know the cable modem wasn't using NAT and the network was full of port scans. Was quite a shock to find out really. Not my fault though, the system has inherent flaws that enabled this to happen.

So, let me re-iterate, the same methodology requiring user interaction on OS X malware is used to infect Windows systems. Malware does not rely on exploits to infect systems, it relies on social engineering. OS X users have no AV safety net, windows users usually do. It wasn't even until 2009 that Safari got phishing protection of any kind.

Windows has worms, viruses, trojans, rootkits and browser add-on malware. OSX has trojans in the wild which most are patched against in snow leopard. Trojans spread through warez sites which I don't use. According to ClamXav for example there are no active viruses in the wild targeting OSX at the moment. True or not it can be said with absolute certainty that you're about a thousand times more likely to encounter a windows exploit instead of a mac one. In fact the danger on windows is so big that even commercial hardware drivers have been released with embedded viruses. One example being TomTom GPS navigators that got a virus slipped in the installation CD-Rom.

As for the hardware comment, bollocks. I see this problem with mac's all the time - it may be what the sell you but it sure ain't reality. Want your 3G card to work with a Mac? Gotta install the 3rd party driver. Want your Mopier to work with your Mac? Gotta install the 3rd party driver.

So essentially you're not realizing the difference between plug-in external hardware and OEM hardware? Interesting. We were indeed discussing about the configuration of the actual computer not peripherals.

In the last few years I've seen more Mac's brown screen than I've seen PC's blue screen. Mac's are nice, but they have their share of problems (look at Snow Leopard for that LOL).

Interesting, we have 9 Macs in the office and I've yet to see a single glitch on any of them. When I used to run windows I had to do a complete overhaul of the OS every year where with Mac I haven't touched the OS since purchase if you count out a painless upgrade to snow leopard. I have to admit all of my Win7 boxes have worked as well as OSX so far.

[Vulcan]

Mac's can get exploited remotely too. It happens all the time and hacking conferences. In fact the mac's are usually the easiest to hack, and not just safari but in other areas (remember the wifi driver attack that apple went legal over?). Ever system has its flaws, be it mac or windows or something else. Windows gets targeted to exploit these simply because it dominates the market so totally.

My Windows XP box has been stable for ... 3 or 4 years now. This includes changing hardware (like upgrading the video card). My server even longer. Same goes for my work laptop (though I upgraded to 7 recently). The reason you hear of more people having problems with PC's is that for every mac theres at least 20 PC's. Where I work is 90% mac's, I'm the minority. But I see them have all the same problems the rest of us have. For example, Snow Leopard... painless upgrade? Yeah right. I know of 3 people whos upgrade was painful, they eventually went for a fresh install. And I know of more people who have had problems with snow leopard, such as the data loss issue, or the IP/DNS problems.

My job is in network security, and without windows lovely flaws I wouldn't be needed. But to put OS X on a pedestal like you do is crazy but symptomatic of many mac users - and given that social engineering is the biggest single vector for bad stuff that is what concerns me the most about mac's.

[MrRiplEy[H]]

Mac's can get exploited remotely too. It happens all the time and hacking conferences.

Yep and about only there which is the key.

[Vulcan]

Yep and about only there which is the key.

Not true , www.zone-h.org, if they still had the OS filter function you could check the archive and see that os x machines get hacked quite a bit. Still it amounts to less than 1% of all hacks IIRC from the old stats. Most hacks are still primarily Linux then MS.