tekmoe
Aug 28, 12:52 PM
I think my new rule will be to automatically place anyone using that line on my ignore list.
It lost its funny a long time ago.:rolleyes:
ditto.
It lost its funny a long time ago.:rolleyes:
ditto.
noahtk
May 3, 03:48 PM
This update is weak!
OneMammoth
Mar 30, 01:21 PM
I don't claim to know a thing about trademark law, but looking at this simply I find it difficult to understand how the term "Windows" can become a trademark but "App Store" cannot.
"Windows" is not the definition of the thing itself, as "App Store" ;)
"Windows" is not the definition of the thing itself, as "App Store" ;)
munkery
Mar 23, 04:20 PM
http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174
Much of the information in the PDF (http://www.macforensicslab.com/Malware_on_Mac_OS_X.pdf) associated with this article (http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174) is incorrect. For example:
Page 26
It refers to the bundle architecture as insecure. The argument presented would be true if security sensitive apps were not owned by system. Given that they are owned by system, malware cannot modify the bundle of an app owned by system without authentication when the app is run with user privileges in an admin or standard account.
For example, show package contents of iTunes, Safari, or Mail and try to create a folder in the bundle. In relation to the example in the article, try renaming iTunes. The argument in the article relies on actions that can not be completed in an OS X admin account; these type of changes are even more restricted in a standard account.
Apps not owned by system are vulnerable but without privilege escalation can not install rootkits or keyloggers. Even apps owned by system run with user privileges and require privilege escalation to install dangerous payloads.
Mac OS X does not prompt for authentication if you install apps in the proper location for that user account type. When installed in the proper location, apps are sandboxed from the system level of Mac OS X by the Unix DAC model used within Mac OS X.
Windows is less secure because most apps (Chrome only exception I can recall) install their associated files in levels of the system that require authentication regardless of user account type (unless Admin in Windows XP because running as superuser - no authentication required to install with elevated privileges - very dangerous). It is easier to trick Windows users to install a trojan with elevated privileges given that almost all apps ask for authentication to install and the user can not distinguish the intent of that authentication.
Page 30
The claim that the Application folder is unprotected is false. Security sensitive apps within the Application folder are owned by system.
Also, security sensitive system binaries are still stored in /bin and /sbin in Mac OS X.
Page 31
The ability to read the contacts stored in Address Book could be used by a worm to propagate. But, malware that uses this to spread is not likely to appear in the wild if the malware is not profitable. It is unlikely that malware will be profitable without being able to hook (this is a specific function) into apps owned by system.
Page 33
Starts off talking about trojans, trojans are easily avoided with user knowledge in Mac OS X because most apps do not require authentication to install if installed in the appropriate location where the Unix DAC model protects the system.
Viruses using the model shown in the article will not be successful without privilege escalation. This is the reason why Mac OS X malware is not successful in the wild.
By default, very few server side services are exposed in Mac OS X and those that are exposed are sandboxed. Vectors for worm propagation are limited to client side. Client side worms require authentication to install and spread if do not include privilege escalation via exploitation because of the Unix DAC model used in Mac OS X. Trojans used to trick users to authenticate are less likely to be successful in Mac OS X as stated above.
Much of the information in the PDF (http://www.macforensicslab.com/Malware_on_Mac_OS_X.pdf) associated with this article (http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_general_info&products_id=174) is incorrect. For example:
Page 26
It refers to the bundle architecture as insecure. The argument presented would be true if security sensitive apps were not owned by system. Given that they are owned by system, malware cannot modify the bundle of an app owned by system without authentication when the app is run with user privileges in an admin or standard account.
For example, show package contents of iTunes, Safari, or Mail and try to create a folder in the bundle. In relation to the example in the article, try renaming iTunes. The argument in the article relies on actions that can not be completed in an OS X admin account; these type of changes are even more restricted in a standard account.
Apps not owned by system are vulnerable but without privilege escalation can not install rootkits or keyloggers. Even apps owned by system run with user privileges and require privilege escalation to install dangerous payloads.
Mac OS X does not prompt for authentication if you install apps in the proper location for that user account type. When installed in the proper location, apps are sandboxed from the system level of Mac OS X by the Unix DAC model used within Mac OS X.
Windows is less secure because most apps (Chrome only exception I can recall) install their associated files in levels of the system that require authentication regardless of user account type (unless Admin in Windows XP because running as superuser - no authentication required to install with elevated privileges - very dangerous). It is easier to trick Windows users to install a trojan with elevated privileges given that almost all apps ask for authentication to install and the user can not distinguish the intent of that authentication.
Page 30
The claim that the Application folder is unprotected is false. Security sensitive apps within the Application folder are owned by system.
Also, security sensitive system binaries are still stored in /bin and /sbin in Mac OS X.
Page 31
The ability to read the contacts stored in Address Book could be used by a worm to propagate. But, malware that uses this to spread is not likely to appear in the wild if the malware is not profitable. It is unlikely that malware will be profitable without being able to hook (this is a specific function) into apps owned by system.
Page 33
Starts off talking about trojans, trojans are easily avoided with user knowledge in Mac OS X because most apps do not require authentication to install if installed in the appropriate location where the Unix DAC model protects the system.
Viruses using the model shown in the article will not be successful without privilege escalation. This is the reason why Mac OS X malware is not successful in the wild.
By default, very few server side services are exposed in Mac OS X and those that are exposed are sandboxed. Vectors for worm propagation are limited to client side. Client side worms require authentication to install and spread if do not include privilege escalation via exploitation because of the Unix DAC model used in Mac OS X. Trojans used to trick users to authenticate are less likely to be successful in Mac OS X as stated above.
logandzwon
Mar 30, 01:36 PM
Yes, you know what an "app store" means if you know what an "app" means.
Does an "app" mean an Apple program?
It's doesn't matter what MS calls it. There's a class of programs everywhere called "applications". There's no other name for it.
Applications are a strict subset of programs.
So, here is an interesting argument, as app is short for Applications, and Applications are a strict subset of programs, doesn't the App Store technically sell Programs, not Apps? Thus, the term is no generic at all. "Program Store" would the generic term. It's the same as a club called "Liqueur Store" (which is TMed.)
Does an "app" mean an Apple program?
It's doesn't matter what MS calls it. There's a class of programs everywhere called "applications". There's no other name for it.
Applications are a strict subset of programs.
So, here is an interesting argument, as app is short for Applications, and Applications are a strict subset of programs, doesn't the App Store technically sell Programs, not Apps? Thus, the term is no generic at all. "Program Store" would the generic term. It's the same as a club called "Liqueur Store" (which is TMed.)
jessica.
Mar 23, 04:39 PM
Funny how people are waffle so easily when it comes to censorship.
MattInOz
Mar 22, 08:14 PM
Why? Thunderbolt is essentially an external PCI-E port.
And a 4 Link one at that compared to the Expresscard slot which is only 1 link PCIe or a USB2 port.
And a 4 Link one at that compared to the Expresscard slot which is only 1 link PCIe or a USB2 port.
Manic Mouse
Sep 12, 03:46 AM
I want Apple to release a stupid "mid-mac" just to shut you and everyone else up.
Professionals buy Mac Pros or laptops. Consumers buy iMacs or laptops. That's a sound and successful strategy for Apple. And if you need a cheap Mac, you can buy a mini.
Yes, lets just ignore the huge performance, upgradability and price gap in Apples product lineup, shall we. It can be the elephant in the room when we all swoon over our "laptop on a stick" desktop while PC users get to play with the REAL hardware.
Sounds good to me. After all, it's not like Apple wants to actually sell more computers. That's crazy talk!
Does anyone think a slightly bigger version of this would be a fantastic desktop?
http://guides.macrumors.com/images/c/ce/Ihome-0007.jpg
Professionals buy Mac Pros or laptops. Consumers buy iMacs or laptops. That's a sound and successful strategy for Apple. And if you need a cheap Mac, you can buy a mini.
Yes, lets just ignore the huge performance, upgradability and price gap in Apples product lineup, shall we. It can be the elephant in the room when we all swoon over our "laptop on a stick" desktop while PC users get to play with the REAL hardware.
Sounds good to me. After all, it's not like Apple wants to actually sell more computers. That's crazy talk!
Does anyone think a slightly bigger version of this would be a fantastic desktop?
http://guides.macrumors.com/images/c/ce/Ihome-0007.jpg
MacRumors
Mar 22, 01:09 PM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com/2011/03/22/potential-imac-update-to-sandy-bridge-and-thunderbolt-in-4-6-weeks/)
http://images.macrumors.com/article/2011/03/22/140815-imacs_2010.jpg
The wedding dress does not
orange bridal dresses 2011
2011 Designer Wedding Dresses
Armani Wedding Dresses
Novestia#39;s designer wedding
60 designer wedding dress
b wedding dresses 2011
The Spring 2011 wedding
1.designer wedding dresses 2.
2011 Luxury Wedding Dresses
http://images.macrumors.com/article/2011/03/22/140815-imacs_2010.jpg
HecubusPro
Sep 17, 04:29 PM
Are they any good? I've never seen a phone with a good camera, 10MP phone sounds like 10MP of grainy nasty pictures to me.
I agree. There's no way I would ever want a 10mp camera. I think 5 or 6 tops for me, and that might be pushing it for a normal camera. I like to send a lot of the pictures I take through phone mail, and it just seems a 10mp photo would take a long time to send due the large size of the file. A 1.5mp camera on my cell phone works good for me right now.
I agree. There's no way I would ever want a 10mp camera. I think 5 or 6 tops for me, and that might be pushing it for a normal camera. I like to send a lot of the pictures I take through phone mail, and it just seems a 10mp photo would take a long time to send due the large size of the file. A 1.5mp camera on my cell phone works good for me right now.
Mattsasa
Apr 30, 06:46 PM
Well it's old but it still surpasses an awful lot of modern games. Plus the worlds are open, more beautiful and more demanding than all this Call of Duty stuff that's popular at the moment.
I agree, far better looking and beautiful, however not as cpu/gpu demanding
I agree, far better looking and beautiful, however not as cpu/gpu demanding
Minimoose 360
Apr 25, 02:36 PM
Bye bye built in Superdrive. I'll look back fondly at the five times I used you in the past three years.
You know, I was against the whole "get rid of the optical drive" bandwagon back in '09 when I got my MBP....but in the couple years I've had mine, I've used the thing ONCE.
And if anyone asks, it was for printer drivers (which I probably could have gotten online but I had the disc readily accessible.)
I'm going to soon get rid of mine and throw in a SSD!
You know, I was against the whole "get rid of the optical drive" bandwagon back in '09 when I got my MBP....but in the couple years I've had mine, I've used the thing ONCE.
And if anyone asks, it was for printer drivers (which I probably could have gotten online but I had the disc readily accessible.)
I'm going to soon get rid of mine and throw in a SSD!
KINetics
Apr 4, 11:53 AM
I'm as pro gun rights as anyone, but this sounds like a problem for the security guard. Unless that guard's life was in danger, there was no reason to shoot anyone, especially in the head. The placement of that shot was no accident.
That being said, I'm sure there are a lot of facts we don't know. Innocent until proven guilty, of course.
From the article:
A private armed security guard interrupted the burglars and at some point, gunfire was exchanged with the two male burglars, who were also armed, Facicci said.
That being said, I'm sure there are a lot of facts we don't know. Innocent until proven guilty, of course.
From the article:
A private armed security guard interrupted the burglars and at some point, gunfire was exchanged with the two male burglars, who were also armed, Facicci said.
Detlev
Oct 27, 09:10 PM
So all Greenpeace did was hand out leaflets in areas other than their stand...
Heck, every trade show I ever go to has girls with their tits half hanging out wondering the halls handing out leaflets nowhere near their particular stand.
Yes, when you are a vendor at a show there are strict rules. It's in the contract. If you purchase a booth you have to stay in that booth, period. Booths are available on first come first serve basis usually with returning vendors getting the right of first refusal for booths they have held previously. The ends and large booths near foot traffic are more expensive and they command a higher price. Some shows, fewer today than before, allow for "cigarette girls" or "strollers" but the vendor pays for this as they would for any other perks�and they are not cheap. They are generally given a specific time period in which they may walk the floor (if in costume they need a chaperone). They are not allowed to transact business but hand out "freebies". According to the story Greenpeace only signed up for a booth. All contracts I have seen say you'll get thrown out if you don't obey the rules.
Heck, every trade show I ever go to has girls with their tits half hanging out wondering the halls handing out leaflets nowhere near their particular stand.
Yes, when you are a vendor at a show there are strict rules. It's in the contract. If you purchase a booth you have to stay in that booth, period. Booths are available on first come first serve basis usually with returning vendors getting the right of first refusal for booths they have held previously. The ends and large booths near foot traffic are more expensive and they command a higher price. Some shows, fewer today than before, allow for "cigarette girls" or "strollers" but the vendor pays for this as they would for any other perks�and they are not cheap. They are generally given a specific time period in which they may walk the floor (if in costume they need a chaperone). They are not allowed to transact business but hand out "freebies". According to the story Greenpeace only signed up for a booth. All contracts I have seen say you'll get thrown out if you don't obey the rules.
TrollToddington
Apr 23, 01:58 PM
As far as you're concerned maybe, but as far as what's common or not, you're out of it. There's a reason every laptop out there has some kind of external display connector.
But silly me, I must be a moron for using the mini display port right ? :rolleyes:
You're doing it wrong. I plug in 4 cables. Power, Monitor, Speakers, USB. My keyboard/mouse/tablet/Printer/iPhone/iPod all get recognized instantly. That's what the USB hub on my desk is for. 1 cable, all devices.
If Apple had docks, it would be even better. Just drop the laptop in place and voila. But I guess docks just aren't esthetic enough.
There is nothing uncommon about it, so again, thank you for calling me stupid because I dare use a MBA as my only computer and I dare launch games on it, while connected to an external monitor of all things!
Keep your insults for yourself next time.
I kindly ask you to not put words in my mouth I've never written. I've never called you 'moron' or 'stupid' or using foul language about you. 'Keep your insults for yourself next time' is not a very kind thing to say, and I am actually wondering whether I should report you to the moderator.
But silly me, I must be a moron for using the mini display port right ? :rolleyes:
You're doing it wrong. I plug in 4 cables. Power, Monitor, Speakers, USB. My keyboard/mouse/tablet/Printer/iPhone/iPod all get recognized instantly. That's what the USB hub on my desk is for. 1 cable, all devices.
If Apple had docks, it would be even better. Just drop the laptop in place and voila. But I guess docks just aren't esthetic enough.
There is nothing uncommon about it, so again, thank you for calling me stupid because I dare use a MBA as my only computer and I dare launch games on it, while connected to an external monitor of all things!
Keep your insults for yourself next time.
I kindly ask you to not put words in my mouth I've never written. I've never called you 'moron' or 'stupid' or using foul language about you. 'Keep your insults for yourself next time' is not a very kind thing to say, and I am actually wondering whether I should report you to the moderator.
relimw
Sep 14, 10:21 AM
Yup. I agree. And I bet the new MBPs will ship immediately as well. What would be really cool is if Apple lowered the price of Aperture to $199 or so to make it more affordable to the photo piddlers among us. After all, surely Aperture 2 is going to have massive hardware and GPU requirements (read: QuadCore Mac + 4GB RAM + X1900 video card). That is really where Apple makes it's cash. Just dreaming, of course, because I can't justify a $300 software package when I'm just a dabbler. Lightroom beta has been fun though.
No MBPs.
Obviously, you didn't buy Aperture when it first came out, only to find out you were beta testing software for Apple. Now, if I can just figure out what to buy with my $200 store rebate. Maybe update from PS7 to CS2...hmm.
No MBPs.
Obviously, you didn't buy Aperture when it first came out, only to find out you were beta testing software for Apple. Now, if I can just figure out what to buy with my $200 store rebate. Maybe update from PS7 to CS2...hmm.
Sabenth
Aug 23, 05:31 PM
So dose this mean ms can sue apple if they decided to use wifi in ipods ????
Evangelion
Sep 14, 03:44 AM
this is definitely a style over functionality....how da heck do you dial a number with clickwheel?
Nokia actually has a phone with clickwheel and no keypad, the 7380. Anyway, the Apple Phone does have a keypad as well.
Nokia actually has a phone with clickwheel and no keypad, the 7380. Anyway, the Apple Phone does have a keypad as well.
zacman
Apr 20, 12:36 PM
1984 is not happening because companies and the government spies on you but because of people that are saying: "So what? It's not a big issue."
Freecity88
Apr 20, 10:09 AM
Good for CSI :D:D:D
kiljoy616
Apr 19, 09:03 AM
Do any of these suits ever actually get resolved?
Sure they do. Its basically mutual destruction idea. So Samsung at the golf course will tell their counter part at Apple I will give you 20% off our latest SSD and it will all be nice again in the tech world or at least until the end of the week. :rolleyes:
Sure they do. Its basically mutual destruction idea. So Samsung at the golf course will tell their counter part at Apple I will give you 20% off our latest SSD and it will all be nice again in the tech world or at least until the end of the week. :rolleyes:
munkery
Jan 14, 01:11 PM
Maybe theoretically you should do that, but I don't know anyone that actually does on Windows or OS X. In both cases you aren't actually running with your full powers all the time, and get prompted to escalate if something needs admin access.
The default account created in Mac OS X has password authentication. Your password is the unique identifier. Most people use the default account created by the OS for day to day computing.
Commercial software shouldn't be installing malware...I mean tons of it now has all kinds of DRM that is arguably malware, but...
While I'd rather run something without giving it full access to the system, ultimately you're trusting the publisher either way.
When the software is running with superuser privilege and connects to servers that can be controlled by anybody such as in many online games for Windows, the content downloaded from the server can be written anywhere in your system. This allows keyloggers, backdoors, and malware rootkits to be installed.
Why?
Why! (http://forums.macrumors.com/showpost.php?p=11720477&postcount=182).
I really doubt they double count things like that, given they're counted separately. I suppose there might be some validity to it if they did.
They count the number of items in each vendors security releases. Mac OS X includes Flash, Java, & etc by default so vulnerabilities in those are counted for Mac OS X because included in Apple security releases. Often these items constitute the majority of vulnerabilities in the security release. It is only valid if Windows users don't install Flash, Java, various ActiveX components, codecs, etc, etc, etc...
I'm not seeing why you're saying there's any difference. I don't use IE or Safari as my primary browser, though there may be some validity to including one or the other in the list of OS issues, but at any rate neither yet sandboxes plug-ins to my knowledge.
There's a flag that can be set for that, but I'm not sure where you're getting it from that article. Regardless 'some' is better than 'none'.
Except for Chrome which is sandboxed, all browser are susceptible to the security problems of the underlying OS but these issues arise in more than just the browser. An example of how they are different is Java has no security mitigations (DER or ASLR) in Windows (as shown in article) but Java has hardware based DEP and partial ASLR in Mac OS X as Java is 64 bit in OS X. Also, Mac OS X randomizes memory space into 4 byte chunks making it more difficult to defeat ASLR while Windows uses 64 byte chunks. Like you said, some is better than none.
Security mitigations, such as DEP and ASLR, can be optionally set in Windows OSes for various reasons such as support for legacy software. A lot of software for Windows comes with weak security by default and will break if the user tries to modify its settings. In Mac OS X, apps have a standard level of security mitigations dependent on the type of process (32 or 64 bit) that are set at that standard level when the app is compiled and not modifiable as in Windows (Opt-in, Opt-out, etc).
Which is different from Windows how?
Because Windows has a history of malware that achieves privilege escalation and Mac OS X does not? Check out these from late November 2010:
Security hole in Windows kernel allows UAC bypass (http://www.zdnet.com/blog/security/security-hole-in-windows-kernel-allows-uac-bypass/7752)
Nightmare kernel bug lets attackers evade Windows UAC security (http://www.computerworld.com/s/article/9198158/_Nightmare_kernel_bug_lets_attackers_evade_Windows_UAC_security)
UAC bypass exploit for Metasploit (http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/)
The default account created in Mac OS X has password authentication. Your password is the unique identifier. Most people use the default account created by the OS for day to day computing.
Commercial software shouldn't be installing malware...I mean tons of it now has all kinds of DRM that is arguably malware, but...
While I'd rather run something without giving it full access to the system, ultimately you're trusting the publisher either way.
When the software is running with superuser privilege and connects to servers that can be controlled by anybody such as in many online games for Windows, the content downloaded from the server can be written anywhere in your system. This allows keyloggers, backdoors, and malware rootkits to be installed.
Why?
Why! (http://forums.macrumors.com/showpost.php?p=11720477&postcount=182).
I really doubt they double count things like that, given they're counted separately. I suppose there might be some validity to it if they did.
They count the number of items in each vendors security releases. Mac OS X includes Flash, Java, & etc by default so vulnerabilities in those are counted for Mac OS X because included in Apple security releases. Often these items constitute the majority of vulnerabilities in the security release. It is only valid if Windows users don't install Flash, Java, various ActiveX components, codecs, etc, etc, etc...
I'm not seeing why you're saying there's any difference. I don't use IE or Safari as my primary browser, though there may be some validity to including one or the other in the list of OS issues, but at any rate neither yet sandboxes plug-ins to my knowledge.
There's a flag that can be set for that, but I'm not sure where you're getting it from that article. Regardless 'some' is better than 'none'.
Except for Chrome which is sandboxed, all browser are susceptible to the security problems of the underlying OS but these issues arise in more than just the browser. An example of how they are different is Java has no security mitigations (DER or ASLR) in Windows (as shown in article) but Java has hardware based DEP and partial ASLR in Mac OS X as Java is 64 bit in OS X. Also, Mac OS X randomizes memory space into 4 byte chunks making it more difficult to defeat ASLR while Windows uses 64 byte chunks. Like you said, some is better than none.
Security mitigations, such as DEP and ASLR, can be optionally set in Windows OSes for various reasons such as support for legacy software. A lot of software for Windows comes with weak security by default and will break if the user tries to modify its settings. In Mac OS X, apps have a standard level of security mitigations dependent on the type of process (32 or 64 bit) that are set at that standard level when the app is compiled and not modifiable as in Windows (Opt-in, Opt-out, etc).
Which is different from Windows how?
Because Windows has a history of malware that achieves privilege escalation and Mac OS X does not? Check out these from late November 2010:
Security hole in Windows kernel allows UAC bypass (http://www.zdnet.com/blog/security/security-hole-in-windows-kernel-allows-uac-bypass/7752)
Nightmare kernel bug lets attackers evade Windows UAC security (http://www.computerworld.com/s/article/9198158/_Nightmare_kernel_bug_lets_attackers_evade_Windows_UAC_security)
UAC bypass exploit for Metasploit (http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/)
entropi
Apr 25, 02:15 AM
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2 like Mac OS X; en) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C134 Safari/6533.18.5)
I just hope they manage to keep it as cool and quiet as our current mba 11" (1,6 Ghz C2D)... I prefer quiet computing over ultraspeed in a mba, for shure!
"Shure" Great company aren't they? Had the 535s for a while and loved them. (I'm assuming you know about high end audio? Lol)
meh. "sure" ok? :-) (I know all about high end audio, but I'm more of a apogee & genelec-fan...)
I just hope they manage to keep it as cool and quiet as our current mba 11" (1,6 Ghz C2D)... I prefer quiet computing over ultraspeed in a mba, for shure!
"Shure" Great company aren't they? Had the 535s for a while and loved them. (I'm assuming you know about high end audio? Lol)
meh. "sure" ok? :-) (I know all about high end audio, but I'm more of a apogee & genelec-fan...)
trip1ex
Mar 22, 04:45 PM
4 core i5 and HD3000 integrated graphics on the low-end?
