Quote:
Originally Posted by Vincent Ferrari
<p>Really? Will it? Let's analyze this trojan. You have to seek out a pirated copy of Apple Software, download it, then run what you've downloaded from a questionable source. At the same time you have to be logged in as an administrator (a no-no to begin with) for the install to happen. In other words, along every step of the way you have to interact with the process using, at best, bad computing practices, to get this "infection" on your Mac.</p>
|
You realize that modern Windows "exploits" require similar amounts of interaction, yes? Infected files might be sent via email or IM, but otherwise... Pretty similar. The number of "automagical" worms has dwindled since the Win95/-98 days to a very very low number, if not zero. It's simply easier to attack the user as the weakest point in the security chain, which is a fact taught in all modern computer security courses.
I will admit, something I wish would happen in Windows is to have administrative accounts not be the default. I myself use a user-level account for daily purposes.
That said, if the user knows the root password, and is trying to install "random must-have cracked program x", no amount of access-level trickery or UAC-type systems is going to protect them. I for one would simply have my program check for root access, then pop-up a dialog that states "You must have root-level access to install random must-have cracked program x." Few users would stop long enough to think about it... Vast majority would log into root immediately and try again. This is because they trust the computer to tell them the truth and to know better than them.
As a partial aside to help prove my point, I read a story once about a user that had trouble exiting a program. When the program was told to close, it would pop up the (familiar to most users) dialog "Are you sure you want to close random program x?" The user immediately assumed that they made a mistake, since otherwise the computer wouldn't be asking if they were sure, and so therefore hit "No". (Trying to find link for this now...)
EDIT:
Found it. From Joel on Software, no less. Just search for "exit".
Quote:
Originally Posted by Vincent Ferrari
Every tech news outlet is rushing to be the first to say "See? Look! The Mac is vulnerable!" No kidding? The only people who don't think so are the mythical Mac users that think nothing can go wrong with a Mac. Ever.
|
I think you meant to say, "the mythical Mac users that think nothing can go wrong with a Mac. Like all the ones that believe Apple's massive advertizing campaign saying just that, which I suppose makes them not very mythical after all."
A final point, the majority of exploits now are for turning systems into spam-bots. In other words, a computer infected translates into a given amount of money for the spammer.
Homework: Given this, along with market share of several platforms, one of which is above 80%, please explain which one you would expect to be targeted.