toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

Briefly: OS X migration, AE/WinXPSP2, G5 in Taiwan...

updated 07:50 am EDT, Tue August 24, 2004

OS X vs. Win, G5 in Taiwan

In Brief: Offering a word of caution to users upgrading to Windows XP SP2, a columnist at The Post-Standard urges "anyone who uses Windows to ...AirPort Express Assistant for Windows XP 1.0 does not work with Windows XP after Service Pack 2 has been installed...In Taiwan, Apple has launched its Power Mac G5 and new Apple Cinema Displays--with the 2.5GHz model the high-end 30-inch display expected to be available in September...One attendee will be able to win an iPod mini at the South Beach iPod Garage Party.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. testudo

    Joined: Dec 1969

    0

    What a load of c***

    Talk about your big time ms spewing articles. I guess Mac users will enjoy it, but don't look for any actual information in the article. Its a "I've not installed SP2, and you'd be a fool to do it either" article. Wow, the insight! Oh, and the "They don't get the fixes right the first time" part was hillarious, taken in conjunction with his suggestion to go to Mac OS X, where Apple is known for not getting their fixes right the first time (10.2.8, iPhoto 4.0.2, it seems like half of apple's patches seem to be pulled almost immediately).

    Finally, he basically starts ranting about how things don't work now because of the fix, but most everything that doesn't work is all tied to the firewall being turned on by default. He wants a secure OS, but he doesn't want to pay the price of the security? Maybe he should be talking to all those companies that make software that breaks when the firewall is on.

    Oh, and OS X doesn't turn the firewall on by default either. He fails to mention that.

    All in all, a c*** piece I'd expect to see on osOpiniion. Its not even written well enough for slashdot.

  1. Person Man

    Joined: Dec 1969

    0

    Wait for the holes

    He also says to wait for newer security holes to be found and fixed first before installing SP2. Well, there have already been a few found, and Microsoft is claiming that they are not a problem. You can bet that as soon as someone releases a virus that takes advantage of these holes, Microsoft will be all over them.

    The more things change, the more they stay the same. If they TRULY cared about security, they would fix ANY problem discovered (and quickly), no matter how much they think it will never be exploited. Saying that a problem is unexploitable and that they won't try to fix it is only inviting hackers to try (and they WILL succeed, if past experience is any indication).

  1. hayesk

    Joined: Dec 1969

    0

    Re: What a load of c***

    While a bit obvious where his loyalties lie, it makes sense. I will not and can not trust MS to give me a secure OS. Period. MS has to earn my trust now. They are failing to do so.

    There have been far worse attrocities printed against the Mac than this against Windows.

    As for your comment: "Oh, and OS X doesn't turn the firewall on by default either. He fails to mention that."

    Uhm... OS X doesn't turn service ports on by default so the firewall doesn't matter. MS has a bunch of open ports by default - they need the firewall turned on. OS X doesn't.

  1. testudo

    Joined: Dec 1969

    0

    Re: wait for the holes

    He also says to wait for newer security holes to be found and fixed first before installing SP2. Well, there have already been a few found, and Microsoft is claiming that they are not a problem. You can bet that as soon as someone releases a virus that takes advantage of these holes, Microsoft will be all over them.

    Well, first, if you wait for all the holes to be found and fixed, you'll be waiting for a long time.

    Second, OS X also has holes in it (otherwise security updates wouldn't be needed), and Apple is much less forthcoming with info on security holes than MS.

    Third, the two so-called holes found involve a ton of user interaction and stupidity to be considered simple vulnerabilities. As Ars-Technica pointed out, one requires the user to run code through the command shell, the second requires the user to first overwrite a trusted file with an untrusted one first, then run the new, untrusted file.

    Both of these fall into the "You can't stop stupid people from doing stupid things" group. There's no way to prevent a user from downloading a fake Word installer and running it, installing a trojan on his machine (which, hey, happened to occur on a mac as well!). Most of the recent 'viruses' have spread through social engineering, not holes in the OS. Conning someone to open an attachment, then opening an EXE within a zip, then opening an EXE within a password protected zip file. That last one is the best. There's still so many stupid people out there that they'll run these things without thinking "Hey, why would 'x' send me a password protected zip file" (or, more likely "Hey, I don't remember sending a password protected zip file to someone, only to have it returned to me. But I better look at it anyway!", that even more protection isn't going to help (MS now won't let you run a program emailed to you, nor run a program in a zip file mailed to you, but someone's going to figure out you can save the zip file to your desktop, and then run it. Stupid is as stupid does, as they say).

  1. hayesk

    Joined: Dec 1969

    0

    Re: Re: wait for the hole

    "Second, OS X also has holes in it (otherwise security updates wouldn't be needed), and Apple is much less forthcoming with info on security holes than MS."

    Less forthcoming? Apple has released updates to plug holes before they were exploited. MS has not. Sorry, but I'll give the nod to Apple on that one.

  1. testudo

    Joined: Dec 1969

    0

    Re: wait for the holes

    Less forthcoming? Apple has released updates to plug holes before they were exploited. MS has not. Sorry, but I'll give the nod to Apple on that one.

    Less forthcoming isn't on the fixes, its on the holes themselves. For example, a quicktime exploit was patched by apple a few months ago. Except they never mentioned the exploit or that it was fixed in the update to quicktime. That's not forthcoming about security. That's trying to sneak them in without anyone noticing. A user who doesn't know there's a hole to fix isn't going to be as likely to install the update, for they may not see a reason to do so.

    As for MS, most of the security breaches in the last several years are for holes that were patched before the viruses, worms, etc, hit the internet. The problem was that most people, regardless of the critical warning on the holes, did not patch their system (some still haven't, because I still get the occasional probe from Code Red - a 2001 worm - in my internet logs).

  1. hayesk

    Joined: Dec 1969

    0

    Re: wait for holes

    You arguing semantics now. Apple advises what is fixed with every Apple update - which defaults to automatic. They issue a knowledge base article every time too. You can't say they aren't forthcoming just because MS gets more press.

    To say MS patched them first but users didn't listen doesn't really prove your point that MS is forthcoming. If they were, then why don't users patch them? Did they receive the warning? Why not?

    Regardless, at the end of the day, I know which OS is more reliable and more secure.

  1. testudo

    Joined: Dec 1969

    0

    Re: wait

    You arguing semantics now. Apple advises what is fixed with every Apple update - which defaults to automatic. They issue a knowledge base article every time too. You can't say they aren't forthcoming just because MS gets more press.

    No, they don't. Again, go back to the quicktime issue. That was never mentioned in ANY of apple's documents, but the hole was reported on security sites (as well as the fact they determined it was fixed in the update). This was their determination, not Apple's. Apple never said a word. How that's "semantics", I don't know. Oh, and let's go back to the Safari file mapping issues of the spring. There was over two months from when they were reported to Apple to when he released the info to the public, during which Apple never said anything publicly (or privately) to him or anyone else. Apple wasn't very forthcoming in the first security patch to say that it still left many holes open, so people had to test to find out what was fixed and what wasn't. I guess your just happy they released patches and that was that.

    As for software update being set to automatic, umm, windows is the same way. But that doesn't mean people download them. I always turned it off on machines I set up, both Mac and Windows. I guess you all like just trusting the latest OS X update isn't going to disable your airport, but I like to wait for people like you to determine if trouble is likely.

    To say MS patched them first but users didn't listen doesn't really prove your point that MS is forthcoming. If they were, then why don't users patch them? Did they receive the warning? Why not?

    Well, let's see, MS releases security bulletins, posts updates, and issues press releases. Not sure what you want from them. Go to everyone's home, sit down at the dinner table, and discuss the problems and what they should do? User's don't patch them because they're lazy or busy. As with most/all OS X patches, windows patches require a restart, and many people are busy working to be restarting their computers all the time. I guess your problem here is you think forthcoming means that a bug fix ends up being installed. Most people, esp. IT people and the security conscience, want to know WHAT security vulnerabilities are there, and what's been fixed. MS gives this information in droves (you may not think they do, but they do, a lot more info then Apple releases). They've learned their lessons from the past. Apple still thinks you keep things secret unless you HAVE to let people know.

    Regardless, at the end of the day, I know which OS is more reliable and more secure.

    Me too. Linux!

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented