Snow Leopard Snubs Document Creator Codes:

(When you “double-click”, how the System (OS) understands “what” to open)

“When you double-click a document in the Finder, how does the system decide what application should open it? The relationship between a document and its owning application is called a preferred application binding. Since the very first day of the very first version of Mac OS X, there has been an uneasy detente between the Unix way of binding documents to applications and the former Mac way, inherited from the early days of the Mac OS. Now, in Snow Leopard, users and developers are complaining that the Unix way is being allowed to run roughshod over the Mac way.”

http://db.tidbits.com/article/10537

Document Creator Codes •Apple

http://en.wikipedia.org/wiki/Creator_code

Magic Numbers •UNIX:

http://en.wikipedia.org/wiki/Magic_number_(programming)

Me – Bitching.

http://www.apple.com/feedback/macosx.html

To Apple Feedback:

We understand Document Creator Codes are antiquated. But if you are going to get rid of them and kill ALL our spare time with “fixing” this on EACH machine, at least make the Magic Numbers the substitute rather than breaking functionality and making it default to “Open Generic” document. This, or allow some way of divining a difference of application binding that is universal (assuming this is your all’s direction).

We love the code review you’ve executed with Snow Leopard – 10.6.x (we miss the PPC (POWER6 Builds?).
We understand the direction you all are heading, but see you sawing off the limb you’re sitting, we’re standing underneath oblivious, but impressed, none the less.

:-)

Saying Windows is more secure than it’s competitors because of the number of security features it has is akin to saying a centipede is the worlds fastest animal because of the number of legs it has.

Please warn us when you are going to say something like this, I nearly ruined the keyboard on my MacBook, as I was drinking coke at the time.

Feel free to run A/V software if you want. You feel safer and that alone makes it worth the effort. No one here thinks you’re wrong to do this. 

However, I choose not to do so for the following reason. 

The different architecture of Windows when compared to OSX and Linux means I currently cannot unwittingly be a victim of a virus as it cant self execute and if it does execute it’s very hard for it to damage my system significantly. Any viruses found by an A/V scanner on my system are likely just sat there twiddling their fingers with nothing to do as its access is severely limited. It also cannot self propagate via Mail.app etc due to the same limited access. 

Any system changes need explicit password enabled permission directly from myself. Windows doesn’t require my permission to alter system files. It merely requires the virus to contain code which can alter system files. This is improved on but not changed by UAC in Vista/7 and is the reason people write viruses for Windows. Monitary gain is only half the story.    

Because of this, viruses for Unix based systems require a level of technical finesse which is not commonly associated with virus writers. Unix systems effectively sandbox running programs by requiring superuser permission to alter system files. Even if it gets my permission it still requires further permission to alter the files of any other user registered on my computer. These hoops to jump through are what prevents viruses from self propagating in the wild for Linux and OSX. 

Due to this, Mac users are not deluded if they think their computers are more secure. From out of the box a Mac is significantly more secure than any hardened Windows machine. Not just against virus attack but in greater ability to contain viruses with no extra effort  You also cannot escalate user priviledges as easily in Unix based systems. You need the user to allow you access. 

Trojans, such as those your friends fell victim to are another issue. They rely on user ignorance and have to be enabled and installed by a user. They are essentially user exploits, not sydtem ones. User ignorance is ubiquitous across all systems and so is a moot point. However, OSX is inherently better equipped to combat this than both Windows and Linux (Linux doesn’t have as many user friendly warning messages). OSX’s Linux-esque architecture prevents the Trojan causing serious system-wide damage even when it’s sucessful at fooling it’s way into the system and hiding from the user as it can only make changes when authorised by the user. In Windows, all a Trojan has to do is be downloaded. A well designed one can do all the rest itself. 
It’s true that Windows has more security specific featured than OSX and Linux but due to it’s design it’s still far more insecure than either despite these. Saying Windows is more secure than it’s competitors because of the number of security features it has is akin to saying a centipede is the worlds fastest animal because of the number of legs it has. 

I realise you never said this but it has been said by many of the ’security experts’ that you trust. Mac security is not through anonimity or insignificance. It’s through time and effort required for a lower reward. People in the malware business are above all in business. Macs require significant expertise and overhead for much less money than the far easier to exploit Windows. Most people concentrate on the market size and money part of the equation where it’s really the effort required to write effective malware for Unix type systems which is the actual clincher. The Mac market may be smaller but with effective malware it’s still worth a lot of money. 
User ignorance is unavoidable and the sole reason why all systems definitely have some security holes and will never be totally secure. OSX and Linux both protect the ignorant user more than Windows does though.  

Whatever, I am running AV/FW on my machine. If you feel safe not running them, that is completely your decision :)

“Apple fixes more bugs
The Iphone and Quicktime are swiss cheese ”

http://www.theinquirer.net/inquirer/news/1533073/apple-fixes-bugs

“iPhone anti-phishing protection goes AWOL
It just doesn’t work”

http://www.theregister.co.uk/2009/09/10/iphone_antiphishing_failure/

Oops, yes, 18 months old QT bug only that and nothing else.

If you put your appendage into a guillotine, but nobody pulls the lever, doesn’t make your appendage uncutable, it makes it insignificant. That is not SAFE, that is UNSAFE, but INSIGNIFICANT. If your only protection against a guillotine is being insignificant, then you are not just insignificant, you are ignorant as well.

[Things get fixed because they need attention. Just because there is some theoretical flaw doesn't mean that it warrants being prioritized in front of more important issues. The Reg/Inq are both joke sites. They are reporting issues without context nor with any understanding of the situation.

The issue of anti-phishing is particularly retarded given that its based on Google's Safe Browsing service. If it isn't working, maybe its because Google isn't working right. See photo:

- Dan ]

I’ve talked to a lot of Windows programmers, in fact I spent most of a week trying to convince a friend that his application should not, and should never had used the Registry. His final response was, “Well, Microsoft recommends it.”
I like John, but I have to say, he’s not that bright.
As to Mac Malware, yeah, it isn’t going to be a big issue. One point that Daniel skipped was Microsoft’s design philosophy for Windows, which was that Microsoft Software is special, is treated special, and has access that it shouldn’t have. No other operating system is designed this way, which is why Linux, Solaris, BSD, and OSX are virtually impossible to write a virus for. Oh, you can write a Trojan, but Virii are a particularly Windows problem.

Gotta say – I don’t see much factual basis for your paranoia, but if I were a woman, I’d feel much safer going to bed with you.

I guess you are saying Microsoft got too big for its breeches.

;-)

So, everyone, install this: http://rentzsch.github.com/clicktoflash/