Microsoft's Charney Suggests 'Net Tax to Clean Computers

[Kristenn]

Wake up *LTD*! Just because there is no malware/virus's doesn't mean that it is secure. Tell me why most internet IT experts and several guys I know who work in the computer industry (and use mac's) all agree that Windows 7 is more secure?

Tell me why on earth, when I first got my Mac, the firewall was turned off, and I didn't realise for about 2 months. Just having the Firewall turned off as default is a big risk to hacking; whereas Windows with it's security alerts and it's UAC, pretty much forces you to have your firewall and UAC settings turned on without persistent nagging.

This is what I don't get. I got Snow Leopard and did a fresh install. And took like 2 days to realize my firewall wasn't turned on by default.

Now techy people know to check this stuff but your average dumb user doesn't. Especially if its there first mac. Here it claims to be super secure (which I'm not doubting in any way) yet the firewall isn't on by default?

Even Windows has it on first thing. =/

Also, internet tax is just swell... Thanks Microsoft.

 

[belvdr]

Now techy people know to check this stuff but your average dumb user doesn't. Especially if its there first mac. Here it claims to be super secure (which I'm not doubting in any way) yet the firewall isn't on by default?

You are correct. This is a very bad idea.

Anyone who has worked in the information security field long enough knows that security is all about layers. You don't just add a firewall to the perimeter and declare it secure. You have to wrap everything in layers, so if one defense fails, another will hopefully withstand the attack. The more layers you implement (patching, client firewalls, IDS/IPS, encryption, perimeter firewalls, access control lists, etc), the further you decrease your risk.

Information security is an endless journey and anyone who states otherwise is ignorant to the facts.

 

[pdjudd]

First OS X Botnet

Every systems has its flaws. OSX had the java exploit, Windows had it's IE exploit(s), Linux had an exploit in the way it rendered PNG files wen they first came out.

A couple of things about that article.
1) It's over a year old and dates back to Leopard.
2) The two Trojans are only obtainable by downloading pirated applications. As pointed out before - requires user interaction.
3) The botnet claims come from Symantec and Intego. As a rule of thumb, I tend not to take security advice from the marketing departments of companies selling anti-virus products. That to me is akin to asking a car dealership if they know any good mechanics.

But Rodimus Prime very astutely pointed out in the thread, the biggest security hole in anything is the user.

As I have too. As long as we humans are at the wheel, we are sucecptable. The make of the OS is irrelevant.

 

[notjustjay]

This is what I don't get. I got Snow Leopard and did a fresh install. And took like 2 days to realize my firewall wasn't turned on by default.

Now techy people know to check this stuff but your average dumb user doesn't. Especially if its there first mac. Here it claims to be super secure (which I'm not doubting in any way) yet the firewall isn't on by default?

Even Windows has it on first thing. =/

Well, perhaps I am being alarmingly lackadaisical, but I have never felt the need to turn my Mac's firewall on.

Put it this way: since 2003 when I bought my first PowerBook, I have run OS X with no firewall (or firewall turned off). I do have a wireless router so I am behind that firewall.

That's 7 years of OS X, firewall turned off, never had a problem.

On the other hand, last year I bought a netbook with Windows XP, and didn't run any kind of firewall or virus scanner at first. It only took a few weeks before my ISP cut off my internet service, telling me one of my computers was infected with a virus and attempting to do virusy things. I quickly installed a virus scanner and did all the usual security precautions.

I continue to run my Mac with the firewall turned off. Perhaps my confidence is misplaced, but, really, what's out there that could affect it?

 

[*LTD*]

. Perhaps my confidence is misplaced, but, really, what's out there that could affect it?

Nothing.

 

[KingYaba]

Suggesting we should have a Net Tax is so stupid it hurts. And if you're really worried about security then spend a weekend learning about how to use Ubuntu. It's not hard I promise. You may even find it useful. One tool I've found invaluable is gparted. Booting in a live CD I'm able to resize and move partitions. Not something easily done with Windows or OS X. Anyway, carry on...

 

[belvdr]

Nothing.

Then why are security patches released for OS X? Obviously something can happen.

As I said above, security is about layers. If one chooses to disbelieve it, they certainly don't understand security.

 

[notjustjay]

Then why are security patches released for OS X? Obviously something can happen.

As I said above, security is about layers. If one chooses to disbelieve it, they certainly don't understand security.

I have a friend who leaves the front door to her house unlocked. She has teenage kids and they are always coming in and out, with their friends, so she feels it is simply easier to leave it open. Sometimes she will tell me, "Come on over, if I don't answer the doorbell, just come on in, and make yourself at home."

It's not that she doesn't understand security, it's that she knows her neighborhood well enough to decide that it is an acceptable risk to leave the door open to strangers. That's something I would never do (not on purpose anyway, but that's another story ) but I live in a totally different neighborhood. Sure someone could break in, but she has evidently determined that risk to be so low as to be inconsequential.

Security is about layers, sure. I believe the layers I already have are plenty. Sure there's the risk that I will accidentally download a trojan, or stumble on something that exploits a vulnerability. Nobody's denying this. But that's my risk to bear and a firewall wouldn't do me any good in that case anyway.

 

[twoodcc]

of course that's microsoft's answer to any problem - throw money at it. this time they want to use your money and not theirs

 

[belvdr]

I have a friend who leaves the front door to her house unlocked. She has teenage kids and they are always coming in and out, with their friends, so she feels it is simply easier to leave it open. Sometimes she will tell me, "Come on over, if I don't answer the doorbell, just come on in, and make yourself at home."

It's not that she doesn't understand security, it's that she knows her neighborhood well enough to decide that it is an acceptable risk to leave the door open to strangers. That's something I would never do (not on purpose anyway, but that's another story ) but I live in a totally different neighborhood.

Security is about layers, sure. I believe the layers I already have are plenty. Sure there's the risk that I will accidentally download a trojan, but that's my risk to bear and a firewall wouldn't do me any good in that case anyway.

Bad analogy, as nobody knows the neighborhood when it comes to a public space such as the Internet.

You are correct in that everyone draws the line in a different spot where the risk is acceptable. But to clarify, security != a firewall; a firewall is part of security, but it's not the whole kit.

 

[Kristenn]

Nothing.

Why are there security patches for OS X then?

Also, just because some people don't feel the need to "turn the firewall on" doesn't take away from the fact that it shouldn't be off by default in the first place.

It should be on. Because I for one like the idea of my firewall on. Its smart. And if the average user (especially new to Mac) has to figure out how to turn their firewall on most likely won't because they would expect it to be on in the first place.

But hey. Maybe what I say doesn't matter seeing as I have firewall on AND antivirus. =/

I just find it funny, that's all.

 

[*LTD*]

Why are there security patches for OS X then?

Insurance.

 

[jzuena]

Why are there security patches for OS X then?

Also, just because some people don't feel the need to "turn the firewall on" doesn't take away from the fact that it shouldn't be off by default in the first place.

It should be on. Because I for one like the idea of my firewall on. Its smart. And if the average user (especially new to Mac) has to figure out how to turn their firewall on most likely won't because they would expect it to be on in the first place.

But hey. Maybe what I say doesn't matter seeing as I have firewall on AND antivirus. =/

I just find it funny, that's all.

Which OSX firewall do you have on? The one in System Preferences -> Security -> Firewall (the application firewall) or ipfw (the port-based firewall)? And does your antivirus solution scan for OSX-specific malware or just Windows malware? If its just scanning for Windows malware it isn't providing you with any added protection.

 

[MisterMe]

...

It should be on. Because I for one like the idea of my firewall on. Its smart. And if the average user (especially new to Mac) has to figure out how to turn their firewall on most likely won't because they would expect it to be on in the first place.

...

I completely disagree. Internal firewalls tend to be placebo-ware. As a general proposition, firewalls degrade the performance of the computer's network.

Firewalls are an extraordinary measures for extraordinary circumstances. A college student's iMac is hardly an extraordinary circumstance.

 

[roadbloc]

Insurance.

Please, elabourate. If there is no security flaws, then why are there updates? If it ain't broken, why fix it?

 

[notjustjay]

Why are there security patches for OS X then?

Because occasionally there are security vulnerabilities found in OS X, and they need to be fixed.

Nowhere has anyone ever disputed that!

The difference is what happens when security vulnerabilities are found. In Windows, they are immediately exploited, and a wave of new viruses, trojans, or malware come roaring out. This is why every day someone sends me a spam IM message, or why my XP netbook gets infected within weeks of purchase because I failed to install adequate security measures.

When an OS X vulnerability is found, what happens? Some white-hat hacker on some website makes loud noises and provides a proof-of-concept trojan, or someone uses the knowledge to win a security contest. Then Apple releases an update, and all is well again. Historically there has rarely been an actual, damaging, exploit that made it out into the wild and does damage to real people's computers. Now this of course may change as Mac market/mind share increases. Nobody's disputing that either.

I know someone said my doors-unlocked analogy was bad, but I think it works. In the Windows world, people are trying your doors constantly. Don't you dare leave the door unlocked for more than a few seconds, or else you'll find your house ransacked and robbed. In the OS X world, if you leave your door unlocked, after a couple of hours someone comes and yells "Hey, dummy, you left your door unlocked! See? Look at me, I'm inside your house! Lock your doors, man!" and leaves without touching anything.

 

[dukebound85]

my internet tax is what I am paying for internet service

effing MS

 

[JS82189]

How about MS foots the bill for everyone to switch to Mac computers, a way safer operating system that has simple systems to ensure that if a virus is getting installed its because you personally chose to Install, not just download or view, the infected software.

 

[rhett7660]

my internet tax is what I am paying for internet service

effing MS

This is how I feel also....... But then again they can say the tax we are paying is going to the ISP not to MS..... So MS should also get a cute of it.

 

[MisterMe]

... So MS should also get a cute of it.

Come again? Microsoft gets its cut when customers purchase its crappy over-priced software.

 

[hakuryuu]

I think a tax of this sort should go towards educating people on not only best practices with their OS of choice but also towards educating people on their options. If people truly are able to make an educated guess on their needs then I believe that Windows would not have such a huge market share and thus we would likely see a greater balance amongst what are the three contenders for your desktop: Windows, OS X and Linux (Ubuntu). Ignorance is responsible for most computer problems anyways. And if there was greater balance then you would see more and more multi-platform applications as well as a more difficult situation for malware and virus developers because they wouldn't have one major target but three.

 

[macfan881]

for those going on back on forth on wether Apple Has Virusus or not heres there answer from there website so read and stop complaining

Is a Mac safe from PC viruses?

Yes, a Mac is 100 percent safe from viruses designed to attack PCs. And although no computer connected to the Internet is completely immune to all viruses and spyware, the Mac is built on a solid UNIX foundation and designed with security in mind. The Mac web browser, Safari, alerts you whenever you’re downloading an application — even if it’s disguised as a picture or movie file. And Apple continually makes free security updates available for Mac owners. You can even have them download automatically

kthankbi

 

[IntelliUser]

Modern Routers have built-in hardware firewalls anyway, which eliminate the need of a software firewall (under Mac OS X, due to the lack of malware).

 

[Kristenn]

I use iAntivirus. Also are you sure it makes my net slower having the built in firewall on? It just sounds so (Hit me I'm open!) to leave it off.

 

[arletha]

This is what I don't get. I got Snow Leopard and did a fresh install. And took like 2 days to realize my firewall wasn't turned on by default.

Now techy people know to check this stuff but your average dumb user doesn't. Especially if its there first mac. Here it claims to be super secure (which I'm not doubting in any way) yet the firewall isn't on by default?

Even Windows has it on first thing. =/

Also, internet tax is just swell... Thanks Microsoft.

Microsoft for the win....Muchos gracias