Hi John, I guess I should chalk it up to how I interpreted your original post. Viruses are far from being the only threats to a computer, and I'm afraid I can't really disagree with Gates when he says that Macs aren't all that superior in terms of security when you consider all potential threats, not just viruses...unfortunately I don't remember his exact words.
As for proofs of concept, if they actually are proofs, then they theoretically could be used against people - at that point, it's a matter of time between a live exploit and a patch from the vendor. One of the MOAB bugs was a Colloquy (IRC) bug, and I watched it being used on Colloquy users as their applications crashed with no user interaction whatsoever not knowing what was going on...and I watched as the developer, disgruntled, released a fix _before_ the exploit was publically announced because the authors of the MOAB bug had tested their proof of concept on actual people. Every single application one uses quite possibly contains vulnerabilities of all sorts, it is not simply just an OS that we should be thinking about. As for updates...alas, we are all human. Nor can we always install them in a timely fashion, for any reason, lack of bandwidth, disinterest in the update, issues with the update and what have you. Mac OS X is also nowhere near as naggy about critical updates as Windows..nor does it label any updates as being critical or not. Thanks to the idiocy of the Apple iPhone team, my phone was virtually off (if it worked at all, because some software is so insanely buggy) or in airplane mode (with all wireless turned off) at Defcon, last weekend's hacker convention in Las Vegas, and I completely wiped my MacBook's drive of all personal identification. Better to discover new vulnerabilities some other way than on me and possibly important data I might have. I could have assumed Macs were safer, but in a place like that...not happening. Although, granted, Defcon isn't your typical example of a network. We're all human, after all. As for wireless network passwords - any is better than none. WPA2 is better than WEP. MAC filtering on top of that is great, you get the idea. However, a simple password will keep most out. cheers, jane On 8/5/07, John Panarese <[EMAIL PROTECTED]> wrote: > Hi Jane, > In the world we live, anyone who does not take security with > some degree of importance is fooling themselves. I never said in any > of my posts on the subject of security that one should not worry at > all about such matters while using a Mac. The subject I addressed in > my last message was in regard to viruses, and that was my only point > to my comments and not the overall issue of other kinds of attacks on > ones local zone. I definitely apologize if that was the impression I > gave to anyone. > > I absolutely agree that Apple, like any other company in the > technology field, is vulnerable and susceptible to any number of > security risks, and they do a far better job at dealing with them > than Microsoft. That does not imply taking the matter for granted, > though. I will point out that, in reality, proof of concept is just > that, proof of concept, and in many instances, such "proof" has been > offered up wrongly by antivirus software companies seeking to appeal > to their own special interests in the market place. This has also > led to some Mac users to buy into the fear they intended on > creating. In addition, a most recent "contest" that involved hacking > a password from a Mac user, among other things, was proven to be > rather suspect as the Mac in question had been badly outdated, the > rules of the contest were changed midway through its duration and, of > course, if one cared to read carefully, Microsoft was a sponsor for > the article. In any event, without a doubt, if you utilize third > party applications, such as MS Office, you should pay extra care to > risks for sure. And, of course, Never Assume anything cannot happen > to you, Mac user or not. > > I don't run antivirus software on either of my Macs, but I am > also behind a hardware and software firewall, and my network is > secure enough, as much as I have Windows systems accessing it. I > certainly would not recommend to anyone to simply and carelessly go > about their business completely ignoring the threat of some kind of > security issue, but far more confidently than with Windows, contrary > to Mr. Gates' rants, I feel far safer on my Mac than my XP systems. > Furthermore, based on what I've read and heard from several IT > people, I wouldn't touch Vista's security "improvements" with my > worst enemy's computer. > > Overall, though, your points are surely taken, and I did not > mean to sound as if I was advocating for an utter lack of security > methods. I always strongly suggest to folks to make sure they run > software updates and to read the information provided by Apple. I > know, as with Windows, some Mac users have a bad habit of ignoring > those software update reminders and put them off constantly, which is > completely the Wrong thing to do. > > Take Care > > John D. Panarese > Managing Director > Technologies for the Visually Impaired, Inc. > 9 Nolan Court > Hauppauge, NY 11788 > Tel/Fax, (631) 724-4479 > Email, [EMAIL PROTECTED] > Internet, http://www.tvi-web.com > > AUTHORIZED DISTRIBUTORS FOR PORTSET SYSTEMS LTD, COMPSOLUTIONS VA, > PREMIER ASSISTIVE TECHNOLOGIES, INDEX, PAPENMEIER, REPRO-TRONICS, > DUXBURY, SEROTEK AND OTHER PRODUCTS FOR THE BLIND AND VISUALLY IMPAIRED > > AUTHORIZED APPLE BUSINESS AGENT > MAC VOICEOVER TRAINING
