Page 2 of 5 FirstFirst 12345 LastLast
Results 21 to 40 of 82
  1.    #21  
    Each commercial hacker have a individual commercial choice of addressing 90% of the market or 7% of the market. Why would 5% chose MacOS. Its like saying 5% of people would chose $7 over $90 if given a choice.

    Surur
  2. #22  
    Much like commercial programmers :-)
  3.    #23  
    Quote Originally Posted by cmaier View Post
    As long as windows relies on dll's that are installed centrally and relies on the registry, there will be fundamental plumbing problems.
    Which manifest how exactly? Dll-hell is a thing of the past.

    Surur
  4.    #24  
    Quote Originally Posted by cmaier View Post
    Much like commercial programmers :-)
    Even more so, because unlike the pool of people willing to pay for software, the pool of idiots who should not use a computer are near infinite. However if Windows security becomes really tight this may change.

    Surur
  5. #25  
    DLLs now "version" in theory, so that you can freeze code to a particular set, but it doesn't always work properly in reality. In any event, centralizing them is dumb. The mac "bundle" construct is far more elegant. Present to the user as a single "file" and moving the file moves all of the bundle's contents. Also permits processes to, in theory, sandbox. Not sure how much is done on the mac, but this is how they extended things for iphone, and it will certainly make things more secure. (even though iphone goes to far and sandboxes data, not just code).

    As for the registry.... I assume no one thinks that's a good idea anymore?
  6.    #26  
    Quote Originally Posted by cmaier View Post
    As for the registry.... I assume no one thinks that's a good idea anymore?
    As a windows mobile user I love the registry, and I am sure most users at XDA-developers would agree with me.

    Surur
  7. #27  
    you can get all the same end-user functionality without storing it in one big glob. On mac I can add the ability for users to change settings from the central location (either "system preferences" gui or via the commandline) but store the settings locally to the application. If a program goes haywire or a user has to manually change something, they aren't going to fry the whole system. It also doesn't fill up with crap and slow the whole system down. You don't see a whole market for "registry sweepers" and "regcleaners" and whatnots.
  8. #28  
    The registry was such a good idea, Microsoft figured they'd stick the whole file system in there, and WinFS was born. Then delayed. Then delayed. Then even MS realized the whole idea stank and they changed the acronym and the methodology to more closely mirror -- wait for it -- OS X and it's metadata store.

    So yeah, even Microsoft doesn't think the registry works, they're just stuck with it (for now).

    And Cmaier is correct. 1-5% is huge, if the mob could have hit it as easily (or easier, according to Surur's misleading article FUD and sensationalist headline), they would have hit it. Too much money even at that size. There would be 1, probably many more, malware out in the wild. But NONE?

    That dog don't hunt.

    Now, if OS X was more difficult to a great enough degree to make it financially unfeasible to go after that 1-5%, then that makes sense.
    Editor-in-chief, iMore
    Executive producer, Mobile Nations
    Co-host, Iterate, Debug, ZEN & TECH, Ad hoc, MacBreak Weekly
    Cook, grappler, photon wrangler.

    http://www.imore.com
    http://www.mobilenations.com
    http://twitter.com/reneritchie
  9. #29  
    Rene - I think you misinterpret me. If I can SELL software to 1-5% of the market, I might do it, because i have less competition and can charge more. But, in the end, the reason no one hacks MacOS is the same reason that no one writes games for MacOS. Market is too small.
  10. #30  
    Quote Originally Posted by surur View Post
    Jack, I did not know, despite not owning any Apple products, you cared enough to post all over the internet about how this is not really a problem.
    All over the internet ? .... How perfect, more Surur bluster, blabbered about with no facts behind it. Care to put your money where your mouth is ? You backed off the 1st bet, I kinda think you'll do it again. Where are those postings all over the internet ? For once, support your position with a fact, post the links.

    The title is irrelevant - I missed when the exact definition of pwned showed up in Websters. The fact is that this very same vulnerability could hit millions of extremely complacent MacOS users right now, and is due to the default configuration of the box.
    The title is most certainly relevant. However, it has nothing to do with l33tspeak and the word "pwned" ..... your title says it was done in 120 seconds and then your post admits it took the guy started working on it 3 weeks ago .... not to mention a staff of 3. But hey, you were only off by a factor of 15,000 ..... 45,000 if you count his helpers. More bluster that you not only can't support but which you yourself contradict.

    You can be as pedantic as you want, .... Denial is not just a river in Egypt.
    Contrary to your assertions, I'm not the self ordained prophet (read troll) posting on 30 different sites any negative I can find about every product that I don't own. If you wanna be a techno-fundamentalists spouting from the Bible of Surur that everything that you don't use sucks, don't expect not to be called on it. With the Bible / Koran we have text inspired by an invisible man in the sky so it's a matter of faith that's difficult to have a fact based argument upon. But here in the real world we have newspapers, periodicals, trade mags and documented stories, government reports which we can re-produce on this wonderful thing called the internet. You can't make IE's terrible security history vanish with "Ooh they found a bug in Safari".

    Call me when the "U.S. government's cybersecurity unit recommends ditching Safari in favor of other, safer browsers".

    http://www.internetnews.com/security...le.php/3374931

    You wanna be a technological bigot, taking everything in favor of your argument as gospel and everything against as heresy, don't expect not to be pestered with little things the rest of us call history and facts.

    >but unless you work to secure your OSX box your machine is vulnerable, and more so than the other OS's.<

    All this contest has shown is:

    Safari has an unpatched exploit(s) for the next week or so that is dangerous if and only if you have the firewall turned off. Wow big whoop ! Contrary to your claim, it's a browser exploit not an OS exploit.

    Here's one from the past on how wonderful your revered IE was in it's 9th year of maturation.

    http://www.schneier.com/blog/archive...et_explor.html

    "There were only 7 days in 2004 without an unpatched publicly disclosed security hole."

    Firefox was 15% unsafe. There were 56 days with an unpatched publicly disclosed security hole. 30 of those days were a Mac hole that only affected Mac users. Windows Firefox was 7% unsafe.

    "Opera was 17% unsafe: 65 days. That number is accidentally a little better than it should be, as two of the upatched periods happened to overlap."

    So wow, here in its infancy the Safari browser will spend maybe 10 days with an unpatched publically disclosed security hole.....a hole which vanishes with the firewall turned on....just think if they can't figure it out for 344 more days it will rise to the level of MSIE !!!!!

    And Vista, yeah MS is so confident about Vista:

    1. They cut prices, something they have never done before except for the other wonderful MS product WinME (20% Ultimate / 15% Ultimate Upgrade / 50% Home Premium Upgrade).**
    2. They allow free downgrades to XP to regular people, something they have never done before.
    3. They leave a loophole which lets users buy the cheaper "upgrade version" instead of the "retail" version for bare metal builds, something they have never done before.
    4. They give free TS to OEM owners for SP1, something they have never done before.
    5. They announce the next Windows will be minimalist, built modularily, an abrupt about face of everything since NT4

    Yeah, Vista's been a real "hit" and MS is obviously just trying to stem the tide of upgraders so they can keep up with the huge demand .... I hear next month they gonna give a way a toaster and S&H Green Stamps with each purchase.
  11.    #31  
    Quote Originally Posted by JackNaylorPE View Post
    All over the internet ? .... How perfect, more Surur bluster, blabbered about with no facts behind it. Care to put your money where your mouth is ? You backed off the 1st bet, I kinda think you'll do it again. Where are those postings all over the internet ? For once, support your position with a fact, post the links.
    And I guess this isnt you, Jack, err John...?

    Er....Wrong Target
    By John W. Naylor, Jr., P.E.
    Posted Friday 28th March 2008 14:10 GMT
    Hello ! With all the attacks on the Mac OS, did no one perhaps notice that the OS was not cracked ? Criticize Apple if you will, they deserve it, for leaving the hole in Safari but if you bother to read the article, none of the machines were cracked on Day 1, the day that the rules said you have to crack the OS. None of the OS's were cracked.

    Now Windows users might not realize this since MS demanded to integrate it with the OS, but a browser is not part of an OS, it's an application ! If ya gonna rant, rant at the right target.

    From the reporting side, I would have loved to know:

    a) what happens is Safari is installed on Windows ?

    b) what happens if both OS's are set at the same security level (both firewall's on or both off) ?
    http://www.channelregister.co.uk/200...hack/comments/

    I guess you did not follow the links in the original post, talking about how Apple takes longer to patch zero day exploits, and spend more time with more unpatched flaws than MS. But of course if you are running Safari you may be scared to do so. You would not want your MacOS box hacked, would you, with 3 critical flaws in the last 3 days.

    But at your age I guess living in 2004 is perfectly acceptable.

    Surur
  12. #32  
    Quote Originally Posted by surur View Post
    Each commercial hacker have a individual commercial choice of addressing 90% of the market or 7% of the market. Why would 5% chose MacOS. Its like saying 5% of people would chose $7 over $90 if given a choice.
    You want your "15 minutes of fame", you ain't gonna get it by hacking MSIE. MS Passport was hacked by a 14 year old within hours and the only thing that made it news was his age.....it's just not considered an "accomplishment" by either the hacker community or the press. Crack something else, and you get your name in headlines.

    The most secure thing you can do to a computer is not have a browser. MS is the only OS that doesn't allow you to do that. Ten years later after the acts that led to them being a convicted monopolist, they still don't have the confidence to let users remove MSIE....why do you think that is ?

    I'm not a fan of Safari, at least not on the desktop. I'd want to wait to see it stand the test of time a bit more before switching. On a phone, I gotta give Apple its due and admit it simply blows everything else away. I'm sorry but to argue that point, you have to be delusional. But I can look at all the browsers and not take it as a personal attack because someone chooses not to favor my choice (Firefox btw).

    At any given moment in time Opera, Firefox, whatever may claim to be more secure, but they all have had exploits discovered, they have all patched them. But if there's one standout regarding leaving exploits left unpatched for great lengths of time, there's no one who can take the crown from MSIE.
  13.    #33  
    Quote Originally Posted by JackNaylorPE View Post
    At any given moment in time Opera, Firefox, whatever may claim to be more secure, but they all have had exploits discovered, they have all patched them. But if there's one standout regarding leaving exploits left unpatched for great lengths of time, there's no one who can take the crown from MSIE.
    Actually on Vista you would be safer running IE than Firefox, because as you said, they all have their exploits, and Firefox even gets targeted occasionally, but on Vista IE runs in protected mode, meaning it cant access any files outside its own directories, or any registry entries other than its own. You lose this extra level of protection by running a 3rd party browser.

    Its all about defence in layers, isn't it?

    Surur
  14. #34  
    Quote Originally Posted by surur View Post
    And I guess this isnt you, Jack, err John...?
    Typical Surur exaggeration 2 = all over the internet ? I said post the links.....that's plural ....

    So, you gonna take the bet or back out again ? Let's measure the number of threads that can be found on the internet with me as you call it "defending Safari / OSX" against your threads trashing it, whomever has the bigger number loses .... Loser stays off TreoCentral for a year.....deal ?????

    >But of course if you are running Safari you may be scared to do so. You would not want your MacOS box hacked,<

    Try and pay attention. I did say quite clearly that I don't own any Apple products.

    But I wouldn't want any of my boxes hacked, which is why I don't use IE, I use a 3rd party firewall and leave it on even if it's not on by default after an install.

    >But at your age I guess living in 2004 is perfectly acceptable.<

    Not but my age does give me a good sense of history. You never did answer the question as to what would have happened to IE if the contest was held in October. Or is 5 months too far back for you to remember ? Then again why did I have a dozen or so "critical vulnerabilities" patched in the last two "patch tuesdays".....how many SP3 patches do I have on my XP boxes now ? I lost count at 100 .... has it hit 150 yet ?
  15.    #35  
    Quote Originally Posted by JackNaylorPE View Post
    Typical Surur exaggeration 2 = all over the internet ? I said post the links.....that's plural ....
    How about there... and here. Plural enough.


    >But of course if you are running Safari you may be scared to do so. You would not want your MacOS box hacked,<

    Try and pay attention. I did say quite clearly that I don't own any Apple products.

    But I wouldn't want any of my boxes hacked, which is why I don't use IE, I use a 3rd party firewall and leave it on even if it's not on by default after an install.
    See, I dont believe you. You a bit too... passionate about the whole thing. Or is is just Apple shares you own?


    >But at your age I guess living in 2004 is perfectly acceptable.<

    Not but my age does give me a good sense of history. You never did answer the question as to what would have happened to IE if the contest was held in October. Or is 5 months too far back for you to remember ? Then again why did I have a dozen or so "critical vulnerabilities" patched in the last two "patch tuesdays".....how many SP3 patches do I have on my XP boxes now ? I lost count at 100 .... has it hit 150 yet ?
    Patches are good. Or would you rather use Job's perfect code. Oh, I forgot, their code isn't perfect either.

    Try following some links some time BTW. You may read this for example:

    They analyzed 658 vulnerabilities affecting Microsoft products and 738 affecting Apple. They looked at only high- and medium-risk bugs, according to the classification used by the National Vulnerability Database, said Stefan Frei, one of the researchers involved in the study.

    What they found is that, contrary to popular belief that Apple makes more secure products, Apple lags behind in patching.
    Surur
  16. #36  
    Quote Originally Posted by surur View Post
    Actually on Vista you would be safer running IE than Firefox, because as you said, they all have their exploits, and Firefox even gets targeted occasionally, but on Vista IE runs in protected mode
    As was said in the follow up to that article, time will tell. I am not sure how effective protected mode is when every Vista user I know (and I don't know that many), has turned off UAC. I only know 4 and they aren't that savvy.

    And like was pointed out, FF doesn't have the exposure that IE has:

    -No VBScript in Firefox
    -No ActiveX in Firefox (unless extension installed)
    -Limited range of hacking opportunities since JavaScript doesn't support any MS JScript "extensions"
    -No "significant" integration into other applications. E.g. not embedded in Windows Media play

    It's the "integration bug" that has caused most of MS's security issues from Concept Viruses. If they'd stop trying to marry apps, we'd all be able to breathe a lot easier.

    I don't trust any of them which is why I use a hardware and a software firewall (the hardware firewall is to protect me from the idiots outside the network, the software firewall protects me from idiots inside the network) ....and with those in play, browser exploits kinda become less significant. But if peeps would stopped having the on line equivalent of anonymous and unprotected sex, sticking their cursor into everything with the word FREE on it, most of these exploits would be meaningless.
  17.    #37  
    Quote Originally Posted by JackNaylorPE View Post
    As was said in the follow up to that article, time will tell. I am not sure how effective protected mode is when every Vista user I know (and I don't know that many), has turned off UAC. I only know 4 and they aren't that savvy.
    People who turn of UAC only have themselves to blame if they get pwned. I just bought a HP tx2050 vista tablet with a fingerprint reader, and it was really cool, when I set up my daughter as a limited user, just to use a finger swipe to authenticate myself as the admin while logged on to her account.

    Anyway, the National Vulnerability Database says there were 22 medium to high severity for Firefox in 2008 so far, and only 6 for Internet Explorer. (BTW, Safari had 13)

    Times change, and one should change with it.

    Surur
  18. #38  
    Quote Originally Posted by surur View Post
    How about there... and here. Plural enough.
    It's plural when you post two links here...and no you can't link to the same thread you are in.

    But again, you didn't answer the question...Ya gonna support your position and take the bet or back down again ?

    Or is is just Apple shares you own?
    No, I am just tired of the puffery. But using that logic, I'd have to assume you were trying to sell it short .... and if you are .... boy that must hurt a lot.
    Last edited by JackNaylorPE; 03/28/2008 at 08:49 PM.
  19.    #39  
    Quote Originally Posted by JackNaylorPE View Post
    It's plural when you post two links here...and no you can't link to the same thread you are in?
    I did not see where you got to set the rules. You've already posted much too much in this thread for some-one with just a casual interest.

    Surur
  20. #40  
    I can't believe somebody created a topic with the word "pwned" in the title. Surur, I never realized you were twelve years old.
Page 2 of 5 FirstFirst 12345 LastLast

Posting Permissions