Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Google Switches Away from Windows (Mostly to Mac) Due to Security Concerns

Hal Itosis said:
While you're feeling generous so with information, :) please explain how a hole in a browser got transformed into a rootkit so firmly entrenched that the patch sent from Redmond failed to dislodge it at first.

Are we saying the computer in question had all safeguards (or just UAC) disabled? No OS flaw whatsoever... rather, simply a goofy employee (running as full SA user or something?) while connected to the Internet? I simply can't find one news account which suggests that the operator was in any way responsible. (i.e., running in unprotected mode or whatever). I'd think that part would be in large bold letters.

The attack - codenamed Operation Aurora - affected Google and at least 20 other firms, including Adobe, Juniper Networks, Rackspace, Yahoo! and Symantec.

All those companies... plus Symantec too? ...with users running IE6, and UAC turned off? That's the story?

Doesn't square up somehow.
Click to expand...

There are ways to get into computers beyond traditional channels. All kinds of computers with complicated code in the OS, there are numerous vulnerabilities. No one is disputing this.

Running, a modern, secure browser, with permissions locked down, and virtually any OS you choose from today is pretty much locked down tight.

Anytime your average user gets some kind of -ware on their machines, it is because of user error.
 
rye9 said:
Kinda interesting to me considering Apple and Google haven't been getting along well.
Click to expand...

yeah, i'm betting they blew their shot at a huge discount. oh well. they can afford it.

MacGod said:
My take is - you get the platform that you can be the most productive on.
Click to expand...

Yep. I work in film, editing and such. Final cut is what works and it is what my clients want. so i give it to them.
 
Chwisch87 said:
There are ways to get into computers beyond traditional channels. All kinds of computers with complicated code in the OS, there are numerous vulnerabilities. No one is disputing this.

Running, a modern, secure browser, with permissions locked down, and virtually any OS you choose from today is pretty much locked down tight.

Anytime your average user gets some kind of -ware on their machines, it is because of user error.
Click to expand...

That's like claiming you caught a cold because you went outside!

If it's safe for me to go outside, but not safe for you to do so, yes there is a user error factor, but that user error factor relates directly to the primary error, the choice of OS.

And it's no good arguing with this logic, because if I'm safe on my Mac, and you're not on your PC, by a probability factor of several hundred thousand to one - the true situation, then there is no argument.
 
Hal Itosis said:
While you're feeling so generous with information, :) please explain how a hole in a browser got transformed into a rootkit so firmly entrenched that the patch sent from Redmond failed to dislodge it at first.

Are we saying the computer in question had all safeguards (or just UAC) disabled? No OS flaw whatsoever... rather, simply a goofy employee (running as full SA user or something?) while connected to the Internet? I simply can't find one news account which suggests that the operator was in any way responsible. (i.e., running in unprotected mode or whatever). I'd think that part would be in large bold letters.

The attack - codenamed Operation Aurora - affected Google and at least 20 other firms, including Adobe, Juniper Networks, Rackspace, Yahoo! and Symantec.

All those companies... plus Symantec too? ...with users running IE6, and UAC turned off? That's the story?

Doesn't square up somehow.
Click to expand...

The exploit applies to Internet Explorer 6, 7, 8 up to Windows 7. However, the exploit that occurred on google and other companies were from Windows XP and IE 6. Windows XP does not have UAC and Internet Explorer Protected Mode. As far as my research goes, no successful exploit occurred against Winodws Vista/7 with IE7/8. IE6 cannot be installed on Windows Vista/7.

It is possible to install user mode rootkit, which affect only the current user. A kernel mode can write to registry key HKEY_LOCAL_MACHINE, which will affect all users. A malware can still log keystrokes even with user-level privileges.

Can you please link to the Microsoft patch that to which you are referring? I had difficulties finding this patch. Generally, a security patch is only effective if you install it BEFORE the exploit occurs. I don't believe a security patch is meant to "clean up" after the fact.
 
SactoGuy18 said:
That's why I wonder why Google isn't using a decent Linux distribution like Ubuntu Linux 10.04 (Lucid Lynx) for their work machines.
Click to expand...

Because Ubuntu is a cavalcade of mediocrity and a terrible development environment?

I'm willing to bet they've made their own in-house distro or using an Enterprise Distro or derivative of (RHEL, SLED, CentOS, Whitehat etc). Distros like OpenSUSE, Fedora, Ubuntu, Arch, Mint etc are unsuitable for development. That doesn't stop anyone, but there are better solutions. (RedHat for example provides a fully featured Java dev environment.)
 
KevinN206 said:
Can you please link to the Microsoft patch that to which you are referring? I had difficulties finding this patch. Generally, a security patch is only effective if you install it BEFORE the exploit occurs. I don't believe a security patch is meant to "clean up" after the fact.
Click to expand...

Well... perhaps i misunderstood the exact sequence of events. There was mention of this patch (in the original article i linked to) which seemed to connect the two events... but i guess they were about 3 weeks apart. So apparently this was (as you say) a preventive patch intended for *other* machines (presumed clean). However, many turned out to be already rooted... unbeknownst to their users (and current AV software, presumably):
 
MorphingDragon said:
Because Ubuntu is a cavalcade of mediocrity and a terrible development environment?

I'm willing to bet they've made their own in-house distro or using an Enterprise Distro or derivative of (RHEL, SLED, CentOS, Whitehat etc). Distros like OpenSUSE, Fedora, Ubuntu, Arch, Mint etc are unsuitable for development. That doesn't stop anyone, but there are better solutions. (RedHat for example provides a fully featured Java dev environment.)
Click to expand...

Do explain how the Java dev environment is superior in SLED in comparison to Ubuntu. Or how Eclipse is better in SLED than Ubuntu. Or how GCC compilers are better in SLED or RHEL than Ubuntu.

I guess I just disagree, but we've got devs programming 3D virtual reality apps in Ubuntu, and they moved over from SLED. They didn't really care, it was for our (administrators') benefit. They set up their desktop how they like it and barely missed a beat.
 
scotty321 said:
Stop perpetuating such a ridiculous myth. Mac OS 9 had many viruses, and Mac OS 9 had just a tiny fraction of the people using it that use Mac OS X today.
Click to expand...

Actually the Mac Virus heyday was with System 6; a lot of Mac viruses didn't like multifinder and stopped working with System 7. There just weren't that many mac viruses by the time MacOS 9 came around.
 
Chwisch87 said:
are you kidding right? Microsoft is actually a pretty innovative company and the windows OS as a lot more security features than mac or linux machines have.
Click to expand...

:eek:

You're kidding right? Instead of coming up with something like Classic Microsoft's brilliant idea of allowing old software run on Windows 7 was to use Virtual PC. This results in the really goofy situation of Windows on a PC emulating Windows running on a PC. :confused:
 
Maximara said:
:eek:

You're kidding right? Instead of coming up with something like Classic Microsoft's brilliant idea of allowing old software run on Windows 7 was to use Virtual PC. This results in the really goofy situation of Windows on a PC emulating Windows running on a PC. :confused:
Click to expand...

Actually, "XP Mode" is a lot like Classic, but implemented much more cleanly.

And what's wrong with Windows v.X running a virtualized copy of Windows v.X-2?

When I retired my XP system, I P2V'd it onto my Windows 7 system - it's there if I need something that I forgot to copy to the new system, didn't install on the new system, have lost the installation kit to reinstall on my Windows 7 system, or the few cases of XP software that won't install on my x64 Windows 7 system.

You call it "goofy", but it's actually quite smart.
 
This makes me laugh.
Use your brain and think: if they switch, it has to be their linux distro.
Why? Because whatever machine that runs windows cannot run OS X. (Don't tell me people at Google are running windows in boot camp)
 
A lot of microsofts innovations are a lot of things consumers never see. Things like SharePoint, which my university is smart enough to see how awesome it is.

Nothing comes close to some of Microsoft's cloud offerings. Where Microsoft has lagged behind is the consumer realm.

Windows, because of support from the creative software industry and the gaming industry, will be the primary OS of all PC's for the foreseeable future. What happens on top of that is a different story. Google's Cloud is arguably doing better with consumers than Microsoft's cloud.

Microsoft is in a lot of ways a business services company before they are a consumer company. Steve Ballmer has also not tried to control the internet the way Bill Gates did (who was pretty successful in that regard).

As far as this Google switching goes ... has anyone contact Google for a comment?? Because basically all i see in the source list is two Google employees? Which makes this a rumor at best..
 
miles01110 said:
http://www.dailytech.com/US+Army+Says+No+to+Windows+7+Yes+to+Vista+Upgrade/article15217.htm

So...you're wrong.

Now that I think of it, there's not a single branch or agency of the US Government that has fully switched over to Macs. Assuming the respective agencies want to keep submitting payroll information to OPM this is going to be the case for a while.
Click to expand...

IIRC it wasn't the whole Army, but only a security sensitive branch who switched to Macs a couple years ago. IT is documented.

BTW, the news you are quoting (Army still using XP as primary os in mid 2009) is a demonstration of how lazy and vulnerable are government Agencies. Xp security is a nightmare ...
 
Chwisch87 said:
are you kidding right? Microsoft is actually a pretty innovative company and the windows OS as a lot more security features than mac or linux machines have.

The problem in all of this is the IE6, not windows itself.
Click to expand...

It has all the security features just to patch an in-security architecture :D
 
YIKES! Windows has security issues?

Oh well, guess it's back to JonOS - Virus free since 2003
 
polaris20 said:
Do explain how the Java dev environment is superior in SLED in comparison to Ubuntu. Or how Eclipse is better in SLED than Ubuntu. Or how GCC compilers are better in SLED or RHEL than Ubuntu.

I guess I just disagree, but we've got devs programming 3D virtual reality apps in Ubuntu, and they moved over from SLED. They didn't really care, it was for our (administrators') benefit. They set up their desktop how they like it and barely missed a beat.
Click to expand...

I'm pretty curious to know his uneducated answer too. Personally, Slackware is my choice of top notch Linux distro, but let's face it, none is really different than the others once installed. Mediocre ? Bad dev environement ? Sounds like someone doesn't know that librairies are installed in binary form and a 2nd package is needed to compile stuff from source. apt-get install build-essential is a good start.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back