[WinTard]

Evildave said:

You seem to keep repeating yourself, Wintard, but you only keep implying that windoze is 'more secure' when only a tiny spec of the windoze machines in use are 'C2 Compliant', and these machines are so locked down and customized that they have nothing to do with Windoze 'in the wild'.

Yeah, computers with severely restricted access, that run only a very controlled handful of applications, and are monitored by live human beings in real-time can be 'way more secure'. Even if they ARE windoze machines.


Your grandma's Windoze PC has nothing to do with that. She previews an email or visits a web site, or the grandkids stick a USB stick in the slot to copy a recipe, and 'bam' stuff got run as 'Administrator' and changed system files. Ohz noez! It's gots da Brain Wormz!


If Grandma had a Mac, it just wouldn't happen. Out of the box, the CONSUMER level OS is better than the CONSUMER level Windoze. Heck, that guy in the H&R block commercial with the money suit has better security than Windoze.


A highly modified and 'certified' system that probably costs $10,000 extra per seat for that 'certification' (and crashed anywayfor the French Navy, English Navy, and Houston PD) isn't what she got, AND STILL THEY GET INFECTED.


How secure is Windoze when you INVEST HEAVILY into its 'security' and put that 'security' to the test?


http://www.khou.com/...ries/khou090206mhcourtsystemdown.2580b43d.html]

>
>
> bq. HOUSTON -- Houston Police officers have stopped arresting people with outstanding traffic warrants, as the effects of a malicious computer virus continue to cascade throughout Houston government agencies.
> [http://www.telegraph.co.uk/news/worldnews/europe/france/4547649/French-fighter-planes-grounded-by-computer-virus.html]
>
> bq. French fighter planes were unable to take off after military computers were infected by a computer virus, an intelligence magazine claims. The aircraft were unable to download their flight plans after databases were infected by a Microsoft virus they had already been warned about several months beforehand.
>
> [http://www.findmysoft.com/news/Microsoft-Windows-for-Warships-OS-Compromised/]
>
>
> bq. While things are going swimmingly for Microsoft now that [Windows 7 Beta 1 has been officially released to the general public, the same cannot be said for the British Ministry of Defence and their “Windows for Warships” operating system, or SMCS NG (Submarine Command System Next Generation) which was implemented earlier this month. As it turns out, the OS which is mainly based on Windows, was infected by a virus and consequently a number of MoD (Ministry of Defence) systems were shut down, none of them involving navigation systems or weaponry.

Quote

Not very secure. You can claim that Houston is a back-water, and that the English and French who spent MILLIONS in an attempt to make these systems... heh... 'secure' are all a bunch of incompetent boobs. You'd probably be right. After all, they BOUGHT WINDOWS, and thought they could make it 'secure', didn't they?

You'd think they'd start with an OS that could at least keep Grandma's cookie recipes safe. Nope. Microsoft employs LOTS of VERY GOOD salesmen and have liberal kick-back plans to reward loyal buyers at every level of corporation and government.

Evildave, you are sidestepping the issues, by sending all of us onto more red herrings and wild goose chases. You didn't address any of my points. So I won't address yours in this post.

Yet whatever you say, applies to all operating systems, Linux, FreeBSD, Unix, Mac OS X, or Windows... So what is your point?

Let me summarize what I said:

* Windows (server and workstation) is C2-Level rating compliant straight out of the box without any modifications. As for a C2-Level certified installation, then one must go through the process such as through a systems integrator like www.janusgroup.com/websecurity.htm (already posted three times)

* OS X isn't C2-Level rating compliant straight out of the box and thus is the reason it isn't used in secure governmental installations.

* The implications of these two simple statements are that the US Government DoD considers Windows a more secure OS at the server and workstation level than others. That does not mean they don't use other C2-Level rating operating systems.

Simple enough for you?

[Evildave]

WinTard said:

I'll agree with you on this one with a slight explanation. There are less attacks on OS X at the moment, because of market share penetration as well. There is a correlation don't you think?

As for the Mac antivirus: Results 1 - 10 of about 17,000,000 for antivirus mac. (0.16 seconds)

Leads me to http://intego.com specializing exclusively on Mac OS X... Perhaps they just want to make money?

This perhaps is a good source of info on Mac malware? http://www.intego.co...s/pressroom.asp
>Jan. 26, 2009 INTEGO SECURITY alert - New Variant of Mac Trojan Horse iServices Found in Pirated Adobe Photoshop CS4

>> ... long list of unnecessary spew ...

Quote

>Jan. 2, 2007 Intego Security Memo - Apple QuickTime RTSP URL Handling Buffer Overflow Vulnerability
>
> ... (I stopped before 2007)

And this too? http://blog.intego.com/

Which part of the repeated postings of articles about scare-mongering and wolf-crying from Antivirus vendors did you miss?

Obviously ALL of them.

Hey, if you download pirate warez, you maybe need to pirate some antivirus, too. I don't feel too sorry for 'em.

[WinTard]

Evildave said:

Which part of the repeated postings of articles about scare-mongering and wolf-crying from Antivirus vendors did you miss?

Obviously ALL of them.

Hey, if you download pirate warez, you maybe need to pirate some antivirus, too. I don't feel too sorry for 'em.

Are you saying anti-virus defense is useless? Even for the invincible Mac? That it's all scare-mongering? Wolf-crying? Be my guest then!

I just happen to differ in opinion. With many things as you are concerned obviously. Hey, let's agree to disagree! ;)

And orders of magnitude more Windows users don't download pirated software you think? Would that explain some of the vulnerabilities that seem to afllict Windows, as well as OS X?

My point is: there is malware everywhere, even Linux. The term rootkit, came from Unix.. And a virus will hit at the most unexpected moment, call it Murphy's Law. Anywhere and everywhere, on OS X, Linux, Windows, you name it. You can't deny malware exists for Apple. Without AV, how do you protect from it? Contrary to what you imply, it's not just in pirated software for the Mac. The secunia advisories (they don't sell anti-virus) points out over 180 or so vulnerabilities for Apple to date.

I always said: The root causes to most computer problems sits between the chair and keyboard.

Note I didn't specify Windows or OS X users...

I told you I consider myself an anarchist, trying to be agnostic (meaning impartial, no prejudice, or bias) towards all...

[Evildave]

Quote

Let me summarize what I said:

* Windows (server and workstation) is C2-Level rating compliant straight out of the box without any modifications. As for a C2-Level certified installation, then one must go through the process such as through a systems integrator like www.janusgroup.com/websecurity.htm

* OS X isn't C2-Level rating compliant straight out of the box and thus is the reason it isn't used in secure governmental installations.

* The implications of these two simple statements are that the US Government DoD considers Windows a more secure OS at the server and workstation level than others. That does not mean they don't use other C2-Level rating operating systems.

Simple enough for you?Yes, you don't understand C2 level rating.

And let me repeat what I said, and provided links for.
NO OS IS C2 RATED OUT OF ANY BOX. Only entire systems, hardware, OS, software, and configuration are 'C2 Level Rated'.

In other words, Windoze isn't certified to be C2 ANYTHING. Not without the ENTIRE fully configured system around it.

Install one round of 'automatic updates', and the entire certification is void, because THEY haven't gone through all of the tests through the NSA.

The reason I have to use such old articles is Microsoft appears to have stopped touting 'C2' in the later versions of their OS. Probably because they ship out MANY versions of the OS for individual and business targets, and they could only bother to go through the expense of certifying ONE, which they DO demand a princely sum for.

[http://labmice.techtarget.com/articles/securingwin2000.htm]
Even as late as 2003, Windows 2000 wasn't certified 'C2', even after previous versions up to 4.0 were touted as being 'secure'.

[http://www.osdata.com/holistic/security/security.htm#WindowsC2rating]
bq. Microsoft proudly proclaimed that Windows NT received a C2 rating from the National Security Agency (NSA), falsely implying that their operating system is as secure as the best UNIXes. What Microsoft doesn’t mention is that they received the lower security “Orange Book” C2 rating, rather than the highly secure “Red Book” C2 rating. Further Microsoft was unable to get Windows NT 4.0 modified enough to meet the lower Orange Book C2 rating, instead submitting a specially modified version of Windows NT 3.5. And, the modified version of Windows NT 3.5 (not available for sale to the public because Microsoft had to remove a great deal of functionality to make it secure) only qualified under the conditions that it not be physically connected to any network. There are also rumors that the NSA relaxed their lower “Orange Book” standards for Microsoft because of political pressure.w63
bq.

Oh, my, they're 'C2' to a lesser, more lenient standard, as long as they aren't connected to any network. C2 rated all the way, then, for a given value of 'C2'.

You did pick a good handle!

[SkateNY]

Macs have vulnerabilities. That's a fact. The Mac OS is the culprit. Each of us who use Macs knows this. But the attacks rarely if ever affect us at the administrator level, and we never have to use additional software to counterattack these incursions. It's just the way it is.



Microsoft is in the unenviable position of having to defend against each and all attack that comes from thousands of software and hardware choices that allow such attacks, not only to take place, but to ruin one's system. This is only one reasone why Steve Ballmer is advocating a close integration between Microsoft software and hardware. In other words, and in his own words, he wants Microsoft to be more like Apple.

[WinTard]

You are truly Evildave!

Now you are repeating yourself. And most of it is false.

There is a difference between C2-Level certification, and rating. A system that has the rating needs to be certified in the full installation.

OK I need a couple hours of sleep before work Lol! We'll keep this tomorrow.

[WinTard]

Now that I can agree with. It simply boggles my mind that virtually everybody in the Windows world is equivalent to superuser just because, it's too painful otherwise... Imagine if under Windows, a normal user, was a normal user, not a 'Power' user, or worse 'Administrator' equivalent... Then you would not see this kind of fiasco. Which BTW most people complain about that infamous UAC in Vista (including Evildave)... Damn if you do, damn if you don't. And in an organization, try removing admin rights from a programmer, and see how cry-babies really act! Yet in the very same organization, they don't get root in Unix, and stay quiet? Wonder why? Ah, probably because it's a server, not their workstation...

[Evildave]

WinTard said:

Are you saying anti-virus defense is useless? Even for the invincible Mac? That it's all scare-mongering? Wolf-crying? Be my guest then!

Yes, I am. It's closing the barn door after the cow is out (or the wolf is in).

And one of those various links I provided showed that for zero-day attacks, most antivirus suites catch 20~30%. That's abysmal. The latest, greatest virus stuff actually kills you AV, so if it can get you at zero-day, it can stay.

Hold your precious magic rock and pretend you're protected while you run everything as 'Administrator'.

I'll stick to backing up my data, and keeping sensitive data offline, and generally using a 'user' account for my daily business.

We'll see who's better protected.

Oh, wait, that would be ME.

Quote

I told you I consider myself an anarchist, trying to be agnostic (meaning impartial, no prejudice, or bias) towards all...

Yes, but defending poor, defenseless little Microsoft until daylight is definitely 'taking sides'. Like a misguided Robin Hood. Quick clue: the rich are the ones with the castles and yachts and (big clue) multi-billion dollar bank accounts, and business plans based on corrupting governments and corporate officers, destroying competition by any means necessary, and making certain there is NEVER CHOICE.

Hard to see you as anything but a villain for teaming up with that lot in this scenario.

[Evildave]

Actually, the missing permission to 'debug' with M$ Dev Studio is what programmers are mainly 'crying' about. That permission can be added without granting 'Administrator' status, but many admin types don't understand this and just placate the cry-babies. Specific access to modify certain additional locations (i.e. where the app installs to, so you can publish the executable and dlls there) should also be worked out with the project leads.

No competent and honest programmer cares about 'got root' as long as they can get their jobs done.

And my big complaints about UAC are:
1. It can be trivially disabled WITHOUT ELEVATING. Duh.

2. It sucks to use - it's done WELL on Linux, where everything evolved upwards from having limited user accounts. Under Windoze, it's painful, and UAC 'permission' is required for stupid things, like organizing your 'start' menu.

3. As implemented, it does not help. 'Muscle memory' allows users to click away these dire warning without even realizing they did it. Go ahead, lurk behind a windoze user who gets a UAC prompt and dismisses them and ask them what it said. Or simply try to realize what you're doing the next time you click one away. Chances are good you'll discover you must have dismissed several, but you have no memory of doing so. It's just another annoying 'press me to continue' prompt the way it works now, and it doesn't even get up to conscious level for most users to dismiss. Eye sees, hand clicks, mind is elsewhere.

[idaspud]

Oh please, our systems were updated the minute the patch came out. That stopped NOTHING. Some moron went somewhere or clicked on an attachment and infected the system with Conficker ANYWAY. It was executed internally, which has been verified. The antivirus program was up to date, but didn't catch it. A LATER definition update was able to catch a lot of it AFTER the fact, but the virus/worm, is still alive and well and the damage is done. This one is very tough to clean up after the fact. Our IT guys are going crazy tracking it down. This is NOT an unusual story with windows, so please stop with this "if you would have patched the system" bit. It still DOESN'T work!! If a virus gets executed from within windows, you still have a problem if the AV guys haven't caught up with it yet. Just frigging admit Windows is, and unless changes are made, will always be, a risk to use. You fan boyz and girlz just crack me up with your excises, FUD, and generally shifting blame.

Now for the people with delicate feelings... Get a frigging life! Even if this WASN'T a blog, Who cares? The humor is totally warranted where Windows is concerned. I have no problem with humor aimed at Apple, Linux, or any operating system really. If they can't get it right, they DESERVE some heat, just as the government deserves the heat they get. Poor wittle babes... If you can't take the heat, get out of the fire and STFU!

G'day

[WinTard]

> 1 posts since Feb 16, 2009
>
>idaspud wrote:
>Oh please, our systems were updated the minute the patch came out. That stopped NOTHING. Some moron went somewhere or clicked on an attachment and infected the system with Conficker ANYWAY. It was executed internally, which has been verified. The antivirus program was up to date, but didn't catch it. A LATER definition update was able to catch a lot of it AFTER the fact, but the virus/worm, is still alive and well and the damage is done. This one is very tough to clean up after the fact. Our IT guys are going crazy tracking it down. This is NOT an unusual story with windows, so please stop with this "if you would have patched the system" bit. It still DOESN'T work!! If a virus gets executed from within windows, you still have a problem if the AV guys haven't caught up with it yet. Just frigging admit Windows is, and unless changes are made, will always be, a risk to use. You fan boyz and girlz just crack me up with your excises, FUD, and generally shifting blame.
>
>Now for the people with delicate feelings... Get a frigging life! Even if this WASN'T a blog, Who cares? The humor is totally warranted where Windows is concerned. I have no problem with humor aimed at Apple, Linux, or any operating system really. If they can't get it right, they DESERVE some heat, just as the government deserves the heat they get. Poor wittle babes... If you can't take the heat, get out of the fire and STFU!
>
>G'day

Another live one!

What a load of bull from a one post wonder! Who's going to take seriously? You don't even use Windows and it shows. So you claim verified... Verified by whom? By you? Oh by your IT guys? Yes I see great competence... All these facts on your simple good word? You're just spreading FUD. You are a Troll.

You bashing fanboys crack me up.

Streuth!

[WinTard]

:) Okay, I'm back, fresh and rested!

Evildave said:

> WinTard wrote:
> Let me summarize what I said:
>
> * Windows (server and workstation) is C2-Level rating compliant straight out of the box without any modifications. As for a C2-Level certified installation, then one must go through the process such as through a systems integrator like www.janusgroup.com/websecurity.htm
>
> * OS X isn't C2-Level rating compliant straight out of the box and thus is the reason it isn't used in secure governmental installations.
>
> * The implications of these two simple statements are that the US Government DoD considers Windows a more secure OS at the server and workstation level than others. That does not mean they don't use other C2-Level rating operating systems.
>
> Simple enough for you?Yes, you don't understand C2 level rating.And let me repeat what I said, and provided links for.
NO OS IS C2 RATED OUT OF ANY BOX. Only entire systems, hardware, OS, software, and configuration are 'C2 Level Rated'.

In other words, Windoze isn't certified to be C2 ANYTHING. Not without the ENTIRE fully configured system around it.

Install one round of 'automatic updates', and the entire certification is void, because THEY haven't gone through all of the tests through the NSA.

The reason I have to use such old articles is Microsoft appears to have stopped touting 'C2' in the later versions of their OS. Probably because they ship out MANY versions of the OS for individual and business targets, and they could only bother to go through the expense of certifying ONE, which they DO demand a princely sum for.

[http://labmice.techtarget.com/articles/securingwin2000.htm]
Even as late as 2003, Windows 2000 wasn't certified 'C2', even after previous versions up to 4.0 were touted as being 'secure'.

[http://www.osdata.com/holistic/security/security.htm#WindowsC2rating]
bq. Microsoft proudly proclaimed that Windows NT received a C2 rating from the National Security Agency (NSA), falsely implying that their operating system is as secure as the best UNIXes. What Microsoft doesn’t mention is that they received the lower security “Orange Book” C2 rating, rather than the highly secure “Red Book” C2 rating. Further Microsoft was unable to get Windows NT 4.0 modified enough to meet the lower Orange Book C2 rating, instead submitting a specially modified version of Windows NT 3.5. And, the modified version of Windows NT 3.5 (not available for sale to the public because Microsoft had to remove a great deal of functionality to make it secure) only qualified under the conditions that it not be physically connected to any network. There are also rumors that the NSA relaxed their lower “Orange Book” standards for Microsoft because of political pressure.w63
bq. Oh, my, they're 'C2' to a lesser, more lenient standard, as long as they aren't connected to any network. C2 rated all the way, then, for a given value of 'C2'.
You did pick a good handle!

Let's put an end once and for all to your rantings about C2-Level Certification.

I said C2-Level rating compliant.

You said C2-Level certified.

Don't dismiss semantics here. This is specific. C2-Level compliant, or C2-Level rating, isn't C2-Level Certified. PERIOD.

Now is that simple and clear enough for you to understand?

PS: If it isn't, too bad. That is my last reply on the C2-Level subject in this thread. I won't play into your red herrings or wild goose chases, others can do as they please. Simple eh?

~~~~~~~~~~
Fool me once, shame on you. Fool me twice, shame on me...

But what can you expect from Evildave?

[rich97]

@kutts

Sensible journalism? You realize its SUPPOSED to be satirical journalism... right? Plus, a lot of what is said here is true. You're right, most operating systems do have their own benefits but windows in it's current state (i.e. Vista) has the most faults out of the current generation of operating systems and deserves to be poked at. Lets not forget that XP was much better than OSX was back in the day.

Satirical journalism is a good thing even if the outcome is bias. Lighten up.

[WinTard]

Onto conficker now:

Evildave said:

>An 'unknown' vulnerability?

Quote

You mean you honestly believe that the clueless, irresponsible M$ twits NEVER realized that 'AUTORUN' on ALL removable media was a vulnerability after all of this time??? It only showed up in 1995 and people COMPLAINED ABOUT IT BACK THEN. When I used Windoze, it was among the first idiotic things DISABLED on every machine I EVER used.


Sigh. I suppose not. That's a 'feature', not a 'bug'. One of THOUSANDS of such 'features' that guarantee windoze will ALWAYS be a ZOO for malware.



Here's a note from 2000 about it. I could do more searching to get earlier articles and postings, but this is plenty far enough back to prove it isn't an 'unknown' exploit, silly girl.



www.securityfocus.com/bid/993/info



CONFICKER isn't the first piece of malware to use this convenient hole, either.



Micro$oft has simply valued the 'convenience' of making natively executable content run without any user interaction more than security for over 15 years.



I'm sure you all will miss 'autorun', and mourn its passing bitterly.



Or MAYBE Micro$uck will kludge it with an ugly, new and improved, STUPID 'autorun' behavior. A dire warning like all the other annoying click-aways about opening files over a network. Users will learn to dismiss it without reading and launch the content anyway. Then you can blame them. Sounds about right.

Microsoft Security Bulletin MS09-001 - Critical Vulnerabilities in SMB Could Allow Remote Code Execution (958687) http://www.microsoft...n/MS09-001.mspx

Nothing to click on, to visit or whatever. This fix also goes as far back as to Windows 2000, and all other versions of Windows. And has to do with SMB (Server Messaging Block) code vulnerabilities.

They didn't fix the auto-run did they? And they won't fix it either. Many Windows users are um simplistic, and wouldn't know how to enable it. But astute users know how to disable it. PERIOD. (Same goes for UAC). And on top of it it is also used by DRM and other crap like that... That is precisely how the infamous Sony DRM Rootkit infected both Windows and Apple users alike... But DRM is another topic I guess, in this funny thread. Let's leave DRM out of it please. For the record I do not agree with DRM policies from anybody either.

For more on DRM please just google: Results 1 - 10 of about 16,200 for sony drm rootkit scandal. (0.23 seconds)

So plugging in an infected USB key, the worm uses a social engineering trick displaying a mysterious folder, requiring user intervention. And when the unsuspecting curious user clicks on the folder, it really launches the worm executable discharging its malware payload.

!http://blogs.technet.com/photos/mmpcblog/images/3190621/original.aspx!

Note anything fishy there? A folder under Install or run program... ? Hmmm? Publisher not specified?

Now if the user has admin rights and falls for the social-engineering trick, and clicks onto the fake folder icon, it will succeed. If not it won't. Now you tell me how simple the fix is. (Hint: Don't use admin rights while not doing admin stuff.)

Anti-virus unnecessary? Cry-wolf? Well, any antivirus to date worth its salt, will detect and block this conficker/downadup worm. PERIOD. No antivirus? Tough luck...

But note the first incarnation of the worm didn't require any user intervention, just being plugged onto a network, without the MS08-067 patch, and you could be infected.

And the second incarnation of the worm, since that vector was nipped in the bud, attempted other means of infection.

Quote

{quote:title=Evildave wrote:}{quote}

It didn't 'mutate'. It was obviously written to exploit that hole from the beginning, and Micro$uck didn't bother to reverse-engineer the wormy threat and see the alternate vector(s) before they closed one apparent hole and declared it 'solved'.

How do you know what anybody else does or not? You must be clairvoyant. Do you also have a crystal ball?

If I use IDA Pro and Sourcer for these purposes, I can just imagine what Microsoft uses... It's probably hardware assisted, with ICE and logic state analyzers... Just can't afford that kind of stuff alas.

Since there has been two versions discovered in the wild, the term mutate applies here.

Let?s examine again the ways this worm spreads. So far, only two variants of the worm have been discovered in the wild. The first one, Worm:Win32/Conficker.A, was first reported Nov. 21, 2008 and propagates only by exploiting the vulnerability addressed by security update MS08-067. This variant avoids infecting computers that use Ukrainian keyboard layout and that raised the suspicion that the malware developer is located in Ukraine. Worm:Win32/Conficker.B, the second variant, was reported Dec. 29, 2008. This variant uses multiple propagation methods.

1. It attempts to infect other computers on the network by exploiting MS08-067. This method will give the worm a foothold in environments that have not completed their roll out of this security update on all their Windows computers.

2. It attempts to copy itself to the ADMIN$ share of the target machine, which is the Windows folder by default. First it tries using the credentials of the currently logged on user. This method would work well in environments where the same user account is used for different computers on the network, and as long as that account has administrative rights. If it fails, it tries a different method: It obtains a list of user accounts on the target machine and attempts to connect using each user name and a list of weak passwords (examples: `1234?, `password?, or `student?). If one of these combinations work and that account has write permissions, it copies itself to the ADMIN$ folder.

3. It copies itself to removable media such as USB drives and other portable storage. It adds an INF file so that when the removable media is used, the AutoPlay dialog will show one additional option. In the screen shot above the option ?Open folder to view files ? Publisher not specified? is the one which was added by the worm while the highlighted option ?Open folder to view files ? using Windows Explorer? is the one that Windows provides. If the user selects the first option, the worm executes.

Bottom line: your interpretation of events differs wildly from reality. PERIOD.

And now I will remind you I shall stick by my self-policy of only one reply, we all got better things to do than chasing that wild goose social engineering trick of yours...

~~~~~~~~~~
Truth is the only safe ground to stand on.
~ Elizabeth Cady Stanton

[WinTard]

[quote name='Evildave']
>

WinTard said:

>
> Are you saying anti-virus defense is useless? Even for the invincible Mac? That it's all scare-mongering? Wolf-crying? Be my guest then!

>
>Yes, I am. It's closing the barn door after the cow is out (or the wolf is in).

Quote

And one of those various links I provided showed that for zero-day attacks, most antivirus suites catch 20~30%. That's abysmal. The latest, greatest virus stuff actually kills you AV, so if it can get you at zero-day, it can stay.

Hold your precious magic rock and pretend you're protected while you run everything as 'Administrator'.

I'll stick to backing up my data, and keeping sensitive data offline, and generally using a 'user' account for my daily business.

We'll see who's better protected.

Oh, wait, that would be ME.

>

First, it is you who holds this imaginary 'rock' crystal... And I never use superuser, unless I am performing administrative duties. Remember, I'm also a UnixTard...

Ha! even you have to go to admin mode to install under Linux or OS X. That won't protect you then once you install (unknowingly) malware. And we've already established there is malware under all platforms. Nothing is immune.

Googling: Results 1 - 10 of about 40,300 for how many apple mac users got infected. (0.24 seconds)
>Breaking: Over 20k Mac Users Unknowingly Infected By a Trojan (All ...10 posts - Last post: 22 Jan
>Breaking: Over 20k Mac Users Unknowingly Infected By a Trojan (All Mac ... posted if you got the trial at anywhere other than www.apple.com. ...
>http://forum.noteboo...ad.php?t=345092 - 95k - Cached - Similar pages

Are all these 20K+ Apple Mac users pirates?

Evildave said:

> I told you I consider myself an anarchist, trying to be agnostic (meaning impartial, no prejudice, or bias) towards all...

>Yes, but defending poor, defenseless little Microsoft until daylight is definitely 'taking sides'. Like a misguided Robin Hood. Quick clue: the rich are the ones with the castles and yachts and (big clue) multi-billion dollar bank accounts, and business plans based on corrupting governments and corporate officers, destroying competition by any means necessary, and making certain there is NEVER CHOICE.

Quote

Hard to see you as anything but a villain for teaming up with that lot in this scenario.

It appears to me you are true to your chosen name Evildave. Bashing innocent and defenseless Windows users, in the name of what? I'm not defending Microsoft here. I'm simply putting senseless bullies into their places... My weapon? The truth. Debunking FUD, myths, fallacies, and lies with independently verifiable and impartial facts. Not just my good words or opinions.

Okay, this concludes my visit to this satirical thread... Progress is made. Nobody can now state with a straight face, that any operating system is invulnerable. (Well at least in this long-winded thread) Lol! Hey fanboys, don't worry, I'll find you.

~~~~~~~~~~
Use power to curb power.
~ Confucius

[WinTard]

Oops, I didn't see this one, thus I shall move on after this reply.

Evildave said:

Actually, the missing permission to 'debug' with M$ Dev Studio is what programmers are mainly 'crying' about. That permission can be added without granting 'Administrator' status, but many admin types don't understand this and just placate the cry-babies. Specific access to modify certain additional locations (i.e. where the app installs to, so you can publish the executable and dlls there) should also be worked out with the project leads.

No competent and honest programmer cares about 'got root' as long as they can get their jobs done.

And my big complaints about UAC are:
1. It can be trivially disabled WITHOUT ELEVATING. Duh.

2. It sucks to use - it's done WELL on Linux, where everything evolved upwards from having limited user accounts. Under Windoze, it's painful, and UAC 'permission' is required for stupid things, like organizing your 'start' menu.

3. As implemented, it does not help. 'Muscle memory' allows users to click away these dire warning without even realizing they did it. Go ahead, lurk behind a windoze user who gets a UAC prompt and dismisses them and ask them what it said. Or simply try to realize what you're doing the next time you click one away. Chances are good you'll discover you must have dismissed several, but you have no memory of doing so. It's just another annoying 'press me to continue' prompt the way it works now, and it doesn't even get up to conscious level for most users to dismiss. Eye sees, hand clicks, mind is elsewhere.

Instead of looking for what's wrong in your post, I'm looking for what's right. Thus I agree with points 1,2,3.


As for the debug privilege, that too I agree with; however programmers in house require local (not domain) admin rights to do their jobs. You see, to install and mange services, you require admin. Also certain programs such as ORACLE, or IBM WebSphere also require 'root' to start / stop. And every program developed in house might require admin to install (since some parts are also services). Since we're software developers, it stands to reason to give them local admin rights onto their own workstations. HR and other clerical functions don't need it. But system programmers do. One could argue that application developers don't. Anyway, euphemistically speaking we're in a "prison full of locksmiths"...

Oh, we don't use Visual Studio that much, but mainly Eclipse. FOSS, it's the greatest!

Of course, they run in admin all the time (on their personal workstations). Simpler that way.... Oh well, c'est la vie.

TTYL

~~~~~~~~~~
The aim of argument, or of discussion, should not be victory, but progress.
~Joseph Joubert, 1754-1824, French Moralist and Essayist

For everything you have missed, you have gained something else.
~ Ralph Waldo Emerson

[JoeFree]

Don't forget number xx (whatever its up to by now) - After a period of time, the store will become so crowded with junk that moving about the aisles will be extremely slow. The only solution will be to completely clear out the store and reinstall all the fixtures and product anew!

[MarioJP]

Talking about being paranoid. Lets face it people have become either lazy or dumb when it comes to computer lmao.

[TechieXP]

Okay..first off I wasn't trying to offend any Canadians, so if you are please accept my apologies. Now let me politically correct. The Canadian Government and the Mexican Government doesn't like the American Governement...and other governments don't like our government either. Now that is a specific group vs a general population.

Back to topic. We have a Unix system here and I have been learning many thing I don't know. If you look at recent attacks on Windows, they aren;t backdoor attacks...they are front door ones. The front door being the user of the computer. Windows builtin firewall is sufficient for almost all backdoor attacks. Many of these are built to fine open ports. I have set my Windows to block all ports...and I have set rules for teh open one that I need. I know most won't know how to do this. So if you install Norton or Mcafee of Zonealarm, these would all take care of that part for you.

The next thing is to simply be careful what you install. Don't install hacked/cracked software. These in many cases have scripts that intoduce malware and trojans. Avoid programs that make you install search bars - most are malware/spyware. Make sure if you install software from downloads, you downloaded from a trusted site. Flash especially. If you end up needing flash, I have learned not to allow the site I am on to update it for me. I actually go to Adobe's site and update from there.

The frontdoor is the users and if users just click click click they will get compromised. If a users ignores installing Windows Updates as easy as it is, they stand to get compromised. There is one sure fire way to guarantee a computer won't ever get compromised...thats to unplug it.

Yes some OS's are safer than others...however thats not saying Windows is easier to attack. Windows for some users are easier to attack then others. I had a web hosting business for 11 years before I sold it. I had 10 Windows 2000 Servers....how many ever got a virus? NONE...how many ever got hacked? NONE! How many I ever had to reformat...NONE! If you learn how to protect yourself...what are the chances of you getting attacked...NONE! Even if you use Windows. Just practice 3 safe rules...know where you're going, remember where you been...and remember what you did. if you follow those steps, and you have a problem at least you can learn to identify the cause. Most users you ask them any of those 3 questions...the answer will be 'I don't know' (Yo No Se).

I know Windows adds some issues to computing...however many are introduced by the user...I haven't found an IT guy that will tell you different. What they will try to say is the users level of knowledge being poor is further hampered by difficiencies in Windows. I disagree. Before I learned how to fix problems of others, I was unaware of them because I personally never experience them. I had to create the on purpose on my own.

[TechieXP]

Your last paragraph answers the question. In true reality no one really knows how hard or how easy Macs are to penetrate, because no one is doing so in the first place. If you had a hacker spending as much time hacking Macs that they spend doing Windows, then we can give a more truthful answer.

So in reality no one knows how easy Macs are. And that isn't saying Windows is easier. Unless you are a hacker you don't know how hard or easy it is. There are simply more frequent attacks on Windows period. So thus the number would be higher. But you can have frequent attacks...Windows is being attack every minute of the day by 1000's of hackers. Question now becomes how many are successful. Alsmot all of them wouldn't be if people practiced safe conputing. Hackers benefit at teh fact not everyone protects themselves. Same for car theives, ppl who break in home and even banks. You ever noticed that most banks that get robbbed it always their less secure branch offices? When was the last time you heard a large banking facility was robbed? For an attack to be succesful there needs to be an easy way in and a easy way out. The eaiet way into a computer isn't teh backdoor...its teh front...AKA teh users.

Unix is not a desktop system...it is a server system. Servers in general are ore secure then a desktop. Servers are ran by ppl with esculated rights who are paid to know what they are doing. The latest ppl who got bit, were in cases where hackers found a way in...and guess what they weren't using Windows. In order to get inside a firewall or proxy is by some not so smart user. We have Nortin and it was up to date and so was our patches...yet one of our users introduced a virus into his PC...bec he isn't a sart users...he clicked on some BS on a malware driven website. However the infection only messed up his machine.

EVILDAVE did you read this? lol