 |
Search |
|
|
|
|
Classic 2 Guys |
|
10 Random Stories:
|
|
|
|
The Grinch Who Tried To Steal Christmas |
|
I was tired of the "We use Macs because they don't get attacked by viruses and hackers" refrain from Mac nuts.
I generally counter with what is apparently a secret carefully hidden from Mac zealots: "That's because only a fraction of the world uses Macs. What's the point of attacking a niche market? No one will notice!"
But the mindlessly superior retort is always the same, "No, it's because the Apple OS does not have the same holes as Windows. OS X is just a better operating system.
This text is from an article I found yesterday entitled "Eureka! Macs Are Not Invulnerable", by one Lance Ulanoff of PC Magazine (which has since been picked up by ABC news). It seems that Lance has been more than a bit perturbed by his Mac-using buddies rubbing it in his face that their computers aren't as susceptible to viruses and don't have as many security holes as his Windows machine. The main impetus (apparently) behind his article is a DHCP exploit for OS X that was recently announced. Lance was actually "happy" to learn about it, as it supposedly proves that (as the subtitle of his article reads) "Windows Isn’t the Only System With Serious Flaws".
In his article, Mr. Ulanoff brings the old "security through obscurity" myth out of the closet, and states that Mac users are "mindlessly superior" elitists, radicals, fanatics, and even asks, "Will you be stuffing that superior attitude in your crow or eating it separately, sir?". He also, for some reason, brings up that fact that somone cracked the AAC encoding for the iTunes Music Store, as if that is somehow related to security problems in OS X.
Now, I can't blame Mr. Ulanoff for his opinions, but I'd like to try to explain some things to him and anyone who thinks like him.
First off, the aforementioned DHCP exploit IS pretty bad, like the worst kind of bad. But as Apple says it's not likely to come into play for the average user because "the malicious DHCP server has to be part of your local network, or 'subnet'". So if you're firewalled and don't have an internal DHCP server, you've got no problems. (Unlike say, surfing the Web with a Windows machine and having Spyware automatically install itself)
Mr. Ulanoff also says that, "If the Macintosh OS ever became dominant, the tables would turn, and there would be just as many reports of viruses, security holes, and attacks on it as we currently have with Windows."
Ah yes, the old "security through obscurity" myth. The gist of this argument is that OS X is only secure because "nobody" uses it. While there may be some truth to that, you could also say that the more obscure OSes are targets of hacker attacks because it would give them greater exposure to crack one of them as opposed to a Windows machine. Case in point, in a recent hacking contest, points were awarded to cracking individual machines. Windows boxes were worth the least amount of points (1), then Linux/UNIX/BSD machines (3), and finally OS X (5).
Plus, is FreeBSD secure only because "no one" uses it? What about Linux? For the most part, OS X shares the same security issues with it's brethren, but we don't hear much about the insecurity of those OSes (except in the hit Broadway musical "Ballmer and Billy Boy's Magical FUD Machine").
On top of that, Apple understands security. They bake it right in to the OS, they don't try to tack security on as an afterthought like MS does. Granted, they do slip from time to time, but historically they've been quick to apply security patches for the major problems.
Plus, this is one security issue for OS X. Gloating over that fact while MS has issues, if not daily, then weekly, is just insane. And if you want to talk about viruses, there are STILL no documented viruses for Mac OS X! Sure, there will be one some day, but the point is that OS X is inherently more secure than Windows - and not because "nobody uses it" (which by the way, 10% of the world isn't nobody)
Next point - Elitists. Mr. Ulanoff continually describes Mac users as elitists (or "mindlessly superior"). Dictionary.com describes "elitist" as:
1. The belief that certain persons or members of certain classes or groups deserve favored treatment by virtue of their perceived superiority, as in intellect, social status, or financial resources.
2. a. The sense of entitlement enjoyed by such a group or class.
b. Control, rule, or domination by such a group or class
This definition is partly true. I think Mac users do see ourselves as somewhat superior, but only because we do not settle for mediocrity. We know there is a better way of doing things and won't accept anything less. But where we diverge from the "elitist" tag is the "sense of entitlement" and the "Control, rule, or domination by such a group or class". We don't feel any sense of entitlement: we're a minority that has to put up with discrimination every day. And there is "control, rule, domination", but that is by those who are in power: the majority of Windows users that try to cram Windows down everyone's throats. Look at the number of workplaces where people are forced to use Windows because their IT department won't support anything else (or for many other reasons).
Besides, how can we be elitists when we actively try to convert as many people as possible to our cause? No. Instead I see us as the last of the humans fighting against the Matrix (alongside our new Linux/Unix/BSD buddies). We don't hold things over the heads of PC users. If they want to take the blue pill, that's fine, but our point is to make them see the truth and then let them decide. If they do indeed decide that "ignorance is bliss", as Cipher says, that's fine, we move on to the next soul.
Many PC users don't know there are other ways of doing things - other alternatives to Windows and Microsoft products. A lot of Windows techies know and understand this, and get pissed off at Mac uses for continually re-hashing it - but it's something we HAVE to do. Old grannies and aunts and friends and neighbors, who aren't all that computer-savvy, many times have to put up with Microsoft's way of doing things ... not to mention pay hefty fees for service and repair of an OS that is not that inherently secure.
Mr. Ulanoff tries to paint a picture of Mac users continually saying they're better than him, saying that Windows sucks while OS X rulez, and generally picking on him and putting his arm behind his back making him cry Uncle. I'm not sure if he's really blowing it out of proportion, whether he's missing something, or if there really is a pack of "bully Mac nerds" in his office, but something is wrong here.
I know that many Windows users don't understand Mac users point of view, and vice versa sometimes, so I'll try to offer just a little bit of wisdom.
Fellow Mac users, please - be tactful when advising Windows users that there are alternatives out there. If someone spent a whole bunch of time and money on something, and then you come along say that they could've done it cheaper and easier another way - some people may not take it too well, especially if you do it with a snotty attitude.
Windows users, please don't think that Mac users are trying to say "I'm better than you". Try to understand the eons of ridiculing at the hands of Windows users. Really, Mac users are a minority, and like any other minority have to speak louder to be heard. Sometimes that can come across as egotistical or elitism, etc. - but it's really just reacting to the majority trying to keep them down. Come to think of it, it's not much different than a religious sect being persecuted for their beliefs.
But anyhow, to Mr. Ulanoff's final statement, "How cocky are you feeling now, Mac elite? Hmm. Suddenly it's gotten pretty quiet around here", I will say my last piece and then be done.
No, Mr. Unlanoff, we are NOT quiet, and you have NOT done anything to sway us whatsoever.
Because all us Who's down in Whoville are singing together,
softly at first, then louder and louder,
"Of our Macs we could not be prouder!"
|
|
December 12 2003, 9:28 AM EDT, by
 |
Comments:
|
| Jonahan |
12/12/03, 10:05 AM EDT |
Some other Mac site have picked this up too. Let's see what they have to say!
The MacObserver: "So, Mr. Ulanoff asks us if we still feel superior after this exploit's announcement, and I have to tell you that yes, I am feeling pretty darned superior. Why?
BECAUSE IT'S ONE FREAKIN' EXPLOIT, CHOMPY!"
And later in the article: "We love our Macs because they just work, and we get things done on them. You and your fellow lemmings don't care about your PCs because there is nothing about them to inspire loyalty to Microsoft, Dell, HP, Intel, of whomever. I ask you, who's problem is that?"
MacDailyNews:
"Mac OS X is more secure than Windows. Period. We've already sorted all of this out this past summer. That Lance is so late to the party with his bag of lies is telling. His article reeks of very strong jealousy; it's sad actually."
-----------
And oh yeah, as Lance was no doubt posting his article yesterday, a flaw of even greater consequence was found for Windows: http://www.computerworld.com/securitytopics/secur ity/story/0,10801,88108,00.html?f=x73
|
| iKen |
12/12/03, 10:28 AM EDT |
Good article Jonahan... After I read Mr. Ulanoff's article, the sheer number of untrue statements made me ill... I am glad that you summed it all up so perfectly.
|
| Jonahan |
12/12/03, 10:56 AM EDT |
Yeah, it took me a while to wade through the untrue statements, but I don't think I summed it up as well as atAT who also weighed in in on this late last night:
Apparently one real vulnerability in a couple of years is just as bad as seven or eight "critical" flaws in a month. Apparently, too, a vulnerability that requires an attacker to have access to the local area network in order to do any damage is no worse than dozens of security holes that make it possible for viruses to propagate automatically via infected web servers or for attackers to gain total control of a system just by its owner opening an email message. And apparently a "flaw" (it's really an ease-of-use feature that goes slightly overboard in its default configuration) that gets "fixed" via unchecking one box in an existing system application is every teensy bit as heinous as the dozens of Windows and IE bugs that require users to download and install monthly patches to prevent armageddon. Who knew?
I love those guys! :)
|
| JT |
12/12/03, 11:31 AM EDT |
Slashdot has weighed in on it too... Let the games begin!
http://apple.slashdot.org/apple/03/12/11/1914232.shtml?tid=126&ti d=172&tid=179&tid=185&tid=190
|
| wleddy |
12/12/03, 1:00 PM EDT |
John Welch has the definitive slap-down on this BS op-ed piece:
http://www.bynkii.com/networking/archives/000099.html#more
John says:
"The heart of the problem is that by default, the ability to bind to an Open Directory system that is discovered via DHCP is enabled in Mac OS X. This is nothing new. Being able to bind to a directory with no manual configuration out of the box has been a feature of Mac OS X since it was still NeXTSTEP. This is something that is a great convenience to any network administrator, the ability to have a machine be a part of your directory structure with as little work as possible. Since DHCP allows for the integration of LDAP as a part of the spec, Apple takes advantage of this, and so you have LDAP binding via DHCP, automagically.
That's an important point, so let's stress it.
Apple's implementation is in compliance with RFC 2131, the DHCP RFC. They are not doing anything non-standard, nor are they extending the standard in a proprietary fashion, ala Microsoft and Kerberos.
The reason this is important is because it points out the real source of the vulnerability. Not Apple's code, or really even their implementation. But the DHCP standard itself.
DHCP, as defined by RFC 2131, has no security. None."
... snip ...
Somehow I doubt there'll be a retraction...
|
| Jedbeck |
12/12/03, 1:36 PM EDT |
wleddy, THAT IS AWESOME!!!
So take that mr man....
|
| speedyrev |
12/12/03, 2:37 PM EDT |
My observation is that Apple issues patches BEFORE anyone knows there is a problem.
Microsoft issues a patch after a few hundred thousand people call in and tell them their computer is screwed.
|
| stickman67 |
12/12/03, 4:43 PM EDT |
How many security updates has Apple released in the past year?
How many security-related patches has Microsoft released in the past year?
How many roads must a man walk down, before ...
Sorry. Got a touch of the Dylans happening there. Never happen again. Promise.
|
| Jonathan |
12/12/03, 8:30 PM EDT |
Well just goto that pcmag link and look at the feedback, look for jonahan (me) that'll tell you what I think about this whole mess. I tried to have some patience with these WinHeads but it's just so hard sometimes.
|
| sweetjimmyhugs |
12/12/03, 9:24 PM EDT |
Sorry to chime in so late, but I read the article after finding it on AtAT today and was amazed at how that knukle head was able to 'justify' his claims that OS X is as bad as XP. Somehow I just don't get how someone cracking AAC is related to OS X's security. But I am just a mindless Mac zealot, so I can't really comprehend anything anyway.
Oh, and the guys at the AtAT compound sure can craft a nice sentence. They's got good book learnin, they does!
|
| rlhamon |
12/13/03, 12:50 AM EDT |
I'll take my one exploit compaired to 280 exploits found in windows xp this year .... 2 years after it's release. Also am I correct wan't this exploit fixed with 10.1 or will it be fixed with 10.2?
|
| Eric |
12/14/03, 7:51 AM EDT |
Wake up guys! - it's flamebait pure and simple ... It's designed so the lemmings that are us Mac-zealots rush in and make PC mag's figures look good. Now if we could all just step back, turn the other cheek and realize it's an argument that can't be won in such a biased forum, then PC mag could sink into obscurity like it really should ... It only takes one elegant rebuttal to set the record straight, but like moths to the flame, we are exploited by these idiots time and time again.
|
| stickman67 |
12/14/03, 9:47 PM EDT |
Dang and blast you, Eric! Just when we were getting fired up for an old-fashioned lynching, you have to come along and hit us with reason and logic.
Damn your oily hide, Sir!
|
| Jonahan |
12/15/03, 9:09 AM EDT |
Eric, I thought about that too before writing about it, and it may well be flamebait. But there comes a time when you HAVE to say something. I will only let somone spout off ignorance and lies for so long before I'm stirred to action.
Plus, we have to have something to write about ;) Why not something that kindles a little bit of passion and possibly educates a few people? But yes, good point in that we have to be wary of being baited into the ole PC versus Mac argument, or the like.
Now, one last thing for anyone who might want to question OS X's security:
And with that, I think it's safe to put the swords down. And the noose. Maybe next time, Stickman ;)
|
| stickman67 |
12/15/03, 6:12 PM EDT |
Aww! You guys are no fun at all! And what I'm I supposed to do with this ... *Ouch!* ... burning cross ...
Aaargh! It burns! It burns!
[Puts on serious hat.]
PS: For a good rebuttal of Lance who came to the dance without any pants, see the following at MacDailyNews:
http://www.macdailynews.com/comments.php?id=P2338_0_1_0_C
|
| w- |
12/16/03, 7:40 PM EDT |
Panther as vulnerable as Windoze? I think Lance should put down the crack pipe.
|
| stickman67 |
12/16/03, 9:57 PM EDT |
Lance's raincoat has a damp patch ... on the inside! Ewwww!
|
| schmiddi |
12/17/03, 10:28 AM EDT |
thought this article from The Register is a good and appropriate response to the story
http://www.theregister.co.uk/content/4/34554.html
|
| Steve |
6/10/04, 8:57 PM EDT |
Weve had 5 Macs..perorma,g3,g4 and 2 Imacs....we bought a PC last yeart...its still the center of the family fun....its the software stupid....I love Macs and they are better...no doubt...but its a PC world..its easy for Macs be perfect cuase thier only only 3 % of the field.....they live in thier own perfect litle world...
|
This article is archived, so you may not comment on it.
(The good news is there's always the shoutbox, the forums or the contact form if you're socially-inclined at the moment!)
|
|
|
|
Site Links |
|
|
|
|
Deep Thoughts |
|
|
If you're an ant, and you're walking across the top of a cup of pudding, you probably have no idea that the only thing between you and disaster is the strength of the pudding skin.
|
|
Around Da Web |
|
| iProng: |
iPhone steals show at CTIA Wireless 2007
|
DLO offers dual cover fashion case for iPod
|
AT&T received 1M inquiries on iPhone
|
| MacDailyNews: |
Ars Technica in-depth review: Apple TV ?impressed all those who touched it?
|
Inside Apple?s Mac OS X 10.5 Leopard Server OS
|
The chips inside Apple TV
|
| Think Secret: |
Adobe Creative Suite 3 pricing revealed
|
|
|
We Like: |
|
|
|
|
Side Projects |
|
Jonahan
- JediPoker.net
- Jonahan.com
- iProng
- MacProng
iKen
Jedbeck
J.P.
|
|
