Apple Scales Back Marketing Language on OS X Security Following Flashback

[holmesf]

Any was, I think we can all agree that any device with a micro chip thats programable can have a virus.

Not true. It's totally possible to design a device that doesn't get viruses. One way to do this is by not allowing unsigned code to run. iOS is a pretty big target, yet there haven't been any viruses for it. If Apple weren't quite so sloppy with some vulnerabilities (e.g. PDF exploits) it wouldn't even be possible to jailbreak the devices.

 

[Antares]

Before widespread internet use, people were sharing floppies a lot more; thus it's much easier for viruses to propagate. Now, most people downloading app directly from vendor's site, the Mac App Store, or DVD installs (read-only, thus safer).

Many people from that era learned that you don't put someone else's disk in your slot without using some kind of protection. This still applies to today. That said, no protection is 100% safe. The only way to avoid infection is to abstain from downloading. But what fun is that?

 

[Renzatic]

Snip

No glove, no love.

 

[brdeveloper]

Many people from that era learned that you don't put someone else's disk in your slot without using some kind of protection. This still applies to today. That said, no protection is 100% safe. The only way to avoid infection is to abstain from downloading. But what fun is that?

The virtual machine was the best solution. The host computer can run only AppStore apps while the VM can run anything you download from the internet. But don't store anything personal in the unsafe VM.

----------

my stupid?



Not true. It's totally possible to design a device that doesn't get viruses. One way to do this is by not allowing unsigned code to run. iOS is a pretty big target, yet there haven't been any viruses for it. If Apple weren't quite so sloppy with some vulnerabilities (e.g. PDF exploits) it wouldn't even be possible to jailbreak the devices.

Maybe Turing, if was still alive could prove it's impossible to develop the perfect malware blocker. You can always screw up code, data, hardware and in the last instance the user. You can, on the other hand, difficult crackers' work for some time, but sooner or later, security gets broken.

 

[Sixtafoua]

That before and after font is really snazzy.

 

[Grannyville7989]

lay off the porn and you'll be alright!

Never!!!

 

[JAT]

About time; increased market share or not there's always been the possibility of malware getting onto a machine, the fact that it's taken Apple this long to really do anything to properly stop it is shameful really.

What? This article is about Apple changing some marketing copy.

 

[AidenShaw]

The virtual machine was the best solution. The host computer can run only AppStore apps while the VM can run anything you download from the internet. But don't store anything personal in the unsafe VM.

Originally Posted by zombierunner
lay off the porn and you'll be alright!

Never!!!

The obvious solution - only watch porn from a virtual machine!

 

[Renzatic]

Pfft. Half the fun of downloading porn on the internet is the risk factor. Like bungee jumping with a frayed cord...but with boobs somehow involved.

 

[AidenShaw]

Pfft. Half the fun of downloading porn on the internet is the risk factor. Like bungee jumping with a frayed cord...but with boobs somehow involved.

...or not.

 

[Renzatic]

What's the point of bungee jumping then?

 

[AidenShaw]

What's the point of bungee jumping then?

To barely not die?

 

[Renzatic]

Yeah, and there has to be a reason for that.

 

[Nanasaki]

I understand that they're just trying to protect themselves but, a Mac really doesn't get PC viruses. I think there was nothing wrong or incorrect in the original text.

I mean, do you consider a trojan to be a virus? I certainly don't.

Is this a joke or some short. You might be a techsavy, but for people like my mom or dad torjan and virus are the same. Be honost, consumers are stupid, for once, someone asked me how to install Windows programs on his Windows Phone 7 phones. You cannot under estimate stupidities of consumer. I mean, i am stupid too on something i have no idea of.

 

[ioinc]

What I find funny is that the same people that jump on Apple for changes like this saying, "See! OS X is super vulnerable to viruses!" are usually the same people that jump on Apple for things like Gatekeeper. It truly boggles the mind.

Gatekeeper strikes me as a solution looking for a problem.
I already get a message alerting me if I try to run a program downloaded from the internet.

Is gatekeeper really an improvement over this?

If you are clever enough you will just set gatekeeper to allow you to run the downloaded application.
If you are not clever enough you will not be able to install an application you want.

What is good about this over the current alert?

 

[Major.Robto]

Not true. It's totally possible to design a device that doesn't get viruses. One way to do this is by not allowing unsigned code to run. iOS is a pretty big target, yet there haven't been any viruses for it. If Apple weren't quite so sloppy with some vulnerabilities (e.g. PDF exploits) it wouldn't even be possible to jailbreak the devices.

There will always be a way to run un signed code.
It is physically imposable for something to only do what its told.

Look at the Xbox 360 its hacked, Look at the ps3 its hacked. Look at IOS its been hacked number of times, not even withthe PDF bug.

Everything can and will be hacked.

 

[NAG]

Gatekeeper strikes me as a solution looking for a problem.
I already get a message alerting me if I try to run a program downloaded from the internet.

Is gatekeeper really an improvement over this?

If you are clever enough you will just set gatekeeper to allow you to run the downloaded application.
If you are not clever enough you will not be able to install an application you want.

What is good about this over the current alert?

Yes, gatekeeper is an improvement because it has gradation. It has MacAppStore only mode, signed mode, and basically what we have now mode. The MAS only mode is probably a bit much and we're not there yet (MAS is great but the selection just isn't there). The middle mode is great, though. With signed apps Apple can revoke a signature if the app is found to be malware or otherwise bad. What happens is that on first run the computer will see the signature was revoked and refuse to run it (presumably with an explanation that it was deemed to be bad). So this is fundamentally different than the current nag screen that just says "beware, bad stuff be on the interweb" since it is somewhat intelligent. Think of it like Google's fraud site blacklist.

 

[ioinc]

Yes, gatekeeper is an improvement because it has gradation. It has MacAppStore only mode, signed mode, and basically what we have now mode. The MAS only mode is probably a bit much and we're not there yet (MAS is great but the selection just isn't there). The middle mode is great, though. With signed apps Apple can revoke a signature if the app is found to be malware or otherwise bad. What happens is that on first run the computer will see the signature was revoked and refuse to run it (presumably with an explanation that it was deemed to be bad). So this is fundamentally different than the current nag screen that just says "beware, bad stuff be on the interweb" since it is somewhat intelligent. Think of it like Google's fraud site blacklist.

It is not only when the signature is 'revoked' tho.
There is no fundamental difference between a 'revoked' signature and that of a small developer that never got a signature in the first place.

Just because Gatekeeper won't run it does not mean it is bad.

You (as an end user) still need to be able to make a judgement call or give up some of your freedom to install the aps you want.

You can accomplish all the gradients you want with a Nag message...

Let it install with no issues

or

"Beware this is an application from a source other than the MAS or a registered developer"

or

"Beware this developer had their license revoked for being bad"

 

[haruhiko]

Gatekeeper strikes me as a solution looking for a problem.
I already get a message alerting me if I try to run a program downloaded from the internet.

Is gatekeeper really an improvement over this?

If you are clever enough you will just set gatekeeper to allow you to run the downloaded application.
If you are not clever enough you will not be able to install an application you want.

What is good about this over the current alert?

Because a lot of people just click Yes/Open for whatever dialog that pops up.

 

[ioinc]

Because a lot of people just click Yes/Open for whatever dialog that pops up.

The same people will fall into one of two categories.

They will set gatekeeper to allow such installations (if they can)
or
They will give up the ability to install the software they do want.

The first makes gatekeeper useless
The second limits your computing experience.

 

[MacNewsFix]

Why change? It never did get PC viruses, and still doesn't. Microsoft could easily add "It doesn't get Mac Malware" and still be correct.

ROFLMAO! *wipes tears of laughter from eyes*

Thanks for that! Pure gold.

 

[NAG]

It is not only when the signature is 'revoked' tho.
There is no fundamental difference between a 'revoked' signature and that of a small developer that never got a signature in the first place.

Yes, there is a fundamental difference. If there is no signature you are given the option to run it.

Just because Gatekeeper won't run it does not mean it is bad.

Hence why there are three levels.

You (as an end user) still need to be able to make a judgement call or give up some of your freedom to install the aps you want.

I never said this absolves the user of responsibility. The computer isn't running itself. Additionally, this is not giving up freedom. You have multiple levels. You might as well say running as a standard user instead of an admin is giving up freedom while you're at it.

Basically, your entire post is based on FUD with the implicit message being that Apple will arbitrarily revoke signatures. This is not based on any precedent and is actually the opposite of what happens (Apple has never removed an app off iPhones because so far there has been no app that is that level of a threat).

Here is a good post that will hopefully dispel the FUD.

http://www.panic.com/blog/2012/02/about-gatekeeper/

 

[katewes]

If OSX is so safe, I'd like to know how Facebook gets access to all my gmail records.

I have a junk mail gmail account for receiving newsletters etc - and there's a Facebook account connected to that junkmail gmail account. Facebook then sends, to my junkmail account, suggestions for people I know based on the emails I receive to the junkmail account. Facebook thinks they're people I know - whereas they're just people/companies that send me newsletters and advertising email.

How on earth does Facebook get access to my gmail records? Can't OSX and its browser security stop that sort of thing?

 

[ioinc]

Basically, you're entire post is based on FUD with the implicit message being that Apple will arbitrarily revoke signatures.

http://www.panic.com/blog/2012/02/about-gatekeeper/

actually this is something you brought up not me... it never entered my mind that apple may or may not revoke anything....

It's misses the issue.

Gatekeeper remains a solution looking for a problem.

 

[risc]

Just 1 more reason to run OpenBSD on your Mac.