On 17 Apr 2005 at 9:20, Dennis Bathory-Kitsz wrote: > Macs have a psychological advantage in that there's little interest in > writing malware for them -- you don't get cred for if you don't have > widespread impact. With Windows on most of the world's desktops, all > hell can break loose, with instant glory for script kiddies and lots > of money to be made for the unscrupulous data hacker.
Well, while I agree with your basic point, I have to say that the advantage Mac users enjoy now that OS X is the default OS is more than just psychological. OS X is configured with defaults that make it safer out of the box than Windows. Windows could be just as impervious to a number of exploits as OS X if Microsoft only shipped it that way. But MS chose not to do so, and shows no signs of changing their stupid ways. The good news is that it's very easy to keep safe on Windows, as Dennis outlined. It sounds like a lot, but it's really not, as it's the kind of thing you set up and then completely forget about. One thing I *will* differ with is Dennis's reference to "monitoring your attachments folder." That clearly shows that he's using Eudora, which is the only email client I know of that decodes attachments and stores them in the file system upon arrival of email. I consider this to be a *very* bad design flaw in Eudora, as anyone can accidentally execute malicious payloads that are stored in the file system, which could never happen with an email client that doesn't decode the attachments until requested. An example: I get 200 or so spam messages a day, of which 20 or more have malicious executable payloads (some days it's more, some days, less). My email client (Pegasus Mail), simply files them in my SPAM folder, where I review them to catch any false positives and then file them for scanning by SpamAssassin (to further train my spam filter, something I do only once ever couple of weeks). The attachments never get executed because I never open any of these email messages. And even if I *did* open them, I'd have to explicitly request that the attachments be executed -- they won't be decoded until that point. With Eudora, all 20 of those payloads will be decoded into executable form and dropped in the designated attachments folder, where the unknowing user may accidentally execute them. I've had clients do it, so I know exactly what can happen. With one client, I've forbidden her from even looking at the attachments folder and I periodically prune it for her. The fact that it's saved in the file system means that you've got to make a second copy if you want to store a legitimate attachment somewhere else on your system. Or, you have to use Windows Explorer to move it. That involves dragging and dropping, or clicking on the executable at least once, and sometimes non-swift mouse users doubleclick. I think it's an extremely poor design and it's one of the main reasons I've directed my clients away from Eudora in the last few years. If there were some advantage to it, I might think differently, but I can see no benefit at all from having all attachments decoded automatically and saved in the file system, whether you need them or not. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list Finale@shsu.edu http://lists.shsu.edu/mailman/listinfo/finale