sinsin07
Apr 9, 06:44 AM
I would consider myself a hardcore gamer and I'm not ashamed of it. I went to PAX East the last 2 years and own all 3 home consoles plus a PSP, 3DS, DSi, iPhone and iPad. Gaming kept me away from all the drugs and alcohol that my friends were doing in high school. I'm almost 30 now and I'm married, have a good job, have a beautiful home and a beautiful wife, so lets not get stereotyped.
David and Victoria Beckham
David Beckham in PRPS Jeans
David and Victoria Beckham
david beckham and victoria
David and Victoria Beckham
David and Victoria Beckham on
David and Victoria Beckham
David Beckham And Victoria
Victoria Beckham and David
DAVID and Victoria Beckham
David, Victoria Beckham Royal
David Beckham and Victoria
David and Victoria Beckham
Victoria and David#39;s wedding
Victoria and David Beckham
I WANT DAVID BECKHAMS KNITTED
Victoria+Beckham in David
David Beckham celebrated
MorphingDragon
May 2, 09:15 AM
Bigger, most Windows PC have anti-virus, can you say the same for Macs?
Yes, we can also say its completely useless. Can you say that?
XP Antimalware 2011 doesn't count either ;)
Yes, we can also say its completely useless. Can you say that?
XP Antimalware 2011 doesn't count either ;)
munkery
May 2, 05:41 PM
What is "an installer" but an executable file and what prevents me from writing "an installer" that does more than just "installing".
My response, why bother worrying about this when the attacker can do the same thing via shellcode generated in the background by exploiting a running process so the the user is unaware that code is being executed on the system.
I don't know of any Javascript DOM manipulation that lets you have write/read access to the local filesystem. This is already sandboxed.
The scripting engine in the current Safari is not yet sandboxed.
Here is a list of Javascript vulnerabilities:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Mac+OS+X+Javascript
The issue is Safari is launching an executable file that sits outside the browser sandbox.
In the current Safari, only some plugins are sandboxed, so this wasn't execution outside the sandbox.
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
Except this:
Switching off or turning down UAC in Windows also equally impacts the strength of MIC (Windows sandboxing mechanism) because it functions based on inherited permissions. Unix DAC in Mac OS X functions via inherited permissions but MAC (mandatory access controls -> OS X sandbox) does not. Windows does not have a sandbox like OS X.
UAC, by default, does not use a unique identifier (password) so it is more susceptible to attacks the rely on spoofing prompts that appear to be unrelated to UAC to steal authentication. If a password is attached to authentication, these spoofed prompts fail to work.
Unix DAC is turned off in OS X in the root user account.
My response, why bother worrying about this when the attacker can do the same thing via shellcode generated in the background by exploiting a running process so the the user is unaware that code is being executed on the system.
I don't know of any Javascript DOM manipulation that lets you have write/read access to the local filesystem. This is already sandboxed.
The scripting engine in the current Safari is not yet sandboxed.
Here is a list of Javascript vulnerabilities:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Mac+OS+X+Javascript
The issue is Safari is launching an executable file that sits outside the browser sandbox.
In the current Safari, only some plugins are sandboxed, so this wasn't execution outside the sandbox.
All that having been said, UAC has really evened the bar for Windows Vista and 7 (moreso in 7 after the usability tweaks Microsoft put in to stop people from disabling it). I see no functional security difference between the OS X authorization scheme and the Windows UAC scheme.
Except this:
Switching off or turning down UAC in Windows also equally impacts the strength of MIC (Windows sandboxing mechanism) because it functions based on inherited permissions. Unix DAC in Mac OS X functions via inherited permissions but MAC (mandatory access controls -> OS X sandbox) does not. Windows does not have a sandbox like OS X.
UAC, by default, does not use a unique identifier (password) so it is more susceptible to attacks the rely on spoofing prompts that appear to be unrelated to UAC to steal authentication. If a password is attached to authentication, these spoofed prompts fail to work.
Unix DAC is turned off in OS X in the root user account.
rasmasyean
Mar 12, 03:34 AM
What the hell? Why doesn't the wind blow it into China instead??? :D
Anyways, that seems kinda extreme. That looks worse than a nuclear missle strike.
Anyways, that seems kinda extreme. That looks worse than a nuclear missle strike.
Sounds Good
Apr 5, 06:21 PM
Under the Apple menu on the top toolbar, you can access both recently used programs and recently used files just the same as in the Windows Start menu.
Ahh, good. Thanks. Are we able to put our "favorite" programs or files there too, like on the Windows Start menu? (even if they are not the most recently used?)
It's essentially the same thing, but better.
Why / how is it better?
Ahh, good. Thanks. Are we able to put our "favorite" programs or files there too, like on the Windows Start menu? (even if they are not the most recently used?)
It's essentially the same thing, but better.
Why / how is it better?
eternlgladiator
Mar 11, 08:50 AM
This is just crazy. They quoted a girl on cnn from their facebook comments saying the failnami was a big letdown. What a gigantic "tw*t".
risc
Sep 12, 03:44 PM
An interesting device it sounds like the El Gato EyeHome. As long as it can play all normal video/audio formats (whatever you have QuickTime components for) and it has support for El Gato EyeTV I'll happily replace my XP MCE box with one.
ericinboston
Apr 28, 09:17 AM
I would LOVE to buy an iMac...and have been wanting for a few years...but $1200 for essentially a web surfing machine and iPod syncing machine is just too expensive for what it will be used for. My 4+ year old Mac Mini works just fine and even that was a lot of money when I got it ($1200).
A very high percentage of consumers (as is reflected still now in 2011 personal computer marketshare) primarily do web-based activities, a little bit of Office productivity, and iTunes and thus do not need to spend 2x the money for product B when product A is fine. Why buy a Mac for $1200+ when a $600 Windows box (including nice 20"+ monitor) will fit the bill just fine?
Not trying to start the never-ending debate but this is the reality.
I love the iMac look...but after a few minutes of pondering, I can get a machine for 1/2 the price with the same size monitor that will do exactly what I (and 90% of consumers) need. If you're a Mac lover or have to use the Mac for particular reasons, of course the Mac is going to be your choice. But for the high majority of consumers in the world...there's just no need to spend twice the price.
A very high percentage of consumers (as is reflected still now in 2011 personal computer marketshare) primarily do web-based activities, a little bit of Office productivity, and iTunes and thus do not need to spend 2x the money for product B when product A is fine. Why buy a Mac for $1200+ when a $600 Windows box (including nice 20"+ monitor) will fit the bill just fine?
Not trying to start the never-ending debate but this is the reality.
I love the iMac look...but after a few minutes of pondering, I can get a machine for 1/2 the price with the same size monitor that will do exactly what I (and 90% of consumers) need. If you're a Mac lover or have to use the Mac for particular reasons, of course the Mac is going to be your choice. But for the high majority of consumers in the world...there's just no need to spend twice the price.
840quadra
Apr 28, 08:52 AM
Oh yeah, it's definitely trending downward now instead of still climbing, but it took almost a decade before that happened, not 3 or 4 years as claimed earlier. And they still sell millions every year, which you cannot say about pet rocks. That's the difference between a fad and a popular product. In a fad, the sales dry up quickly.
I understand what you are getting at. I still personally feel it is a fad, and it is drawing to a close. But I alone can't label it as such. :(
Speaking of fads, when will the current craze if wearing HUGE face covering sunglassess end? :cool: :p
I understand what you are getting at. I still personally feel it is a fad, and it is drawing to a close. But I alone can't label it as such. :(
Speaking of fads, when will the current craze if wearing HUGE face covering sunglassess end? :cool: :p
ChrisA
Sep 26, 12:08 PM
What incentive does anyone ever have to buy if they keep announcing new chips?
What incentive? Money. If you need to get some work out to a client you need to have some kind of computer. For example we bought a new Dual Xeon system with 4GB RAM and a set of SCSI disks because the old box was "way slow" now I can do many more Build/Test/Debug cycles every day. Yes there are now even faster boxes but I've gotten much more work done that had we waited would not have gotten done. The $4500 computer paid for it self rather quickly
On the other hand if a computer is to be used as a game console and media player you can never justify the price. It's just a toy and you buy it with "disposable" income with no hope of a return on the investment
But most of these Mac Pros are sold to people who at least hope to make more money with the machine than they spent for it. So for most users waiting is simply to expensive.
Also solid state drives are needed to properly service the I/O needs. Why NOT put a solid state SATA drive in one slot on a MacPro so you can use it for a swap space?
How many "page outs" per second does your system do? If you have enough RAM not many. Even those few writes DO go into RAM. There is likey a large RAM cache built into the disk drive. As for "page ins" they mostly come from your Applcations Folder, not the swap space. Mac OSX is smart enough to know that it does not need to write RAM pages to swap space if the RAM page contains only executable code. If you want to make the system go faster you would put your applactions in the solid state SATA so as to speed up page ins. But if space is limited a better way would be to put only the applactions you are currently using in the solid state SATA but to go even faster why not skip the bottleneck of the SATA interface and put the RAM that would have gone into the solid state SATA on your system bus. This is what modern computers do. They maintain a RAM cache of the disk(s). With the data (cache of the disk) in system RAM it need not even move. The OS simply does some "magic" with mapping registers and the data appera to move without need of any physical copy. A write to a register is more than 1000 times faster then moving data off a sold state SAYA drive.
The ONLY cases where a solid state SATA disk could improve performance is (1) if you have already maxed out the computer's system RAM and need to add even more. So either your Mac Pro is at 16MB or you imac is at 3GB and you need more. or (2) You have a huge abount of dta to process and you put the data in the solid state drive. This means the drive will be hugely expensive. Cheaper to use something like a SAN storage.
What incentive? Money. If you need to get some work out to a client you need to have some kind of computer. For example we bought a new Dual Xeon system with 4GB RAM and a set of SCSI disks because the old box was "way slow" now I can do many more Build/Test/Debug cycles every day. Yes there are now even faster boxes but I've gotten much more work done that had we waited would not have gotten done. The $4500 computer paid for it self rather quickly
On the other hand if a computer is to be used as a game console and media player you can never justify the price. It's just a toy and you buy it with "disposable" income with no hope of a return on the investment
But most of these Mac Pros are sold to people who at least hope to make more money with the machine than they spent for it. So for most users waiting is simply to expensive.
Also solid state drives are needed to properly service the I/O needs. Why NOT put a solid state SATA drive in one slot on a MacPro so you can use it for a swap space?
How many "page outs" per second does your system do? If you have enough RAM not many. Even those few writes DO go into RAM. There is likey a large RAM cache built into the disk drive. As for "page ins" they mostly come from your Applcations Folder, not the swap space. Mac OSX is smart enough to know that it does not need to write RAM pages to swap space if the RAM page contains only executable code. If you want to make the system go faster you would put your applactions in the solid state SATA so as to speed up page ins. But if space is limited a better way would be to put only the applactions you are currently using in the solid state SATA but to go even faster why not skip the bottleneck of the SATA interface and put the RAM that would have gone into the solid state SATA on your system bus. This is what modern computers do. They maintain a RAM cache of the disk(s). With the data (cache of the disk) in system RAM it need not even move. The OS simply does some "magic" with mapping registers and the data appera to move without need of any physical copy. A write to a register is more than 1000 times faster then moving data off a sold state SAYA drive.
The ONLY cases where a solid state SATA disk could improve performance is (1) if you have already maxed out the computer's system RAM and need to add even more. So either your Mac Pro is at 16MB or you imac is at 3GB and you need more. or (2) You have a huge abount of dta to process and you put the data in the solid state drive. This means the drive will be hugely expensive. Cheaper to use something like a SAN storage.
shawnce
Oct 26, 12:04 PM
Run an RGB to CMYK conversion on a 1 Gig Photoshop file with embedded profiles -- watch activity monitor. See that all four processors kick in for this processes. Many Photoshop processes efficiently use all four processors.
Just wanted to note...
It is easy to confuse a single thread bouncing among available cores as it gets scheduled (which happens easily on Mac OS X) and multiple threads executing in parallel on multiple cores if you look at per CPU utilization graphs because of sampling artifacts.
In top you want to look at "CPU usage" or in activity monitor look at "% Idle". If idle CPU usage is close to zero then you are truly utilizing the cores in your system which often implies that the application you are using is spreading the work across the available cores. In a four core system if idle CPU is around 75% (usually several percentage points under that because of system related threads supporting the application) then the application is really only using a single core (single threaded). In a four core system if idle CPU is around 50% then the application is really only using two cores (two threads). etc.
You can also look at load average in top. If the load average is around 1 then the work load on the system is on average only utilizing one core. If the load average is around 2, then on average two cores are being utilized. etc. If the load average is greater then the number of cores in the system then the work load is greater then what the cores in the system can run concurrently.
Note load average (and CPU %) will be depressed if the work load is IO bound and not CPU bound... so an application could be attempting to utilize multiple cores (use multiple threads) but IO bandwidth, etc. is starving those threads of the data they need and hence preventing them from executing.
The best way to know that an application is utilizing multiple threads for a task is to use tools like sample and Shark.
Just wanted to note...
It is easy to confuse a single thread bouncing among available cores as it gets scheduled (which happens easily on Mac OS X) and multiple threads executing in parallel on multiple cores if you look at per CPU utilization graphs because of sampling artifacts.
In top you want to look at "CPU usage" or in activity monitor look at "% Idle". If idle CPU usage is close to zero then you are truly utilizing the cores in your system which often implies that the application you are using is spreading the work across the available cores. In a four core system if idle CPU is around 75% (usually several percentage points under that because of system related threads supporting the application) then the application is really only using a single core (single threaded). In a four core system if idle CPU is around 50% then the application is really only using two cores (two threads). etc.
You can also look at load average in top. If the load average is around 1 then the work load on the system is on average only utilizing one core. If the load average is around 2, then on average two cores are being utilized. etc. If the load average is greater then the number of cores in the system then the work load is greater then what the cores in the system can run concurrently.
Note load average (and CPU %) will be depressed if the work load is IO bound and not CPU bound... so an application could be attempting to utilize multiple cores (use multiple threads) but IO bandwidth, etc. is starving those threads of the data they need and hence preventing them from executing.
The best way to know that an application is utilizing multiple threads for a task is to use tools like sample and Shark.
samcraig
Mar 18, 08:38 AM
OMG you still done get it:
No no, as long as you abide by the amount of data in the plan it should not matter how you use it.
You can't steal what you paid for, you buy 100 cable channels that is what you get and use
You buy 2gb and use 1gb you have used 1gb no matter if its on the phone or laptop. 1gb= 1gb
Ok? the tethering give you 2gb for the money I see that and I have read the tethering and Data pro are added to total 4gb for the charge. So you and At&t prove my point thank you! Data=Data, they add it together and it is the same.
LOL no its the same use of Data as on the phone.
Tethering does not do something different to AT&t, its just using Data
you may not understand how Data is used from the source but I assure you there is no difference to AT&t when you tether and when you surf YOUTUBE on the phone.
To At&t Data=Data and its been their words not mine every time its printed by them.
So far I have not seen an argument that proves otherwise.:rolleyes:
Data is Data. And a contract is a contract. If you don't like the terms of a contract - don't sign. Or break it and deal with the consequences. ATT starting to bill for a service outside the contract is a consequence of breaking your original deal.
Again - for those with capped data plans - this makes no sense and I agree it's stupid. For those on unlimited plans - it makes 100 percent perfect sense.
No no, as long as you abide by the amount of data in the plan it should not matter how you use it.
You can't steal what you paid for, you buy 100 cable channels that is what you get and use
You buy 2gb and use 1gb you have used 1gb no matter if its on the phone or laptop. 1gb= 1gb
Ok? the tethering give you 2gb for the money I see that and I have read the tethering and Data pro are added to total 4gb for the charge. So you and At&t prove my point thank you! Data=Data, they add it together and it is the same.
LOL no its the same use of Data as on the phone.
Tethering does not do something different to AT&t, its just using Data
you may not understand how Data is used from the source but I assure you there is no difference to AT&t when you tether and when you surf YOUTUBE on the phone.
To At&t Data=Data and its been their words not mine every time its printed by them.
So far I have not seen an argument that proves otherwise.:rolleyes:
Data is Data. And a contract is a contract. If you don't like the terms of a contract - don't sign. Or break it and deal with the consequences. ATT starting to bill for a service outside the contract is a consequence of breaking your original deal.
Again - for those with capped data plans - this makes no sense and I agree it's stupid. For those on unlimited plans - it makes 100 percent perfect sense.
amaxware
Nov 3, 11:20 AM
Anyone hear of Apple going the opposite direction with the Xeon.
i.e. how about a single dual-core?
i.e. how about a single dual-core?
j763
Oct 10, 01:54 AM
Originally posted by TheT
I think Mac users just live in their happy little world and think their computers are still the fastest... well, wake up!
couldn't agree more. you use macs for software not for the absolute $#!+ apple has under-the-hood. i was at this MUG meeting the other day and the question was raised as to whether a mac was the fastest thing out there for graphics. i laughed at the suggestion and said "No way". this guy next to me, who was obviously a mac bigot (not necessarily a bad thing) said "You're wrong. They are the fastest thing out there. The Velocity Engine makes the powermac g4 the fastest machine out there for graphics. Blah blah blah blah blah......". I just turned to him and said "SGI Workstations". that was the end of the conversation (he didn't know what an sgi workstation was).
all that said, i've got a dual 1.25 and it's an excellent machine... but you just have to realise that no, it's not the fastest thing out there.
[ANTI-WINDOWS]
BUT... i'd like to raise this important point. wtf are the win32 users using their CPU power for? Typing up word documents really fast? browsing the web with Internet Exporer v6.000.21312.185726351;SP1? or perhaps having to wait only 10 seconds for windows media player to launch? win32 is simply a craptacular operating system to the extent where it shouldn't be recognized (and i certainly don't recognize it) as a real operating system. mac and *nix (excl. linux-on-the-desktop) is where it's at. get over it.
[/ANTI-WINDOWS]
I think Mac users just live in their happy little world and think their computers are still the fastest... well, wake up!
couldn't agree more. you use macs for software not for the absolute $#!+ apple has under-the-hood. i was at this MUG meeting the other day and the question was raised as to whether a mac was the fastest thing out there for graphics. i laughed at the suggestion and said "No way". this guy next to me, who was obviously a mac bigot (not necessarily a bad thing) said "You're wrong. They are the fastest thing out there. The Velocity Engine makes the powermac g4 the fastest machine out there for graphics. Blah blah blah blah blah......". I just turned to him and said "SGI Workstations". that was the end of the conversation (he didn't know what an sgi workstation was).
all that said, i've got a dual 1.25 and it's an excellent machine... but you just have to realise that no, it's not the fastest thing out there.
[ANTI-WINDOWS]
BUT... i'd like to raise this important point. wtf are the win32 users using their CPU power for? Typing up word documents really fast? browsing the web with Internet Exporer v6.000.21312.185726351;SP1? or perhaps having to wait only 10 seconds for windows media player to launch? win32 is simply a craptacular operating system to the extent where it shouldn't be recognized (and i certainly don't recognize it) as a real operating system. mac and *nix (excl. linux-on-the-desktop) is where it's at. get over it.
[/ANTI-WINDOWS]
fehhkk
Mar 18, 12:44 PM
Carriers don't seem to understand that if you consume your 2GB data allowance in one day, it's actually better for them, because they will get your for overages :D
Stupid AT&T.
On a separate note, I don't think I mind paying $20 for an extra 2GB of data. I was paying $59.99 for a Verizon USB data stick for a 5GB/mo. plan... So, since I don't tether that much, it seems adequate, *AND* I can switch off the tethering plan as I need it (without getting into a 2 year contract for just a USB data stick).
Stupid AT&T.
On a separate note, I don't think I mind paying $20 for an extra 2GB of data. I was paying $59.99 for a Verizon USB data stick for a 5GB/mo. plan... So, since I don't tether that much, it seems adequate, *AND* I can switch off the tethering plan as I need it (without getting into a 2 year contract for just a USB data stick).
samcraig
Mar 18, 12:37 PM
I want that text so I can call them up and lambast the eff out of them.
I'm not jailbroken, I don't tether. But it pisses me off that they are wanting to limit data.
I just checked, my data use per month for the last six months is anywhere from 4GB-7GB a month. Mostly because I stream a radio station. Pandora is better at managing data sending it in packets, this app uses straight streaming.
I'll be staying off my wifi at home and at work.
Ok - so you didn't even get the text. You might never get the text - but yet you're still going to have a tantrum and "teach ATT a lesson" ??? Ok - good luck with that.
I never said anything about it being an accident. I also don't think your argument is "clear" unless you have some kind of internal information that the rest of us don't know about.
If it is really that simple to develop "rules and logic engines" to crack down on tethering, why did it take almost a full year (after introducing tethering) to do it? A logical evaluation of network activity (one that can be done by a computer) works in many cases, but there are always instances where it misses things, or triggers a false alert. AT&T is limited in this regard. I also don't see anything special about the mobile hotspot feature that allows AT&T more access to information that it did not have previously. See the rest of my post.
If people aren't being careful about what they are doing online while tethered (for example, they are doing things their iPhones cannot do natively), it's pretty simple for AT&T to see that kind of activity. But someone who is smart about it can probably get by indefinitely.
I think AT&T is starting to panicking about the people who are leaving to go to Verizon. They need to make sure they are milking every dime they can get out of the iPhone users they still have
You missed the point of what I said in my post. For one - I explained why they may have waited. Pretty clearly.
I'm guessing a lot of people here are pissing and moaning about something that hasn't even affected them (yet) and might not ever. Which is even sillier. It sounds like very few (if any) on this thread actually GOT the email/txt.
And to reiterate what I said several posts ago (but so few people read full threads...) that I don't agree with ATT charging twice for people on CAPPED plans. If you pay for 2 gigs - you should get 2 gigs - no matter what. It's finite.
But unlimited data is a different matter. And for those that can't understand or see the difference - there's little use in trying to explain it over and over. You don't get it.
I'm not jailbroken, I don't tether. But it pisses me off that they are wanting to limit data.
I just checked, my data use per month for the last six months is anywhere from 4GB-7GB a month. Mostly because I stream a radio station. Pandora is better at managing data sending it in packets, this app uses straight streaming.
I'll be staying off my wifi at home and at work.
Ok - so you didn't even get the text. You might never get the text - but yet you're still going to have a tantrum and "teach ATT a lesson" ??? Ok - good luck with that.
I never said anything about it being an accident. I also don't think your argument is "clear" unless you have some kind of internal information that the rest of us don't know about.
If it is really that simple to develop "rules and logic engines" to crack down on tethering, why did it take almost a full year (after introducing tethering) to do it? A logical evaluation of network activity (one that can be done by a computer) works in many cases, but there are always instances where it misses things, or triggers a false alert. AT&T is limited in this regard. I also don't see anything special about the mobile hotspot feature that allows AT&T more access to information that it did not have previously. See the rest of my post.
If people aren't being careful about what they are doing online while tethered (for example, they are doing things their iPhones cannot do natively), it's pretty simple for AT&T to see that kind of activity. But someone who is smart about it can probably get by indefinitely.
I think AT&T is starting to panicking about the people who are leaving to go to Verizon. They need to make sure they are milking every dime they can get out of the iPhone users they still have
You missed the point of what I said in my post. For one - I explained why they may have waited. Pretty clearly.
I'm guessing a lot of people here are pissing and moaning about something that hasn't even affected them (yet) and might not ever. Which is even sillier. It sounds like very few (if any) on this thread actually GOT the email/txt.
And to reiterate what I said several posts ago (but so few people read full threads...) that I don't agree with ATT charging twice for people on CAPPED plans. If you pay for 2 gigs - you should get 2 gigs - no matter what. It's finite.
But unlimited data is a different matter. And for those that can't understand or see the difference - there's little use in trying to explain it over and over. You don't get it.
KnightWRX
May 2, 04:35 PM
Is anybody actually bothering to do this in the wild against any OS?
The types of attacks you are referring to are not occurring in the wild on a massive scale. When was the last time you heard about one in the media?
Again, look, if you're not interested in the mechanics, that's fine. Stop replying to me.
My post is inquiring about the mechanics. For the past hour, I've been trying to find how this thing ticks by searching around for in-depth articles (none to find, everyone just points to Intego's brief overview that is seriously lacking in details) or for the archive itself.
If you don't want to take this discussion to the technical level I am trying to take it, just don't participate.
At the moment, there is no way to prevent the kinds of attacks you are referring to on any OS if a vulnerability exists that allows the attacker to exploit a running application.
I don't know of any other Web browser (this is not a OS problem, it's a Safari problem). that automatically assumes executables are safe and thus should be auto-executed.
Webkit2 will reduce access to user space when Safari (or any app using webkit2) is exploited by restricting the privileges of apps on a per app basis.
What does Webkit2 have anything to do with running an installer on the OS after downloading it ? That happens outside the rendering engine's sandbox. You're not quite understanding what this sandbox does if you think this protects you against these types of attacks.
Turn off "Open safe files after downloading" if you are worried about that type of attack implemented via "safe" files.
I think you missed the part where I don't use Safari. I'm pretty far away from allowing it to "auto-run" "safe" files (I choose what I want to run).
Again munkery, I appreciate you taking the time to respond, but I'm not some noob user. You are not answering my inquiries nor helping any here at the level I want to discuss this. I get everything you are saying. I've been getting that level for quite a few years. I'm trying to discuss at another level here. Do you want to participate or not at a higher level where we discuss the actual mechanics of this rather than just starring at the tip of the iceberg ?
The types of attacks you are referring to are not occurring in the wild on a massive scale. When was the last time you heard about one in the media?
Again, look, if you're not interested in the mechanics, that's fine. Stop replying to me.
My post is inquiring about the mechanics. For the past hour, I've been trying to find how this thing ticks by searching around for in-depth articles (none to find, everyone just points to Intego's brief overview that is seriously lacking in details) or for the archive itself.
If you don't want to take this discussion to the technical level I am trying to take it, just don't participate.
At the moment, there is no way to prevent the kinds of attacks you are referring to on any OS if a vulnerability exists that allows the attacker to exploit a running application.
I don't know of any other Web browser (this is not a OS problem, it's a Safari problem). that automatically assumes executables are safe and thus should be auto-executed.
Webkit2 will reduce access to user space when Safari (or any app using webkit2) is exploited by restricting the privileges of apps on a per app basis.
What does Webkit2 have anything to do with running an installer on the OS after downloading it ? That happens outside the rendering engine's sandbox. You're not quite understanding what this sandbox does if you think this protects you against these types of attacks.
Turn off "Open safe files after downloading" if you are worried about that type of attack implemented via "safe" files.
I think you missed the part where I don't use Safari. I'm pretty far away from allowing it to "auto-run" "safe" files (I choose what I want to run).
Again munkery, I appreciate you taking the time to respond, but I'm not some noob user. You are not answering my inquiries nor helping any here at the level I want to discuss this. I get everything you are saying. I've been getting that level for quite a few years. I'm trying to discuss at another level here. Do you want to participate or not at a higher level where we discuss the actual mechanics of this rather than just starring at the tip of the iceberg ?
R.Perez
Apr 15, 01:05 PM
LGBTQ teens are at the highest risk factor for suicide among ANY of their peers. That is why videos like this are more important than say "fat bullying."
parenthesis
Oct 25, 10:27 PM
Apple wasn't very quick at adopting the Core2 chips (which are pin-compatible with Core chips), what would make Clovertown any different?
If history serves as a template for the future, then I wouldn't expect anything new until after the holiday season (even though the Mac Pro isn't a consumer device, companies usually aren't looking to spend money on new machines right before the new year starts)
If history serves as a template for the future, then I wouldn't expect anything new until after the holiday season (even though the Mac Pro isn't a consumer device, companies usually aren't looking to spend money on new machines right before the new year starts)
SandynJosh
May 2, 04:06 PM
You're not quite understanding what I'm saying or the situation here. Safari auto-downloads a zip file, runs it through Archive Utility which extracts something and then runs it.
It happens to be an installer this time. What if next time it's a malicious piece of code ? Why did it auto-execute, under what conditions and could these conditions be used to execute something other than an installer ?
Think a bit beyond the current situation. The malware authors do.
I think I understands what you are saying. However, for the sake of clarity, let me answer your question relating to "why it auto-executed." The Safari protection level needs to be set to "Allow 'Safe' files to be opened."
This allows the Archive Utility to open the .zip file which contains the installation file to begin execution. Had the user not allowed this action, the file would never had made it to the user's computer without the user deliberate allowing it to be downloaded.
Once the installer is running, it still needs the user to enter and password and authorize the installer to install the software. If the user doesn't have the computer's administrator password, then once more the malware is blocked.
To address your other question, as to what conditions could malicious code get into OSX:
1. First, the file would need to be considered "safe" to be allowed to auto-download and auto-open, AND the browser would need to be set to allow this.
2. Then, like the case with the installer above, it would need to seek the user's permission to be installed. This again, required the complicity of the user, who would still need the administrator's password.
It happens to be an installer this time. What if next time it's a malicious piece of code ? Why did it auto-execute, under what conditions and could these conditions be used to execute something other than an installer ?
Think a bit beyond the current situation. The malware authors do.
I think I understands what you are saying. However, for the sake of clarity, let me answer your question relating to "why it auto-executed." The Safari protection level needs to be set to "Allow 'Safe' files to be opened."
This allows the Archive Utility to open the .zip file which contains the installation file to begin execution. Had the user not allowed this action, the file would never had made it to the user's computer without the user deliberate allowing it to be downloaded.
Once the installer is running, it still needs the user to enter and password and authorize the installer to install the software. If the user doesn't have the computer's administrator password, then once more the malware is blocked.
To address your other question, as to what conditions could malicious code get into OSX:
1. First, the file would need to be considered "safe" to be allowed to auto-download and auto-open, AND the browser would need to be set to allow this.
2. Then, like the case with the installer above, it would need to seek the user's permission to be installed. This again, required the complicity of the user, who would still need the administrator's password.
Sydde
Mar 11, 11:50 PM
Radiation leaks? In Japan? I hope they have someone keeping an eye out for really, really large reptiles
superslashers
Jun 22, 12:03 PM
What is it with AT&T and dropped calls? They are starting to make people REALLY MAD I think AT&T has to step there game or people are going to go to T-Mobile lol they will just have to unlock there iPhones!
sinsin07
Apr 9, 08:50 AM
Totally agree. The other day I was in the queue at the grocery store and some dude was playing some noob game on his iOS phone... I was like "dude, you should be playing that on a PS3" and he was all "yeah but where would I plug it in and set-up the TV?" and I was like "just use the NGP" and he said "Great, where can I buy that?"
KnightWRX
May 2, 11:36 AM
Huge difference in my experience. The Windows UAC will pop up for seemingly mundane things like opening some files or opening applications for the first time, where as the OS X popup only happens during install of an app - in OS X, there is an actual logical reason apparent to the user. It is still up to the user to ensure the software they are installing is from a trusted source, but the reason for the password is readily apparent.
It pops up when I open Steam. "Steam would now like to auto-update itself, enter your password". Same for all my "auto-updating" apps that are installed system wide.
This conditions the user as much.
Though looking for information on this MacDefender, I'm genuinely curious how the installer "pop-ups". I haven't found anything interesting. Since Archive utility doesn't honor absolute paths in a Zip, how does the little bugger get launched ?
I don't see any preferences in Archive Utility to allow automatic execution depending on what gets extracted. Some posts on the net seem to the suggest that Archive Utility will auto-execute a .pkg that is found in an archive. If that is true, that is a serious concern. I guess I'll just have to actually find this zip file and download it to inspect it.
It pops up when I open Steam. "Steam would now like to auto-update itself, enter your password". Same for all my "auto-updating" apps that are installed system wide.
This conditions the user as much.
Though looking for information on this MacDefender, I'm genuinely curious how the installer "pop-ups". I haven't found anything interesting. Since Archive utility doesn't honor absolute paths in a Zip, how does the little bugger get launched ?
I don't see any preferences in Archive Utility to allow automatic execution depending on what gets extracted. Some posts on the net seem to the suggest that Archive Utility will auto-execute a .pkg that is found in an archive. If that is true, that is a serious concern. I guess I'll just have to actually find this zip file and download it to inspect it.