New Apple iMac Pro - 18 cores, built for the pros

Configure and optimize you computer for Audio.
Post Reply New Topic
RELATED
PRODUCTS

Post

robotmonkey wrote: What is exactly wrong with this statement?
You didn't mention that:
robotmonkey wrote:the attack was targeted at Windows 7 machines.
Windows 7 is an outdated OS. Remaining on an outdated OS, regardless of outdated Windows or macOS, is always a security risk.

Software vendors patch vulnerabilities. That also means that the vulnerabilities and mechanisms of exploit go public when the patch is released. Using an already known weakness against unpatched computers is much easier than coming up with a new, previously unknown way to compromise a system.


Using an OS that is 8 years out of date, like Windows 7 or Mac OS X 10.6, shifts the responsibility for being exploited from the software manufacturer to the user.

Post

Windows 7 is a supported OS until 2020 by the way.
No signature here!

Post

robotmonkey wrote:Windows 7 is a supported OS until 2020 by the way.
Never said it wasn't 'supported'. I said any OS from 2009 is hopelessly outdated in 2017, and a security risk.

Post

double post

Post

stratology wrote:
robotmonkey wrote:Windows 7 is a supported OS until 2020 by the way.
Never said it wasn't 'supported'. I said any OS from 2009 is hopelessly outdated in 2017, and a security risk.
So even if an OS gets security, and other fixes, it is hopelessly outdated and a security risk? Well that makes sense. :)

Post

stratology wrote: I said any OS from 2009 is hopelessly outdated in 2017
A claim like that requires evidence. Scientific definitions for 'hopeless' and 'outdate' will be accepted, as well as metrics for the measurement of these things, plus relevant studies. Cheers.
and a security risk.
Any OS is a security risk, to one extent or another.
However, an older OS that's still being patched is not intrinsically less secure than one that is merely newer, especially amongst iterations of the same family which share legacy code.
After all, a 2009 version of openBSD is still more secure than Sierra.
An idiot on Set Theory:
"In some cases there is an object called red that contains everything that is red. In much the same way a pot is a plate."

Post

stratology wrote:Using an OS that is 8 years out of date, like Windows 7 or Mac OS X 10.6, shifts the responsibility for being exploited from the software manufacturer to the user.
What an interesting state of affairs. Does this happen at exactly 8 years, or does this shift in responsibility happen earlier? And what's the break point at which responsibility is shared equally? Im asking as someone who runs an AD at a site with more than fifteen thousand users, you see, and this news is of concern, given that it seems Enterprise Win10 isnt yet deemed suitable for mass deployment within our organisation.

Is this responsibility enshrined in the EULA, or some point of law, by the way? Or is it just some unspoken agreement that users and developers have come to in the past fifty years that Ive managed to somehow miss? Could we get some references to this, I'd sure like to read up on it.

Presumably, wherever this 'shift' has been codified, the OS developer would be expected to support the user becoming responsible for patching vulnerabilities in their OS, by providing them with the same capabilities to do so as they themselves have, ie full access to source code and internal development tools and documentation, yes?
An idiot on Set Theory:
"In some cases there is an object called red that contains everything that is red. In much the same way a pot is a plate."

Post

whyterabbyt wrote:Does this happen at exactly 8 years, or does this shift in responsibility happen earlier?
Do I really have to explain this??

The older any OS gets, the more exploits are available for that OS, and the more machines are available that are unpatched, due to user negligence.

Also, new OS releases have new architectural security features that older OSs lack, and that cannot be replaced by patches. Examples are System Integrity Protection, any changes to the permissions system, file system changes (like the recent change to the more secure APFS on iOS devices), etc.


In a thread about new iMacs, a Windows user mentions the Wannacry worm that infected 230,000 Windows computers, and exactly 0 machines running macOS.
And, somehow, that's an advertisement for Windows, because, in theory, W7 is still getting patched, and in unicorn fantasy dream land Wannacry would never have infected these imaginary patched machines that are just as secure as any Mac.

Post

whyterabbyt wrote:Im asking as someone who runs an AD at a site with more than fifteen thousand users, you see, and this news is of concern, given that it seems Enterprise Win10 isnt yet deemed suitable for mass deployment within our organisation.
Off topic, but fun: check 2 things:
- are reverse DNS zones configured for all the servers?
- do any servers have .local hostnames?

These are, to my knowledge, the most common giveaways to find out if a Windows sysadmin knows what he/she is doing.

Post

stratology wrote:
whyterabbyt wrote:Does this happen at exactly 8 years, or does this shift in responsibility happen earlier?
Do I really have to explain this??
Yes, and please be very specific about the relationship between the 8 year time period and the shift of responsibility to the user, with references, as I asked.
The older any OS gets, the more exploits are available for that OS
And the older it is the more of its exploits will have been patched. Now, exactly how does that relate to your actual assertion? The one about the 8 year thing and a shift of responsibility from the developer, etc etc, if you'd forgotten.
, and the more machines are available that are unpatched, due to user negligence.
So you're saying that, over time, the accumulated instances of a lack of user responsibility cause a shift in responsibility to the user?

I don't think that's really the best way to support your assertion. Some facts would be better, especially regarding that shift of responsibility thing, and the 8 years.
Also, new OS releases have new architectural security features that older OSs lack, and that cannot be replaced by patches.
Yes they can indeed. And new architectural features can have new exploits that older systems dont have.

But hypothetical new architectural security features for a new revision of an OS dont actually have anything to do with the security of the older OS, the effectiveness of its existing security, or what time period it takes for a 'shift in the responsibility' for preventing that older system from being exploited to the user, even while that system is still being supported by the developer
So could you maybe address that, instead of throwing up stuff that's not actually relevant.
An idiot on Set Theory:
"In some cases there is an object called red that contains everything that is red. In much the same way a pot is a plate."

Post

You're not being serious, right? You deliberately try to misunderstand and misinterpret what I'm saying.


Feel free to provide a better explanation why Wannacry compromised mostly W7 machines, rather than W10 machines or macOS machines.

Also, feel free to provide information why there are no botnets consisting of Macs. (Unless it's some long disproven 'security through obscurity' BS - in that case, don't bother..).

According to your logic, new security features in OS upgrades don't really improve security. Brilliant.

Post

stratology wrote:You're not being serious, right? You deliberately try to misunderstand and misinterpret what I'm saying.
Well, here's what you were saying.
stratology wrote:
Using an OS that is 8 years out of date, like Windows 7 or Mac OS X 10.6, shifts the responsibility for being exploited from the software manufacturer to the user.
And Im pointing out that nothing of what you've said in reply to me talking specifically about that statement actually relates to the hypothesis contained within.

If you're trying to pretend Im disagreeing that later OS's should benefit from improved security features, that's just dishonest. Im just looking for specific evidence of the specific claim you specifically made that stated that the age of an OS was the single factor that determined who responsibility for security lay with.

Surely that's not hard, is it?
Feel free to provide a better explanation why Wannacry compromised mostly W7 machines, rather than W10 machines or macOS machines.
No, I'd rather you just addressed the thing I asked you to address, ie very specifically tying of the exact age of a supported OS in years to a shift in responsibility against exploits to the user from the developer.
Also, feel free to provide information why there are no botnets consisting of Macs. (Unless it's some long disproven 'security through obscurity' BS - in that case, don't bother..).
No, I'd rather you just addressed the thing I asked you to address, ie very specifically tying of the exact age of a supported OS in years to a shift in responsibility against exploits to the user from the developer.
According to your logic, new security features in OS upgrades don't really improve security. Brilliant.
No, I havent made any statements that can be used to make that assertion, so that's not really my logic, just your fallacious argument . I can only presume you dont fully understand the term 'logic.'
An idiot on Set Theory:
"In some cases there is an object called red that contains everything that is red. In much the same way a pot is a plate."

Post

OK, very slowly, so everyone can comprehend.

8 years ago, Mac OS X 10.6 was released.

The current version of macOS is 10.12.

There have been 6 full OS releases since then.

Any release older than the current release is 'outdated'.

The term 'hopelessly outdated' is an appropriate description for an OS that is 6 releases behind, and missed structural security updates of each of the 6 releases, IMHO.


Here is a chart of macOS release adoption.
The current release, macOS Sierra, has been adopted by over 50% of Mac users since its release 9 months ago.
The release from 8 years ago, 10.6, is used by so few people today that it does not even show up in the distribution chart (the next lowest, Lion, with around 3% remaining users, is listed).


So, from a Mac user perspective, OSs that are as old as the 10.6 release which is used only used by a small single percentage (probably <1%) are 'hopelessly outdated'.


OSs that missed out on new security features of 6 full releases are much less secure than the current release (even though 10.6 has a better security record - meaning fewer actual compromised machines - than any Windows release).



Recently, over 230,000 computers running Windows 7 were compromised by Wannacry. 0 Macs, regardless of how old, were compromised.


Windows users will find any excuse to distract from that simple, irrefutable fact. See above.
And use threads about new Apple hardware to advertise their freshly exploited software.

Post


Post

Looking at where things have gone, this thread turned out pretty much like I predicted :). It's hilariously painful, hah. Just a few notes, on all of these tangents that have sprung up:
stratology wrote:So, from a Mac user perspective, OSs that are as old as the 10.6 release which is used only used by a small single percentage (probably <1%) are 'hopelessly outdated'.
Mentioning an unsupported, "hopelessly outdated" OS, <1% out of the userbase of that whole OS family, and then likening its condition to a currently still supported and actively security patched OS that was released the same year, illustrates the situation effectively. The "hopelessly outdated" bunch on the supported OS were the ones who didn't have up to date security patches installed, not everyone who were using the OS. So note that the 230,000 cases make up about 0.016% of that OS family's whole userbase.

No compromised machines at all is of course nicer than 0.016% compromised machines because of disabled updates. However, it's also nicer to keep things in a bit more balanced perspective. Instead of cherry picking examples like the 600,000 machine botnet on OSX some years back, with a significantly higher percentage out of all users on that OS family compromised, I must say: stupid debating tactics are one thing, calmly seeing the state of affairs is another. I do think macOS is the better operating system when comparing it to Microsoft's offerings. It's architecturally more elegant and robust. Just please try to be logically consistent with your arguments that are all over the place.

As far as DAW use is concerned, for me, it all comes back to the previously mentioned point. During an actual workday, staying focused inside the DAW software environment, chances are that the functionality and user experience are practically 1:1 the same, no matter which platform you use. If/when that is the case - and remember, macOS can't really be reviewed on its own; instead, you need to be able to agree with the whole package - looking at a high-quality PC setup and an equally high-quality Mac, things that matter to me are something like the following, just a small selection:

http://nordic.businessinsider.com/ssd-s ... ?r=UK&IR=T

https://motherboard.vice.com/en_us/arti ... s-macbooks

https://www.ifixit.com/Teardown/MacBook ... down/92171

I think there are plenty of people who aren't even aware that Apple is actually soldering components like the SSDs in their top of the line models straight into the motherboard these days. And so forth.

So, yep, on the software side it's very nice. On the hardware side it's nice on paper, yet it's the hardware and hardware-related policies I personally object to. I feel like they call into question what can be considered a high quality device in our modern world in the first place. The irony of someone calling critics like me "stuck in the 90s" is, I think they themselves are stuck in the times when Apple still had respectable hardware.

Charging the customers such a heavy premium for things like choosing higher specs for trivially interchangeable components (just try to increase the CPU specs, RAM or SSD in the custom system builder on the Apple site and see the figures) and then delivering it all in a monolithic package that can't be updated, repaired or, ultimately, reused... is something I don't personally subscribe to.

Deep down, I think it's unethical to present systems like this as high quality computers, built for the good of the customer. It's not about being displeased with a premium pricetag, it's about getting less for more from the perspective of the whole modern digital culture and the practices that are condoned therein. I wouldn't want to be associated with such systems or endorsing their use in any way :).

And oh, data for the security discussion for someone to delve into:

http://www.cvedetails.com/vendor/49/Apple.html

http://www.cvedetails.com/vendor/26/Microsoft.html

Ta ta.

Post Reply

Return to “Computer Setup and System Configuration”