Other stuff
Apple lacks Microsoft's security investment
Bill Gates has been taking some flak lately in the Apple circles for some comments he made on the state of security in Mac OS. He was being interviewed for Newsweek:
In many of the Vista reviews, even the positive ones, people note that some Vista features are already in the Mac operating system.
Bill Gates: You can go through and look at who showed any of these things first, if you care about the facts. If you just want to say, "Steve Jobs invented the world, and then the rest of us came along," that's fine. If you're interested, [Vista development chief] Jim Allchin will be glad to educate you feature by feature what the truth is. I mean, it's fascinating, maybe we shouldn't have showed so publicly the stuff we were doing, because we knew how long the new security base was going to take us to get done. Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine. So, yes, it took us longer, and they had what we were doing, user interface-wise. Let's be realistic, who came up with [the] file, edit, view, help [menu bar]? Do you want to go back to the original Mac and think about where those interface concepts came from?
OK so Bill Gates is basically saying because Microsoft invested so much in security for Windows Vista, Apple was able to copy interface features that Microsoft already developed and release them first, and as a result of that more vulnerabilities are being discovered on Mac OS than Windows.
At first I didn't buy the every single day thing and assumed he was exaggerating by quite a large degree. But after doing a bit of research I stumbled into this. They list a new vulnerability discovered on Mac OS every day, in many cases with code ready to exploit it. So Bill Gates wasn't far off the mark at all in his comments. Let's just quote a few examples:
1st of January:
A vulnerability in the handling of the rtsp:// URL handler allows remote arbitrary code execution.
3rd of January:
A vulnerability in the handling of the HREFTrack field allows to perform cross-zone scripting, leading to potential remote arbitrary code execution.
5th of January:
A vulnerability in the handling of BOM files by DiskManagement/diskutil allows to set rogue permissions on the filesystem. This can be used to execute arbitrary code and escalate privileges.
The list just goes on and on, a new one for every day of the month. Microsoft has made the investment in security, and it shows with fewer and fewer exploits being discovered. The media which you can imagine would love to throw out something about security on the Vista launch had to resort to using speech recognition, apparently the fact it responds to voice commands is a "hole" because it can be used to delete documents by issuing a delete command. Right, that's the best you've got?
I'm confident in saying that Windows Vista in its first year will have fewer security vulnerabilities than any other client release of Windows of the past and doing even better than their best server release, Windows Server 2003 wouldn't surprise me at all.
3rd February 2007 18:38:56, 561 words, 683 views
5 comments »
5 comments
I'm not against M$, I just say they are expensive and for long have been neglecting security. Mr. Smith refers to the MOAB..... a project to discover bugs in Apple OS X, fine they found some bugs..... maybe some 20 or 30 in a month, and then they stopped. M$ releases everymonth 10s of bug fixes and some they can't even resolve.
If you're trying to piss on Apple coz you have some grunch against them, do it at least without claiming M$ is more secure. It is not!
p.s. if you wanna know: I use Ubuntu Linux and M$ Windows XP in a dual boot pc!
Microsoft retrained their developers, re-organised their entire development process all for security.
Nationalising Microsoft would also shut up all the open source zealots. Because Windows would belong to everybody and so everybody has access to the source code.
It would also bring everyone together, so instead of wasting time trying to compete they just co-operate to make the best operating system possible.
So if you're a fan of the GPL, join the revolution comrade. Stop wasting your time trying to hammer together a lower-quality operating system trying to compete with the corporations. You don't compete with them (that's captialistic), you nationalise them and then they are yours.
Paul works for microsoft. LOL
My friend you fail to realize in a world market a "capitalistic society" all companies and countries are capitist. Paul is just pointing out the natural progression from capitalism is to socialism.
And Erik you speak as though apple is not capitalistic and as though they two are not big buisness. They are both big buisness and they are competing to give us a better product what is wrong with that?