But, as I've been trying to say, I don't "connect" to a bank using anything electronic. My bank connection protocol consists of the meat walking through the door and saying "Hi, ladies". Radical, huh?

:rolleyes:
Track records are history, and history is important.

No, but it helps.
A bit OT, but close enough.

But that just means that your 'electronic' voice is unheard. You haven't made a choice that they'll recognize.

well in that case

http://www.macworld.com/article/1327...8/03/hack.html

Oh, come on! Can't you do better than that? Some guy who probably spent months working full time and with help, manages to find a hole, and we're all supposed to think that compares with over a decade of frequent and highly successful exploits of Windows systems in the wild? :eek:

lol windoze am i rite

But seriously, just don't use Internet Explorer and don't use a computer you don't own. (Never use a library computer, public kiosk, a friend of a friend's computer, etc.) The latter rule applies to Mac OS X, as well.

We get the point, the real world is "meatspace" and inhabited by "meat". It's not really that clever.

Actually, I have made my voice very well heard in my bank, as a customer who doesn't want to use online services and wants banks to continue offering good customer service at bricks-and-mortar establishments. Mine does, but others don't, and so I vote with my feet and wallet accordingly. This is what is important to me, also for personal reasons unconnected with computers, rather than the security of their back-office operations against penetration, which I can't judge and that I have no evidence is a problem, whatever platform they use. Here the big scamming techniques involve physical tampering with ATMs and skimming of credit cards.

Explain why Apple was so late in the game to fix the worldly know DNS exploits then?

Sure MS has had it's history but one thing about MS that no one can touch them on is patching and fixing holes. They are pretty good at it. There are tons and tons of existing Windows server back end infrastructure out there that is secure. Like I said a lot of times those exploits happen because system admins are lazy, use weak passwords, or configure things wrong.

Same thing could happen to OS X, hell people get hacked on their macs all the time for leaving open port 22 and using really weak passwords, along comes mr ssh sniffer in russia or china and bam you have an exploited mac. It even happens to Linux boxes.

Simple: They don't need to be fast. Their software isn't beaten like a dirty rug every day of the week. Even when a weakness is found, it usually requires too many special circumstances to be useful, and that gives them time to come up with a fix that won't create new holes.

Of course they're good at it! They get lots of practice reacting to compromised systems, and rather than do the right thing and start over with a better design, they've decided to get better at reacting.

:rolleyes:
Second paragraph from the link above:

yeah that was written by an obvious fan boy. The bottom line is you don't have to run a Mac or a Linux box to be secure. I have managed many Windows clients and servers over the year and have had generally about the same amount of problems as I have had with the Macs, and now that I manage thousands of Macs I have easily over 50 to 80 a week that break on me. However, I am digressing a bit...

You can live under your blanked of safety and cling to the Mac like it's crap don't stink or whatever it is that you do. However, Macs can and will be exploited and until humans actually learn the ins and outs of how a computer works this will always happen.

The QT codec virus was a prime example. Apple only has a 8% market share and when they start to climb (and I think they will have a larger market share down the road) you will see it happen more. Simply because people don't know what they are doing and install software and they think, oh it is a Mac so it is secure and it just works. I say hello root kit heaven when that happens.

Oh and the DNS exploit, that affected every OS because it was an actual flaw in DNS (and not the OS itself) left all Apple servers and client machines vulnerable for months while everyone else patched it with in a week. Novell, Microsoft, Sun, Cisco, anything that can run DNS had it fixed with in a week, it took Apple months. They got lucky, if hackers wanted to exploit that they could have.

I wonder if you'll ever grasp the concept that not all users are IT techs.
This is so disingenuous that it's infuriating. I've never even seen a post on this forum or any other where a Mac user has said that Macs couldn't or wouldn't be exploited, yet you keep going back to this straw man. Everyone knows that it's not a matter of safe and not safe. It has always been a matter of degree. Why do you keep pretending that some one is saying otherwise?

The DNS exploit only affected machines that were running a DNS server. I.e. only server machines. The vast bulk of OS X (non-Server) machines were not affected by this problem simply because they were not running the software involved.

Yes, normal OS X machines were (obviously) DNS clients and so were potentially vulnerable to this problem if the DNS server that they were using was compromised. But the DNS servers in question were (in most cases) running on their ISP's machines and probably not running OS X.

Hence the only hurry for Apple to fix this problem in the DNS server software was for OS X Server.
There was nothing to fix on the client.

Yes true, but I have stuff that runs DNS and it is powered by Apple technology.

So, yeah they had an excuse if you want to call it one. Apple products don't run DNS compared to other platforms so that gives them a hall pass to be tardy?

I mean if the known fix was released and everyone who makes technology that can run DNS fixed it with in a week or two, why couldn't apple? That is all I am getting at.

And I wouldn't have said anything except that you (in post #50) claimed that Apple's tardiness put OS X client machines at risk.

OK fair enough that was an oversight on my part.

To be fair the biggest problem with windows until Vista, 7, and 2008 was that the default login allowed for the installation of virtually anything with no additional passwords required, leaving these systems sitting ducks.

I have seen even in organizations with crack staff, firewalls, antivirus, etc get slammed badly by viruses even only a few months ago.

As others have said systems with the keys to the car are going to get taken for a ride. Macs require a password. Until recently windows did not.

This will not be the end of windows exploits with Vista and beyond of course but passwords at least make the process more difficult. For the Mac it would be nice if patches were faster. And for those that wish additional protection is now officially recommended by Apple.

Do we need it? Debatable? Are the Apple included firewalls and other protection sufficient? Up to the end user.

Even then you are relying on users to use strong passwords. Macs still get compromised by dictionary attacks and there are some cases even on this forum that show that evidence. One post on this forum is from a mac user, who from what I deducted, installed a VNC app on his iphone which probably did not use any sort of encryption and some how got rooted and they even stole from his paypall account and was using VNC to actually control his mac desktop.

Also, like I said before, WIndows client and Windows server are two different creatures and Vista is the first OS to adopt some of their security layers.

Also, if I recall, the webkit exploit and the ard client exploit didn't need passwords to root the mac.

I agree with you though, by model and design Windows can be less secure.

In the light of what I'm reading here I'm thinking of protecting those documents that contain account data, and getting a fancier admin password, but would you be so kind as to explain that bit about port 22 for a non-techie?

No. You paid for a computer of superior components and build quality, and a vastly superior OS. You paid for a computer and OS that doesn't feel chintzy, but rather, very complete and of superior quality.

Me, too. I am not an IT or techie. I have the OS X firewall on all the time with no listed ports open for anything. Connected to internet through a gateway with its firewall on. My Mac is not networked with any other machines at my house.

My admin password is all numbers. I have good passwords for everything else, but never realized just logging into the machine needed a tough password since I generally trust the rest of the family not to tinker.

Assuming I avoid doing stupid things on the net, am I safe? What else should I be doing? 10.4.11

The 11 year old found a novel way to do an easy to remember password.... he ignores recognizable letter/number combinations and simply picks a key on the keyboard then goes diagonal down for four keys and then across for three more (or similar). Easier for him to remember the pattern than random digits. (kids do think differently than the rest of us)