On Thu, 3 Dec 1998, STW wrote:
> >sounds strange, but it is true: The MacOS is the most secure OS on the
> >internet. By default NOTHING can be accessed by people.
> That's because nothing is compatibile with the Mac OS. (Exception:
> Alien computers in Independence Day film - ever wondered why?).
Just for completeness sake (and to help some knowledge challenged people
in the list), the MacOS is impenetrable because multiuser is not part of
its paradigm. It is not a system that was born with eight thousand doors
that can all be opened and should all be locked to prevent access. In the
MacOS you *give* whatever access you want because you use a program made
specifically to behave *exactly* like a unix (for example) program would
without the rest of the security issues associated with unix (90% of the
security holes in sendmail are actually Unix calls of which Sendmail knows
nothing about).
It's all too well to like a platform and not like another, but try always
to have the facts in front of you, or you risk being made a fool of
because you said something that tried to be witty but showed ignorance.
I am sure even unixheads in this list (of which I would like to feel part
of) *know* that the security in the MacOS has nothing to do with
incompatibility (a web server in the mac has nothing incompatible with
web browsers and works like any other, yet can't be hacked).
The difference in security between linux, windows and the MacOS can be
summed up, for those who care to know how it actually is, like this:
Unix is like a colander. full of holes. It's made it that way so you can
close up only those you don't want and let only whatever amount of liquid
you want to pass through. Some holes are very small so it is difficult to
spot them until the start leaking.
MacOS is like a pressure cooker. You only let go whatever you want, in the
amount you want it out. There are no unknown holes because the holes have
to be *expressly made*. You can even simulate a ping of death attack or a
winnuke, if you so wanted. Stuff like BackOrifice is simply unheard of in
the MacOS. You'd have to create the backdoors to enter them (agreed, a
program can do this, but that is precisely the idea)
Windows was like a saucepan that wanted to "look" like a colander so
people would say "its just as good as a colander" in the same way that it
before wanted to look just like a pressure cooker.
I hate analogies, don't you? In the end I am right. The invulnerability of
the mac has nothing to do with incompatibility and more to do with having
to carve functionality in the system when needed and as needed.
> >>The best way to insure that your code will not be accesible to *anyone* is
> >>to use a Macintosh, from there up you'll deal with ever more problems
> >>where the unixen are in both ends (linux in one end, IRIX in the other) of
> >>security <--> insecurity, with the different flavors of windows right in
> >>the middle.
> Most OS are secure if you take the effort to lock them down.
I don't get this. Lock them down? What do you mean? from being robbed or
something? other than that I have no idea what you mean... A unix machine
is vulnerable the minute you hook it up a network, and you have to start
closing holes. The mac could be connected to the network and not even see
it if you instructed it not to. There are no inherent holes in the MacOS
that need to be patched and you don't have to "secure" them in any but the
physical level.
I wonder what you actual experience with the MacOS is, that you make these
assumptions (I know what my experience with at least six unixen, three
windows, three DOS and at least five other assorted OSes is, so I can
speak about them doing them justice).
> down in the first place (I still see world readable personal files on
> Unix boxes everywhere). The problem is not that Windows is insecure,
> but that
Exactly, not the problem with the MacOS... You can only enter the MacOS if
you are allowed to, and then only to places you are allowed to (and this
is in a true sense, not in a superficial sense like in windows or unix).
> Windows defaults to an insecure condition when installed, and
> increasing the security to an effective level involves technical
> know-how and (for Win95) some extra software - though it can be argued
> that everyone needs extra software (a good virus scanner and
> firewall).
I'd install Circle on a unix box if I wanted stability or flexibility, in
a MacOS if security or a nice coding environment was an issue (codewarrior
still beats out every other coding environment around) and Windows if had
no money for a good machine. In that order.
> I think Win98 is immune to Winnuke, and NT is definately so, if you have the
> Security Pack... oops, Service Pack 3. If you run Windows 95 you're asking for
Winnuke was an example, as any of the other twelve ways to make a BSOD
appear in Windows.
BTW, no older version of the MacOS is more insecure than the current, nor
less insecure.
> Yea, I know, Linux is much more stable, and technically superior...
> but it's too much effort for me. "Start -> Settings -> Control Panel
> -> Display -> Appearance -> Font" is better than "vi xf86config"
> anyday. ;-)
You should try the MacOS then, since it is Control-Click -> Appearance ->
Font
:)
Eduo
---------------------------------------------------------------------------
Eduardo Gutierrez de Oliveira Mythago//On eduo@ciateq.mx ICQ# 3824675
Centro de Investigacion CIATEQ,A.C. -- MEXICO Research Center Queretaro
General Electric Center of Excellence - Manager of Information Systems
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/15/00 PST