Cleanup on aisle 47964 January 2, 2006 2:14 AM   Subscribe

Can we please get a cleanup of the OS WARZ!!1! type horsehockey in the WMF exploit thread? The noise isn't helping. Also - and I personally really, really hate to say this - but it might be advisable to disable the IMG tag temporarily. I love the IMG tag. Temporarily.
posted by loquacious to Etiquette/Policy at 2:14 AM (236 comments total) 1 user marked this as a favorite

agreed on the img tag, not so much on the OS WARZ bit. i think it's useful to draw the line between microsoft's development methodology and how it's caused this problem for people. evangelizing, no, but talking about how and why things like this happen is important.

also, i think that switching systems is a valid discussion to be having (maybe in an askme thread?). in terms of pure cost-benefit, this exploit is bad enough that i will be making that recommendation to some of my friends with older computers and those who own businesses.

to me, that's just another option that's available outside of install A, B, C, D an E pieces of software to have a coherent protection suite and then update it here every so often blah blah... some people might want to consider that it's a better option for them to get a mini. just sayin'.
posted by spiderwire at 2:25 AM on January 2, 2006


I really don't want to seem snarky or anything about this. What exactly is the point of that thread then? Great information was given in the post and the early comments. That stuff is taken care of. Now there's discussion of the broader issue.... what's the problem? Just that "OS WARZ" is annoying?
posted by joegester at 2:36 AM on January 2, 2006


Spiderwire: Uhm. You're a moron. Also, please kindly use your fucking shift key before I grab hold of my end of the CAT-5 and start pulling until I find you and garrote you with a gigabit fiber patch.

There's a gazillion reasons why Windows owns the corporate, institutional and home desktop/client world and Linux and OS X don't.

Sure, yeah, in an ideal world Windows wouldn't own everything - users wouldn't be dumbasses, hardware support would be a snap, software would be as free as beer and there would actually be real-world usable software in dumpster quantities that didn't require one to grow a beard, be an SCA member, swap Grateful Dead bootlegs and refrain from showering to use.

I use Linux, BSD, AT&T System V and OS X when I can get it. Hell, I've run CP/M, AIX, and VAX. I've run Netware. There are reasons why Windows has the userbase it does. Users can use it.

Also, KDE fucking sucks.

Anyway, preach away. You're preaching to the converted, mostly. And go put that penguin back. It belongs in the zoo.
posted by loquacious at 2:37 AM on January 2, 2006


joegester: The thread is littered with OS debate stuff and conflicting information. The problem is likely going to develop further.

I'm personally not convinced that that patch worked. The tester says I'm patched - yet I just had a trojan try to execute via the WMF patch.
posted by loquacious at 2:39 AM on January 2, 2006


Well I'll lay off anyhow. No sweat off my back and I can see it's really bugging you.

(KDE does fucking suck.)
posted by joegester at 2:48 AM on January 2, 2006


I agree with loquacious. If and when new development arise we will have to wade through all of the "change your OS" comments to find relevant information. I propose that this MetaTalk thread is a better place for that discussion.

By the way thanks for the relevant info in the original thread Loquacious and Spiderwire.
posted by sic at 2:53 AM on January 2, 2006


NerdFight!!!
posted by i_cola at 2:57 AM on January 2, 2006


As much as I know OS evangalism is pointless...what's this place for anyway? We're not a security alert site. We're not Slashdot even. We don't exist to alert people to a threat, we exist to (besides posting the Best Of The Web) discuss things, and comment on things. No PublicServiceAnnouncementFilter, please - if someone posts information about an exploit like this, surely they're going to expect discussion about the causes of it, rather than just technical information on how to fix it.

Comments along the lines of "Sucker, I'm using OSX" are bullshit trolls.

Comments along the lines of "Maybe you should consider switching to Linux" probably don't achieve much, no matter how heartfelt they might be.

But we have got to at least expect and tolerate discussion about how this sort of event affects different operating systems, and where the root causes might lie.
posted by Jimbob at 3:01 AM on January 2, 2006


True, Jimbob. But MetaFilter is heavily populated by nerds. It's always been very tech-heavy, and hopefully always will be.

There have been other moments of crisis where MetaFilter has shined for it's userbase over many other methods of information dispersal - mainstream news sites or other.

It has and will be a resource.
posted by loquacious at 3:08 AM on January 2, 2006


So, if this exploit is a sign that windows sucks then that thread is a sign that mefites suck. Are you with me gloaters?
posted by skallas at 3:30 AM on January 2, 2006


I too think we should turn off images for a while. Although anyone who posts a dodgy image can be quickly found via username / paypal account. Unless it's a stolen paypal account.

Q. If we turn them off using a CSS (i.e. they aren't shown), do they still get loaded and executed?
Or is Matt going to have to add post-processing code to strip these images out when displaying pages.

I'm assuming that tags get stripped before being posted to the database, and the viewpage procedure doesn't do anything other than push posts and comments from the database straight to the page.
posted by seanyboy at 4:00 AM on January 2, 2006


If we turn them off using a CSS (i.e. they aren't shown), do they still get loaded and executed?

I doubt it - because CSS / DHTML can be used to instantly make images on pages "visible" or "invisible", I'd bet that all images linked to are cached by the browser and examined to determine their content until a command to make them "visible" comes along.

Even if they aren't opened by the browser until needed, as others have pointed out, desktop searches like Google's will probably look at the file if the browser caches it to the hard drive.
posted by Jimbob at 4:11 AM on January 2, 2006


(Opps, by "I doubt it", I really meant "Most probably")
posted by Jimbob at 4:11 AM on January 2, 2006


Great. Now we have TWO threads for the OS Wars to be fought in.
posted by crunchland at 5:02 AM on January 2, 2006


I don't get why it's such a huge offense to point out that there are OS's that aren't vulnerable to this kind of crap. (No, I am not using one of those OS's.) The important information on how to protect yourself was in the FPP. Everything after that is discussion, and a legitimate part of the discussion is that the OS is more vulnerable than others. Sure, the snickering is kind of uncalled for, but Mac users get their share of abuse, too. If I were immune, I'd probably find all the periodic frenzy among Windows users pretty funny too.
posted by Kirth Gerson at 5:14 AM on January 2, 2006


Loquacious says: "it might be advisable to disable the IMG tag temporarily."

To which I say: "They who would give up an essential liberty for temporary security, deserve neither liberty or security." Yes, there's a risk, but not one that justifies removing such a central (though often hotly debated) element of the Metafilter experience, even temporarily.
posted by killdevil at 5:23 AM on January 2, 2006


How melodramatic. If the image tag is an "essential liberty," then wait until someone actually exploits it here on metafilter. $5 through a hacked paypal account is all it will take. And then it's bye-bye pissing elephants.
posted by crunchland at 5:37 AM on January 2, 2006


killdevil : "Yes, there's a risk, but not one that justifies removing such a central (though often hotly debated) element of the Metafilter experience, even temporarily."

Please, killdevil, send me your machine IP, open up any firewall you may have and disable all anti-virus software while I remotely install some software that will restore my essential liberty to run my code in you machine.

Do you really believe that temporally (as in while a official patch isn't available and being automatically installed in most users machines) closing a security hole (an exploit inside an image file) hurts anyone's essential liberty? As in the government arresting people without warrants or motive? So "no IMG tag" equals "no freedom of expression"? Care to elaborate, I am really curious about the extend of this political theory.
posted by nkyad at 6:18 AM on January 2, 2006


First, does anyone have an example where this exploit is successful via use of the img tag? Almost everything I've seen is via the iframe tag, which I don't believe MetaFilter allows anyway.

Second...

I'm personally not convinced that that patch worked. The tester says I'm patched - yet I just had a trojan try to execute via the WMF patch.

What do you mean by "try to execute"? Even on OS X the file downloads automatically to the desktop. The patch just blocks calls to the SetAbort function, which won't happen until a) the file is downloaded automatically by your browser, and b) Windows Picture and Fax viewer tries to open it. Having (a) and (b) happen don't mean you're vulnerable.

I'd like to know because come Tuesday I'll have to worry about some 150 machines unless MS releases a patch (thank God that it's break and 2/3 of our labs are closed till mid January).
posted by sbutler at 7:00 AM on January 2, 2006


I know it's probably really a big deal and all but for whatever reason this whole thing reminds me of the bird flu that's going to kill us all.
posted by panoptican at 7:10 AM on January 2, 2006


God, what a mess. I wish you mac fanboys were no so fucking annoying.
posted by puke & cry at 7:15 AM on January 2, 2006


were no not
posted by puke & cry at 7:17 AM on January 2, 2006


agreed on the img tag, not so much on the OS WARZ bit. i think it's useful to draw the line between microsoft's development methodology and how it's caused this problem for people. evangelizing, no, but talking about how and why things like this happen is important.

You mean their development methedologies in 1990? Obviously they should not have left that code in there, but there stuff has gotten a lot better over the years. As I said, most of their problems come from 'legitimately' installed applications, because most people are too stupid to manage their machines.

This isn't their fault, Microsoft needs to take that into consideration, and they haven't. Hopefully they will soon (by, for example, locking down all executing code before allowing it to run)

First, does anyone have an example where this exploit is successful via use of the img tag? Almost everything I've seen is via the iframe tag, which I don't believe MetaFilter allows anyway.

It should work if you're running IE, or if you download a file and then view it 'thumbnail' mode in windows explorer (!). Firefox itself can't view wmf files natively, and will prompt you to download the file.
Rothko's "Windows users are ignorant" shtick got tired fast, though. Why do Mac users think that that's anyway to convince people to use Macs? All it convinced me was never to touch an Apple product (way back in high school even)
posted by delmoi at 7:21 AM on January 2, 2006


There have been other moments of crisis where MetaFilter has shined for it's userbase over many other methods of information dispersal - mainstream news sites or other.

Those are mostly disasters. I think the reason the thread has gone so weird is that what is a disaster for some people -- in this case many Windows users and particularly Windows admins like yourself, loquacious -- are non-problems for others. I get the metaphor that it's like bitching someone out for not building a metal boat when their wooden boat is sinking because it's on fire, but ths sort of back and forth is pretty normal on MeFi in political threads and other hot button topics. I'm sorry work is going to suck for you tomorrow, but coming to MeTa to talk about something and then calling people morons who disagree with you isn't really putting your best foot forward.
posted by jessamyn (staff) at 7:38 AM on January 2, 2006


It should work if you're running IE...

Perhaps, but before we go calling for a ban on the img tag someone should demonstrate that it's actually an attack vector.

... or if you download a file and then view it 'thumbnail' mode in windows explorer (!).

Yes, well, there is nothing mathowie can do to stop you from downloading the image. What you're suggesting here is that he block the anchor tag too.
posted by sbutler at 7:47 AM on January 2, 2006


I think what sucks the most about the OS Warz isn't the discussion of OS alternatives. Things like this are potent examples of why Windows shouldn't have the domination it is in, for sure. What sucks about the resulting discussion is the actual "You windows users are assholes and now you've got what's coming to you," bullshit that some alternative OS users are doing. As if the legion of Windows users are there in some kind of joint effort to prevent Apple and IBM from getting marketshare. As if Windows users are all perfectly well aware of how crappy their security is and aren't using any other options just to stick it to Linus Torvalds and Steve Jobs.

but someone saying, "people should seriously consider switching because x and y wouldn't happen on os x or linux" is at least worth saying, even on occasions where it isn't true.
posted by shmegegge at 7:55 AM on January 2, 2006


shmegegge : "even on occasions where it isn't true."

If I remember my Algebra (and I do, trust me) and given the differences between the systems, there are no occasions where "x and y wouldn't happen on os x or linux" would be false for some values of x and y.
posted by nkyad at 8:09 AM on January 2, 2006


... such a central (though often hotly debated) element of the Metafilter experience...
"I came for the community, but stayed for the pissing elephant!"
***
Indeed, Delmoi; the shrillness of the Macolytes reminds me of Bill Hicks' comment to non-smokers: "I'd quit if I didn't think I'd turn into one of you."

There is no point to OS evangelism. Sure, you can go tell my solitaire-playing mom that OSX will give her a more secure, stable experience, but first you'll have to explain what the O, the S, and the X stand for. If you tell me to do it, I'll probably kick you in the nuts for being a condescending jerk and then steal your wallet, since I sure as hell can't afford a Mac.

By the time the average user is skilled/confident enough to consider changing their operating system, they're sufficiently informed of what alternatives are out there.
We know our options, we're aware of the alternatives.
Our reasons for using Windows are our own, and should we make the switch, it won't be because of your nattering. Your time to shine is when a user decides to switch; then any advice, recommendations, and boosterism would be more than welcome*.
Until then, don't call us. We'll call you.

*Sadly, the impression I sometimes get from the Mac/Linux/Etc. crowd is that they'd probably scorn such a person as a ignorant n00b wannabe sullier of their precious OSes.
posted by Alvy Ampersand at 8:35 AM on January 2, 2006


If the IMG tag were to be blocked it could not just be at the comment entry level - it would have to be at the page output level, because any previous existing image can easily be changed to an infected one.
posted by Ryvar at 8:53 AM on January 2, 2006


Mac users are the PETA of the computer world.

They may have a point but they're so annoying the message gets lost in the drama.
posted by Dagobert at 8:53 AM on January 2, 2006


Hey! Hello? You guys already have one thread for your pointless flame wars. Go use it.

In the mean time... I'm still waiting for an example that uses the img tag as an infection vector.
posted by sbutler at 8:57 AM on January 2, 2006


Sure, you can go tell my solitaire-playing mom that OSX will give her a more secure, stable experience, but first you'll have to explain what the O, the S, and the X stand for.

See, you're going about it the wrong way. More secure, stable experience? Meh. I'd say, "see all those popups blocking your view, they'll go byebye...see norton begging to be updated? No more."

You know, along those lines. It's been my experience not that nontechy people are so attached to windows, but that they don't even know macs exist. They just go to best buy and pick up a new pc, you know, cause that's where computers live! =)
posted by justgary at 8:57 AM on January 2, 2006


So basically, if you're browsing with Firefox and have HTML turned off in your email client, you should be fine. Just like with 99.9% of all the other "OH NOZ, WINDOZE!" exploits.

Ya-fucking-wn.
posted by Civil_Disobedient at 9:04 AM on January 2, 2006


We know our options, we're aware of the alternatives.
Our reasons for using Windows are our own,


exactly right ... a year doesn't go by when i don't download a linux distribution and research the kind of applications i'm interested in to see if there is anything new that equals what i have on windows or gives me something especially interesting to work with without a godawful lot of hacking and hassling

5 years ago, things were such that i had reasons to dual boot ... win98 was annoyingly unstable and slow ... linux gave me a couple of options in software that i didn't have in windows

now, i'm seeing increased stability in windows xp and can't find anything i want in linux apps that isn't done better in windows ... (if it was just a matter of word processing and casual web cruising, i'd be inclined to run linux)

the equation has changed for me ... i'll continue to look and test, but i have to run what is most useful to me ... i'm not blindly loyal to windows, but application variety and functionality determine what i run

i might be trying the vmware virtual player machines soon and see how those work out for the web
posted by pyramid termite at 9:05 AM on January 2, 2006


The link in this very Meta post could point to this thread now. Recursion! How's that for geeky?
posted by smackfu at 9:21 AM on January 2, 2006


So basically, if you're browsing with Firefox and have HTML turned off in your email client, you should be fine. Just like with 99.9% of all the other "OH NOZ, WINDOZE!" exploits.

Ya-fucking-wn.


No. Any windows application that displays third party images is vulnerable. Period. This includes Firefox. I won't touch OE so I have no idea if you can completely shut off all image display in it, but I'd assume you can thusly make it 'safe.'
posted by Ryvar at 9:24 AM on January 2, 2006


I fully support doing whatever it takes to stamp out "OS Warz!" It's an irritating discussion, and is never interesting. All it represents is a bunch of pointless chest-beating. I don't want to see it anywhere, ever. Especially not in a thread that may have useful/necessary information for myself and potentially millions.

Seriously, I'm reading about something that seriously affects my life and my job, the last thing I need is some wise-ass chiming in with, "Buy a Mac!"

"Buy a clue," I say.
posted by Afroblanco at 9:25 AM on January 2, 2006


You know what, I'm going to go ahead and say it.

The OS Warz are almost always started by Mac and Linux users who want to beat you over the head with their dickOS because they feel insecure about their small market share. They don't really care about you or your computing experience.

There. I said it. I've been wanting to say it for YEARS.
posted by Afroblanco at 9:29 AM on January 2, 2006


I guess a shitty post about propping up a shitty operating system on cinder blocks is 2006's new ISO 9001 standard for the "Best of the Web".
posted by Rothko at 9:37 AM on January 2, 2006


If we're going to have Newsfilter, then we're going to have posts like this.
posted by event at 9:40 AM on January 2, 2006


We don't exist to alert people to a threat,

And yet there it was: a thread that somehow managed to alert many people to a potentially serious threat, offer suggestions about what to do, and discuss the effectiveness of those suggestions. What kind of jerk would jump into *that particular thread* (and that's the key point here) to derail with insults and gleeful cackling? What kind of jerk would want to hurt fellow members like that?

To call it rude is to do it a service. In an emergency, you should just move on if you can't be helpful. Duh.
posted by mediareport at 9:44 AM on January 2, 2006


If we're going to have complaints about Newsfilter from a certain contingent here, then we're going to have to deal with legitimate complaints about pointless Windows posts like this, too.
posted by Rothko at 9:45 AM on January 2, 2006


I fully support doing whatever it takes to stamp out "OS Warz!"

The OS Warz are almost always started by Mac and Linux users who want to beat you over the head with their dickOS

Thanks for your four minutes of restraint.
posted by jessamyn (staff) at 9:45 AM on January 2, 2006


But Rothko, this is Newsfilter.
posted by event at 9:48 AM on January 2, 2006


Seriously, I'm reading about something that seriously affects my life and my job..."

So why are you relying on a shoddy and inferior OS when it affects your life and job?

Isn't that kind of like driving around in a Pinto with bald tires and no brakes, then bitching when somebody suggests you might want to rethink that?
posted by keswick at 9:49 AM on January 2, 2006


In an emergency, you should just move on if you can't be helpful.

"This pan is hot when you put it out of the oven. In the future, if you don't want to get second-degree burns, use an oven mitt or wait for the pan to cool."

A comment like the above — you know, giving alternatives to grabbing a hot metal object — is considered unhelpful here, apparently. That's probably the intelligence level to be expected, though, given the subject matter.
posted by Rothko at 9:49 AM on January 2, 2006


try something more along these lines to be more accurate:

"this pan is hot when you pull it out of the oven. In the future, cook tv dinners with a microwave and get rid of pans and ovens altogether."
posted by shmegegge at 9:58 AM on January 2, 2006


Speaking as a diehard Macuser:

Now would be an excellent time for experienced Windows User to make a well linked post about how to secure a PC. Written in plain language, that Joe Schmoe could follow.


As to whether such "OS wars" should be occurring in the thread, it would be better if Mac/Linux users politely point out an alternative as opposed to being dicks.

On the other hand, all the crap about Macs being more expensive and what not seems kinda silly as the Windows Admins in the original thread speak in such fear and dread about the problem. Wouldn't the better solution be to make the OS more secure? Or at least get Microsoft off its butt to release a patch?
posted by Brandon Blatcher at 9:59 AM on January 2, 2006


I don't get why it's such a huge offense to point out that there are OS's that aren't vulnerable to this kind of crap.

Because (and I'm speaking about some hypothetical Mac user, not you specifically), you don't know that. I, as someone who finally broke down and bought the geek-chic Powerbook last year, don't think of the average Mac owner as someone who knows jackshit about buffer overflows. While I appreciate the userbase may have shifted some since Apple moved to FreeBSD, I still doubt the average Mac owner's ability to tell me why their OS is definitely invulnerable. Because, deep down, the only answer most of them would have is their weirdly religious faith in the fact nothing has happened before.

These threads make me want to write the production design folks from Alias and see if I can get some of those phony Dell logos they stuck over the Powerbooks in the show.

In sum: I am with Afroblanco 100% on this. The OS war discussion might be valid if the Apple/ Linux voices in the crowd really gave a shit about Windows user's hapiness. Instead they're working out some insecurity.
posted by yerfatma at 10:02 AM on January 2, 2006


Thanks for your four minutes of restraint.

Ok, I'll admit, my comment was over the top.

Still, though, I have never seen a Windows user instigate the OS wars. Why? Because Windows users could care less what OS people use. Windows users have nothing to prove. Why do some evangelistic Mac and Linux users feel the need to propagate the OS Warz conversation when they're obviously never going to convince anyone that way? Seriously. I don't get it. My only guess is that it stems from some sort of insecurity.
posted by Afroblanco at 10:02 AM on January 2, 2006


I guess a shitty post about propping up a shitty operating system on cinder blocks is 2006's new ISO 9001 standard for the "Best of the Web".

No, your incessant and annoying prattling about Macs is the "Beat It" jacket of the aughts. For fuck sakes, please.
posted by KevinSkomsvold at 10:06 AM on January 2, 2006


The OS war discussion might be valid if the Apple/ Linux voices in the crowd really gave a shit about Windows user's hapiness. Instead they're working out some insecurity.

I guess I help my folks secure their Windows machine out of feelings of insecurity. You're right, but not in the way you think.

Can you idiots defending Windows get it through your heads? The rest of us are sick about hearing about avoidable problems on this scale. Stop complaining, hush, and use the oven mitt or wait for the pan to cool down.
posted by Rothko at 10:08 AM on January 2, 2006


Still, though, I have never seen a Windows user instigate the OS wars

I guess you haven't seen any of the posts that mention iPods. I can reliably count on one hand the number of comments before a Windows user shows up to say something reliably stupid.
posted by Rothko at 10:11 AM on January 2, 2006


wow...if anyone is shrill in this thread it ain't the mac users.
posted by advil at 10:13 AM on January 2, 2006


Still, though, I have never seen a Windows user instigate the OS wars.

Never? That's odd, 'cause I've seen it many a time. I'd say it's about half and half in my experience.

It's no insecurity. Rather it's noticing a constant problem we don't have and suggesting the same solution we use, with the idea that their problem will then go away and they can get on with the lives as opposed to being hijacked by some snot nosed virus writer.
posted by Brandon Blatcher at 10:14 AM on January 2, 2006


Can you idiots defending Windows get it through your heads? The rest of us are sick about hearing about avoidable problems on this scale. Stop complaining, hush, and use the oven mitt or wait for the pan to cool down.

wow...if anyone is shrill in this thread it ain't the mac users.

heh.
posted by Ryvar at 10:22 AM on January 2, 2006


That's probably the intelligence level to be expected, though, given the subject matter.

Please don't insult my intelligence. Reread the thread and listen to what people are saying, instead of reflexively sneering: there are programs we must use, for professional or personal reasons, that are PC-based. Period. I am comfortable with and genuinely like Macs, but they do not meet my needs at this time.

Mocking people does nothing to enhance your cause -- if you even have one. Should your OS become as popular as Windows, the collective energies of exploiters will be turned on it. Your smugness is misguided.

The rest of us are sick about hearing about avoidable problems on this scale.

Then don't read threads related to them. Problem solved. Oh, wait -- so you need this information to help your parents, who apparently don't listen to you either. So, you're goading people who are trying to help people like your parents, and thus indirectly, you. It looks like we both have shopping to do: me, for my oven mitts, and you, for a prosthetic nose to replace the one you're cutting off to spite your face.
posted by melissa may at 10:22 AM on January 2, 2006


Rothko, I don't understand why you are being so angry and hostile.

One could recast your last comment as something like "Can you idiots talking about AIDs get it through your heads? The rest of us are sick about hearing about avoidable problems on this scale. Stop complaining, hush, and use the condom or just stop fucking," and you would feel that the person saying that was an utter moron.

I don't think you're a moron, but your very rigid, narrow point of view on this is weird.
posted by taz at 10:24 AM on January 2, 2006


so you need this information to help your parents

Not really, dummy, since I read about this everywhere else on the web. Metafilter is not the place for posts about fixing Yet Another Goddamn Windows Problem.
posted by Rothko at 10:28 AM on January 2, 2006


I don't think you're a moron, but your very rigid, narrow point of view on this is weird.

Narrow-and-weird is putting your fingers in your ears and going lalalala when someone says you might have an alternative to getting repeated second-degree burns.

At first I found this masochistic attitude puzzling. Now I find it typical, more and more. Meh. Enjoy your fetish.
posted by Rothko at 10:31 AM on January 2, 2006


*eyeroll*

"since I sure as hell can't afford a Mac."

It's sad that a lot of the people that think Macs are 'too expensive' are the same ones that will go and drop $400 on $sweet_new_video_card.

The Mac Mini is $499. It's even less if you have a student discount. Yes, you need to buy a monitor. Whatever cheap VGA monitor you're using on the e-Machine will work just fine. Heck, if they're USB, the keyboard and mouse will too.

I'm just sayin that the "Macs are too expensive" line is nothing but BS, and I'm really sick of hearing it.

Time for the mandatory "I'm qualified to talk about this because I run $insert_l33t_os_list_here" bit, eh?
posted by drstein at 10:37 AM on January 2, 2006


Meh. Enjoy your fetish.

Funny how he never got around to answering Melissa May's point about "programs we must use, for professional or personal reasons, that are PC-based." But he *did* find a way to pull out another quote from her post and use it as an excuse to call her a dummy.

What a jackass.
posted by mediareport at 10:42 AM on January 2, 2006


So, in conclusion, Windows has more security problems because it's more popular. If Macs were as popular then they'd have just as many problems. I'm sure we can all agree on that.

Oh, and Rothko is a fucker. Spiderwire is a fucker, too.
posted by Elpoca at 10:42 AM on January 2, 2006


The Mac Mini is $499. It's even less if you have a student discount.

Don't bother. According to Ryvar, the act of giving people facts to make informed decisions is "being shrill."
posted by Rothko at 10:44 AM on January 2, 2006


...I have never seen a Windows user instigate the OS wars. Why? Because Windows users could care less what OS people use. Windows users have nothing to prove.

Most Windows users are Windows users by default. Most have never thought out why they use Windows, aside from the fact it came with their computer. That being said, I personally believe all Microsoft products suck, not because of functionality, but because of their insistance on making almost every facet of their applications proprietary (their monopolistic quality at work) which leaves them open to exploits like this and makes it difficult for interoperability between anything that's not MS with something MS.

I like Linux, it works for me, YMMV. I'm a realist however, I would never tell a friend or family member with a novice level of computer knowledge to use Linux, it's not worth the headache to them (or me), I just instruct them on ways to protect themselves and occassionally make the $20 of a friend for an hour or so's worth of work deleting spyware and ridding virii of their computer.
posted by Mijo Bijo at 10:46 AM on January 2, 2006


I heard circumcision was, like, totally awful.
posted by gimonca at 10:47 AM on January 2, 2006



Metafilter is not the place for posts about fixing Yet Another Goddamn Windows Problem...


Tell me Rothko, when you wrote the MeFi Charter, why didn't you clarify this?
I would think that someone who'd presume to dictate what MeFi is and isn't about would be familiar with the concept of "Flag it or move on."
Looks like I thought wrong. I blame it on being a Windows user.

And name calling? Shame on you.
Seriously.
posted by Alvy Ampersand at 10:47 AM on January 2, 2006


Metafilter: Your OS sucks
posted by caddis at 10:49 AM on January 2, 2006


f Macs were as popular then they'd have just as many problems. I'm sure we can all agree on that.

Not likely. They might have more problems then they do now, but the OS is inherently more secure.

And while I'd admit there's people out there who are stuck using software on PCs for professional reasons, I'd really like to know what personal software doesn't have a better Mac alternative. (games lol am i rite?)
posted by keswick at 10:50 AM on January 2, 2006


I'd admit there's people out there who are stuck using software on PCs for professional reasons

How very gracious of you.
posted by mediareport at 10:51 AM on January 2, 2006


Oh, and Rothko is a fucker. Spiderwire is a fucker, too.

In defense of Spiderwire, he did apologize later in the thread (or at least it seemed, unless I missed something).
posted by KevinSkomsvold at 10:52 AM on January 2, 2006


Tell me Rothko, when you wrote the MeFi Charter, why didn't you clarify this?

If this site is a place for posts about fixing Yet Another Goddamn Windows Problem, then there shouldn't be any more bitching about Newsfilter or iPods, etc.
posted by Rothko at 10:53 AM on January 2, 2006


Not likely. They might have more problems then they do now, but the OS is inherently more secure.

No, you're wrong.
posted by Elpoca at 10:53 AM on January 2, 2006


No, you're wrong.

No, you're wrong!
posted by keswick at 10:54 AM on January 2, 2006


Isn't that kind of like driving around in a Pinto with bald tires and no brakes, then bitching when somebody suggests you might want to rethink that?

Actually, I think it's more like driving an SUV. Get a real car, you morons! One that can go round corners and stuff! My Mitsubishi Evo is like totally immune to buffer overflow attacks. What kind of idiot drives a Ford Behemoth and expects not to have rocks thrown at it on the freeway? And I don't want to hear about those OpenPublicTransit users, that's just crazy.
posted by sfenders at 10:58 AM on January 2, 2006


It's sad that a lot of the people that think Macs are 'too expensive' are the same ones that will go and drop $400 on $sweet_new_video_card.

I really don't want to get drawn into this, but there's a fundamental point you're missing here and I feel like maybe I'll clear up a misconception for at least one person by typing this, so here goes:

The reason I assemble PCs for my family members including my grandmother is because they already know Windows from the office and quite frankly don't have the time and aren't interested in learning to do things a new way. Furthermore, every web service, application, etc. takes Windows into account when being written because of the size of the userbase. Finally, when it comes down to price:performance I can assemble something for free out of old gaming machines I have lying around.

As the Linux people are fond of saying: you can't beat free.

Once I've setup their machines properly all the maintenance can be handled with bimonthly visits. None of my family members has gotten a virus on their machines after I've set it up for them. Ever. Eight machines now over five years.

To give you an idea of how bad the current situation is, this is the first time in all those years I've had to call those family members and say "hey, watch out."

The reason *I* use PCs is games. Pure and simple. I *do* have the money for a Mac, but it doesn't play 95% of the games I want - I go through about fifty a year - so it's a brick to me, whereas that $400 video card has value.

My point is that you're conflating two seperate markets - there are people using Windows for compatibility/budgetary reasons, and people using Windows for gaming reasons. The former is too cheap or too casual to buy a Mac. The latter has no use for them.
posted by Ryvar at 10:59 AM on January 2, 2006


Elpoca, in the Mac world, you have to authenticate manually to run root-level code and nearly all services are turned off by default. In the Windows world, everything runs with the privileges of whoever is logged in, usually an admin account (the equivalent of "root"), and nearly all services are turned on by default.

By design, the operating systems have very different approaches to security. Or putting it another way you might understand: you are wrong.
posted by Rothko at 11:00 AM on January 2, 2006


In defense of Spiderwire, he did apologize later in the thread.

Ok, if so, then he's merely a nutter. Rothko, however, is still a fucker. And I'm definitely right about that.
posted by Elpoca at 11:00 AM on January 2, 2006


A penguin for you
posted by caddis at 11:03 AM on January 2, 2006


Not likely. They might have more problems then they do now, but the OS is inherently more secure.

No, you're wrong.


Elpoca, if you can't understand why OS X is more secure than Windows than you really shouldn't be arguing in this thread at all. OS X is based off of FreeBSD (open source) which has a long history of security. It's had so many eyes looking at the source code to make it one of the securist OS's on the planet. Windows security is derived from the fact you can't look at the source code, not because it was coded well. Windows is the "see no evil, hear no evil" operating system.
posted by Mijo Bijo at 11:04 AM on January 2, 2006


Mijo, you're a fucker.
posted by Elpoca at 11:06 AM on January 2, 2006


Better than a fucking moron!
posted by Mijo Bijo at 11:10 AM on January 2, 2006


Ah, that felt good. Haven't called somebody a fucking moron in like 12 hours.

Seriously, enough with the name calling and back your shit up.
posted by Mijo Bijo at 11:12 AM on January 2, 2006


A penguin for you
posted by caddis at 11:03 AM PST on January 2 [!]


That was hilarious. Thanks from a Windows user who has never had a security problem.
posted by stirfry at 11:17 AM on January 2, 2006


Q: How do you prove one operating system is more secure than another?

A: You can't.

This discussion is pointless.
posted by event at 11:18 AM on January 2, 2006


Mijo, OS X is a FreeBSD userland with a Mach microkernel and a GUI slapped on top. Significant portions are close-sourced. The 'many eyes' argument is therefore invalid when discussing OS X, as is the BSD heritage.

Furthermore, newer versions of Windows have gone a long way towards rectifying poor design decisions of versions that predated widespread Internet adoption. Windows Server 2003, in particular, ships with much of the OS disabled.

The real problem at fault with the current situation is an unwillingness on Microsoft's part to break compatibility with the past. This is a trait shared by nearly all commercial software vendors because to do otherwise costs them significant amounts of corporate customers. One of the reasons OpenBSD gets so much security praise is because every few versions some major change goes through that breaks a lot of existing software, and the userbase they have is there precisely for that reason - because they want an OS that won't pull any punches in that regard.

The point is - this is not a fundamental Microsoft cultural problem at work here. It is a commercial software cultural problem, and it applies just as much to OS X as it does to Windows. It also happens to apply to Linux, as well, because Linux is very much involved in the userbase war now.
posted by Ryvar at 11:21 AM on January 2, 2006


you idiots defending Windows
Not really, dummy

As a straddler, rather than a switcher, should I start worrying that Mac use is going to infect me with the sanctimony virus?
posted by normy at 11:27 AM on January 2, 2006


I'd really like to know what personal software doesn't have a better Mac alternative
Well, when I moved to Mac, I immediately missed the following.
- Printer drivers for my Panasonic KX-P7105
- Line In plug for my microphone.
- Anything half as good as webdrive for posting images onto my webspace.
- A decent word processer. (Open Office ... sort of works)

I'm also a bit sad that I can't get Google Earth for my Mac.
posted by seanyboy at 11:30 AM on January 2, 2006


Q: How do you prove one operating system is more secure than another?
A: You can't.


This is the same as saying you cannot show a Volvo has a relatively safer-engineered design than a Ford Pinto, and is thus an opinion without any basis of fact.
posted by Rothko at 11:30 AM on January 2, 2006


Ryvar makes the most sense.
posted by dial-tone at 11:31 AM on January 2, 2006


If we're going to have complaints about Newsfilter from a certain contingent here, then we're going to have to deal with legitimate complaints about pointless Windows posts like this, too.
posted by Rothko at 9:45 AM PST on January 2 [!]


First, there are far more Mac/iPod posts in the blue than there are Windows, but I trust you protested them just as much.

Second, it's not pointless to many. Surely you've met other people in your life who have a different set of interests and priorities than your own. Surely?

Third. Flag and MetaTalk are the right way to go or do you like behaving like dios?

Fourth. Don't read it.

I'm just sayin that the "Macs are too expensive" line is nothing but BS, and I'm really sick of hearing it.
posted by drstein at 10:37 AM PST on January 2 [!]


Except for some, they are too expensive. Price and what is affordable and too expensive are of course, entirely relative. That you believe otherwise is complete BS. There's no way I'd pay that much for a machine that performs so poorly for my needs. For others, it's great. In either case, it can be both not too expensive, and too expensive.

I've used Macs in freelance jobs many times. I would never buy one personally but that's just me. Doesn't mean they "suck" or that other alternatives "suck."

Personal preferences and priorities. Look into them sometimes. You'll find they differ from person to person.
posted by juiceCake at 11:33 AM on January 2, 2006


Third. Flag and MetaTalk are the right way to go or do you like behaving like dios?

Troll much? Can you show me where in the original Metafilter thread I'm going after a poster personally?
posted by Rothko at 11:38 AM on January 2, 2006


Rothko: This is the same as saying...

No, in fact, it is very different from saying that.

A new class of exploits specific to Macs could appear at any time. And it is mathematically impossible to prove otherwise.
posted by event at 11:41 AM on January 2, 2006


Troll much? Can you show me where in the original Metafilter thread I'm going after a poster personally?
posted by Rothko at 11:38 AM PST on January 2

Can you show me how "get a Mac" actually helps a person using Windows fix the problem?

Troll much? You're fucking hilarious. Thanks for the laugh.
posted by juiceCake at 11:44 AM on January 2, 2006


juiceCake : "Can you show me how 'get a Mac' actually helps a person using Windows fix the problem?"

While I disagree with Rothko's general attitude here and there and name calling here, that's not quite the point. What he said, correctly, is that he haven't personally attacked anyone in this specific blue instance. And by the way, following the "Get a Mac" advise indeed solves the problem at hand. A somewhat expensive and cumbersome method, but it certainly works.
posted by nkyad at 11:48 AM on January 2, 2006


What he said, correctly, is that he haven't personally attacked anyone in this specific blue instance.

But then, juiceCake never accused him of that, so Rothko's bringing that up was a non-sequitor.
posted by event at 11:53 AM on January 2, 2006


No, in fact, it is very different from saying that.

Why? Software is just another engineering problem.
posted by Rothko at 11:56 AM on January 2, 2006


While I disagree with Rothko's general attitude here and there and name calling here, that's not quite the point. What he said, correctly, is that he haven't personally attacked anyone in this specific blue instance. And by the way, following the "Get a Mac" advise indeed solves the problem at hand. A somewhat expensive and cumbersome method, but it certainly works.
posted by nkyad at 11:48 AM PST on January 2 [!]


I never said he did. However he did say this:

And why the hell do people PUT UP WITH IT?

Laziness, stinginess and ignorance.
posted by Rothko at 12:49 AM EST on January 2 [!]


In fact, many people use Windows because they prefer too and it has nothing to do with laziness, stinginess and ignorance.

And

if only to curtail these unnecessary threads that are not worthy of "best of the web", by any stretch.
posted by Rothko at 1:25 AM EST on January 2 [!]


This is very much a dios thing. Do it in the blue, not in the brown.
posted by juiceCake at 11:57 AM on January 2, 2006


But then, juiceCake never accused him of that, so Rothko's bringing that up was a non-sequitor.

I was improperly accused of acting like Dios. My response was appropriately germane.
posted by Rothko at 11:59 AM on January 2, 2006


Er, in case it wasn't clear, I did back off from the OS war pretty quick, and if an apology was necessary, it's hereby offered. WTF is with the "fucker" and "moron" stuff? Weren't the Windows users the ones complaining about condescension?

For the record, I wasn't evangelizing for an OS, I was criticizing Microsoft's poor practices. Using Windows isn't de facto bad; the security just sucks, and it sucks for institutional reasons in the company. People should be aware of that. I think that OSX is a great alternative, but that wasn't the issue I was trying to raise. I don't advocate that people not use WinXP and I have nothing personal against Microsoft. But just because it's not evil doesn't mean this sort of thing isn't stupid/dangerous.

But hey, people care about this stuff, they want to yell about it, that's cool...
posted by spiderwire at 12:04 PM on January 2, 2006


Can you show me how "get a Mac" actually helps a person using Windows fix the problem?

Sure: Don't want to get yet another second-degree burn in the future? Give your purchasing decision some more thought, next time around.
posted by Rothko at 12:05 PM on January 2, 2006


Oh, goody. A mac-windows flame war that turns into yet another thread about rothko and dios (in dios' absence, no less). Truly, this is what metafilter is all about.
posted by monju_bosatsu at 12:06 PM on January 2, 2006


Why? Software is just another engineering problem.

But security is not the same as safety. The safety record of a car (for example) can give us a good idea of the future safety performance of the car -- it will generally correlate pretty well. This is because safety operates within the average use case for a car.

But security operates outside the average use case. The security record of an operating system tells us some, but not nearly as much as you seem to think, about the future security of the operating system. We have no way of knowing what new vulnerabilities, what new vectors of attack, etc., will appear in the future. So it is impossible for us to say that Macs will be protected and Windows won't. Because we don't know what they are yet.
posted by event at 12:06 PM on January 2, 2006


Monju, for what it's worth, I didn't bring up his name over here.
posted by Rothko at 12:08 PM on January 2, 2006


Can you show me how "get a Mac" actually helps a person using Windows fix the problem?

Sure: Don't want to get yet another second-degree burn in the future? Give your purchasing decision some more thought, next time around.
posted by Rothko at 12:05 PM PST on January 2 [!]


Obviously, the question had to do with right now, not the future, which none of us knows but you apparently. Surely it was my own fault and that of any others who asked the question, that we assumed we'd get good responses for immediate help.

So, to make it clear, how does it help right now?

I gave my purchasing decision plenty of thought mate. And I decided, and still decide, that I don't want or need a Mac. My Windows box is much better for me and and I don't get burned at all.

Imagine that.
posted by juiceCake at 12:10 PM on January 2, 2006


But security is not the same as safety

Yes, it certainly is. A product that anyone can coerce remotely is unsafe, doubly so if you knew it was unsafe to begin with. Windows is a fucking disaster in waiting. You can't say you weren't warned.
posted by Rothko at 12:12 PM on January 2, 2006


Incidentally, I thought that my first post here was pretty tame. What does one have to do to be an 'evangelist'?

One comment, and this isn't directed at one camp or the other: the people in this thread and the other making the argument that there is no distinction between OSes and that infection is related to market share are wrong. Dead fucking wrong. Many security best practices are actually very easy to define (checking bounds to prevent buffer overflows? not running everything as administrator? bueller?) and have been known for a long time, and in those respects OSX, *nix, and, well... everything... is quantifiably superior to Windows.

That's not to say that OSX/*nix don't have vulnerabilities -- but to posit that the two are equivalent is simply ignorant, and demonstrates that you really have no clue what it is that you're talking about.

That's also not a "you must switch" argument. Lots of people get by just fine with those security holes because they're not at risk for various reasons. It really won't matter to most people, and that's fine. But they're not the same.
posted by spiderwire at 12:12 PM on January 2, 2006


Monju, for what it's worth, I didn't bring up his name over here.
posted by Rothko at 12:08 PM PST on January 2 [!]


No I did. But imagine Monju can read. His post clearly displays that capability.

I felt it was a good reference rather than a large explanation. The thread has not become about him either, just a particular brand of behaviour. However, like said poster, it's futile with Rothko as well.
posted by juiceCake at 12:13 PM on January 2, 2006


So, to make it clear, how does it help right now?

It helps you confront the reality of what you are dealing with, and helps you think about a long-term solution to the problem, regardless of what you think personally about the person making that suggestion.
posted by Rothko at 12:14 PM on January 2, 2006


event's post is exactly what I was talking about. Dude, you really have no clue. You don't evaluate the security of an OS like your Hyundai. Stop making yourself look like a twit.
posted by spiderwire at 12:14 PM on January 2, 2006


That's also not a "you must switch" argument. Lots of people get by just fine with those security holes because they're not at risk for various reasons. It really won't matter to most people, and that's fine. But they're not the same.
posted by spiderwire at 12:12 PM PST on January 2 [!]

Absolutely.

However, I think the chief objections were to the not all helpful suggestions like "Get a Mac already..." and the clear we're laughing at you idiots posts.
posted by juiceCake at 12:15 PM on January 2, 2006


But security is not the same as safety

Yes, it certainly is.

Rothko, did you even read the rest of my comment, wherein I explained the difference?

I guess I should have known better than to get involved in a discussion with you. My apologies to all.
posted by event at 12:15 PM on January 2, 2006


However, like said poster, it's futile with Rothko as well.

Troll.
posted by Rothko at 12:15 PM on January 2, 2006


Rothko, did you even read the rest of my comment, wherein I explained the difference?

Yes, I did. Safety and security are one and the same. You can engineer applications that are less vulnerable from the start. You can engineer layers of security into the kernel that runs said applications and negotiates with hardware. All of this security can be tested with other applications. Simply inventing unknown boogeymen does not absolve you of responsibility, nor does it prevent you from comparing the relative safety of two products (whether cars or paperclips or software). Sorry.
posted by Rothko at 12:19 PM on January 2, 2006


It helps you confront the reality of what you are dealing with, and helps you think about a long-term solution to the problem, regardless of what you think personally about the person making that suggestion.
posted by Rothko at 12:14 PM PST on January 2 [!]


Well thanks. I totally disagree that it helps anyone right now and the reality in many cases is already known, or it wouldn't be discussed. But thanks for trying.

As for what one thinks personally about the person making the suggestion, well of course. That's obvious. Who implied otherwise?
posted by juiceCake at 12:19 PM on January 2, 2006


However, like said poster, it's futile with Rothko as well.

Troll.
posted by Rothko at 12:15 PM PST on January 2 [!]


It happens to be my honest opinion mate.
posted by juiceCake at 12:20 PM on January 2, 2006


Ironically, Rothko isn't the one trolling in this thread.
posted by spiderwire at 12:25 PM on January 2, 2006


Safety and security are one and the same.

I respectfully disagree. They are related, but they are different. Loss of security can lead to loss of safety (as your link showed) but a perfectly secure nuclear reactor can still be unsafe.

You can engineer applications that are less vulnerable from the start.

Prove it. (You can't.) We can engineer applications that we think are less vulnerable, but we can't prove it is so.

You can engineer layers of security into the kernel that runs said applications and negotiates with hardware.

So what? Again, we think this helps, but we can't prove it.

All of this security can be tested with other applications.

Please tell me how. Seriously -- please tell me. All you can do with a security testing application is say, "Well, this application showed me that nobody can come in through this door" but it doesn't tell you whether there are any other doors wide open.
posted by event at 12:31 PM on January 2, 2006


Interesting that windows posts are supposed to be sacrosanct around here. In a post about abortion, for instance, all sides tend speak up. The Christians and the atheists, the men and the women, the pro-life and the pro-choice. We expect it, we don't (usually) run away and ask for mass deletions of someone else's opinions and contributions, do we?

OMG some mac user or linux guy posted a one liner about not having to worry about this latest security issue, OH NOES! A post about an operating system sprouts a very minor discussion about other operating systems! THE WHOLE THREAD IS USELESS NOW. Public service announcement DESTOYED! Windows users who are apparently trying to SAVE THE WORLD by posting comments on a mefi thread are being THWARTED! WOE! WEEP WEEP! THINK OF THE CHILDREN!

Your attitude is getting in my peanut butter, Rothko, you terrorist! If you're not with us you're against us! Why do you hate America Microsoft? Why do you hate our freedom? DELETE DELETE DELETE
posted by Hildegarde at 12:37 PM on January 2, 2006


Your argument is the equivalent of saying that because I can't "mathematically prove" (whatever that vague term means) that flipping the left-turn signal indicator on my Saab won't cause the car to explode, I shouldn't drive it, let alone go near it.

Now, Saabs can be flaky, and in a crazy world, anything can happen.

But I take it as given that I'm more likely to be in a situation where a drunk driver will slam into me.

So I'm glad that automobile engineers spent time on airbags and crumple zones, rather than on hypothetical explosive dangers of left-turn indicator signals.

Likewise, I'm glad that the professional software engineers at Apple have done a better job at focusing on the usual weak points of an operating system than Microsoft, rather than deliberately engineering weak crumple zones into the product.
posted by Rothko at 12:38 PM on January 2, 2006


Your attitude is getting in my peanut butter, Rothko, you terrorist! If you're not with us you're against us! Why do you hate America Microsoft? Why do you hate our freedom? DELETE DELETE DELETE

Did I harsh your mellow, Hildegarde? ;)
posted by Rothko at 12:39 PM on January 2, 2006


I respectfully disagree.

You are wrong.

Prove it. (You can't.) We can engineer applications that we think are less vulnerable, but we can't prove it is so.

Again, you are wrong. Your car does not have source code. It can't do bounds checks when it gets leveled by an SUV. An OS, on the other hand, is quite capable of limiting its inputs and outputs and thus is at least theoretically capable of being secure and, more importantly of being audited for security.

So what? Again, we think this helps, but we can't prove it.

Again, you are wrong and clearly have no idea what you're talking about. Source code is knowable and readable. Just because you don't understand how this magical piece of machinery works under the hood doesn't mean that it's being run by an elf.

Please tell me how. Seriously -- please tell me.

He just did. Asking for a complete rundown of security best practices when you obviously have no grasp of the subject is like asking a classicist to discuss grammar in the Illiad even though you don't know Latin.

All you can do with a security testing application is say, "Well, this application showed me that nobody can come in through this door" but it doesn't tell you whether there are any other doors wide open.

The fact that you're talking about "security testing applications" proves that you have no idea what's going on here. This is not a discussion of after-the-fact exploits. Rothko is talking about fundamental design issues -- e.g., properly implementing access controls, following comm protocols, condition checking. Things you learn in CS 101.

This is not a subject of mystery. There have been thousands of articles and books written on how to do security and development properly. The best practices are quite well known. OSX and *nix follow many of these best practices. Windows does not. This is not in dispute in any way, shape, or form.

If you really wanted to use your horrid car analogy, then your argument is tantamount to looking at a new Honda Civic and a Pinto and saying "well, until we drive them, we'll never know which one is safer." Wrong. There are fundamental design components in each that can lead you to make an accurate initial estimation about which will be more likely to get you killed. Just because 99% of the population is using the poorly-designed car doesn't mean that cars are inherently unsafe.
posted by spiderwire at 12:43 PM on January 2, 2006


Incidentally, this section of this much longer article gives a few examples of the security problems inherent in Windows and Microsoft's development. event, if you really are looking for substantive answers to your questions, this would be a good place to start.
posted by spiderwire at 12:48 PM on January 2, 2006


Did I harsh your mellow, Hildegarde? ;)

Oh, there is no harshing mellow this deep, my friend. I'm just sitting back, listening to my itunes, loading up my ipod, chatting with some folks on ichat, and generally enjoying my glorious ibook-enabled iexistance, that's all.
posted by Hildegarde at 12:51 PM on January 2, 2006


Rothko (or spiderwire), prove to me that:

void main(void) {
printf("hello");
}

Is secure against all attacks.
posted by event at 12:51 PM on January 2, 2006


Still, though, I have never seen a Windows user instigate the OS wars. Why? Because Windows users could care less what OS people use. Windows users have nothing to prove.
posted by Afroblanco


Ahh, haven't been out much, have you? This isn't a one way street by any means. Mac bashers are everywhere. Just yesterday on a digg thread about running mac osx on a pc the first comment was "why do I want to use a fisher price computer?". On metafilter the tide is turned somewhat.
posted by justgary at 12:55 PM on January 2, 2006


Oh Christ. Dude, you're a moron and a troll. Read the article. I'm done.
posted by spiderwire at 12:55 PM on January 2, 2006


(You can tell me that it looks secure to you. You can tell me that it is secure against all attacks known right now. But neither of those statements proves, or is any indication at all, that it is secure against all possible attacks.)
posted by event at 12:55 PM on January 2, 2006


Rothko writes "Sorry."
Apology accepted.
posted by peacay at 12:55 PM on January 2, 2006


[my last comment was referring to event, not justgary, if that wasn't clear]
posted by spiderwire at 12:57 PM on January 2, 2006


Wow. Rothko is an ostentatious, overbearing, whiny, immature, insuffereable, irredemable, condescending prick. Reading your words makes my tear ducts want to bleed. I can't imagine what it would be like being you, but if I ever wanted to I would build myself a tiny wooden box just large enough to fit me, paint the inside with the prettiest scenery I could imagine, and then drill a pin-sized hole from which to observe the rest of the world.
posted by baphomet at 1:05 PM on January 2, 2006


Awesome insult, baphomet. Best of the web. Cheers.
posted by Rothko at 1:07 PM on January 2, 2006


Ah, peacay. I thought you were better than that. :(
posted by Rothko at 1:08 PM on January 2, 2006


(You can tell me that it looks secure to you. You can tell me that it is secure against all attacks known right now. But neither of those statements proves, or is any indication at all, that it is secure against all possible attacks.)

Prove to me my Saab won't blow up when I use the left-turn signal. Prove to yourself how futile it is to look for such a proof when more useful "proofs" can be established about how, say, seatbelts save lives — and therefore cars engineered with seatbelts are safer than cars without seatbelts. Prove to me that I'm not wasting my time on you, event.
posted by Rothko at 1:11 PM on January 2, 2006


Furthermore, newer versions of Windows have gone a long way towards rectifying poor design decisions of versions that predated widespread Internet adoption. Windows Server 2003, in particular, ships with much of the OS disabled.

That's hilarious, right there.

"Hay guyz, Microsoft's OS is so fuckin' awesome and secure, they ship it with large parts of it disabled!!1"

Have you thought about taking a PR job with the Bush Administration?
posted by keswick at 1:17 PM on January 2, 2006


My comment was not intended as a troll, and I hope it is not interpreted by others as a troll. It is a serious question and I gave a legitimate (though very simple) example.

I am using the word "proof" in the formal sense. For example, we can prove that theoretical security protocols are secure (like Pfitzmann did with Needham-Schroeder). But the proof of the security of the protocol does not tell us anything about the security of the implementation of that protocol.

Similarly, without a proof of security like the Needham-Schroeder proof for the underlying hardware, and underlying operating system, we can only make estimates about the security of the printf() example.
posted by event at 1:18 PM on January 2, 2006


Similarly, without even with

Argh!
posted by event at 1:21 PM on January 2, 2006


I noticed the Mefi Blacklist is no longer working for me. I am not happy about that. Is it not working in general or is this a problem specific to my 'puter?
posted by weretable and the undead chairs at 1:22 PM on January 2, 2006


Safety and security are one and the same.
They have those roads that go up mountains in Europe that don't have crash barriers on them. The various traffic scientists have worked out that by reducing the security on the road actually causes people to behave more carefully and actually increases safety. This isn't germane to the conversation we're having, but it shows that in an environment where security can be improved in many different areas, decreasing security in one of those areas can improve overall safety.

Hope I haven't misinterpreted your definitions of safety and security here
posted by seanyboy at 1:26 PM on January 2, 2006


"Hay guyz, Microsoft's OS is so fuckin' awesome and secure, they ship it with large parts of it disabled!!1"

Have you thought about taking a PR job with the Bush Administration?


OK, now that's just stupid - the biggest complaint most security professional have about Windows is that it comes with EVERYTHING enabled by default. The problem with that is that shit that almost nobody needs can create holes for all the people who aren't using it.

Classic example: Windows XP shipped with a massive fucking hole in the UPnP service that allowed remote admin-level code execution on any non-firewalled system, and this was discovered shortly after its release. At that time, UPnP was rarely needed by anyone.

One of the oft-cited strengths of noted secure operating systems like OpenBSD is that they ship with every last thing possible disabled so that a minimum of potential infection paths are exposed to the world.

Less is more.

I apologize because I don't want to join in the nasty tone that has permeated this whole thread, but you should not be correcting others as to what constitutes good security practice. That Windows Server 2003 shipped the way it did was the first real sign that Microsoft was taking its then-new security initiative at all seriously. It was a sign that they were starting to turn over a new leaf, maybe, and it got some further confirmation when they finally started giving a shit about home user security with XP SP2.

The final step of cutting ties with all their previous, shitty design decisions (from a security standpoint, at least) isn't one they're going to take, though, because of the impact it would have with their corporate sales. See also: my comment above about the inherent problems with all commercial operating systems.
posted by Ryvar at 1:30 PM on January 2, 2006


Ironically, Rothko isn't the one trolling in this thread.
posted by spiderwire at 12:25 PM PST on January 2 [!]


Ironically. No one is.
posted by juiceCake at 1:31 PM on January 2, 2006


keswick: Microsoft's OS is so fuckin' awesome and secure, they ship it with large parts of it disabled
I hope you're not being wilfully awkward here. Mac OSX does the same, and it's only the distro nature of linux which stops it happening in Linux too. (e.g. If you need a web server, you'll install a web server)

I noticed today, for example, that the latest ubuntu distro doesn't have a web server, php or mySQL. Also perversly, I couldn't find "make".

This disabling is a step that Microsoft are now serious about software security. They've made the poor marketing decision of ensuring that things do not work out of the box because it ABSOLUTELY improves overall security. This is a decision which (a) has made my life harder, but (b) I absolutely endorse. To me, this is good security done properly.
posted by seanyboy at 1:35 PM on January 2, 2006


Ryvar beat me to it. Darn.
posted by seanyboy at 1:36 PM on January 2, 2006


Thank you, seanyboy.
posted by Ryvar at 1:36 PM on January 2, 2006


Doh. Double-jinx.
posted by Ryvar at 1:36 PM on January 2, 2006


Bruce Scheier makes a much better version of my argument (I bet he didn't get called a moron and a troll, anyway) in the first page or two of this essay [pdf].
posted by event at 1:37 PM on January 2, 2006


event - you might already be aware of this, but if not you may be interested in proof carrying code
posted by andrew cooke at 1:46 PM on January 2, 2006


seanyboy: I'd really like to know what personal software doesn't have a better Mac alternative
Well, when I moved to Mac, I immediately missed the following.
- Printer drivers for my Panasonic KX-P7105
Yeah, that blows. I really wanted to buy a panasonic last year as they are the cheapest laser, but had to go with a more expensive HP for its Mac support.

- Line In plug for my microphone.
This is only a problem with iBooks and Mac Minis. A (reasonably cheap) workaround is a usb mic adaptor

- Anything half as good as webdrive for posting images onto my webspace.
Panic's Transmit ftp client gets tons of praise. For my Movable Type blog, I use an iPhoto plugin. Couldn't be easier.

- A decent word processer. (Open Office ... sort of works)
MS Word for mac is way better than the Windows version, but I do share your frustration. Mellel is by far the nicest word processor I've used, but it doesn't have a neutral file format. If you were to go the Open Office route, NeoOffice is a more native port.

As offensively as it was put, I think Afroblanco was right: we mac users tend to be a little overzealous because we need the marketshare to grow to protect our investment. I apologize on behalf of all the sanctimonious dicks in this thread and the other. That said, do consider a Mac for your next purchase ;)
posted by Popular Ethics at 1:52 PM on January 2, 2006


event : "Prove it. (You can't.) We can engineer applications that we think are less vulnerable, but we can't prove it is so."

event, I understand what you are saying and why you're saying it, but you completely, irrefutably wrong. This is incidental to this thread, but let me give you some perspective. There are several known methods to prove a program correct, for whatever set of parameters you mean by "correct".

You just do not understand what software really is. A piece of software, regardless it being readable or not, regardless the programming language it is written on, regardless of its target machine or operating system, is just a mathematical theorem proposing one or more hypothesis. A program is a way to transform one set of symbols (namely the input) into another set of symbols (namely the output) through a series of definite logical operations. Inside a given set of constraints (allowed symbols, allowed operations) each step can be proved correct and the whole program can be proved correct.

Obviously, the methods available to prove programs are painfully slow, so nothing but the most important/expensive software is developed this way.
posted by nkyad at 1:56 PM on January 2, 2006


event: It's Schneier, and if your argument is really "but no OS can be perfect," then it's a strawman, and the only possible response is: "Duh." Either that comment is moronic, or it's not even remotely germane to the discussion. At any rate, it certainly isn't a useful statement at the level of an operating system.

The argument that I think everyone here was making is not that *nix and/or OSX is "perfect" but that they are better, and that Windows is in many ways uniquely flawed. Your first relevant comment in this thread,
Q: How do you prove one operating system is more secure than another?

A: You can't.

This discussion is pointless.
is, yes, moronic and trollish. The argument that because perfect security is impossible, Windows and *nix are therefore equivalent w/r/t security is simply not true. Windows is both empirically and theoretically a poorly written and insecure OS. The comparison to any flavor is *nix is not even close. This is not a disputed fact, although you seem to think/imply that it is. Your subsequent defense is so completely disconnected from everything else you've said in this thread and the other that it strikes me as wholly disingenuous.

Seriously, if you don't understand how testing airbag safety and writing a secure OS are distinct, you have no business taking part in this discussion.
posted by spiderwire at 2:01 PM on January 2, 2006


Also, I think that the first graf of the article I've linked several times here is particularly on-point. Since no one appears to have read it, I'll take the liberty of posting:
Let's be honest: there's no such thing as bug-free software. Initial versions of programs may occasionally crash, fail to de-allocate memory, or encounter untested conditions. Developers may overlook security holes, users may do things nobody thought of, and not all systems are identical. Software developers are human, and they make mistakes now and then. It happens. But of all major software vendors Microsoft has the worst record by far when it comes to the quality of their products in general.
I strongly encourage event to read the section entitled "Basic insecurity of MS products." It's really quite interesting.
posted by spiderwire at 2:05 PM on January 2, 2006


I apologize on behalf of all the sanctimonious dicks in this thread and the other. That said, do consider a Mac for your next purchase ;)

Thanks for the nice, reasoned tone, PE - that was cool of you. I'm definitely thinking about it for certain family members - mom, grandma, etc. Incidents like this one make it easier for me to not feel bad when it comes to telling my family to shut up and plunk down some cash. But until stuff like Oblivion starts hitting the Mac it's a no-go for me. I'll be first in line if/when the time comes, though.
posted by Ryvar at 2:08 PM on January 2, 2006


The hard part of horsehockey is getting the horses to hold the sticks.
posted by clevershark at 2:11 PM on January 2, 2006


clevershark, that's why you should get donkeys ... horse users are ignorant lazy idiots
posted by pyramid termite at 2:25 PM on January 2, 2006


hahahahaaa. ha! ♥ pyramid termite
posted by taz at 2:31 PM on January 2, 2006


Sure, but then people would call is asshockey, and that's just not right.
posted by clevershark at 2:31 PM on January 2, 2006


Dude. Harsh.
event is only trying to make the point that no modern operating system can be proved to be secure. I think he understands the situation clearly.

You state - in the strongest manner - that Unix Variants are inherently more secure than Windows. In the past, on the server side of things this has proven (by dint of the infection vectors of worms) to be true. However, in the context of the desktop environment, I think you're missing some important issues.

Firstly, Desktop Unix has only really got going in the last 5 or so years. Lessons learnt by Microsoft have been applied to the mass of new development on Desktop Unix. One of the main reasons that browsers like mozilla is so safe is because the development environment (as a whole) has learnt that you don't do things like - allow access to your filesystem via your webbrowser.

Like it or not, these lessons have also been learnt by microsoft. There's no point in comparing the entire history of Microsoft exploits with a newly patched and up-to-date Linux machine.

Secondly, Linux desktop machines are generally owned by Power Users. Like Me. In the 20 sum years that I've worked on computers, I've only been affected three times by exploits. The reason I've only been hit three times. Because I know computers. Like 99% of the linux users out there. Comparing attacks on Windows users with attacks on Linux users is like comparing apples to oranges. There are too many factors.

You may like to know that the third exploit I got hit with was a PHP exploit which trashed my linux based website.

Thirdly. If an email based virus was written which attacked my Apple Mac, that email, when propagated would probably only hit one other Mac User. There's a lesson here about biodiversity, and how weeds hidden in heterogeneous crops are less likely to be infected by disease, but it's a long lesson, and I've been going on too much.

Finally. Don't assume that any attack vectors for upcoming Linux exploits will be designed to hit the operating system. They won't. My guess is that any Linux Desktop exploits will be designed to infect via a higher level of program. KDE, open office, Gaim, GTK, etc will offer the attack routes needed for Linux exploits. These are programs which don't have the same level of security applied to them as the core. This is a guess, and it'll require a larger adoption of Linux, but that's what I see happening.
posted by seanyboy at 2:32 PM on January 2, 2006


pyramid termite, you're such a moron. clevershark has an specific horse-related problem, he does not want to know anything about f***ing donkeys nobody else uses anyway. I hate people who tries to turn any horse related thread in a traction-animal war.
posted by nkyad at 2:34 PM on January 2, 2006


LOL
posted by clevershark at 2:36 PM on January 2, 2006


event is only trying to make the point that no modern operating system can be proved to be secure. I think he understands the situation clearly.

But that doesn't make the debate "pointless" by any stretch of the imagination. That's why I called it disingenuous, and that's why the criticism was harsh.

You state - in the strongest manner - that Unix Variants are inherently more secure than Windows.

I didn't say that at all. However, most of the main Unix variants are more secure than Windows. There's nothing "inherent" about it.

the development environment (as a whole) has learnt that you don't do things like - allow access to your filesystem via your webbrowser.

If you think that lesson was only learned in the last 5 years, you are wrong. Regardless, Microsoft has had ample opportunity to redevelop in the last 15 years or so, and instead they choose to recycle broken legacy code.


Your points about "power users" and "biodiversity" are relevant as far as explaining why there have been fewer exploits that have widely affect OSX and Linux users, but they don't change the fact that the design of Windows is fundamentally flawed and insecure. OSX doesn't run as root, by default. Windows makes you run everything as administrator. What do you not understand about this? The list of really basic things that Windows screws up is miles long, and it has nothing to do with their level of adoption.

Don't assume that any attack vectors for upcoming Linux exploits will be designed to hit the operating system. They won't.

Right, because it's more secure. Under Windows, a random third-party program can install itself under a standard configuration as a result of something as simple as viewing an image, or Sony can rewrite basic parts of the OS with a rootkit, or the BIOS can get fried, and so on and so forth. Whereas in properly designed operating systems, the kernel and core functions are isolated by simple access controls (which aren't exactly innovative), and the damage is limited.

Seriously, I have no idea how people can continue to make this argument with a straight face. Windows works for some people. That's fine. However, it is irrefutably less secure than most any other OS, and many of its security flaws are the sorts of things that first-year CS students would know to avoid. Period.
posted by spiderwire at 2:47 PM on January 2, 2006


Actually, cars do have source code. All modern cars have at least one computer, some have dozens.
posted by rfs at 2:51 PM on January 2, 2006


Seriously, I have no idea how people can continue to make this argument with a straight face
Because I see no proof that the latest version of windows is less secure than the latest version of any other operating system.

the damage is limited.
There's no difference to the average user between a hosed computer and a hosed user space. The worst thing it can do is propagate to others or delete my data. You can partition the O/S off from the desktop as much as you want, but ultimately, this is what is important to me.

Many of its security flaws are the sorts of things that first-year CS students would know to avoid.
Unfortunately, this is not the case.
posted by seanyboy at 2:59 PM on January 2, 2006


event, I understand what you are saying and why you're saying it, but you completely, irrefutably wrong. This is incidental to this thread, but let me give you some perspective. There are several known methods to prove a program correct, for whatever set of parameters you mean by "correct".

I choose the set of parameters to be: the Halting problem. Prove my program correct.

Proof of security falls in the same territory.
posted by event at 3:07 PM on January 2, 2006


I would just like to say that that "Why I hate Microsoft" article was amazing. I had made the argument to friends before that "If some other OS were 90% of the market share, hackers would have found just as much to play with in it, because that's what they do." I now understand that the reason these virii and malware apps don't affect linux/macOS is because when the vulnerabilities were discovered in windows, there was no comparable vulnerability in linux/macOS. that speaks volumes. but hey, I'm not a sysadmin, so it's not as big a deal to me. Not being able to play any videogame I want? more of a big deal to me. oh well.
posted by shmegegge at 3:19 PM on January 2, 2006


So to sum up both this thread and the original:

You and your favorite OS suck.
posted by mr_crash_davis at 3:36 PM on January 2, 2006


shmegegge: You should take that article with a pinch of salt. Seriously. This is not an article that says "I hate Microsoft because of a,b,c", it's an article that says "I hate Microsoft, so I'm going to rant about a,b,c"

The "Microsoft lacks confidence in own products" section is particularly terrible.

when the vulnerabilities were discovered in windows, there was no comparable vulnerability in linux/macOS. that speaks volumes.
If you and I separately built a car, then our products would probably have different vulnerabilities. Any vulnerability found on your car probably wouldn't exist on mine, and vice-versa.

The PHP exploit I mentioned earlier that trashed my website only applied to PHP. It didn't apply to ASP. This tells us nothing about the relative merits of both systems.
posted by seanyboy at 3:43 PM on January 2, 2006


Because I see no proof that the latest version of windows is less secure than the latest version of any other operating system.

OK, OSX doesn't run as root by default. Windows does. Is that more or less secure?

There's no difference to the average user between a hosed computer and a hosed user space. The worst thing it can do is propagate to others or delete my data.

That is complete poppycock. The difference between a system infected by a rootkit (which can hide itself from the kernel, and hence from scanning tools) and a system that has an infected user is significant, and I think you know that.

That Joel Spolsky article you linked actually makes the same point I was making, albeit about a different part of Microsoft's development culture:
The very fact that Google invented MapReduce, and Microsoft didn't, says something about why Microsoft is still playing catch up trying to get basic search features to work, while Google has moved on... I don't think Microsoft completely understands just how far behind they are on that wave.
And I think that you know that the "first year CS" comment was rhetorical. Would it have been OK if I said that they were "amateur mistakes"? Christ.


And yes, you should take that article with a grain of salt (it is called "I Hate Microsoft," after all), but at the same time, it's quite good in general, and very well-researched. I thought it did a good job of summating a number of the aforementioned amateur mistakes that Microsoft has made with Windows, and I don't see you refuting much of it, seanyboy.

If you and I separately built a car, then our products would probably have different vulnerabilities.

Yeah, but if you built yours out of cardboard and I used steel I don't think many people would have trouble deciding which one to take their kids to school in.
posted by spiderwire at 4:15 PM on January 2, 2006


I have never seen a Windows user instigate the OS wars.

Visit a Mac forum. Any Mac forum. They all have developed habitual responses to the incessant visits by Windows-loving *individuals* who get their jollies trying to trash the forums. Happens all day, every day.
posted by Kirth Gerson at 4:35 PM on January 2, 2006


Rothko isn't the one trolling in this thread.

No, but he's been a pompous insulting jackass and attention whore throughout, calling people stupid, for just one example, while oh-so-delicately sidestepping the valid points they raise. He's the new Bevets, dude.

*takes bets on the number of days before Rothko realizes he needs to start yet another account*
posted by mediareport at 4:49 PM on January 2, 2006



No. Any windows application that displays third party images is vulnerable. Period. This includes Firefox.


Wrong, firefox is not vulnerable. period.
posted by delmoi at 5:12 PM on January 2, 2006


Yeah, found that out later from Chundo's link. My bad.
posted by Ryvar at 5:28 PM on January 2, 2006


Okay, I thought I would drop by and try to explain a few things.

First of all, both windows and OSX/Linux can have restricted user accounts, and manually run programs as other users. On windows, you do this with the "runas" command.

The only difference is that on windows, the default user is a superuser and, on the mac, it's not. On Linux you generally start out as root, but most people create their own user accounts. You have to do this manually, just like in Windows (depending on the distro, and how it's installed, I guess)

The "core" OS is just as secure as MacOS. It's just that most users bypass this security for compatibility. But it is the choice of the user wether they want to run in this safer mode, or in the less safe mode. On all Operating systems.

Secondly, even if a MacOS box is never 'rooted' having a buffer overflow can still be pretty devastating. A malicious software writer could still, for example, delete all your personal files, and just as easily setup a Spam relay, a proxy for hacking, "safe" (for them p2p) and so on. The only thing they won't be able to do is spy on other users, and reformat your hard drive and so on. The "MacOS is more secure" is a red-herring, it doesn't really affect anything.

The second point is that OSX is not based on FreeBSD. The kernel is a Match Kernel, inherited from NeXTSTEP. It's a very good kernel, nothing to be ashamed of or anything, so I'm always wondering why people want to claim a different genesis. Never the less, it irritates the hell out of me. MacOS has kernel level BSD compatibility (with all BSDs, not just free, although free is the only thing popular anymore, OpenBSD is still used. NetBSD is mostly dead, I think)
posted by Paris Hilton at 5:29 PM on January 2, 2006


You have to laugh at absurd declarations like, "Windows is the most popular OS in the world." That's like saying oxygen is the most popular gas in the world.
posted by fandango_matt at 5:43 PM on January 2, 2006


we should all learn to breathe helium ... oxygen causes fires ... besides it would make everyone's voices sound high and funny and people wouldn't get into arguments because no one could take them seriously
posted by pyramid termite at 5:48 PM on January 2, 2006


Mach, Kernel not Match.
posted by TimeFactor at 6:02 PM on January 2, 2006


Wow, what happened there? Let me try that again:

--
Another point. Safety is not like security, not when talking about computers. You're ether secure, or your not. 1 or 0. And both Macs and PCs are probably both zero. With safety, you want to reduce the risk. You're less likely to die in a Volvo, but you still can, just like you can still get your mac rooted.

Macs are safer then PCs because there are less attacks. Just like it's safer to leave you're door unlocked in Tokyo then in Rio. But both Macs and Windows machines are at some times unlocked to the whole world. I posted links to recent exploits (in the other thread) that would have blown open your Mac. here is an exploit that would allow remote users read access to your hard drive if you use safari. Not the end of the world, but someday there could be an executing hole in safari just as there has been for IE. If you run firefox on your mac, then there have already been points in time where you were just as vulnerable as windows users are today.

Again, you are wrong. Your car does not have source code. It can't do bounds checks when it gets leveled by an SUV. An OS, on the other hand, is quite capable of limiting its inputs and outputs and thus is at least theoretically capable of being secure and, more importantly of being audited for security.

Windows has and is, but most people don't run it in the secure configuration by default. In the corporate world, most desktops are secured, by the way. I don't know why you think otherwise, it's somewhat strange.

The fact that you're talking about "security testing applications" proves that you have no idea what's going on here. This is not a discussion of after-the-fact exploits. Rothko is talking about fundamental design issues -- e.g., properly implementing access controls, following comm protocols, condition checking. Things you learn in CS 101.

There is nothing wrong with the access controls in windows. Condition checking? It seems like CS 101 is as far as you got.

"Hay guyz, Microsoft's OS is so fuckin' awesome and secure, they ship it with large parts of it disabled!!1"

Uh, just like MacOS and Linux. Shipping with unnecessary services disabled is one of the 'best practices' that spiderwire and rothko are yammering about.

As far as proofing things are secure, Turing proved a long time ago that that wasn't possible for all programs. You can't know what most programs will do without running it. You can restrict your class of programs that can be proven, but those don't do much. (although the main{printf("hello");} example is one that can be proved secure, because there are no loops or branches so all you have to do is run it and check to see if anything bad happened.).

People who say you can prove all programs are secure are wrong.

OK, OSX doesn't run as root by default. Windows does. Is that more or less secure?

And I'll say it one more time. Running root is a user choice on all OS's. Microsoft should really stop doing that, though, because stupid users shouldn't be root. I suspect that this will be fixed in their next release. If you don't run as root, you are as secure as OSX users.

Mac and Linux programs were written from the ground up to run in restricted user mode, while a lot of windows applications are not. That's changing, but running as a restricted user in windows will cause headaches, not because of anything MS has done in the past five years, but rather ignorant developers.

Mach, Kernel not Match.

Oops.
posted by Paris Hilton at 6:05 PM on January 2, 2006


I can just see the this argument on the radio at Air Traffic Control


Windows- "This is flight 109, our pilots are dead and we are plummeting from the sky. can anybody help us"

Mac- "You should have taken a train. They're inherently safer"

Windows- "you don't understand. We needed to get there immediately, and anyway WE ARE FALLING FROM THE SKY"

Mac- "If you insist on getting in vehicles that don't touch the ground, you can expect these kind of things to happen"


Windows- "Why are you being a jerk we are trying to land a plane and you are talking about train!!"

Mac- "If you take the train next time you might not have these kinds of problems"

Interjecting**
Linux- "walking is the safest way to get there, but you need to custom make your own boots and sew your own tent together"

Windows-
"We also needed to go somewhere the train doesn't go and we wanted those free peanuts"

Mac- "If more people took the train, it would go to more citys and have free peanuts"

Windows- "Why are you arguing with me, I am on this radio for help with my crashing plane!!"

Mac- "don't blame me for your crashing plane, if you took a nice safe train, you wouldn't have these problems"

Mac- hello, hello, are you still out there? no? well good riddance!
posted by Megafly at 6:33 PM on January 2, 2006 [1 favorite]


Right, because windows users everywhere are relying on metafilter comments by mac and linux users to patch their computers. Strangely enough, the world goes on for some people when windows needs a security patch. Hard to believe, but we're not all focused on your crisis situation. We look at other angles too of the issue as well, we have that ability.

And if you're desperately in need of support, follow the FPP links. How hard is this?
posted by Hildegarde at 6:38 PM on January 2, 2006


PH, you're responding to a couple different comments there... I'll try to work out the parts that are pertinent to me:

1. I'm not sure if anyone is saying that an OS is either "secure" or "not-secure," but it ain't me. Windows is relatively less secure than OSX in its fundamental design.

2. seanyboy or whoever was asking for an example of how Windows is relatively less secure than OSX. My answer was that Windows runs as root/superuser by default, while OSX doesn't. Regardless of whether it's theoretically possible to run as superuser (would be hard to get things done otherwise), the default state of Windows is less secure. OSX requires you to authenticate to exercise those user privileges, whereas in Windows they're usually on all the time, so any third-party program can do essentially anything it wants to without asking for permission.

Also, it's not as if that's the only security flaw in Windows. It's merely the first one that came to mind.

3. It seems like CS 101 is as far as you got.

Incorrect. Regardless, I apologize for not listing the contents of every syllabus I've ever had, along with the index of every theory book I've ever read. I am deeply sorry that this leaves you unable to compare dick size, but honestly, I don't really care. I also do not care about your lame strawman arguments.

4. Shipping with unnecessary services disabled is one of the 'best practices' that spiderwire and rothko are yammering about.

This wasn't part of my argument, but I don't suppose that one of those 'unecessary services' might be obsolete hooks in nearly-obsolete image files that allow remote, arbitrary execution of malicious code?

No? I didn't think so.
posted by spiderwire at 6:46 PM on January 2, 2006


I run Mac and Windows XP - love em both for different reasons, neither is better than the other. They have different uses for me.

Windows Vista will have (actually has now) strong user-level security - user accounts are restricted and passwords must be entered to perform any system-level changes to the OS (like installing software).

It's very easy to set up restricted-user accounts for Windows. I do it all the time for users that aren't well-versed in installing software.

Then I tape their password to the bottom of the keyboard and show them how to use the "run as" command. When they call to find out how to install something, I can easily walk them through the process.
posted by Slap Incognito at 6:47 PM on January 2, 2006


Vista what? Bigfoot? Where?

kidding.
posted by spiderwire at 7:00 PM on January 2, 2006


I hope you all are college students, because I cannot believe anyone else cares enough about this to post yet another rebuttal.
posted by smackfu at 7:00 PM on January 2, 2006


We're just trying to keep the thread on the top of the page.
posted by spiderwire at 7:05 PM on January 2, 2006


wow. this is a real shitfest. sorry i missed it. rarely have i seen so many people who, presented with clear, concise information, excellent links and detailed information to the contrary say "but i'm safe using xyz, right?" or "only if it's downloaded and program zyx attempts to run it". illiterate, incurious, and armed with a powerful computer will make for many new adware infested doorstops in the coming weeks.

loquacious, what's a shift key?
posted by quonsar at 7:05 PM on January 2, 2006


I said it before and I'll say it again...

If you're browsing with FireFox and have HTML turned off in your email client du jour, you can safely ignore all this hysteria. YES. YOU CAN. Why? Because in order for this exploit to work, you have to RUN it somehow. If the browser you use has native support for the format, beware. If you're using FireFox, you'll be prompted to save the file. DON'T. Simple as that. And if you do, DELETE it. Still safe! Fucking duh.

The kinds of exploits Windows users are vulnerable to, 99.9% of the time are social exploits. AKA, "Please run this code, you can trust me." If the default action for any pop-up, any unsolicited email, any offer of free Viagra was "NO/CANCEL/ABORT" instead of "OK, sure, why not..." the world would be a happier place. Education and skepticism on the part of the userbase is of paramount importance, but welcome to Fucking Life 101: Don't take candy from strangers.

I don't have a virus scanner running on my system. I used to, but then I realized it was sucking up processing horsepower and I never download and certainly never executed untrusted files. I block unused ports. I stay away from any Microsoft-enabled web app (MSN Messenger/IE/WMP/Etc.) And I've never, not once in my twenty years of computing experience been infected with a virus.

As for the OS wars... who gives a flying fuck what someone else is running?
posted by Civil_Disobedient at 7:07 PM on January 2, 2006


C_D, this belongs in the other thread, but... the reports seem to indicate that any program that opens the WMF file using the standard library would activate the payload -- the example they gave on SANS was Google Desktop. So, in theory, you wouldn't have to view the image at all -- it could be opened by an indexer.

That said, you are correct that using Firefox makes you significantly safer -- not exactly breaking news, but...
posted by spiderwire at 7:10 PM on January 2, 2006


quonsar: It's that little squarish plastic thingy I forcibly removed from your computer and then stuffed it up your mom a few years ago.

spiderwire: Belated apologies for threatening to garrote you with a fiber patch and calling you a moron and all that. That was uncalled for.

Besides, last time I tried pulling the entire physical layer of the internet into my house, I only got as far as my local Central Office before the cable snapped. But I did meet lots of naked people. But most of them were drunk and ugly, so I made them leave.
posted by loquacious at 7:20 PM on January 2, 2006


This isn't about the Mac/PC debate at all. It's about a certain unfortunate characteristic of MeFi. Here is how the characteristic is usually played out:

1) FPP is posted about Subject X
2) Someone who isn't affected by Subject X posts a comment to the effect of "Subject X sucks!"
3) This annoys the people in the thread, because chances are that, if they are reading the thread, Subject X does apply to them.
4) Somebody inevitably responds to the person who posted "Subject X sucks!" The typical back-and-forth then ensues. This is all to the detriment of the people who are interested in discussing the actual content of the FPP.

I don't understand the psychology of the people who feel the need to pop in to threads and say "Subject X sucks." I think it's an ego thing, but different people probably have different reasons.

I'm just glad that the "OS war" crap was mostly diverted to this MeTa thread, because there really is a lot of useful info in the original MeFi thread.
posted by Afroblanco at 7:21 PM on January 2, 2006


Belated apologies for threatening to garrote you with a fiber patch and calling you a moron and all that.

Thanks. I lose my temper here constantly (many times in this very thread, in fact), so I thought it was funny :)

I'm not compulsively refreshing, I'm just in another tab reading about college football.

I mean politics.
posted by spiderwire at 7:23 PM on January 2, 2006


Afroblanco, you must be new here. Everybody and their senile aunt knows Subject X sucks. That is not open to debate. There is even a guideline about it in a wiki backup somewhere. So, whatever you do, don't post an FPP about Subject X.
posted by nkyad at 8:02 PM on January 2, 2006


It's that little squarish plastic thingy I forcibly removed from your computer and then stuffed it up your mom a few years ago.

*rummages in mom looking for shift key*
posted by quonsar at 8:02 PM on January 2, 2006


nykad - you're totally right. Not only that, but I have it on good authority that Subjects W, Y, and Z suck as well.
posted by Afroblanco at 8:38 PM on January 2, 2006


TekWar was much better than Dragonlance.
posted by Rothko at 9:12 PM on January 2, 2006


vi rules, emacs is bloatware
posted by pyramid termite at 9:27 PM on January 2, 2006


Renegade rules, WWIV is for losers
posted by Afroblanco at 9:29 PM on January 2, 2006


NewsFilter sucks. TechnewsFilter also sucks. I don't think this post belonged on MeFi. Also, some people behaved badly in that thread and continued their bad behavior here.
posted by Ethereal Bligh at 9:32 PM on January 2, 2006


Metafilter : users behaving badly
posted by Afroblanco at 9:38 PM on January 2, 2006


Metafilter : users behaving badly

Metafilter Identity Theorem.
posted by spiderwire at 10:12 PM on January 2, 2006


goddamnit! i warned you bout that img tag...
posted by es_de_bah at 11:37 PM on January 2, 2006


keswick writes "I'd really like to know what personal software doesn't have a better Mac alternative."

AutoCAD.
posted by Mitheral at 12:02 AM on January 3, 2006


VectorWorks vs AutoCAD?
posted by Rothko at 12:09 AM on January 3, 2006


None of this would be happening if you were running Amiga Workbench.
posted by johngoren at 12:56 AM on January 3, 2006 [1 favorite]


"I'd really like to know what personal software doesn't have a better Mac alternative."

CorelDraw, CorelPainter. (Sorry, Illustrator sucks for some of the things CorelDraw can do, like 5 decimal places of precision at inch scales over multi-mile sized docs. Huge, huge layouts. Millions of nodes, hundreds of thousands of paths, thousands or tens of thousands of subpaths. Yet always tiny files. Illustrator has not ever been able to handle the vector complexity I can throw at Corel. They're two different programs. I use both Illustrator and CorelDraw, and for many things I prefer Corel. For pretty layouts, fonts and precise colors I use Illustrator. For mechanicals, vectors and logo design I use Corel.)

Trillian 2.x. (iChat is terrible crunk.) Old DOS or Win98 Audio tools. DOS and Win98 games. Emulators like MAME or Nesticle. Fractint. POV-RAY. Soulseek. Citrix. Winamp+Milkdrop+AVS. Armegatron. Netstumbler. ACDSee. (Totally superior to iPhoto. Faster, smaller, more features, less obfuscation.)

There's many, many more. It'd take me about a month to compile a full list. Hey, you asked. ;)

If you've been a Mac user all your life, there's a huge, vast world of excellent freeware, shareware and beggarware you may have missed that makes the Mac Classic/OS X libraries look tiny, above and beyond commercial offerings. Remember, this incarnation of the "open source" and "freeware" movement started on x86 machines. Linux started there. Would OS X exist as it does today without desktop Linux?

Then there's being able to adapt to technology, hardware and software both old and new. Being able to choose between SCSI, RAID, E/IDE, S/ATA for drives, dozens of RAM types and many, many 1st, 2nd and 3rd party hardware manufacturers and CPUs.

Or running huge multi-CPU servers with dozens of drives and NICs and assloads of RAM on what is basically a souped up, overgrown desktop box.

Or being able to run dozens of operating systems natively, or in emulator, or in virtual machines. OS X is catching up, here, or surpassing. But come talk to me when you can actually dual boot Windows, Linux, BSD, Unix and a dozen or hundred-odd other operating systems natively. But running KDE, X, X11, Quartz/Aqua/Classic and VM'ed Windows all at once under OS X is pretty damn slick, too.

Then there's neat-o hardware tricks, like putting 256 serial ports in a 486 box with a Digiboard and running a multiline dial-in BBS. Or running a x.25 packet network over serial cable.

Huge-normous video cards that process so much data they're like a dozen Cray supercomputers on a little AGP card. 100-monitor display arrays. 128 channel pro audio cards. 3D display devices. VR goggles. Motion capture. CAD/CAM tools. Rapid prototypers. Stereolithographers. Desktop and industrial CNC lathes. Laser plotters. Laser engravers. Laser CNC mills. Direct control ISA/PCI boards to control galvo scanners for laser shows. Film rippers and Fiery servers. CNC routers, punchers, drillers and other tools. Data terminals. Point of sale terminals. Kiosks. Thin clients. Palmtops. Wearables. Wedge input devices. FIR/IRDA. Data loggers. Manufacturing control. Flow control. Process control. Sensing devices. Scientific devices. Telescope controllers.

There's so much Intel/x86/Windows only hardware out there it'll make your head spin. You could fill up dozens of volumes the size of a complete, unabridged set of the Encyclopedia Britannica and/or the unabridged Oxford English Dictionary with nothing but terse listings of Intel/x86/Windows specific hardware and peripherals and still run out of room. You could probably fit all of the hardware and peripherals specifically for Macintosh in one such volume or less, and have some room left over for the entire catalog of Apple 2 hardware - of which there was quite a lot of.

Despite all of that, I like Apple, and I like Macs. They've just been behind the hardware curve for a dozen years or so - and behind the software curve off and on - until OS X. And even still, they're often playing catch-up to various Unices and Linux/Unix desktops and window managers.

But post OS X they're increasingly solid, modern, user-friendly machines - if only their hardware cycle would keep up. This is one reason why Windows excels and dominates - they only make software. Everyone else makes hardware - and lots of it, and fast. But this is also one of the reasons why Windows sucks and has problems. A gazillion hardware types and manufacturers to support.

Still, I'd love to have a decent OS X box at home as both desktop and media server. They're easy and mostly painless, but when they're painful, they're really painful. I'm speaking from experience here. Don't ever rename any file on a Mac Classic ".Sony". Ever.

But when it comes right down to it for me, there's nothing or little that Mac/OS X/PPC can do that Windows/x86 cannot do; But there's lots of things that Windows/x86 can do that Mac/OS X cannot do at all, or simply can't do well, or cheaply.

And personally, I like knowing there's this huge world of real possibilities that even my lowly x86 desktop box could do with the right software or hardware - software and hardware that already exists, and that can often be obtained very cheaply.

But in another day and age this is a description that could readily be applied to the original Apples - back before Jobs went cultish fucking gonuts, before Wozniak left. Apple and OS X could easily reclaim this title, and they just might, but only if they loosen up, open up, and stop selling art objects and start selling real hardware and tools, and start letting others compete with them.

/rant
posted by loquacious at 2:12 AM on January 3, 2006


"horsehockey"?
posted by stavrosthewonderchicken at 2:31 AM on January 3, 2006


I'd really like to know what personal software doesn't have a better Mac alternative.

Well, it's hard to beat loquacious's list, but this is exactly what keeps my Linux install tucked away on a forgotten little partition for playing with once a month, and it's the reason why I still wouldn't consider buying a Mac.

My computer would be useless to me without:
(a) Audiomulch
(b) FruityLoops
(c) Versions of all the VST plugins I love to use.
(d) Adobe Audition
(e) A dozen other software synths and sound utilities. Mac has some interesting audio software too, and sometimes I'm jealous when I find a Mac audio program I'd like to try. But without the above, it's pointless. Linux is completely, utterly useless with it comes to this stuff.
(f) All the statistical / graphing / GIS / GPS / mapping / scientific software I use at work, including some fairly obscure old utilities.
(g) Winamp
(h) My awesome collection of classic DOS / Windows games.

Some of these have equivalents on the Mac - some closer to the mark than others. iTunes isn't the "equivalent" of Winamp - they just do similar jobs. Garageband isn't the equivalent of either FruityLoops or Audition. Others have nothing similar what-so-ever.
posted by Jimbob at 3:13 AM on January 3, 2006


"donkeypocky"?
posted by loquacious at 3:52 AM on January 3, 2006


I use Cuneiform 2.0 running on stone tablets and I have none of these problems, suckers.
posted by languagehat at 5:28 AM on January 3, 2006


I hate playing the OS wars, but I can address your specific needs loquacious:

CorelDraw, CorelPainter.
I also prefer Corel to Adobe. That's why I use Corel Draw 10. Available (though no longer supported) for OS X.

Trillian 2.x. (iChat is terrible crunk.)
Adium, Fire, Proteus. All better than Trillian imho.

Old DOS or Win98 Audio tools. DOS and Win98 games.
Virtual PC and Guest PC aren't free, but they're high quality products. Six months from now this will be a non-issue, as you'll be able to buy an x-86 mac. Meanwhile DOSBox is free.

Emulators like MAME or Nesticle.
Take your pick.

Fractint.
A fractal generator? I'm not going to bother with this one. Of course there are fractal generators, they're like five line programs!

POV-RAY
There are a ton of free and professional modelling apps. Most of the industry uses macs actually. But if you insist,
what's wrong with POV-RAY?

Soulseek.
I use Aquisition, but you could use SoulSeex or mlMac.

Citrix.
GoToMyPC is nice, but not free. OS X comes with a VNC server built in, so you can control it from any PC (with any OS) with a (usually free) VNC client like Chicken of the VNC. I have accessed my home mac from a university lab computer this way.

Winamp+Milkdrop+AVS
Ugh. OK, you can have that one. iTunes is really nice on the mac, but if you want an alternative, there are hundreds. Lots of visualizers too.

Armegatron.
I play the mac version all the time.

Netstumbler.
macstumbler

ACDSee. (Totally superior to iPhoto. Faster, smaller, more features, less obfuscation.)
Suit yourself. Here's an AskMe thread with alternative suggestions.

In fact, the only software I've found so far without a (often better) mac equivalent is a 3D mechanical CAD package like Solidworks. (There are however, lots of good 2D CAD apps since architects love macs).
posted by Popular Ethics at 7:08 AM on January 3, 2006


Every time I see someone type "1337", I immediately think: "Oooh. That was the start of the Hundred Years' War." And then it turns out that you're talking about computers or something.
posted by blag at 7:26 AM on January 3, 2006


Is there a trick to making Soulseekx work?
posted by yerfatma at 7:37 AM on January 3, 2006


Rothko writes "VectorWorks vs AutoCAD"

Looks pretty wizzy and there is a distinct lack of 2D interface shots in their literature. Seeing as how they don't offer a free trial and I've never heard of the program before I'll stick with AutoCAD.
posted by Mitheral at 7:39 AM on January 3, 2006


Mitheral:"VectorWorks vs AutoCAD"
All the architectural firms I used to work with used VectorWorks. It suited their needs perfectly, and was able to export dwgs for us (Windows-bound) consultants. You can find screenshots here.
I have also heard good things about Ashlar-Vellum Graphite, which does have a downloadable demo.
I used AutoCAD for five years. I hope I never have to again!
posted by Popular Ethics at 7:59 AM on January 3, 2006


yerfatma: Is there a trick to making Soulseekx work?
I don't use Soulseex, but this thread mentions the need to open certain ports first (which is germane to the discussion; OS X has most ports closed be default for security reasons). I don't know which ports off hand (google it?), but you can find your port settings under System Preferences -> Sharing
posted by Popular Ethics at 8:10 AM on January 3, 2006


How about Home Interior 3D Modeling for the consumer market? The PC has many choices while the Mac has NONE.
posted by anonpeon at 8:30 AM on January 3, 2006


How about Home Interior 3D Modeling for the consumer market? The PC has many choices while the Mac has NONE
One, Two choices. For something more professional, Sketchup is getting RAVE reviews. Shit, why do I even bother helping when people won't use Google.

I will lose this game eventually. I'm sure one can find software that is only written for Windows. If you rely on such software you have my condolences. But please, do a little research before you condemn OS X as unsuitable.
posted by Popular Ethics at 8:47 AM on January 3, 2006


you guys are stupid. I never had any of these problems on my commodore 64.
posted by shmegegge at 9:10 AM on January 3, 2006


Hey, Popular Ethics thanks for the Home Remodeling links. What search term do you use in Google 'cause I was coming up blank and I couldn't find anything on Macupdate either.

You do know your "Two" choice linked back to this thread, right?

woo hoo, time to redo the house!
posted by anonpeon at 9:17 AM on January 3, 2006


the product that has everyone at work running emulators for windows (if they don't have windows itelf - the linux version is failry new) is enterprise architect. i'd be interested to know if there's a good quality uml tool on the mac for around the same price (ea is "rational rose for cheap" - it's impressively good compared to the terrible freeware stuff for linux + windows)
posted by andrew cooke at 9:33 AM on January 3, 2006


In honor of this thread, I've changed the occupation field in my profile to read "freelance mac elitist."
posted by keswick at 9:35 AM on January 3, 2006


anonpeon:What search term do you use in Google 'cause I was coming up blank and I couldn't find anything on Macupdate either.
Interior Modelling OS X

You do know your "Two" choice linked back to this thread, right?
Doh. Must have made an error in the URL. Try these.

BTW Architosh is a great resource for mac cad. (While you're there, sign the Solidworks for OS X petition.)
posted by Popular Ethics at 9:39 AM on January 3, 2006


CorelPainter

Um.

Also.
posted by ninthart at 10:31 AM on January 3, 2006


Corel Painter? The natural media program? That's been out for the Mac since way before it was a Corel program. Ah. Beaten.
posted by furiousthought at 10:33 AM on January 3, 2006


Awesome! Thanks for the links, Popular Ethics. You just made this thread bookmarkable for me.

Last I heard there was only psylsk for OS X via Python.

Fractint.
A fractal generator? I'm not going to bother with this one. Of course there are fractal generators, they're like five line programs!


This isn't an additional argument for PC > Mac, but Fractint is different. Hundreds and hundreds of fractal types. Arbitrary precision to something like 1600 decimal places if I recall correctly. Ah, here we go. (There's a great bit in the built-in documentation about how you can generate fractals with such fine detail that if you wanted to display the entire fractal plot at that scale it'd take more matter than available in the known universe.) Built in scripting language. Every parameter adjustable. That thing has so many features it's practically an entire operating system.
posted by loquacious at 10:44 AM on January 3, 2006 [1 favorite]


God, I told myself I'd stay out of this, but since loquacious gave the windows 101 version of why windows is better (choice), I'll give my mac 101 rant on why it's a lot of BS.

Trillian 2.x. (iChat is terrible crunk.) Old DOS or Win98 Audio tools. DOS and Win98 games. Emulators like MAME or Nesticle. Fractint. POV-RAY. Soulseek. Citrix. Winamp+Milkdrop+AVS. Armegatron. Netstumbler. ACDSee. (Totally superior to iPhoto. Faster, smaller, more features, less obfuscation.)

Most of that list means nothing to the home user. Old dos or win 98 tools? Are you serious? Some of it is personal preference. For my needs iChat works great. If I wanted something with more features many people prefer AduimX over trillian. ACDSee is great. I liked it better around 2000. I'd rather use iPhoto. Besides iPhoto comes free. I'd much rather show grandma where iPhoto is than tell her to shell out another 50 bucks for ACDSee.

If you've been a Mac user all your life, there's a huge, vast world of excellent freeware, shareware and beggarware you may have missed that makes the Mac Classic/OS X libraries look tiny, above and beyond commercial offerings.

There's a huge, vast world of junk also. Honestly, as someone who just switched a year ago, shareware on the mac is so much better than windows. You only need one ftp application, one chat program. Companies like panic and ranchero are wonderful. I'll take quality over quanity anyday.

The rest of your rant is meaningless to 95 percent of home users. More hardware? Most home users buy their computer and leave it as is. And what can't the 95 percent I'm talking about do on their mac that they could do on a windows box?

Seriously, you've described why windows is better for you, not for the average user. For you, and a small percentage, go wild with thousand of software titles and video cards only supported by windows. For most, it doesn't matter.
posted by justgary at 10:53 AM on January 3, 2006


You only need one ftp application, one chat program.

Same with the PC.

It's all relative of course.
posted by juiceCake at 11:03 AM on January 3, 2006


Same with the PC.

But it's a selling point for pcs, not macs.

One example. I use omnioutliner. I think it's a fantastic outliner. I showed it to a windows friend who said "cool, windows has a million of those".

I can only use one outliner Omnioutliner is the best I've used. So the fact that windows has a million outliners and macs might have 10 doesn't matter to me. The fact that omnioutliner runs on a mac does.
posted by justgary at 11:11 AM on January 3, 2006


Ah. I remember when Corel was PC-centric and Adobe was Mac exclusive. Weird that there's been something of a reversal.
posted by Ethereal Bligh at 11:23 AM on January 3, 2006


loquacious: Awesome! Thanks for the links, Popular Ethics.
No prob.

Fractint is different
So I see! Neat stuff.
posted by Popular Ethics at 11:32 AM on January 3, 2006


ArcGIS flat out will not work on non-Windows systems. ERDAS Imagine flat out will not work on non-Windows systems. Right there you knock out public policy/planning/geostatistics with Arc, and any decent photogrammetry with Imagine.

For many people, Mac might be a better choice. If you don't want to spend an hour or so securing your system (and many don't and can't) you probably should go with a Mac. I don't think anyone's argued that the default Windows install is safer than *.

For those of us that can competently use Windows, can secure it correctly, don't run as a superuser, and enjoy the programs we're used to (and yes, I use unix too, although usually as a subsystem of Windows or through ssh), we have no real reason to switch. For those of you who want to go on and on saying our preferred OS sucks because it isn't yours, here's what I have to say:

GET OFF YOUR HIGH HORSES. Just SHUT UP already. You like your OS, I like my OS. Yours works, mine works. I like my programs, you like your programs. My OS happens to have had a longer history of security flaws, but only a small handful have applied to me, and none have affected me.

Being a dick about your OS isn't going to make me want to switch, or be subtly impressed or envious. Its going to make me think, wow, you're a dick.
posted by devilsbrigade at 12:49 PM on January 3, 2006


GET OFF YOUR HIGH HORSES. Just SHUT UP already.

Oh yeah, that's ALWAYS worked on the internet.

Being a dick about your OS isn't going to make me want to switch

so don't switch. Really. If, as you say, everyone's happy with their choice, why respond?

Admit it, you want me, don't you?
posted by anonpeon at 1:27 PM on January 3, 2006


I yearn for you tragically.
-Chaplain.
posted by devilsbrigade at 1:34 PM on January 3, 2006


See, isn't this nice?

The thread ends on an up note, as love blossoms between a Mac and Windows user.

Next up, peace in Israel!
posted by anonpeon at 1:47 PM on January 3, 2006


Hawt. May I tickle your public folder? You can probe my stack vulnerabilities.
posted by loquacious at 3:18 PM on January 3, 2006


Bite Me, Losers!
posted by seanyboy at 2:02 AM on January 5, 2006




Mac users 'too smug' over security
posted by Elpoca at 8:23 AM on January 17, 2006


« Older San Francisco meetup in January   |   Goodbye! Newer »

You are not logged in, either login or create an account to post comments