Hi John,
I guess I should chalk it up to how I interpreted your original post.
Viruses are far from being the only threats to a computer, and I'm
afraid I can't really disagree with Gates when he says that Macs
aren't all that superior in terms of security when you consider all
potential threats, not just viruses...unfortunately I don't remember
his exact words.
As for proofs of concept, if they actually are proofs, then they
theoretically could be used against people - at that point, it's a
matter of time between a live exploit and a patch from the vendor.
One of the MOAB bugs was a Colloquy (IRC) bug, and I watched it being
used on Colloquy users as their applications crashed with no user
interaction whatsoever not knowing what was going on...and I watched
as the developer, disgruntled, released a fix _before_ the exploit was
publically announced because the authors of the MOAB bug had tested
their proof of concept on actual people. Every single application one
uses quite possibly contains vulnerabilities of all sorts, it is not
simply just an OS that we should be thinking about.
As for updates...alas, we are all human. Nor can we always install
them in a timely fashion, for any reason, lack of bandwidth,
disinterest in the update, issues with the update and what have you.
Mac OS X is also nowhere near as naggy about critical updates as
Windows..nor does it label any updates as being critical or not.
Thanks to the idiocy of the Apple iPhone team, my phone was virtually
off (if it worked at all, because some software is so insanely buggy)
or in airplane mode (with all wireless turned off) at Defcon, last
weekend's hacker convention in Las Vegas, and I completely wiped my
MacBook's drive of all personal identification. Better to discover
new vulnerabilities some other way than on me and possibly important
data I might have. I could have assumed Macs were safer, but in a
place like that...not happening. Although, granted, Defcon isn't your
typical example of a network.
We're all human, after all.
As for wireless network passwords - any is better than none. WPA2 is
better than WEP. MAC filtering on top of that is great, you get the
idea. However, a simple password will keep most out.
cheers,
jane
On 8/5/07, John Panarese <[EMAIL PROTECTED]> wrote:
Hi Jane,
In the world we live, anyone who does not take security with
some degree of importance is fooling themselves. I never said in any
of my posts on the subject of security that one should not worry at
all about such matters while using a Mac. The subject I addressed in
my last message was in regard to viruses, and that was my only point
to my comments and not the overall issue of other kinds of attacks on
ones local zone. I definitely apologize if that was the impression I
gave to anyone.
I absolutely agree that Apple, like any other company in the
technology field, is vulnerable and susceptible to any number of
security risks, and they do a far better job at dealing with them
than Microsoft. That does not imply taking the matter for granted,
though. I will point out that, in reality, proof of concept is just
that, proof of concept, and in many instances, such "proof" has been
offered up wrongly by antivirus software companies seeking to appeal
to their own special interests in the market place. This has also
led to some Mac users to buy into the fear they intended on
creating. In addition, a most recent "contest" that involved hacking
a password from a Mac user, among other things, was proven to be
rather suspect as the Mac in question had been badly outdated, the
rules of the contest were changed midway through its duration and, of
course, if one cared to read carefully, Microsoft was a sponsor for
the article. In any event, without a doubt, if you utilize third
party applications, such as MS Office, you should pay extra care to
risks for sure. And, of course, Never Assume anything cannot happen
to you, Mac user or not.
I don't run antivirus software on either of my Macs, but I am
also behind a hardware and software firewall, and my network is
secure enough, as much as I have Windows systems accessing it. I
certainly would not recommend to anyone to simply and carelessly go
about their business completely ignoring the threat of some kind of
security issue, but far more confidently than with Windows, contrary
to Mr. Gates' rants, I feel far safer on my Mac than my XP systems.
Furthermore, based on what I've read and heard from several IT
people, I wouldn't touch Vista's security "improvements" with my
worst enemy's computer.
Overall, though, your points are surely taken, and I did not
mean to sound as if I was advocating for an utter lack of security
methods. I always strongly suggest to folks to make sure they run
software updates and to read the information provided by Apple. I
know, as with Windows, some Mac users have a bad habit of ignoring
those software update reminders and put them off constantly, which is
completely the Wrong thing to do.
Take Care
John D. Panarese
Managing Director
Technologies for the Visually Impaired, Inc.
9 Nolan Court
Hauppauge, NY 11788
Tel/Fax, (631) 724-4479
Email, [EMAIL PROTECTED]
Internet, http://www.tvi-web.com
AUTHORIZED DISTRIBUTORS FOR PORTSET SYSTEMS LTD, COMPSOLUTIONS VA,
PREMIER ASSISTIVE TECHNOLOGIES, INDEX, PAPENMEIER, REPRO-TRONICS,
DUXBURY, SEROTEK AND OTHER PRODUCTS FOR THE BLIND AND VISUALLY
IMPAIRED
AUTHORIZED APPLE BUSINESS AGENT
MAC VOICEOVER TRAINING
