I think that estimate is too low. On Tue, Sep 7, 2010 at 7:28 PM, Kurt Buff <[email protected]> wrote:
> Sturgeon's Revelation: 90% of everything is crud. > > On Tue, Sep 7, 2010 at 14:45, Michael B. Smith <[email protected]> > wrote: > > Things == crap. > > > > > > > > Regards, > > > > > > > > Michael B. Smith > > > > Consultant and Exchange MVP > > > > http://TheEssentialExchange.com <http://theessentialexchange.com/> > > > > > > > > From: Andrew S. Baker [mailto:[email protected]] > > Sent: Tuesday, September 07, 2010 5:45 PM > > To: NT System Admin Issues > > Subject: Re: Mac and Windows mix > > > > > > > > All of these comparisons are great, if 90% of the users, regardless of > > platform, didn't install a bunch of things, make a set of favorite > > configurations, and then run off to a variety of sites. > > > > > > > > Default config is great if is good and if they leave it that way. They > > don't. > > > > > > > > It makes for a great academic discussion which is bears little similarity > to > > the real world. > > > > > > > > > http://www.computerworld.com/s/article/9129978/Researcher_cracks_Mac_in_10_seconds_at_PWN2OWN_wins_5k > > > > > > > > OS X can be attacked successfully. So can Windows, and so can Linux.[1] > > > > > > > > The *people* using those platforms can also be attacked. I'd argue that > the > > system of the average person running Linux is harder to crack than that > of > > the average person running OSX or Windows, but as more people buy into > > *product = security*, and as more users of Linux or OS X start building > or > > providing systems for their less technical family members using their OS > of > > choice, we'll see more successful attacks on those platforms as well. > > > > > > > > Because changing platforms doesn't remove ALL bad habits. > > > > > > > > And the careless will be the ones more easily hacked via social networks > and > > smartphones, regardless of what OS someone has installed for them on > their > > desktop. > > > > ASB (My XeeSM Profile) > > Exploiting Technology for Business Advantage... > > > > > > [1] OpenBSD can make legitimate statements about the security of its > default > > config, but your mainstream user would not find it as useful to them > > application-wise, or would make changes that undermine its security. > > > > > > > > On Tue, Sep 7, 2010 at 5:27 PM, Matthew W. Ross < > [email protected]> > > wrote: > > > > If you eliminate the non-os applications, what's the security situation > look > > like on each platform? > > > > Until Vista, the default setup for any user was to make them an > > Administrator. Mac and Linux people could not understand this behavior. > > Thank goodness Microsoft fixed that. > > > > Windows doesn't come with a PDF reader, and Mac OS X has Preview. Apple > is > > somewhat good about releasing fixes for it's OS vulnerabilities, but it > has > > also been known to be slow on responding on some items. > > > > Mac OS X has Java built in, which Windows does not. Another vector for > > attack. > > > > Browser vulnerabilities abound on both sides. I would argue that anything > > that uses ActiveX is inherently less secure than something that doesn't. > But > > then again, I hate a standards platform (The Web) using any platform > > specific implementation (such as ActiveX). > > > > Does Windows have any kind of Remote Administration (ala psexec.exe) > turned > > on by default? Mac OS X has SSH disabled by default. > > > > Then, between the two... which one is more secure? I don't know. > > > > --Matt Ross > > Ephrata School District > > > > > > ----- Original Message ----- > > > > From: John Aldrich > > [mailto:[email protected]] > > > > To: NT System Admin Issues > > [mailto:[email protected]] > > > > Sent: Tue, 07 Sep 2010 > > 12:15:16 -0700 > > Subject: RE: Mac and Windows mix > > > >> Not to start a flame war or anything, but I was under the impression > that > >> Mac OS/X was significantly *more* secure than a comparable Windows > >> machine, > >> due to the *nix security model? Asking for information here, trying to > >> learn, not trying to start a Mac Vs. Windows thread (there are enough > of > >> those, that I don't need to start one! <G>) > >> > >> > >> > > > >> John-AldrichPerception_2 > > > >> > >> > >> > >> From: Holstrom, Don [mailto:[email protected]] > >> Sent: Tuesday, September 07, 2010 2:57 PM > >> To: NT System Admin Issues > >> Subject: RE: Mac and Windows mix > >> > >> > >> > >> We have about a dozen Macs here at the Museum. I give them each dual > >> monitor > >> set-ups, with Parallels and Windows with Microsoft Office so they can > >> Outlook to their e-mail. So far, Mac doesn't really have a good > >> Rendezvous/Outlook set-up, although OWA is very good and getting better. > >> As > >> I stroll by, I see that each Mac user keeps Office up on one monitor, so > >> that Outlook is always open. Each of the Macs can already connect to our > >> PC > >> servers where they keep all their files. I give Remote Desktop access to > >> those who either PC or Mac from the outside. > >> > >> > >> > >> Way too many security openings for Macs, this would not be good with a > >> very > >> secure network. > >> > >> > >> > >> From: Jeff Steward [mailto:[email protected]] > >> Sent: Tuesday, September 07, 2010 2:34 PM > >> To: NT System Admin Issues > >> Subject: Re: Mac and Windows mix > >> > >> > >> > >> Don't knock yourself out here Matt, I'm just curious how one manages > these > >> issues in a mixed environment. I have one Mac user who works part time > so > >> we set him up with a Remote Desktop client and he works in a Terminal > >> Server > >> session. > >> > >> > >> > >> Regards, > >> > >> > >> > >> Jeff Steward > >> > >> On Tue, Sep 7, 2010 at 2:26 PM, Matthew W. Ross < > [email protected]> > >> wrote: > >> > >> Apple Remote Desktop is more akin to the Windows Management MMC, MS > Remote > >> Desktop and the SysInternals Power Tools rolled into one package. Open > >> Directory is more akin to Group Policy. > >> > >> > >> > >> I will see what I can find out about those regulations. > >> > >> > >> > >> --Matt Ross > >> > >> Ephrata School District > >> > >> > >> On Sep 7, 2010, at 11:21 AM, "Jeff Steward" <[email protected]> wrote: > >> > >> HIPAA > >> > >> SOX > >> > >> MA 201 CMR 17.00 > >> > >> > >> > >> To varying degrees they all boil down to: > >> > >> > >> > >> We define a security policy that meets the regulatory requirements and > >> base > >> configurations to meet that policy and then report regularly on > >> performance > >> to standards. I see from one of your follow-up posts that Apple Remote > >> Desktop is akin to Group Policy. > >> > >> > >> > >> -Jeff Steward > >> > >> On Tue, Sep 7, 2010 at 1:31 PM, Matthew W. Ross < > [email protected]> > >> wrote: > >> > >> Can you be more specific? What standards are you needing to be compliant > >> to? > >> An example regulation would help me answer your question. > >> > >> > >> > >> --Matt Ross > >> > >> Ephrata School District > >> > >> > >> On Sep 7, 2010, at 10:26 AM, "Jeff Steward" <[email protected]> wrote: > >> > >> A school environment is not the same as a public company environment. > >> Compliance to <insert your favorite standard here> and reporting on said > >> compliance or non-trivial issues for public companies or private > companies > >> subject to other regulations. There are a wealth of tools for managing > >> these issues in a Windows environment, can the same be said of the Mac > >> environment? > >> > >> > >> > >> -Jeff Steward > >> > >> On Tue, Sep 7, 2010 at 12:53 PM, Matthew W. Ross > >> <[email protected]> > >> wrote: > >> > >> Macs are not the burden you make them sound to be. > >> > >> Integrating a Mac into a windows network is never going to be painless; > >> the > >> two systems are inherently different. If what you want is a Windows > >> experience from your Mac, install Windows. > >> > >> Now not everybody likes MacOS X, but the same can be said for Windows. > >> Insert the problem of subjective preference here. > >> > >> Personally, I love working on my iMac, and managing the other Macs in > our > >> district is very easy if you use the provided Apple tools: Mac OS X > >> server, > >> Open Directory, and Apple Remote Desktop. > >> > >> Then again, I hate how a Mac _can_ cost 2x as much as a comparable PC. I > >> do > >> like that software upgrades are cheaper for Mac, but I don't like how > >> apple > >> drops support for anything that is not the current generation or the > >> previous one. If you're 2 generations back, you're out of luck. > >> > >> What can a Mac do that a PC Can't? Nothing. But I would argue that > >> competition is one of the pillars of innovation. Without Mac OS X > >> competing > >> against Windows, what would Windows look like today? > >> > >> > >> --Matt Ross > >> Ephrata School District > >> > >> > >> > >> ----- Original Message ----- > >> From: James Hill > >> [mailto:[email protected]] > >> To: NT System Admin Issues > >> > >> [mailto:[email protected]] > >> Sent: Sun, 05 Sep 2010 > >> 19:28:49 -0700 > >> Subject: RE: Mac and Windows mix > >> > >> > >> > We have pretty much eliminated all of the Mac's here. > >> > > >> > We didn't have 3rd party products to manage them so they always > required > >> so > >> > much manual interaction. Any global change we made we could easily > >> automate > >> > with PC's thanks to group policy etc but it was always a manual change > >> > for > >> > the Mac's. > >> > > >> > They really aren't a corporate product imo. You only have to look to > >> Apple > >> > for a corporate grade management solution to realise that it doesn't > >> exist. > >> > > >> > They do indeed need patching (http://support.apple.com/kb/HT1222) and > >> there > >> > is AV products for them. Symantec has one for example. Personally I > >> think > >> > the day is coming when someone will write a decent bit of > malware/virus > >> for > >> > them and 99% plus will get caught out by it. There is a very > misguided > >> > opinion amongst the Apple community that they are safe. Apple's false > >> > advertising only strengthens this. The facts are that Mac's are more > >> > vulnerable than the PC world http://www.crn.com/security/226200083 > >> > > >> > More importantly, what is the need for the Mac's in the first place? > >> > For > >> us > >> > they were only sued for Adobe CS, which runs just fine on PC's. In > fact > >> > these days Adobe is more behind the PC world than the Mac. For > example, > >> > 64bit Photoshop was first on PC, had to wait for CS5 for Mac to get > it. > >> > >> > That's without going into the Flash debate :) > >> > >> > > >> > > >> > > >> > > >> > > >> > From: David Lum [mailto:[email protected]] > >> > Sent: Saturday, 4 September 2010 6:07 AM > >> > To: NT System Admin Issues > >> > Subject: Mac and Windows mix > >> > > >> > I would like to hear from those of you who have a mixed Windows/Mac > >> > environments: How do you handle management of the diverse environment? > >> > Presumably with Mac's there is no patching or AV. Can you use GPO's on > >> them > >> > in any fashion (wondering if there's some add-in to allow > equivalency). > >> > David Lum // SYSTEMS ENGINEER > >> > NORTHWEST EVALUATION ASSOCIATION > >> > (Desk) 971.222.1025 // (Cell) 503.267.9764 > >> > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to [email protected] > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
