Thank you for the insite Bruce. As a foot-note for Microsoft users, there are better anti-virus programs out there than Macafee and Norton. If you google "top rated anti-virus programs" you can get information on them. I use "The Shield Deluxe 2008" and it has worked better than AVG, or Norton for me and Its only $29.95 the first year and $19.95 every year after. Please do'nt tell a lot of people however. I want to keep them in business without the price going up.
Sat, Dec 6, 2008 at 12:20 PM, Bruce Johnson <[EMAIL PROTECTED]> wrote: > > > On Dec 6, 2008, at 10:37 AM, Bill Spencer wrote: > >> Note this sentence about halfway through: >> >> "For now, Apple's Macintosh computers are more or less exempt from the >> attacks, but researchers expect Apple machines to become a larger >> target as their market share grows." > > Like the imminent "Death of the Internet" this has been a staple > predictions of malware discussions for years, irrespective of Apple's > actual market share. > > Bluntly, these folks know not their ass from a hole in the ground. > Apple's market share has surged (estimates that up to 30% of home- > based systems are Macs; enterprise PC's are generally well-protected > against malware...the vast majority of botnet zombies out there are > home systems) yet the malware count is vanishingly small > (indistinguishable from zero, in fact) > > OS X's design mitigates against malware as a matter of structure. Are > we invulnerable? no. But it will be MUCH harder for malware to spread > on a Mac. > > In fact, as the market share of Macs (and to a much lesser extent > Linux) grows, the whole malware ecosystem will shift: malware has > largely spread so far and so fast because the computer ecosystem is > like Ireland in the 1840's: a potato monoculture. > > Monocultures not only encourage plagues by presenting a large > population of vulnerable hosts, but also by the lack of 'firewall' > crops between the vulnerable ones to hamper the spread of infection. > > Malware attempting to indiscriminately infect hosts will be discovered > much more rapidly when a large number of hosts are not vulnerable. > > Thus Dan's intimation that cross-platform codes are the next major > wave of infection. > > However, all of these programs (Flash, Acrobat,etc) STILL rely on > different underlying host OS mechanisms for their action, and so > malware targeting a Flash vulnerability is still likely to only affect > a single OS, because underneath the plugin-code there's different OSes. > > What this WILL force is much greater 'intelligence' on the part of the > malware; either sending larger programs with three payloads, or as in > the drive-by web site infections, installing the proper infection for > the reported OS. > > That is easily blocked by simply mis-reporting your OS or just not > reporting it at all. Why the HECK should a web site need to know what > kind of OS you run? > > It's a convenience, Mozilla or Apple can automatically offer you the > correct download of Firefox or Quicktime, but this is also handleable > on a more secure basis by the website ASKING you what OS you run and > remembering it. > > Can't do a drive-by infection if the malware has to ask pretty please. > > This comes back to the fundamental difference in security between > Windows and OS X: Windows admin rights assume the right to do things, > OS X admin rights assume the right to ASK to do admin things. > > Vista has gotten it sort of right, but in an intrusive fashion largely > because Windows users have NEVER been asked this before. > > I remember the same wailing and moaning over OS X when it first came > out: "It doesn't feel like MY computer...it keeps asking me to > authenticate to do things!" > > Many folks were quite vehement about this 'impersonality' and 'evil > greed-head corporate way of doing things'. > > Well, time and habit have largely muted that and we accept that we're > asked to authenticate when stuff wants to affect our computer. 10.5 > even keeps track of where things come from and if a program was > downloaded it'll ask the first time, before anything runs, whether you > want to do this. > > Vista could be better, they SHOULD ask for a login/password instead of > just clicking on Yes, and IE is still far too deeply borged into the > OS for it to ever be safe as a web browser. > > OS X users, like any others are still heir to PBECAK trojans, but OS X > tries to mitigate that danger. > > Ultimately, the true solution is to sandbox your computer...outward > facing programs: mail, Web Browsers, etc run in their own VM with > limited interconnects between the system and their memory space and > operational ability. > > This is how enterprise networks are properly constructed, with a > private local network, and outward facing systems like web servers in > a DMZ. The inner 'protected' system can only interact with the outside > world in a few restricted ways, and the outer 'DMZ' systems cannot use > the inner systems abilities at all. > > So a web browser can connect to the outside world all it wants but > anything it brings back has to be checked and vetted before it can be > allowed to do anything in the system. This limits malware almost > completely...it would have to download, essentially, a complete OS to > the limited 'outside world' sandbox of the web browser to do it's work. > > And when the web browser (or that thread, in a Chrome-type browser) > quits that VM, with its memory allocation vanishes along with the > malware. The system can never be infected. persistent data storage can > be enabled and split between private and DMZ data as well. > > This will never completely eliminate malware, but it will make it a > lot harder to propagate and continue running. > > This requires considerable processing power, since we're talking about > running numerous VMS simultaneously with with much higher > interoperability than today, but Moore's Law will make that happen. > > This also require a considerable re-writing of computer OS'es, but I > believe that OSX is better suited to this than Windows is. > > -- > Bruce Johnson > > "No matter where you go, there you are", B. Banzai > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to Low End Mac's iMac List, a group for those using G3, G4, G5, and Intel Core iMacs as well as Apple eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/imaclist?hl=en Low End Mac RSS feed at feed://lowendmac.com/feed.xml -~----------~----~----~----~------~----~------~--~---
