A tale of two school systems: Windows schools crippled while Mac schools unaffected

“Bowling Green City Schools Technology Coordinator Lee Jordan thought the system

26 Comments

  1. I may not have been “infected” by the latest round of viruses, neigher on my PC or my Mac, but I have certainly been “affected” with 100’s of virus ladden emails arriving in my inbox each day.

  2. ” There is no luck at all involved. Whenever any person or organization considers a Mac rather than Windows as their preferred computer, Mac’s vastly superior virus protection is always a factor in the decision.”

    Don’t get me wrong, I’m the biggest Apple fan out, but the Mac doesn’t have ‘vastly superior virus protection’, it’s just that fewer people write viruses (viri?) targetting them. Unless you have a firewall or anti-virus software on it it’s just as vulnerable to attack as any other computer on a network.

  3. -> Baddog.

    Mac’s are not inherently immune. But you have to intentionally open up the mac’s network port’s to make it as vulnerable as an XP machine is when it comes out of the box.

    Secure programming is expensive, and til now it has not been clear that there is economic incentive for MS in its monopoly position, to pay for it. Up til recently they have been able to charge for the security fixes users insist on in the form of upgrades and subscriptions. MS likes to give the impression that security is a new thing. It is not. I did a computer science degree in the 80s and much of it was on combatting improper access and viruses. Trained programmers understood the principles of secure programming. MS chose not to follow them, in the interest of profits.

    Apple’s history has been different. Apple was networking its machines in school environments from nearly day 1. While security probably wasn’t priority 1, it was one of the features the Apple built-in to the now ‘classic’ mac-os because school-staff needed their machines to be secure from students. Old Mac’s were basically un-hackable over a network unless the user opened up the machine.

    Unix’s history of open source and peer review has also made it very secure. Clever CS students have been searching the source code for vulnerabilities and causing mischief where they can since Unix’s beginning. Again, unless its ports are intentionally opened, there just isn’t a whole lot you can do.

  4. Windows is so crummy that even the virii written for it has bugs. Not kidding, the sobig.f and the MSBlast worms have bugs.

    I’m really fed up with having my inbox full of random emails from infected Win32 machines. It affects me as a Mac user, especially when downloading mail from dialup.

  5. OK, I stand corrected on the vulnerability on a network issue, but surely ‘Mac’s vastly superior virus protection’ is overstating it a bit? Where is this virus protection?

  6. No, the Mac doesn’t have “vastly superior virus protection” because it doesn’t need it.

    Our friends at the world’s biggest software monopoly, um, I mean software company blindly surged forward in the mid-to-late nineties to win the browser war. They did so by having all kinds of stuff in the core OS integrated with the browser (i.e. file browsing, viewing, outlook, office, remote execution of code, remote messaging, etc…). Unfortunately, they were in such a rush that the millions (count them millions) of lines of code they wrote we’re very, very, buggy.

    It is these millions of lines of rushed code that are MS Windows achilles heel. Unfortunately, all kinds of software (MS and other) now depend on all of the functions inside this buggy code, so MS can’t drop it with out wrecking the computing environment of thousands of corporate customers. Also, unfortunately, debugging millions of lines of code after the fact is also darn near impossible.

    So all MS can do now is put on a big show about how dedicated they are to stomping out bugs (read trustworthy computing), when all they’re actually able to do is wait for the next bug to show up and try to fix it ASAP.

    Mac OS X on the other hand, keeps the core OS and any software services very distinct and separate. Most of the core OS (ie the unix kernel) has been stable and largely bug-free since before MS even started the browser wars. Any services like remote messaging, file browsing, email, calendar synchronization, etc. is instead provided by independent software that is in no way part of the kernel, and mostly doesn’t even run as root. Contrast this to MS where almost all software runs as “system” which is the equivalent of the OS X root user. This means most any Windows application has total authoritative rights to the PC it’s running on, including absurd things like media players and IM clients.

    So no, OS X doesn’t need “superior virus protection” because it is fundamentally more immune to viruses than any of the Windows products.

  7. Nothing overstated about it. (And even if there was, are you willing to lose data over it, or just fearful that Macs will suddenly gain 50% markershare overnight?)

    The virus protection is inherent in OS X being a secure, well-designed–UNIX-BASED–system. Without Microsoft-created flaws.

    Other UNIXEs that have been widely used for YEARS still don’t have these problems like Windows does. Yes, there are a FEW UNIX viruses or worms, but far fewer–and they are obviously not wreaking this kind of havoc seen by Windows schools, businesses, and govt. offices.

    Somedat, maybe when Macs are more widely known, we WILL have the occasional virus. But never anything like we’ve seen this week.

    Proof–check out US DOE security bulletins by OS:
    http://www.ciac.org/ciac/bulletinsByType/bul_vendor_list.html

    And remember that OS X is based on open-source FreeBSD. Patches and fixes developed by the UNIX community can be used by Apple.

    There are also some very interesting, detailed, and technical threads about UNIX security over in the article comments at maccentral.com recently. It sounds like attacking UNIX is a MUCH more difficult prospect, requiring more technical know-how, than attacking Windows.

  8. The more inherent security comes from the OS.
    Windows COM architecture allows a worm/virus to order certain actions to ANY Windows application without having to know their details.

    Unix (and OS X hacking) require the virus writer to know a hell lot of all APIs of anything he’d like to use once in.

    It is not like being able to simply ask Winzip to unzip the virus .zip file, install itself in the registry and launch the executable while asking Outlook to access all its address book and send a replica of itself to all addresses.

    With COM you just ask – once in – the system to do that.
    In Unix (and OS X) you have to know in details what is available, their API, probably do some format transformation, crack the encripted root password otherwise most tools would reply “Sorry, not enough security permission”.

    BadDog, do you think that even if you get into my OS X are you able to encript my 128bit encripted root password?
    Oh yes, not to forget that unless I told OS X differently the root user is disabled.

    So yes, it is vastly inherently more secure. Time for people to realize that.
    Cracking a Unix system is vastly more complex than cracking Windows.
    Sorry, this is something it TRULY is time to keep telling Windows users: it is not visibility! It is because it is so frigging easy to crack, STOOPID.

    PS
    Not you BadDog, just the average Windows user behind the visibility-shield.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.