Mad as Hell, Switching to Mac 1262
justAMan writes "Security dude, Winn Schwartau, has posted an article on Network World about switching his company to Macs because he's fed up with the security issues plaguing Windows-based systems. He also offers his view on why Windows is inherently flawed and why it will eventually fail because of those reasons.
From the article, 'This is my first column written on a Mac - ever. Maybe I should have done it a long time ago, but I never said I was smart, just obstinate. I was a PC bigot.
But now, I've had it. I'm mad as hell and I'm not going to take it anymore.'"
Crazy (Score:4, Interesting)
Some Windows software applications are well written; others take shortcuts. : How is this different from Mac software?
Memory Not all RAM is equal. Some works well. Cheap stuff doesn't. : Makes save you from this trouble by only allowing you to buy the expensive stuff
Hard disks. Same problem: cheap or reliable. Your call. : Again, solved by Apple by not allowing "cheap".
Windows is complex, trying to be everything to everyone. : Have you seen an Apple commercial recently? Or the "switch" ones?
my next machine will be a powerbook (Score:1, Interesting)
Re:Invalid Opinion (Score:5, Interesting)
Yes, there are security problems with windows, but no, you have to be a giant fucktard newbie to actually ever be affected by them.
So not installing a third party firewall, a third party antivirus scanner and third party spyware software makes one a "giant fucktard newbie"? Perhaps you should address why all these third party applications are needed just to give a Wintel box a basic level of security?
Re:Invalid Opinion (Score:2, Interesting)
> exposition of their love for a non-windows OS, can both admit to having suffered the actual symptoms of
> security problems on Windows and then claim to be an authority.
>
> Yes, there are security problems with windows, but no, you have to be a giant fucktard newbie to
> actually ever be affected by them.
So to you 99% of the world are clueless fucktards? Because the number of people who understand how to secure a windows environment are few and far between.
jfs
The reasons for switching will be more complex ... (Score:1, Interesting)
Currently, apart from a subjectively prettier GUI and case and lack of malware I'm not convinced it actually does.
Then you have the grave difference in hardware costs between the platforms and the far bigger software library on Wintel. Also games and 3d graphics in particular tend to perform much much better on Windows PC and you have to ask is it worth it ?
Personally as a die hard Mac user for many years I'm not sure it is anymore and have a strong feeling my next machine might actually be a Windows box.
Re:Flame on... (Score:2, Interesting)
I don't like the look of OSX.
But by god, this guy is right, and people need to listen to him. I'm an "anything but windows" person, and ugly as OSX is to me, I bet it's pretty tolerable to most people out there and it definitely qualifies on the "anything but windows"
$500. You can't even claim they cost too much.
PS Woz was the hero.
Re:What's wrong with corporate system admins? (Score:2, Interesting)
Administering Windows XP in a corporate environment isn't that hard.
With what ratio of geeks-users? My workplace has a lot of Linux users and a fair amount of Macs. We have 4 full time people for ~300 machines at this site. If we were all Windows we'd need more people.
Re:What's wrong with corporate system admins? (Score:3, Interesting)
I used that excuse (and that our server was too overloaded) to switch our mail and VPN to Linux. I also used that excuse to get antivirus software and Mozilla Firefox installed on every machine. Guess what? It works and we have way less problems than we had before. No matter how much you lock Windows down (which is not always an option BTW, you're the employee not the boss) there are still security issues in Windows software that can blow you out of the water.
Re:my next machine will be a powerbook (Score:1, Interesting)
Sorry Windows and Linux. One needs to be secure. Linux, you're almost there, but not quite. Maybe another 10 years.
Re:Invalid Opinion (Score:3, Interesting)
So, you really expect a normal user to:
Check the Antivirus application.
Check for Spyware.
Implement intermediate mesures for holes that arent patched in months.
Do regular updates of all the installed applications.
Run everything as non admin and just toss those applications that came with the Camera/Camcorder/Mp3player etc out the windows and many games because they wont work as a restricted user.
Manage the browser security zones and update all of them regularly.
Dont surf on unsafe places, ie. dont use the internet at all.
Youve got to be totally insane if you imagine even a normal admin doing this on every friggin computer on his net. Its not even possible with SUS or Zenworks so it will require quite a bit of handjobs.
You do remember this OS is sold as userfriendly dont you? Its not like its some IKEA furniture.
Re:Uh oh... (Score:5, Interesting)
That would be awesome. Microsoft is capable of writing good software, the problem is that protecting their monopoly is always getting in the way. If they lose Windows and have to reinvent themselves as a real software company... well, let's just say I might buy a Microsoft product again.
and in the same issue... (Score:5, Interesting)
http://www.networkworld.com/columnists/2005/05230
Comment removed (Score:5, Interesting)
Re:Being All Things (Score:3, Interesting)
With the jump from 68k to PPC a number of years back, then the more recent jump from classic mac to OSX, Apple has been able to cut away a lot of their past baggage, and do things right the second or third time around.
If MS does a major, intentional compatibility break, there's just some huge problems they'll be causing. First off, supporting all sorts of stuff that stopped working, getting calls from people who don't understand why their software is suddenly breaking, etc. Second, if I'm running a corporation with 30,000 workstations, and the new version of windows coming out would not only require upgrade feeds for the OS, but also for pretty much every other piece of software we use, I'm going to be hesitant to go that route. So maybe I'll just stick with what I've got, and MS loses a big piece of its gravy train. My other option is to say, 'OK, we're going to be basically throwing out all our software and starting over either way, maybe now is a good time to consider switching from MS, tell me more about this Linux stuff. '
It's that big corporate inertia that people always talk about. MS can't be that nimble in their decisions, because there's too much mass to turn. They surprised everyone by jumping onto the internet bandwagon at the last minute, but look at all the problems with security and whatnot that that effort is causing now.
He doesn't want to climb that mountain (Score:3, Interesting)
Yes, and long term that would be wiser. My mom runs GNU/Linux and loves it. My sister, her husband, and their children likewise. However, my wife uses Mac OS X. Why? Because Microsoft used up all her tolerance of cantankerous technology, and while Linux is anything but cantakerous, it does have a learning curve that she simply wasn't willing to climb. Had I caught her before her experience with Dell and Microsoft, she probably would have been very willing to learn a new system (my mom and sister were delighted--but they hadn't lost entire weekends reinstalling bug-ridden, chronically unstable OSes).
I suspect this guy is in the same boat. He's worn out, and wants something that Just Works(tm) (this isn't Microsoft, regardless of what their deceptive advertising may say) with no learning required. Apple comes as close to fulfilling the "no learning required" aspect as anything.
Having said that, you're absolutely right and people really shoudln't kid themselves. Once Apple gets sufficient market-share it's going to be as ill-behavied as Microsoft is today. Granted, OS X will probably never be as insecure as Microsoft Windows--after all, its foundation is FreeBSD, which is very, very solid, while windows foundation is more akin to to quicksand--but if you think Bill Gates' customer lockin is bad (and it is), imagine what Steve Jobs is going to do once he's secured a big enough chunk of the market.
Don't believe me? Take a good, hard look at Apple's history. Apple has done it before--and drove a mass migration to IBM compatibles as a result. People forget that Microsoft initially emerged as the market leader because IBM clones emerged as the market leader, as a result of the hardware being open (despite IBM's efforts to the contrary) and competition making for a very robust marketplace, a lot of innovation, and (at the time) a lack of customer lockin. It was only later that Microsoft applied that customer lock-in at the software level...and Apple is almost certain to follow suit (repeating their old behavior) once their market share makes them feel confident enough to do so.
Long term, FreeBSD and GNU/Linux are the future for anyone who values their digital freedom in any form. But short term, Apple is a quick and painless way to get out from under the pile of Microsoft shit that includes, but is hardly limited to, endless spyware, endless viruses, endless worms, endless trojans, endless popup ads, endless crashes, endless security flaws crackers can drive a fleet of container trucks through, and endless demands for upgrades (and your hard earned dollars/euros/yen/what-have-you) that just give you more of the same.
Apple can give people breathing room, let them recuperate, and then, when Apple starts to get a little too big for its britches, people can look to making the move to a free foundation, such as Linux or FreeBSD. But until then, for those exhausted and traumatized by the Microsoft treadmill and the convicted monopolist's abuses, Apple offers a welcome, and easy, respite.
Re:Why oh why... (Score:2, Interesting)
jfs
Those are some misleading numbers. You imply that 98% of the entire business world that uses windows doesn't switch becacuse of cost and difficulties. You're forgetting that most of them have no reason to switch. If they are perfectly happy with Windows, are they brainwashed? I don't think so. I think what you meant to say was that "98% of businesses that hate Windows aren't switching because of cost and difficulty." This probably amounts to something more like 1% of the "business world."* Granted, your point about it being news is valid, I just think that your logic of getting there was flawed.
*This is a total guess on my part, just like the "98%" was a total guess on parent's part
Re:What's wrong with corporate system admins? (Score:3, Interesting)
Your experiment reminds me of my friend who is a Christian Scientist. She doesn't believe in germs so refuses to get her children innoculated against the various diseases that afflict kids. Not so surprisingly, her kids are fine. She views the fact that they're healthy as proof that she's right. She doesn't understand that her kids survive because the overwhelming majority of kids surrounding hers are disease free. If there were more Christian Scientist out there, her strategy would fail.
Macs are relatively virus free because the majority of virii out there aren't aimed at Macs. If the Mac ever regained a significant market share, virus writers would start aiming at the platform and your experiment would show different results.
Re:Who and Where? (Score:5, Interesting)
Let's use XP as the example here. I do phone support for DSL, and I have to help new users set up a static IP address. On OSX, it's "click on the apple at the top left, go to system preferences, a window will open. click on the network icon in that".
On XP, do I bother to ask them if they see a "My Network Places" icon on the desktop? It's often (but not always) hidden. If it's not there, do I ask them to go to the control panel, which may or may not be listed under Settings? Which may or may not be in classic view? Which if it isn't is one more nested icon, if they don't get confused and think I'm talking about the same thing? Do I say fuck it, tell them to click start, go to run (can this be hidden, some have a hard time finding it?) and type in "ncpa.cpl" ? You have no idea how difficult it is to spell for them over the phone. "What do you mean november, do i spell that out, or abbreviate it n-o-v?".
Once there though, I have to have them right click on "local area connection" (what, there's more than one?) select properties, that is if they're not too clumsy and they don't accidentally drag it a bit, bringing up the "create shortcut/copy/move" menu. Then a second window pops up. The item they need has a checkmark by it, ever try to talk one out of thinking they don't need to check/uncheck something? Sometimes if the resolution is wrong, they'd have to scroll to see it. Sometimes, only IPv6 is installed, on factory new machines. So, now they have to open it up, either by highlighting "internet protocol" and clicking on the properties button (do i have to right click?). But try to explain to them to click on the words, not the checkbox. Or maybe they can just double-click on the words "internet protocol" maybe not, depending on settings.
Then, A third window pops up. And they have to select static or dynamic. But hey! Even though they've selected static, they still have to choose whether to use static DNS, or dhcp (wtf?!?!!?). And do they have to type in the dots, (cause they are already there!). And it always auto-fills the subnet for them with 255.0.0.0 even when it's not a class A address (even if it were, how often do they think that that subnet is actually used?!?!).
And then, they have to click OK, and then on the previous window, either OK or close. It could be either one, I'm thinking a SP changes this button label.
And if the magic dll faeries are in a good mood, it just might work.
So tell me, which is more complex than the other again?
Re:Good Luck my Friend (Score:2, Interesting)
The look of OS X (Score:5, Interesting)
OS 10.3 (and I assume, 10.4) really limits the amount of customization that can be done to the interface. I know that the interface can be changed with a little work, but it's admittedly very low on my list of priorities. My point is that out of the box, Apple doesn't let you change the "look" of OS X to any major extent by just pointing and clicking, unlike Windows.
I get the impression that this was a deliberate choice by Apple, in order to maintain a uniform user interface. I can understand that decision, even if I don't fully agree with it.
Re:Flame on... (Score:5, Interesting)
Re:No doubt! (Score:3, Interesting)
Re:Uh oh... (Score:3, Interesting)
Perception? Sorry, I use Windows, Mac OS X, FreeBSD and Linux on a daily basis. It's not a perception, the Mac IS easier to use.
Now, Linux is catching up (*I* find it as easy to use as Windows now but I'm a old unix guy) but it's NOT there yet and these claims to the contrary are silly.
He hates "WinTel", not Microsoft (Score:3, Interesting)
And personally, I find THAT to be a little irritating. He states that I have decided to look at PC/WinTel Security from a Systems Engineering View (SEV) - the world and discipline I grew up in at the turn of the last century. But then, he sites a string of (admittedly unfortunate) anecdotes. How is that a systems view?
Winn Schwartau appears to be shilling for Apple. Seriously man, just show us the check Apple sent you so we can rest assured that you haven't gone all soft in the head. At least then we would know you're being rational and that, every time the syllables WinTel leaves your lips, that we should just stop listening.
I guess I'm irritated with his position because of its spectacularly uninformative stance. I thought I was going to hear about all the good reasons WinTel really did suck from a security standpoint (even despite Microsoft's recent considerable efforts to resolve this). Or maybe I was going to hear about how OS X really does rock from a security standpoint (aside from the vaguely true but unquantifiable "well, it's like Unix so it must be better"). But to get none of the above just so he can rant an opinion?
Phooey..
Re:Flame on... (Score:5, Interesting)
I think this is part of the point -- why on earth do we have to keep applying patches, running firewalls, and running anti-virus software just to keep our computers running?
If you have to install a patch every six months to a year because of something truly awful, that's not so bad. But to have the current patch-mill is just insane. Why do you have to have a firewall and an anti-virus to be safe? Why not just run safe software?
Likewise, the article wasn't just about security, it's also about quality. Are there decent PC's out there that don't start breaking within 9 months? If there are, they certainly aren't being sold to consumers. In our office, we have laptops from several vendors. Some of them have lost use of their ethernet ports, some have lost use of their PCMCIA slots, and some have lost use of their USB ports. But the Mac ones, even the older iBooks and Powerbooks, are still running fine. We have the same situation with our desktops, though not to the same degree.
The basic point is that, to use WinTel, you have to spend a LOT of time and effort just keeping the stupid thing alive. With Mac, you spend your time actually working.
Re:Flame on... (Score:3, Interesting)
I personally know a lot of people that want to switch to the mac, but think that it's only for graphics, or that macs are too slow. If respected people in the IT profession are seen switching to mac then home users won't be so afraid to do so.
On top of this many users that have done the research are holding off on switching because they think that it will take too long, but in this article it only took 2 days.
Just like you, I couldn't care less what platform people use, as long as the mac has enough of an audience to continue production, but I do like seeing articles like this until the mac gets more market share.
Re:What's wrong with corporate system admins? (Score:3, Interesting)
Create a group and give it exactly the permissions Power User has. If it doesn't work, then you have a supremely stupid application that actually checks that you're a member of a particular group. Start throwing heavy objects at your vendor. Otherwise, start removing permissions one by one.
The problem with windows is that it's too "secure", requiring you to have special access levels just to VIEW the calendar from the taskbar clock (because it can't distinguish the operation from "change the date and time"). On OSX and modern Linux distributions, restricted operations pop up a window where you can su or sudo and get it done. Windows just blows you a raspberry. People get tired of that, so they give themselves full admin access.
This one Goes to Eleven (Score:3, Interesting)
OSX is UNIXy enough that I'm seriously considering making an Apple my next hardware purchase, too, and I've been running Linux since '95 and building my own computers since '89. I gotta admit that the Dual G5 with 30 inch flat screen gives me wood.
I've been trying to convince my parents and sister to go the Apple route with very little success, though. They refuse to so much as look at one in the store. They have a preconcieved idea about Apple and are probably worried about having to replace all those Windows 3.1 apps they've been carrying around since the mid-90's. I'll keep pushing it, though, whenever they ask me what they should get when upgrading. I think Apple really needs a killer app to convince those users to give it a try. I'm sure that once they took the system for a test drive they'd like it.
Re:Proprietary (Score:3, Interesting)
Of course, it does require a certain bit of pragmatism wrt proprietary software, but I think Apple has embraced Free Software to an extent that's "good enough" for me.
*which, by the way, is sitting next to a Linux PC
Re:Flame on... (Score:5, Interesting)
COMPUTERS ARE NOT A RELIGION
I can use either PCs or Macs... And I have both (shrug).
My PC is better for some things, the Mac better for other things. They're just tools to me.
(and for the AC up above, Steve Wozniak DID work on the Mac hardware, WAS with Apple at the time it was developed, and IS a heck of a cool guy).
N.
HP Drivers crashing windows! Say it isn't so! (Score:3, Interesting)
By installing Fedora Core 3. For the first time in years, everything worked out of the box, and she discovered the miracle of Frozen Bubble and Scribus. Suddenly she became a certifiable Linux bigot. That is, until last week when my PowerMac arrived.
Mine, you hear! Now can I please use my computer again?
Re:WTF is he talking about? (Score:1, Interesting)
Like you, I have only seen one live virus - Michaleangelo, brought in to work on a floppy by one of the managers (this was a woman with a PhD).
Jeff is a friend of mine, so when he screws up his computer, I fix it. And his XP box screws up all the time.
Why? He likes porn. And when his girlfriend and her daughter comes over, the 9 year old gets on teh PC and happily clicks on anything.
I've done what I could to secure it; firewall, antispyware, antivirus. But when the firewall asks "do you want to let Evil Corporate SpywareTM act as a server," of course the anser is "yes, don't ask again."
Last week I installed Mandrake on it in dual boot. Enough was anough. When I put Yahoo IM on it for him this weekend, he shouldn't need to reinstall anything any more.
And no, I don't let him have the root PW, and he doesn't want to know it. So I guess he's learning.
I don't think that theory holds water. (Score:5, Interesting)
Part of the reason Macs are so secure is that Apple has designed the system such that it is extremely secure from the lowest level to the top. For example, OSX does not have a root account enabled by default. Everything lives in their own permission space and if you want to break out, you use sudo (and thusly have to enter your password).
Less commonly mentioned, however, is the way Apple encourages secure programming with Keychain and their authorization framework. The Keychain encrypts passwords and makes it very hard for an application to get passwords from other applications, meaning that in order to steal valuable information you'd first have to comprimise another application (which is actually quite tricky to do). Even if you do succeed in altering the application, the Keychain notices this and warns you, saying, "Hey, this application changed since it last used me, are you sure you want to allow it access?"
Add to that that Applications cannot alter themselves, and you have a pretty secure foundation for developers (which also, by the way, provides special UI for password entry that is highly resistant to keylogging).
At the lowest level, the PPC architecture is inherently harder to exploit with classic buffer overflows and printf exploits. The PPC system does not keep the current return address on the stack the way that x86 does. PPC chips have an explicit link register for this purpose.
What that means, in practice, is that in order for you to exploit a single function with a buffer overflow, you must inject your code, overwrite the previous function's (the caller of the current function) saved link register (on the stack, along with other saved registers), and then have both the current and previous function return without segfaulting or overwriting your exploit code.
While doable, this is a huge pain to get just right, and it means that the conditions where a buffer overflow can succeed are less prevalent. Add in the fact that instructions have fixed alignment (but data does not) and are of fixed width, and you have a significantly harder egg to write and deploy.
Don't get me wrong, I'm sure that virus writers can do this stuff. It's just that it's much harder and raises the entry bar.
More important than truth... (Score:1, Interesting)
If OS X isn't popular enough to have viruses, but is popular enough to have a decent range of software and hardware available so you can get your work done, what do you care that it would have viruses if it were more popular?
What's the value of this hypothetical situation in which Mac security is really tested hard by a 90% market share? They don't have that market share. They won't for a long time, if ever. There are no viruses for OS X.
To put it in human terms, the way to stay healthy is not to develop an invincible shield against germs. You stay healthy by washing your hands and not hanging around infected people. If you use Windows, you are hanging around infected people, so you have to wash much more carefully.
You want to live where it's dirty or where it's clean? Your choice.
Re:Mac flawed too (Score:3, Interesting)
Re:Flame on... (Score:5, Interesting)
Ah, you're obviously not a Mac user. The browser IS simple; the browser doesn't fix your spelling. The browser uses standard system APIs for text input, and the OS checks your spelling using the same standard dictionaries. The same spell checker is used whether I'm posting to Slashdot in Safari, writing an e-mail, chatting in iChat or X-Chat, or typing in TextEdit. This means that if I right-click a word and select "Learn Spelling", I'll never be bothered about that word again, no matter which application I happen to be using. It also means that if I change my preferred language in System Preferences (or just change to a different dialect, like British English instead of U. S. English) and relaunch my applications, spell check works with the new language automatically.
Finally, who in their right mind would host any type of server on a Windows or Macintosh machine? Hence the Linux boxes.
I use Linux for my dedicated servers too, but the fact that things like Apache, Samba and sshd are installed by default on my laptop comes in awfully handy from time to time. Not to mention a local copy of the complete Apache documentation, which is nice when I'm trying to remember the syntax for some obscure mod_rewrite thing while I'm on the road.
Re:Very closed? Uh... (Score:5, Interesting)
Dude, that's a hell of a lot of slick top [apple.com] there. Your description belittles something that those of us who love Linux only wish we could duplicate. Heck, Microsoft would love to duplicate it, too. Plenty of the tools to do what Apple has done are available to us, but actually pulling it off in a unified manner, putting a truly user-friendly face on that core, that's a tall task.
If it wasn't hard, there'd be several similar implementations. Just duplicating the nice printer setup UI they have for CUPS would be a good start, but I don't think I've seen that yet... much less point-and-click software update with push and server administration UIs.
I'm not saying our desktop UIs are terrible, but... an OS X experience is not what they deliver. Apple also has a pretty deep stack of stuff you won't find elsewhere, even well beyond the UI and ease-of-use space, and since OS X has developed a *nix-like ability to absorb anything else. It's a useful combination, and a very useful platform as a result.
Re:Flame on... (Score:3, Interesting)
Re:A testament to OS X's stable nature (Score:3, Interesting)
You are lying plain and simple.