"Vista Most Secure OS Ever" This gave me a good laugh...

[bbrosemer]

Ok. Your point does not however invalidate the market theory. It does not change the fact that people aren't making malware apps for the Mac. Again, if you want to bring down the world with a virus, you are going to write it for Windows. Simple as that.

It doesnt I agree but from a Math point of view it makes the proabibilty of this being true very unlilkely nearly a Mathmatical improbability. What the math is saying is that the chance that not 1 just 1 virus has been made for the mac is 0.0083% and since one hasnt then there must be something more to it and that is the OS.

 

[bbrosemer]

Y are most servers Unix/Linux....?

 

[jbcaro]

There are around 40 Million http://en.wikipedia.org/wiki/Source_lines_of_code source lines of code (SLOC) in Windows XP. Let just say that Microsoft had 5000 software engineers working on that code. That would mean that each and every engineer would be responsible for about 8000 SLOC. Not only would they have to make sure that all 8000 SLOC that they were responsible for were secure in every way but that their code did not cause any issues with any of the other 4999 coders. (I know it would never be divided up this way, but you get my point)

Now I doubt that MS has 5000 coders that worked on creating WinXP (maybe they did, who knows), but even if they did that is an enormous job to make sure that not only does 40 Million lines of code work together, but they work together in such a way that it is hacker, virus and spyware proof.

I would suspect that OSX is in the same boat to an extent. Nothing is perfect. Nothing can be made perfect. There will always be someone out there that will find a way to exploit some portion of an OS that everyone thought was unexploitable. Even with OSX requireing a password that makes the user an un-patchable security hole.

MS is the number one target because they are number one. They jury is out on what will happen if Apple starts to gain market share with the cpu switch. Only time will tell.

just my $3.48
jbcaro

 

[kevin.rivers]

It doesnt I agree but from a Math point of view it makes the proabibilty of this being true very unlilkely nearly a Mathmatical improbability. What the math is saying is that the chance that not 1 just 1 virus has been made for the mac is 0.0083% and since one hasnt then there must be something more to it and that is the OS.

Math can not predict what people do. If viruses and other malware spawned on their own, you would have a point. However, people create them and you cannot mathematically predict when someone will decide to create a virus. And if people ever feel the need to start messing with the Mac, your math will not hold up.

Most severs are unix/linux because they are secure. I never doubted that OS X, being built on Unix is not secure.

These systems are secure, because on a Linux/Unix server someone puts security in place. On a Mac, Apple puts security in place. Windows Server, which is what Vista is based on, there are security tools available for admins to use.

And now, Microsoft is putting security into Windows. Hopefully this will slow down or put to and end the countless number of malicious code out there. With the same types of security and more as Mac OS and other proven methods, Vista will be the most secure OS no doubt. And no because it is better or because MS wants to be the best, but because in order to ensure a quality experiences for its users, MS has to make it the most secure.

 

[Timepass]

Here is a simple thought if there are ONLY 2,000 self replicating viruses for the Windows and lets say that OS X has 1 which it doesn't. Then lets convert that into the market shart so 1=5% and windows has 95%=2,000. Well 2,000 divided by 95% = 21 Viruses per percentage point. Which should mean that even though Mac's only do hold 5% there in theroy should be at least one self replicating virus out there but there just isnt. http://www.sophos.com/sophos/docs/eng/marketing_material/SophosSecurityReport_2005.pdf These are the real numbers there are 114,000 known malware apps for the PC, not one attacks or can attack a Mac, these true numbers break down into 1,200!!! malware apps per percentage point for a windows machine even in the worst case scenario if a mac had (1000)- which it actually has none- then this breaks down in 200 malware apps per percenage clearly giving the advantage to the Mac. Moreover since there are none this bring up well if there should be 1,200 per pecentage point then the mac in theroy should have 6,000 malware apps and since it has none we can figure out the percentage of this possilbly happening which is 0.0083%, and since this is true this shows how the market theroy can not be called true at all.

That does not remove the market part at all. It does play into it. Go read my post a little earily in this thread that explains why market has a huge play in it. No one in there does it say anything about which OS is harder to crack or use that way.
The entire post is on the simple fact that the speed a particlure hole is giong to be found and exploit relates to market share. Simple fact is the holes in OSX are going to be found at a much slower pace and exploited at a much slower pace than windows which get 99% of the attention of the makers of malware/spyware virus and trojin (which OSX has a few of no OS can really protect against a tojin house that relays on User stupidity)

No on in there am I saying that OSX is just as easy to exploit as windows. I just saying that more people are targeting windows so holes are goin gto be found and exploited much faster. Market share as a direct effect on the rate a particlure hole is going to be discovered and exploted. Is OSX virus proof. Heck no. Is OSX impossible to hack. Umm no. Thinkign that way is a sure fired way to lose everything to user stupidity.

If OSX was at the 90% market share you can be sure that there would be some virus and spyware out for it. As much as there is for windows. of course not. But when 99% of the attackers and hacker are targeting it some one goign to figure out how to do it. Then from there it going to grow at a much faster pace because the same base code can be used over and over again to adjust to fixes.


An exampple is there are over 20 different verson of the MSblaster worm. All using the same base code but they are counted as 20 different worms that was using the same base code to do the spreeding. Just change a little what they did to do what the maker wanted it to do.

 

[sikkinixx]

i'd be more worried about bugs than viruses with good old Windows. Does anyone remember when XP first came out? It nice to MS to let their paying customers do their testing for them...

XP is gonna stick on my windows box until Vista I need to switch to Vista for DX10.

 

[hulugu]

And where is your data to support there is not?

This year root access was gained on a Mac in under 30 minutes. What can be done with root access?
http://www.zdnet.com.au/news/securi..._than_30_minutes/0,2000061744,39241748,00.htm

Windows Vista may in fact be the most secure OS, but again it is because it has to be.

Also, Apache is free. People don't attack free software, you should know that. How many people are out trying to bust Linux... not many.

First, this is a distraction to the real conversation at hand, which is how secure will Windows Vista be on its debut. Is Windows Vista the most secure OS ever in a world of BSD, various flavors of *NIX, and OSX? I don't think so and I can't imagine anyone who isn't a Microsoft shill *cough*CNET*cough*ZDNet*hack* saying otherwise. Furthermore, because of the complexity of the code (which is why Vista is years behind schedule) and that Vista is actually Windows Server 2003 with additional code that Microsoft really has any idea how tough this OS is going to be in the real world. Obviously this is a PR statement designed to blunt OSX's stated advantages in security.

Second, people do attack Apache according to your ZDNet article in which an anonymous hacker described secret vulnerabilities that existed in OSX. Giving a local access account for your hacker is unlikely and stupid. So, I think we can safely say that the easily hacked OSX box was the result of poor configuration and a flaw in Apache rather than poor OS design.

Third, when comparing all the possible vectors for a malicious attack (viruses, malware, rootkits, vulnerabilities in services, buffer overflows, etc.) we can see that Windows has thousands of serious problems and comparing the same lists we can see that OSX has relatively few. The likelihood that all these problems are fixed with Vista seems unlikely at best.

Fourth and finally, we can argue for years about whether OSX is safe because its rare, tough, or well-liked, the safety of OSX exists regardless.


I expect at least one zero-day exploit within a few days of Vista's debut.

 

[bbrosemer]

With enough data math can be used to predict anything you all just need to understand a little of it.

 

[Timepass]

With enough data math can be used to predict anything you all just need to understand a little of it.

bbrosemer you so call data still doesnt disprove the % theory at all. My data one supports it with math. It doesnt go off % of virus. It goes of the probliey of a certain hole being found.

 

[hulugu]

An exampple is there are over 20 different verson of the MSblaster worm. All using the same base code but they are counted as 20 different worms that was using the same base code to do the spreeding. Just change a little what they did to do what the maker wanted it to do.

Metrics are difficult to accertain certaintly, but people play the same game with OSX, sometimes counting a proof-of-concept Bluetooth-flaw for example as a flaw when this will be a problem with everything that has BT.
However, that 20 different versions exist shows that systems are still being infected because of Microsoft's previously unknown RPC call. How many unknown services will be running on Vista?

Also, should the new Microsoft Office flaw be counted towards OSX or towards Microsoft? Or be counted twice?

 

[theheadguy]

bbrosemer you so call data still doesnt disprove the % theory at all. My data one supports it with math. It doesnt go off % of virus. It goes of the probliey of a certain hole being found.

huh? I've run grammar and spell check and my mac can't figure out what you meant by this. Maybe Vista will have some better tools for deciphering this argument.

 

[kevin.rivers]

First, this is a distraction to the real conversation at hand, which is how secure will Windows Vista be on its debut. Is Windows Vista the most secure OS ever in a world of BSD, various flavors of *NIX, and OSX? I don't think so and I can't imagine anyone who isn't a Microsoft shill *cough*CNET*cough*ZDNet*hack* saying otherwise. Furthermore, because of the complexity of the code (which is why Vista is years behind schedule) and that Vista is actually Windows Server 2003 with additional code that Microsoft really has any idea how tough this OS is going to be in the real world. Obviously this is a PR statement designed to blunt OSX's stated advantages in security.

Second, people do attack Apache according to your ZDNet article in which an anonymous hacker described secret vulnerabilities that existed in OSX. Giving a local access account for your hacker is unlikely and stupid. So, I think we can safely say that the easily hacked OSX box was the result of poor configuration and a flaw in Apache rather than poor OS design.

Third, when comparing all the possible vectors for a malicious attack (viruses, malware, rootkits, vulnerabilities in services, buffer overflows, etc.) we can see that Windows has thousands of serious problems and comparing the same lists we can see that OSX has relatively few. The likelihood that all these problems are fixed with Vista seems unlikely at best.

Fourth and finally, we can argue for years about whether OSX is safe because its rare, tough, or well-liked, the safety of OSX exists regardless.


I expect at least one zero-day exploit within a few days of Vista's debut.

I find it enjoyable that you come into the thread, and call my post a distration. Clearly you singled me out, this was not a distraction I brought to the table and if you pay attention to the posts before mine you will understand why this came up from context.

Moving on. I was not the one that stated that Apache was not attacked. Again, if you read the other posts you would know this. Would they exploit Apache as much as IIS? No. Why? Because hackers show (typically) more respect for free, open source software.

The underlying problems of malicious code being able to run transparent to the user, will be solved in Vista. The current slew of garbage out there, should not effect Vista.

I never doubted the safety of OS X. However, if someone wanted to mess with it, you better believe they would and would succeed.

The only reason I am arguing here is because there are clearly people here that can't step out of "well my mac is the best ever" mindset. Vista will rock, and it will be a secure OS. If not, well MS messed up pretty bad. However, I have faith that they will follow through on their promise.

If there are exploits within the first few days of Vistas debut. That further supports what I am saying. People are looking for them and want to take advantage of them. OS X has holes, all software does. The question is will someone care enough to find it and use it for evil purposes.

 

[SC68Cal]

Debian/GNU Linux distributions according to Wikipedia:

A similar study was later made of Debian GNU/Linux version 2.2 (also known as "Potato"); this version of GNU/Linux was originally released in August 2000. This study found that Debian GNU/Linux 2.2 included over 55 million SLOC, and if developed in a conventional proprietary way would have required 14,005 person-years and cost $1.9 billion USD to develop. Later runs of the tools used report that the following release of Debian had 104 million SLOC, and as of year 2005, the newest release is going to include over 213 million SLOC.

 

[theheadguy]

The underlying problems of malicious code being able to run transparent to the user, will be solved in Vista.

Please cite your source for this statement. Please do not insert emotional statements as in your previous posts or say your posts need to be taken "in context." You made a simple statement here and you should simply back it up with pure fact.

Vista will rock, and it will be a secure OS.

This is what you are saying right?

If there are exploits within the first few days of Vistas debut. That further supports what I am saying.

Ummm, I'm confused. Aren't these two opposing statements yet they are, according to you, supposed to support each other?

Just step away from the keyboard and rest man. You are writing in circles. (see above)

 

[kevin.rivers]

Please cite your source for this statement. Please do not insert emotional statements as in your previous posts or say your posts need to be taken "in context." You made a simple statement here and you should simply back it up with pure fact.



This is what you are saying right?



Ummm, I'm confused. Aren't these two opposing statements yet they are, according to you, supposed to support each other?

Just step away from the keyboard and rest man. You are writing in circles. (see above)

You are taking me out of context and partially quoting.

I will pick that apart when I get around to it.

 

[theheadguy]

You are taking me out of context and partially quoting.

I will pick that apart when I get around to it.

I'm not asking you to go over your slew of erroneous posts here. At the very least back that one statement up with pure fact, when you get around to it of course.

Just that one--- you can do it.

 

[decksnap]

Well this is a pretty ridiculous thread I've stumbled into.

Kevin, the problem with your argument (By the way, we get it, we got it on your thirtieth post) is that it seems to be complete opinion. You can't argue with people who disagree with you when you have no facts. There's no more proof to your theory than to the math theory.

I don't agree with what you're saying by the way, but that's just an opinion. I am also of the opinion that the OS X virus is a hugely sought after prize for hackers. How could it not be with all of us 'smug' Mac users (that so many Windows users love to irrationally hate) running around all virus free?

 

[hulugu]

I find it enjoyable that you come into the thread, and call my post a distration. Clearly you singled me out, this was not a distraction I brought to the table and if you pay attention to the posts before mine you will understand why this came up from context.

Sorry to offend, I wasn't singling you out, I was merely stating that a discussion about OSX is orthogonal to a discussion about the benefits, or lack thereof, of Windows Vista. Microsoft's ability to ship good code is not all that related to OSX's security, except to say that maybe Microsoft hopes they will have a similar benefits.

Moving on. I was not the one that stated that Apache was not attacked. Again, if you read the other posts you would know this. Would they exploit Apache as much as IIS? No. Why? Because hackers show (typically) more respect for free, open source software.

My point may have been inelegant, I was simply trying to point out that your ZDNet link showed a flaw in OSX caused by Apache, therefore hackers do attack Apache. Hackers love to beat up on Windows because it's easier, more widespread, and is a fine way to piss on Microsoft. A Russian-mafia hacker is less interested in Microsoft and much more interested in creating a large bot-net, thus he aims at Windows because of its ease presence.

The underlying problems of malicious code being able to run transparent to the user, will be solved in Vista. The current slew of garbage out there, should not effect Vista.

The old stuff may not as much, but legacy services have an interesting way of reappearing in Windows ala RPC, I have less faith in Microsoft than you do. I hope Vista is outstanding because it might lessen the spam we all deal with.

I never doubted the safety of OS X. However, if someone wanted to mess with it, you better believe they would and would succeed.

The only reason I am arguing here is because there are clearly people here that can't step out of "well my mac is the best ever" mindset. Vista will rock, and it will be a secure OS. If not, well MS messed up pretty bad. However, I have faith that they will follow through on their promise.

If there are exploits within the first few days of Vistas debut. That further supports what I am saying. People are looking for them and want to take advantage of them. OS X has holes, all software does. The question is will someone care enough to find it and use it for evil purposes.

The day Vista comes out it will not be the 'most secure OS ever' in my opinion because it exists in a world with BSD and *NIX, however it might be 'good enough.' Microsoft is under a withering barrage of attacks, and they've done well with the situation at hand, but let's not forget that Microsoft also made decisions, IE and DirectX, that weakened the system in the first place. Microsoft makes poor decisions with their OS because of a narrow mindset that they must 'control' the PC industry. This has resulted in stupid and sloppy systems that continues through XP SP2.
OSX is based on a better model and thus has some specific advantages that Vista would be better if it copied.

I think we can agree to disagree.

 

[wxboss]

A pretty good eye opening article. Spyware authors aren't the only game in town

 

[bbrosemer]

Hey kevin and timepass once again ignore the fact that most servers are not WINDOW$!!!!!!!!!!!!!!

 

[SC68Cal]

With every passing article that I read about Microsoft Vista, the more sick I get in my stomach.

I hope that this is the Windows OS that microsoft hangs themselves with.

 

[stunna]

I find it stupid that Microsoft are having people pay money for virus protection for there own product. So MS choice to patch some wholes, but leave others open so people have to pay them more cash for a safe OS

Microsoft isnt allowed to give away their anti virus softawre

 

[Senater Cache]

Microsoft isnt allowed to give away their anti virus softawre

true. It is/was already a huge debate incourt with them including their browser and force-integrating it they way they did.

 

[wxboss]

true. It is/was already a huge debate incourt with them including their browser and force-integrating it they way they did.

The only way MS got around it was by integrating it into the OS.

 

[dsnort]

This is all great, but all I know is my personal experience. Last computer before my iMac was a PC running XP. After 3.5 years of struggle, I got off the Microsoft express train to computational hell, and went Mac. The only way I was ever able to get XP to behave rationally was to go to a third party website and download a seven page list of settings changes to make to XP. After that, it worked decently. If a third party can figure this out, why can't MS? I agree that MS is going to get attacked more due to it's market dominance, but they also create a lot of their own problems through iffy execution. Can anyone say "Windows Messenger"?