Archive for the ‘security by obscurity’ Category

Next Mac OS X — 10.6 — at WWDC 2008? another big cat? end of PPC?

Well, it makes sense that 10.6 will be announced soon especially with Steve Jobs’ comments to the New York Times regarding major Mac OS X, but at WWDC 2008? Hard to say.

There is also the naming question brought up at Mac360 as well …some say the only big cat left is Lion. But even a cursory look at wikipedia’s big cat page would indicate that Lion isn’t the only one unless you go with strict ‘big cat’ names. A more expansive list also includes things like Cougar, Snow Leopard, Clouded Leopard and Cheetah (or Puma) (which Apple has been used already and broke the ice for the more expansive Big Cat naming for Mac OS X).

My guess would be Cougar. I would think that would be the most logical choice. Wait to use Lion till they move to an all Intel based Macs and maybe proved their dominance might be a better choice of timing to use “The King” Lion.

And if the RoughlyDrafted magazine/blog article was correct in 2007 about their thoughts on Unraveling the PPC Myth (linked in their Leopard and the History and Future of Mac OS X on PPC article noted above), then it’s not likely going to be with 10.6.

I tend to be leaning toward RoughlyDrafted being right on that score, at least after reading over the history of Apple again in those two articles.

Also, Ars Technica last year also didn’t give any real hope that ZFS would be in 10.5 — maybe have to wait for 10.6, but I don’t think so. Too soon. I think they will wait for the next one, 10.7? or whatever that will be called. Might as well wait to do ZFS when it goes to all Intel Macs makes more sense. Make the major change then.

So, I would say Cougar makes more sense at this time. No Lion King here yet…no MAJOR change to the underpinning….yet.

And really, if the truth be known about Cougars — the Cougars are nothing to sneeze at! And with this description: “This large, solitary cat has the greatest range of any wild terrestrial mammal in the Western Hemisphere,[3] extending from Yukon in Canada to the southern Andes of South America.”?? Doesn’t that sound like the desire of Apple with their next version of Mac OS X? To be the most broadly used Mac OS/computers?

Which also would indicate (to me) that they would not want to ditch PPC just yet either … like the RoughlyDrafted articles indicated.

I really think that Microsoft made that Mistake with Vista. And I really hope Apple will not make that same mistake. But who knows with the Entertainment Cartels whispering in their ears just like they did with Microsoft…

When the dust settles and if the Entertainment Cartels get their big Win (controlling when and where you can view content on every front from TV (HDTV, computers, etc.), and the Major OS makers have totally pissed off their real paying customers, we shall see what happens then. But I think we’ve already had about enough of that as evidenced by this ExtremeTech article entitled, “How the Hollywood Morons Can Beat the Pirates! (Thanks Adam for the link!!)

EDIT: Well, I guess I had a better opinion of Apple than I should have. Apparently, according to MacRumers, who was reporting on an article from Ars Technica, Apple has decided to turn PPC users away now after all. Oh, and it’s Snow Leopard, not Cougar. More like Nuclear Winter. Very unhappy Mac user here. What a crock!

Even seemingly reliable e-mail vulnerable

Even seemingly reliable e-mail vulnerable to [unethical] hackers

“The bad guys are trying billions of random combinations … and finding new ways to break in,” says Gartner tech security analyst John Pescatore.

Crooks use flaws uncovered by fuzzing to create tainted files disguised to fool targeted employees. Earlier this year, individuals at several corporations were targeted to receive e-mail carrying an attached Excel file corrupted via a previously unknown flaw. Clicking on the file opened a worksheet with data relevant to the targeted worker; it also gave the attacker a beachhead to probe deeper into the company’s network. “The victims never really knew,” says VeriSign iDefense researcher Matt Richard, who discovered the attack.

In another attack, crooks installed a tainted QuickTime video file at several porn websites crafted to steal data from eBay and PayPal accounts, according to security firm Intego.

“It’s not just Microsoft,” says Secunia Chief Technical Officer Thomas Kristensen. “Crooks now use many different ways to gain control of computers.”

This is nothing new to many of us, but the fact that USA Today has even posted this article shows how pervasive the problem really is. And how easily people within companies, corporate or home office/small/mid sized businesses are being affected, as well as home users.

Social Engineering is alive and well. And although Windows computers are mainly targeted, no operating system is entirely safe.

However, to limit the problem to simply saying that email is the problem would be a disservice to the public.

With thousands of ordinarily safe websites hacked by unethical hackers, people don’t even have to open a dangerous email to have their computers infected with malicious tools that steal passwords, install keyloggers or other malware in order to take over the computer or spew spam, or open backdoors to pretty much do whatever they want. All behind the scenes. Often going unnoticed unless the computer becomes inordinately slowed to the point that it interferes with what the legitimate user wants to do on their computer.

There is an old saying, curiosity killed the cat … for many today, curiosity killed security, thoroughly.

On the other hand, it is also wisely reported at ImformIT in the article entitled, “Crime, War, and B.S. in the Electronic Universe“,

Unlike Chicken Little (and plenty of people in the media), Michael Kemp doesn’t believe that the sky is falling and our electronic connections will soon evaporate under attack by terrorists, criminals, and [unethical] hackers. But he does warn of a more insidious threat: By pandering to these fears, industry professionals may drive themselves right out of business.

And later in the article,

The U.S. Patriot Act has become a stick with which to beat security researchers and invade personal privacy alike. Also in the U.S., the Digital Millennium Copyright Act (DMCA) has been employed to criminalize even legitimate reverse-engineering (thanks to supposed copyright infringement), making a criminal out of Dmitry Sklyarov, and impeding research by cryptographers and security consultants alike. And what has the security industry done about these legal trends? Thus far, not a lot.

There are always AT LEAST two sides to a coin depending on which ‘dimension’ you refer to.

Overall, I think our best intelligence would dictate that we can not be naively clicking on anything that piques our fancy, or be too busy to think through before clicking or opening a file from email or on a website, or make sure that a file in an email truly is from the person we think it’s from, or assume that person has a virus-free computer, and making sure we virus check files with the latest virus definitions before opening them. Period.

We can’t assume, rightly or wrongly, that everything on a website is benign just because the organization is a good one. We have seen in the news that we can’t blindly trust every security site, bank site, sports site, news site, kid’s site, good cause site, etc.

Sometimes we seem to get caught by malware, when we were only doing what seemed reasonable — trusting a known good site.

We need a heads up on what search results appear to be safe and which ones do not appear safe or have some problems like good and bad downloads, or popups, or massive emails sent after visiting a particular site.

There are some really good security tools out there for many of the problems that we might come up against. They may not all be free, but they are available.

Fear is never a good thing. F.U.D. (Fear, Uncertainty, Doubt) is a big enemy to thinking individuals, communities and governments.

Tag Cloud

Follow

Get every new post delivered to your Inbox.

Join 359 other followers

%d bloggers like this: