On Dec 31, 2011, at 8:06 AM, Bill Connelly wrote: > > Brings up a point I've been wanting to ask ... Does Pandora (or could any > other site) use computer resources (perhaps your cpu) if you give it > permission to?
This is a generalized case of rule #3 of computer security: Rule 1) If you let the bad guy physically access your computer...it's not your computer anymore. Rule 2) If you let the bad guy run programs on your computer...it's not your computer anymore. Rule 3) If you run programs FOR the bad guy on your computer...it's not your computer anymore. If you agree to run software that can access your CPU for various purposes, then yes they can. If they start doing this too surreptitiously, they'll get caught pretty quickly (witness Sony's horrible 'rootkit' DRM experience of a few years ago) Generally speaking the only folks who do this are the ones who say they're doing it: Folding@Home, SETI@Home, etc. Dropbox has user-level access to your system, there's a Dropbox daemon running on all my Macs right now. It has to, to work correctly. All said, scrutinizing your network communications without knowing what's really going on is an exercise in futility and fear. As Dan pointed out...often what looks like a sinister connection is actually a completely normal part of the modern internet experience. As dc discovered, Pandora can't do the kinds of things it does without a lot of communications to and fro. If you don't like it, don't use the service... It helps when people are aware of what goes on, but if they aren't educated about what is and isn't scary, you get the things like the periodic freakout on the nightly news when they rediscover 'cookies' again and suddenly 'cookies' are the scariest threat imaginable. (and then I get emails and phone calls from folks here at the U about how our internal web tools aren't working "is there something wrong with the internet?"...no, you disabled cookies, again, didn't you, because some gasbag on the news did a segment on it? ) The best way to do this is to use these privacy tools as a guide to seeing what normally goes on with your computer. Don't assume that your system is horribly hacked and they're siphoning off all your data to their secret underground lairs. It's like the system log. If you look at your system log at boot time you'll see dozens of things that look like problems, this thing failed to load, that thing was disabled, this process was killed, the other file wasn't found. Uneducated you'll come away thinking your system is on the brink of collapse. Knowing that all of these events are normal (if you're not having problems with your computer, that is) puts all of this info in a different light. Learning what's 'normal' is the key. You don't need to know what things are, just that, 'this is new, I haven't seen that before'. Or don't learn this, and learn to stop worrying...the only security things a Mac user really ever has to do is turn off the 'Open "safe" files after downloading' preference in Safari, and recognize that a web site telling you your Mac is infected with a virus is lying to you and is trying to infect your Mac. That's it. OS X is a remarkably robust, hard-to-break operating system that's quite secure; out of the box there's nothing for an intruder to attack, because you have no outward-facing services running. Moreover given that probably 80-90% of you are connecting through home networks behind a NAT-enabled router (meaning that outside connections couldn't find their way to your system if they tried, even if you were running everything wide open) and that 99.9999999% of all the malware in the world, and 100% of all the malware 'in the wild" is aimed at Windows...you don't really have anything to worry about. Relax, have some champagne, enjoy the New Year, and go forth and have fun with your mac or your family and friends or your dogs and cats (or iguanas, hamsters and fancy rats if that's your gig!)...and you'll excuse me, since a canine member of the family keeps jostling my elbow and dropping her tennis ball on the floor suggestively, I believe I'll just go and do that! -- Bruce Johnson "Wherever you go, there you are" B. Banzai, PhD -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/g3-5-list
