McAfee bites into Apple security

TalkBack 11 of 55:

Next »

« Previous

• Thread View
• Flat View

Another software developer that doesn't get it.

It's really no wonder tons of WIndows apps don't work as limited users. People like you and the guy above write them.

"Microsoft placed IE browser code within the codebase for the OS...."

This has nothing to do with security. You would know that if you knew what integration with the OS meant in terms of IE. I can only guess that you are one of the many people who think IE is "in the kernel" or something similarly naive. IE's OS integration was an antitrust issue, not a security issue.

"Not all Windows applications behave well if they're not running
under an administrative user. For example, I know of a CRM
used within some corporations which runs via ActiveX controls
(unfortunately, they won't run if they're not admin on the box, so
_all_ persons in the company are local admins)."

Sorry but we have 1000 windows desktops at work, and nobody had local admnin rights. A couple of people even use an IE based app that uses ActiveX and even they do not get local admin rights. You don't need local admin rights to run an ActiveX control. You only need them to *install* one. I've occasionaly had to fix apps that behave badly and require access to areas where they should. No doubt they are written by developers like you. There is no technical reason why application cannot be written to work just fine as regular users.


"The fact is that if OSX users used iptables to watch outgoing
traffic (or apps Little Snitch), then your scenario wouldn't be
particularly applicable."

Lets not play the "if" game now. Do you honestly think a signifigant number of mac users even bother to turn their firewall on? If you do, then you are subscribing to the false premise that Mac users are more savy than WIndows users. They are not, and it's obvious by just talking to them. If anything, they are even more clueless about their computer works than Windows users, and that's saying a lot. If Windows XP was shipped creating limited users by default, malware would still be a huge problem. Again, you keep brining up the red herring of admin rights.

"Before you ask: yes, I'm a software engineer and system
administrator. Yes, I previously managed the corporate CRMs
and local desktop code. So yes, I do have a clue as to what I'm
talking about."

Saying you're an engineer isn't too impressive if you engineer turds. If you were to come on as a sysadmin where I work, I'd have you start out managing print servers or something else trivial, so that you couldn't do too much damage, while you were reeducated about how Windows works. If you came on as an app developer, any code you wrote that didn't run as a limited user would be thrown back into your face, labled as "broken".

Posted by: toadlife   Posted on: 05/07/06 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
• The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
• Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now