Category: Symantec

Microsoft’s subtle trick…

The Devil

I remember a Christian once saying to me that the best day’s work that the Devil ever did, was to convince everyone that he didn’t exist.

A similar analogy, is that the socialists have convinced everyone that George Orwell’s book ‘1984’ was about fascism, when actually it’s about the dangers of unrestricted socialism (IngSoc, stands for Engligh Socialism).

These thoughts were piqued when I read a newspaper article in the UK’s DailyMail newspaper, outlining the experience the reporter had when they accidentally clicked on a spammer’s email.

The chaos that ensued, highlighted the dangers of clicking on these sorts of emails, and the article well worth a skim:

Courtesy of the UK’s DailyMail newspaper:

I always like to read articles like this because they show the computer experiences of your average Windows user; and I mean the really average Windows user.

The average Windows user makes up the majority of Microsoft customer base, and this article perfectly illustrates the clever trick that Microsoft has played upon them.

The article in question is basically about someone who received an email that asked for all sorts of personal information. This email was a spam email, but the user dumbly accepted it as legitimate, and duly got conned – malware was installed and all sorts of chaos ensued.

Now you can comment on the ineptness of the user, but this article isn’t about their stupidity, it’s about the person that they ultimately blamed.

It’s a big, long article that goes into great detail about what happened to them, but nowhere and I mean nowhere in the article is the word ‘Windows’ or the word ‘Microsoft’ mentioned. Not once.

Ultimately the person who they blamed was – Yahoo. They blamed the email service for failing to filter out the email.

Not themselves for being so inept, not Microsoft for selling them an OS with security holes, but Yahoo. Poor Yahoo.

From the article:

Finally on Monday, three days later, smooth-sounding Jessica from ‘the Yahoo concierge service’ called to help me get back into my account and reassure me that Yahoo took such violations very seriously.
She would not be drawn on who might be responsible at Yahoo for stopping hackers. I wanted to know why Yahoo’s own filter system hadn’t spotted a bogus email sent in their name and taken it out before I opened it.

And here lies the biggest trick that Microsoft has made – they’ve made themselves invisible.

They’ve subtly altered people’s perception of computing so that they are blameless.
They’ve convinced the average Windows user that security holes are a way of life, and it’s not their fault, but it’s the fault of:
  1. You for not constantly being on your guard to make up for the fact that an email link can allow remote software to be installed.
  2. The ‘bad guys’ who send out these emails and take advantage of the security holes in Microsoft software
  3. The email provider for not filtering out the ‘bad guy’s’ emails.
All this is very depressing, but even more depressing are the 30 or so comments to this article from more ‘average Windows users’.
They all comment on the dangers of email, how they had spam before, and how they ultimately accept it as a way of computing life.
To add insult to injury, a drone from Sophos gives 3 golden rules for online safety – not one of them states to give up Microsoft software and choose Linux or Apple.
I’m fully aware that phishing emails are a malware-vehicle that could be used on these platforms as well, but the security hole that this email exploited was for Windows – as most, if not all of them are.

The month of Apple bugs…


I started writing this blog to outline some of my personal experiences of the Apple experience, in the hope that I may shine a light on the reasons why people such as myself choose Apple whenever they can.

I rarely comment on wider Apple-related tech issues, because they are usually well documented already, on blogs and Mac-tech sites far more eloquently than I could manage.

But this time I feel that I’d like to air my views on a small group of people who have made the Apple-headlines recently.

I’ll briefly go into some history (as you probably, as a Mac-user, know the details of this extensively already).

Last year a group of security experts highlighted a potential security threat with Mac’s and their wireless capabilities. They showed a Mac being hacked over a wireless network.

Now, this is about as bad as it gets in terms of security, and the entire Mac web rose up in alarm.

But then cracks started to appear. They started with the fact that the hack did not occur with the built in wireless card, but a third party one. Now, most Mac-users clearly pointed out that you would not install any third party hardware as a perfectly good wireless card was already installed by default.

Okay, said the protagonists, but you can hack the Apple-card as well, we just won’t show you that bit.

Hmmm. Coupled with a remark that they would like to stub a lit cigarette out in Mac-users eyes, most of the Mac-web (and even the more neutral sites), brushed off this ‘threat’ as minor at best.

Fast forward to late last year, and these same ‘security experts’ proposed a media event entitled, “The Month Of Apple Bugs”, to highlight one Apple bug per day, thus proving that all Mac-users live in a dream world and they are just the people to shatter that dream.
It’s now approaching the end of that month and what has been the result? Well, a little mixed. Some of the bugs are serious (Quicktime & Disk Image bugs), some pointless (cause the application to crash), and some bizarre, (using third party applications with no connection to Apple).

I have no problem with them highlighting these bugs at all. I think the work they are doing is valid and needed.

I would argue that their precept (that all Mac-users think that the Mac is bulletproof), is deluded and is created by anti-Mac press trying to give us enough rope to hang ourselves with, but that’s really not my point.

My point, or points are:

1) The motivation to highlight these bugs in the first place is suspect, and

2) The execution in highlighting these bugs is downright dangerous and childish.

Their reasons for doing this work has never been sufficiently explained. It seems to me to be born out of a frustration with Mac-users. They seem to think that we are somehow deluded in our choice of Apple, and that the software that Apple writes is just as full of security holes as Windows (which is arguable). I think they’ve spent far too much time on digg and slashdot personally, and have an axe to grind.

Whatever their reasons, their execution is, as I’ve said, is dangerous and childish.

The way it usually works is this: you find a security vulnerability and you inform the manufacturer first, before releasing it to the public. You can add a time limit on to this if you want, but it’s good manners to give the manufacturer a little breathing space. Once the manufacturer has released a fix, you get a mention in the release notes – kudos to you.

That’s it. That’s all you get and that’s all you should want – public praise for your effort, which will increase your standing in the tech community. You shouldn’t want any more praise, because hey, this is all about helping and safeguarding users by informing the manufacturer of bugs and strengthening the OS isn’t it?

It’s not about your ego, is it?

The person that uncovers a previously unknown bug isn’t the bad guy, are they?

And here is where their execution stinks. Their execution, by not informing Apple before releasing the bug into the wild actually hurts the users, damages Apple, and only gives them more ammunition for their egos.

This is all about a childish attempt by a pissed off Windows user to get back at Apple users because for some reason, the fact that there are a few stupid Mac-users on Slashdot who keep on saying that the Mac is bulletproof, he feels it is his duty to stub a lit cigarette out in our eyes (metaphorically speaking).

I’ve said it before and I’ll say it again – Windows users are really screwed up people.

Norton No More…

Norton no more

Yesterday marked a sad day for my personal experiences in a Macintosh studio. The very last Mac (a G4 867mhz which I use as a print server), has had the very last copy of Norton Utilities/Antivirus removed from it. For the first time, Norton is no longer part of my studio set-up, for the first time I have NO antivirus or disk utility software in my studio, for the first time I am vulnerable.

Well technically, Norton Utilities hasn’t been on the network for a while, ever since 10.2. A series of crashes, slowdowns & general instability that I couldn’t pin down the cause of, finally persuaded me to not bother upgrading when I moved the studio to 10.3, and 10.4 finally finished it off. These Mac’s have been fine since. Coincidence? I think not.

But I still had to have anti-virus right? So i bought Norton Antivirus 9, and installed it onto the Mac’s in the studio, and for while everything was good. But again, after a series of instability episodes, plus some of the feedback that I have read on the web, I finally decided that I had had enough of Symantec’s products and upon upgrading the Mac’s to

Tiger, I am finally free, and vulnerable.

But how vulnerable am I exactly? In my experience, systems previous to Mac OS X, really did need Norton. A full install of Norton, and regular (weekly/monthly) rounds of running system checks & rebuilding desktops was required to keep each Mac running smoothly. And, let’s face it, systems previous to X crashed every few days or so.

But upon moving to X, it was like a breath of fresh air. I moved to X when 10.2 was released and initially I was concerned over it’s stability, and I felt I needed Norton as a cushion for this system, and as a cushion for my misguided views in comparing it to OS 9.

Over time though, the rock-solid reliability has astounded me. It wasn’t until I had to visit a print shop that was still using OS 9 in order to see through the repro of a print job, that

I saw what I used to have to put up with. Upon seeing Norton Systemworks popping up every once in a while, I remarked that this piece of software caused more problems than it solved. I was rebuked for this, with the printer saying, “but I need that software to keep things running smoothly!”

And he’s right, if you’re running OS 9 then I would agree (just) that you do need Norton, however once you move to X, leave it behind.

But, what about viruses? Well, as you know, (all together now), “THERE ARE NO VIRUSES FOR THE MACINTOSH PLATFORM”, but I am part of a Windows organisation, and I do receive the odd email with a Windows virus attached so I should run some sort of antivirus right?

Wrong. There are 2 potential threats here. The first is the passing on of a Windows viruses via email, and the second is the very slight chance that a Mac virus may appear at some point, taking advantage of some as yet unforeseen security vulnerability in Mac OS X.

The first is taken care of by education. I keep my Mac staff aware of the problem that they should not forward these types of email. They are very easy to spot anyway.

The second part of the problem would not be solved by Antivirus. A new virus would not be covered by Antivirus as it would not know about the new virus until it struck. Antivirus only makes sense when the OS you’re using is inundated by hundreds of viruses all of different types and you need constant protection to be safe, as per Windows.

This isn’t the case on the Mac. I think we’re much better off allowing Apple to plug the holes before they’re exploited, rather than running Antivirus that sucks at your systems processor cycles. When a virus does strike (and it’s bound to sooner or later), then we’re partially protected because it would need permission to run, and if it could run without permission, it would only affect things in your home directory, as I don’t have root enabled on any Mac, (and you shouldn’t either), and I have extremely good, daily backup (as you should have as well).

It is a sad day, but only for Symantec. I can understand why the shift in focus away from the Mac makes sense, they just look at the numbers. The grass is much greener on the Windows side, and always will be, even with Longhorn’s apparent improvements. But it’s a happy day for my studio, because the Mac no longer needs Norton.