On CBS.com: Watch Exclusive CSI Cross Over Video
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 4 of 136:
Next »
« Previous
I'll give it a shot.
"If you can think of something specific that MS isn't doing
that it can do to protect its users against such attacks, then
state it. I'm all ears."

As someone who uses both Mac and Windows, I see some
very distinct differences in how this issue is dealt with.
While there are few if any Mac viruses or worms, I can see
differences in the way the operating systems deal with files
that install programs on your computer and mail
attachments and the like.

In Windows, for example, if you try to open an attachment,
you get a warning that opening an attachment might be
harmful. This happens regardless of the file type, so you
get totally unnecessary warning when you try to open the
most innocuous files, including plain text, images, PDFs,
etc. I think these unnecessary warnings are the equivalent
of crying "wolf." You can't really blame the users if they
begin to believe that these messages are something they
can safely ignore after a while. Furthermore, if you save the
file to disk first, then go and open it, you don't get any
warning at all, even though it is no less dangerous than
opening it directly from the mail message. An exe is just an
exe, as far as the operating system knows, and it would be
crazy to give you a warning every time an exe file starts up.
That would really be crying "wolf."

On the Mac you can open any attachment at all without
getting a warning. Even if the file is executable, there's no
problem with running it whether it's attached to a mail
message or not. But, if the program is an executable, and it
tries to install something on your hard drive, a dialog opens
up telling you that it is trying to install something, and you
have to enter an administrative password to allow it to
continue. So the warnings are few in number, and very
specific, and you need to do more than just click "OK" to
approve it. If you received an executable attachment that
said it was a game or something, and you opened it, and
you got a warning that it was going to install something,
it's pretty obvious that it's not what it was advertised to be,
and if you weren't damn sure of its source, you have to be
nuts to enter your password. The clear advantage of Mac
OS over Windows in this respect is that the OS is better at
distinguishing different kinds of files, different kinds of
users, and different kinds of actions, and it only warns you
if something potentially serious is about to happen. It never
warns you about trying to open a plain text file.

Unix and Linux have similar safeguards, but I'll leave it up
to someone with more expertise to explain how they work.
Posted by: Immanuel Tranz-Mischen   Posted on: 02/03/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

No, it shows Microsoft software is not working!!!  Bobby Sskcat | 02/03/04
You need a life....  DarbyOhara | 02/03/04
Flaming does not prove your point  Michael Kelly | 02/03/04
I'll give it a shot.  Immanuel Tranz-Mischen | 02/03/04
Excellent suggestion  pschroeder@... | 02/03/04
So why hasn't MS done this?  Immanuel Tranz-Mischen | 02/04/04
Good question  pschroeder@... | 02/04/04
Why wait 4 to 6 years?  Immanuel Tranz-Mischen | 02/04/04
waiting  pschroeder@... | 02/05/04
partly agree  ryusen | 02/03/04
Ask And Ye Shall Receive ...  coffeenite | 02/03/04
Please do go on  Michael Kelly | 02/03/04
Points  pschroeder@... | 02/03/04
More Points  coffeenite | 02/03/04
Deep browsers and ZIP programs  pschroeder@... | 02/03/04
Browsers, operating systems, and untrusted techies  Anton Philidor | 02/03/04
No, it proves that there is always a bigger idiot  nucrash | 02/03/04
Users aren't always that dumb ...  coffeenite | 02/03/04
...but, quite often, they are!  pschroeder@... | 02/03/04
Eh ....  coffeenite | 02/03/04
What to do?  Doug@... | 02/03/04
Do this  MarcB_z | 02/03/04
Sigh  pschroeder@... | 02/03/04
Get rid of ActiveX and VBA and 97% of the problem is solved  MarcB_z | 02/04/04
Neither of which would have solved THIS problem (NT)  pschroeder@... | 02/04/04
But that other 3% thingy would have (NT)  MarcB_z | 02/05/04
maybe ... except for the dumb user issue (NT)  pschroeder@... | 02/05/04
Fine for the corporate environment  jfrankcarr | 02/03/04
question  Hanover Phist | 02/03/04
...which...  pschroeder@... | 02/03/04
you are right  ryusen | 02/03/04
Save and execute no fix  wolf_z | 02/03/04
AMEN, Built-in SECURITY helps tho'  MarcB_z | 02/03/04
Ok, so then they should have rights to restrict what you can do on your pc?  TreborG2 | 02/03/04
I think they should be restricted  voska | 02/03/04
restrictions  ryusen | 02/03/04
Nobody said "restrict"  MarcB_z | 02/04/04
Restrict execs  Domb2 | 02/03/04
don't forget...  pschroeder@... | 02/03/04
Harder to hurt yourself/easier to effect others  Domb2 | 02/03/04
integration  pschroeder@... | 02/03/04
RE Integration  Domb2 | 02/03/04
RE RE integration  pschroeder@... | 02/03/04
re re re:  ryusen | 02/03/04
Integrated NOT EQUAL TO welded  MarcB_z | 02/04/04
Exactly.  bhanes@... | 02/03/04
Maybe we could return to non-executable mail?  Atlant | 02/03/04
Easy, get rid of VB & Office Macros  MarcB_z | 02/03/04
Lot's of systems use this technology  Heatlesssun | 02/03/04
Excel and Word are good reporting tools  jfrankcarr | 02/03/04
getting rid of useful features,  ryusen | 02/03/04
Microsft "solution" negates "useful" features  MarcB_z | 02/04/04
you don't get it... JPG & GIF can have embedded URLs!  TreborG2 | 02/03/04
Stupid Human Tricks  Squawkbox | 02/03/04
Actually ... Image files don't work that way  coffeenite | 02/03/04
Email should be just plain text  voska | 02/03/04
Files  pschroeder@... | 02/03/04
Even at that  bhanes@... | 02/03/04
Of all things...  rbethell | 02/03/04
spam filtering doesn't stop mail from *known* sources  TreborG2 | 02/03/04
{cough} change the OS {cough}  Xunil_Sierutuf | 02/03/04
still the wrong answer  TreborG2 | 02/03/04
good comments  Domb2 | 02/03/04
How about  bhanes@... | 02/03/04
The answer is so simple...  Heatlesssun | 02/03/04
Simpler solution  tic swayback | 02/03/04
to scan the attachment  Fred Flintsone | 02/03/04
Yes, I read it !  chawly | 02/09/04
funny thing about linux...  ryusen | 02/03/04
Suggested Solutions  Domb2 | 02/03/04
Other options  Letophoro | 02/03/04
And item 5  Domb2 | 02/03/04
Pop-up msg's worthless  Gasman_z | 02/03/04
Overrides are too common  Domb2 | 02/03/04
Let's agree and disagree  chawly | 02/09/04
The real story  usapride | 02/03/04
About enough  MkIIISupra | 02/03/04
license requirement  Domb2 | 02/03/04
Amen ... but apply that across the boards  pschroeder@... | 02/03/04
Nice post.....  Jose Jimenez | 02/03/04
problem with licencing  ryusen | 02/03/04
The NSA are fools?  B.O.F.H. | 02/03/04
well  bhanes@... | 02/03/04
Yes but .....  chawly | 02/09/04
Granted I only deal with SMB's  JoeMama_z | 02/03/04
It won't work  j.m.galvin | 02/03/04
I have one big problem with your statement  JoeMama_z | 02/03/04
ZIP files  pschroeder@... | 02/04/04
in my origional post....  JoeMama_z | 02/04/04
antivirus  pschroeder@... | 02/04/04
Unless your anti virus updates every day.  JoeMama_z | 02/05/04
Daily updates  pschroeder@... | 02/05/04
P.L.B.A.C. Virus  JoeMama_z | 02/05/04
So what was that MyDoom thingy  FilledOut | 02/03/04
What it was  tic swayback | 02/03/04
Sorry  FilledOut | 02/03/04
Hey Kids  Fred Flintsone | 02/03/04
It Shows that Microsoft Has Near-Zero Security  brenthawkinsmd | 02/03/04
What mail software has built in Virus protection?  PeteS_z | 02/03/04
some do not  JWatson77 | 02/06/04
Corporate vs. Home users  jfrankcarr | 02/03/04
What a sad state of affairs.  No_Ax_to_Grind | 02/03/04
Actually the Internet was a DoD/DARPA project...  B.O.F.H. | 02/03/04
It started well before that.  No_Ax_to_Grind | 02/03/04
History lesson  B.O.F.H. | 02/03/04
Interesting turn of events  tic swayback | 02/03/04
Just hilarious  nograin | 02/03/04
SpongeWare  pj-xmesh | 02/03/04
We'll let you answer the phone  jfrankcarr | 02/03/04
Stop it! You can't use common sense here!!!  No_Ax_to_Grind | 02/03/04
well...  yucantrak | 02/03/04
True  JWatson77 | 02/06/04
Short coming in MS products  grumpy_trumpy | 02/03/04
Short coming in Victoria Secrets products  No_Ax_to_Grind | 02/03/04
Linux - a Burka for your computer?  jfrankcarr | 02/03/04
You still don't "get it" do you.  No_Ax_to_Grind | 02/03/04
Well, to use another analogy  jfrankcarr | 02/03/04
Congratulations - you get it  Harry Bardal | 02/03/04
Product Flaws  tic swayback | 02/03/04
The point is, blaming the victim.  No_Ax_to_Grind | 02/03/04
Should the user shoulder any responsibility?  tic swayback | 02/03/04
But...  quietLee | 02/04/04
I agree  JWatson77 | 02/06/04
How's that again?  pschroeder@... | 02/03/04
No Spam from Zombie attackers  ratatat62 | 02/03/04
Education of the END USER is the only solution  morgaine2003 | 02/04/04
Why Email Executables?  dadon | 02/04/04
Business reasons  pschroeder@... | 02/04/04
Why Email Executables?  dadon | 02/05/04
FTP  pschroeder@... | 02/05/04
Fighting Fire With Fire  LAMski | 02/08/04
Fix Email, not OS  DGSteig | 02/09/04
Wrong solution! Wrong target! Wrong thinking!  harperwill@... | 02/09/04
problem is between keyboard and chair...  absentia | 02/09/04
my Doom  a8a09923@... | 02/09/04
Oh well, sh** happens ...  Shodan_z | 02/13/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement
Click Here

SmartPlanet

Click Here