But there’s still processes running as root, right, even though you can’t simply become the root account casually?
I get regular reports of yet-another hole discovered in some root processes for various *nixes.
I’ll have to open up my laptop and
ps
at a CLI prompt to be sure, but I think most system processes belong to different users and are in different groups than root. Regular users are not running as root, and thus there is less chance of users inadvertently admitting malware and then the malware running with full privileges. It’s not perfect, just more secure than systems where the user is administrator by default.
That’s not to mean that Macs are perfect or anything; I have several annoyances with mine:
If I’m looking at a lot of pictures and movies from a DVD or CD, eventually some process will not release the disc even if I close all apps, and I can’t eject the disc. I have to relaunch the Finder; the disc is released, and I can eject it.
Last night I put a possibly-defective DVD in the drive, and the system got stuck in a loop of trying to seek and failing. I couldn’t eject it, and I had to restart the finder.
I guess this all comes down to one thing I really wish Macs had: an independent manual mechanical or soft eject on the DVD drive.
But it’s still a huge step up from my home-built PC. Ninety-nine percent of the time, my Mac does Just Work.
I used to have a home built- my tech buddies built it out of spare stuff. It worked fine, for the price. I other words, I had some problems, but I wcould work aroun dthem
Now I have a new Fujitsu, and it also “Just Works”. 100%. All the time.
I think one of the problems in PC- land is where a computer is assembled out of many different parts by many different companies.
If your dad wasn’t trying to cheap out on his machine you wouldn’t see this.
Funny thing is, this is what happens when you buy from a bix box store, find a local shop, tell them what you want, you get none of this. Of course you will pay more but thats what happens if you want it to “just work” like the PC’s I build for my customers, zero nagware, zero activation and registration BS, zero 30 day trials. Of course my systems start around $700 and I regularly hear “I can get that for $400 at ChumpUSA”. Half of them end up calling me when they have a problem because its too much of a hassle to get help after the sale.
the are you positive you want to uninstall AOL, yell at AOL, the manufacturer did not write AOL’s nag screen.
Registration is still optional, they still send out your updates…and they don’t charge you for them…
If you want to bitch about something pick on the commoditizaion of computers by big box vendors with piss poor and or highly restrictive warranties. I know my machines are pricey, I also know they are worth it, if only because when you need help, one of my guys comes out and fixes it, or picks it up, fixes it, and brings it back.
What made you think I wanted to bitch about something?
I’m also not a cheapskate. That’s why I buy Mac. It’s worth the extra money to me. Apple has very good warranties with their products as well.
But I wasn’t complaining… I was merely describing why, to me, Macs are well worth the extra money. You start at $700, Macs start at $600. I’d lean towards Mac.
My point was I’m not interested in custom-built machinery or, really, even that interested in working on a computer. I’m interested in MAKING STUFF, and the computer is the tool I use to do that. If I can avoid driver issues, registration, Windows Genuine Advantage Signing, service packs, spyware, security issues… well, that makes my life and my computing experience more pleasant. I’m not trying to bitch, just trying to explain why I prefer my Mac.
Well, ps -aux on my Mac gives the following:
<computer_ID>:~ sunspace$ ps -aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
sunspace 298 5.2 5.4 317104 56172 ?? S 9:18PM 8:01.01 /Applications/iTunes.app/Contents/MacOS/iTunes -psn_0_3932161
sunspace 314 1.5 1.1 229072 11956 ?? R 9:41PM 0:02.97 /Applications/Utilities/Terminal.app/Contents/MacOS/Terminal -psn_0_419430
sunspace 198 0.6 0.9 227936 9740 ?? S 9:16PM 0:12.94 /System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUISer
windowse 61 0.6 5.5 260320 57152 ?? Rs 9:15PM 1:33.34 /System/Library/Frameworks/ApplicationServices.framework/Frameworks/CoreGr
sunspace 296 0.6 2.7 295796 28512 ?? S 9:18PM 0:23.37 /Applications/Adium.app/Contents/MacOS/Adium -psn_0_3670017
sunspace 297 0.3 3.9 307036 40608 ?? R 9:18PM 0:26.68 /Applications/Skype.app/Contents/MacOS/Skype -psn_0_3801089
sunspace 293 0.1 7.4 352932 77172 ?? S 9:18PM 3:12.81 /Applications/Firefox.app/Contents/MacOS/firefox-bin -psn_0_3538945
root 36 0.0 0.1 27580 612 ?? Ss 9:15PM 0:00.15 /usr/sbin/netinfod -s local
root 37 0.0 0.0 27288 428 ?? Ss 9:15PM 0:00.05 /usr/sbin/syslogd
root 40 0.0 0.2 30032 1968 ?? Ss 9:15PM 0:01.11 /usr/sbin/configd
root 41 0.0 0.4 34672 3896 ?? Ss 9:15PM 0:00.17 /usr/sbin/coreaudiod
root 42 0.0 0.1 27776 1156 ?? Ss 9:15PM 0:00.12 /usr/sbin/diskarbitrationd
root 43 0.0 0.1 28324 660 ?? Ss 9:15PM 0:00.01 /usr/sbin/memberd -x
root 44 0.0 0.2 29240 1972 ?? Ss 9:15PM 0:00.13 /usr/sbin/securityd
root 47 0.0 0.0 27864 488 ?? Ss 9:15PM 0:00.08 /usr/sbin/notifyd
root 48 0.0 0.3 31544 3148 ?? Ss 9:15PM 0:00.31 /usr/sbin/DirectoryService
root 49 0.0 0.1 27676 888 ?? Ss 9:15PM 0:00.12 /usr/sbin/distnoted
root 53 0.0 0.0 27252 240 ?? Ss 9:15PM 0:02.09 /usr/sbin/update
root 68 0.0 0.2 37860 2560 ?? S 9:15PM 0:00.14 /usr/sbin/blued
root 69 0.0 0.9 41912 9140 ?? Ss 9:15PM 0:00.43 /System/Library/CoreServices/coreservicesd
sunspace 72 0.0 0.4 67752 4548 ?? Ss 9:15PM 0:00.94 /System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.fr
sunspace 73 0.0 0.5 210276 5208 ?? Ss 9:15PM 0:00.44 /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow co
root 88 0.0 0.0 27252 228 ?? Ss 9:16PM 0:00.00 /usr/libexec/crashreporterd
root 131 0.0 0.7 45968 7572 ?? Ss 9:16PM 0:04.32 /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.fram
nobody 135 0.0 0.3 39856 2752 ?? SNs 9:16PM 0:00.19 /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.fram
root 137 0.0 0.1 29204 1384 ?? Ss 9:16PM 0:00.27 /usr/sbin/lookupd
root 151 0.0 0.0 27740 432 ?? Ss 9:16PM 0:00.15 ntpd -f /var/run/ntp.drift -p /var/run/ntpd.pid
root 165 0.0 0.0 29312 204 ?? Ss 9:16PM 0:00.00 nfsiod -n 4
root 174 0.0 0.0 27312 216 ?? Ss 9:16PM 0:00.00 rpc.lockd -w
root 177 0.0 0.1 30368 1452 ?? Ss 9:16PM 0:00.12 /usr/sbin/automount -f -m /Network -nsl -mnt /private/var/automount
root 181 0.0 0.1 29424 1216 ?? Ss 9:16PM 0:00.03 /usr/sbin/automount -f -m /automount/Servers -fstab -mnt /private/Network/
sunspace 188 0.0 0.4 203220 4088 ?? S 9:16PM 0:14.08 /Library/Application Support/Tablet/WacomTabletDriver.app/Contents/MacOS/W
sunspace 189 0.0 0.2 56328 2580 ?? Ss 9:16PM 0:00.37 /System/Library/CoreServices/pbs
sunspace 195 0.0 0.7 70064 7568 ?? SNs 9:16PM 0:01.63 /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.fram
sunspace 196 0.0 0.4 200072 4316 ?? S 9:16PM 0:01.23 /System/Library/CoreServices/Dock.app/Contents/MacOS/Dock -psn_0_917505
sunspace 197 0.0 0.2 199420 2364 ?? S 9:16PM 0:00.05 /Library/Application Support/Tablet/WacomTabletDriver.app/Contents/Resourc
sunspace 199 0.0 1.4 240036 14892 ?? S 9:16PM 0:04.55 /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder -psn_0_13107
sunspace 205 0.0 0.7 219568 7780 ?? S 9:16PM 0:00.44 /Library/PreferencePanes/Growl.prefPane/Contents/Resources/GrowlHelperApp.
sunspace 206 0.0 0.3 209576 2692 ?? S 9:16PM 0:00.08 /Applications/iTunes.app/Contents/Resources/iTunesHelper.app/Contents/MacO
sunspace 207 0.0 1.9 234184 19484 ?? S 9:16PM 0:02.54 /Applications/Quicksilver.app/Contents/MacOS/Quicksilver -psn_0_1703937
sunspace 208 0.0 0.4 209884 4332 ?? S 9:16PM 0:16.00 /System/Library/PreferencePanes/UniversalAccessPref.prefPane/Contents/Reso
nobody 209 0.0 0.1 27624 600 ?? Ss 9:16PM 0:00.01 /System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resour
sunspace 212 0.0 0.4 205192 4284 ?? S 9:16PM 0:00.13 /Applications/iCal.app/Contents/Resources/iCalAlarmScheduler.app/Contents/
sunspace 213 0.0 0.4 214544 4300 ?? S 9:16PM 0:01.09 /Applications/FuzzyClock.app/Contents/MacOS/FuzzyClock -psn_0_2359297
sunspace 214 0.0 1.2 304252 12088 ?? S 9:16PM 0:13.50 /Applications/EPSON Scanner Monitor.app/Contents/MacOS/EPSON Scanner Monit
sunspace 216 0.0 1.4 318300 14896 ?? S 9:16PM 0:12.57 /System/Library/Image Capture/Devices/TWAINBridge.app/Contents/MacOS/TWAIN
sunspace 221 0.0 1.2 203408 12600 ?? S 9:17PM 0:00.09 /Users/sunspace/Library/Caches/Cleanup At Startup/CrossOver CD Helper.app
sunspace 240 0.0 0.4 205716 4104 ?? S 9:17PM 0:00.23 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ImageCap
sunspace 289 0.0 2.2 241768 22980 ?? S 9:18PM 0:05.43 /Applications/Mail.app/Contents/MacOS/Mail -psn_0_3407873
sunspace 306 0.0 0.2 38676 2308 ?? S 9:26PM 0:00.13 /System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell -psn
root 340 0.0 0.1 27576 664 p1 Ss 9:49PM 0:00.01 login -pf sunspace
sunspace 341 0.0 0.1 27728 792 p1 S 9:49PM 0:00.01 -bash
root 350 0.0 0.0 27316 440 p1 R+ 9:50PM 0:00.00 ps -aux
root 1 0.0 0.1 28356 564 ?? S<s 9:15PM 0:00.11 /sbin/launchd
root 21 0.0 0.0 27268 188 ?? Ss 9:15PM 0:00.00 /sbin/dynamic_pager -F /private/var/vm/swapfile
root 25 0.0 0.1 28296 1172 ?? Ss 9:15PM 0:01.28 kextd
root 33 0.0 0.1 27824 860 ?? Ss 9:15PM 0:00.01 /System/Library/PrivateFrameworks/DedicatedNetworkBuilds.framework/Resourc
root 34 0.0 0.1 27844 644 ?? Ss 9:15PM 0:00.02 /usr/sbin/KernelEventAgent
root 35 0.0 0.1 28016 1100 ?? Ss 9:15PM 0:00.09 /usr/sbin/mDNSResponder -launchdaemon
<computer_ID>:~ sunspace$
So it looks like most of the system process are running as root. I guess I was wrong; I don’t know a lot about the guts of Unices anymore.
Well, hang on a sec - you’re not comparing the profusion of wires associated with a desktop PC to the lack of wires associated with a Mac laptop, are you?
If you’re comparing desktops to desktops, then I’ll agree with you that Macs typically require fewer cables (I think it should have been part of the USB standard for devices above a certain size to include a USB passthrough port like Apple keyboards have)
I never get any use out of the USB passthrough on the keyboard, though. That thing doesn’t carry power and so I still have to go behind the tower of a Mac (because apparently keychain USB is or at least was unheard of when these things were built) to plug my USB drive in.
Um, no. I’m a Mac user, not a retard.
So… um… if you agree with me, why did you feel it necessary to call me out like that?
My G5 at work has an internal speaker which sucks, but is adequate for my needs and eliminates the need for that messy “one cable to power 1 cable to computer 1 cable to other speaker” that a lot of setups have. I have 1 USB connection for my keyboard, and the mouse plugs right into that. And then my monitor.
The new guy has a newer monitor with USB ports, so his keyboard and mouse plug into that, which means he’s got exactly 2 cables attached to his computer… power and combo monitor/USB.
iMacs are even easier, especially when paired with a bluetooth keyboard/mouse. Then there’s 1 cable… power.
It’s just another reason I love my Macs. Easy set up, easy to move, and not all that clutter.
I forgot one of the best features of a Mac - the third button click that makes all your open apps appear on the screen at one time so you can switch back and forth between them (I have seven open at the moment). When I go back to a PC, I’m constantly clicking the third button to see everything, and nothing happens! Argh!
FTR, it’s not tough to find monitors with USB passthroughs, with power. I had one with 8 of them, IIRC. (They loved me at LAN parties, lemme tell ya.)
But the $600 Mac you’re referring to is a Mac Mini that doesn’t come with a keyboard, mouse or monitor and isn’t very expandable. If you spend $600 on a PC, you can get the whole thing in a more expandable configuration.
First off, you quoted me out of context so that makes no sense anymore. I was referring to a Doper who said his base price on his custom-built system was $700 for the added convenience he put into it… eliminating nagware, trials, etc., handling the registration. A $600 Mac also has already had that done. That was my only point.
Yes, I think everyone accepts that you can get PCs for quite a bit cheaper than a Mac. For me they’re worth the extra money.
I need to learn how to do this kind of scripting. 
You can get that with a PC running Linux, using Beryl.
Many experts disagree. Here’s one list I remember reading last year, of reasons why the Windows OS is less secure.
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html
Yes and no. The first attack described, the one on the Windows box, is done via a buffer overflow - the attack on the OSX box lays out a straight forward keyboard attack. Apples and oranges, IMO.
CERT tracks and reports on computer vulnerabilities. Typing “buffer overflow” and “apple” into their search engine returns 417 results including overflow vulnerabilities in sendmail and telnetd (which run with root privileges).
Changing the search text to “Windows” and “buffer overflow” returns 570 entries.
Now, acknowledged, there’s repeats and how-to stuff and non-alert things in these returned articles but there’s certainly enough evidence to say that Apple’s OSX has its vulnerabilities.
Here’s another relevant quote from your linked article:
• The UNIX/POSIX API, standard command-line tools and open source tools leave malware unable to hide from a competent OS X administrator. It takes a new UNIX programmer longer to choose an editor than it does to write a console app that walks the process tree listing privileged processes. Finding the owners of open TCP/UDP ports or open files is similarly trivial. The “system” is not opaque.
Bolding mine…
Entirely true statement but OS-X is marketed directly to people as a simple intuitive interface with an engine-compartment-welded-shut ease of use. Running tripwire (like the article suggests) to detect attacks is certainly possible but not one in one-hundred users will do it and even less would be able to interpret the results.
I’m a Unix admin for a living. I’ve bashed Microsoft since v3.0 of MS-DOS. If I had a choice of implementing any of the 5 flavors of Unix I’m trained in or installing OS-X or Windows in my environment I can say that
Windows would be my last choice. It is a vulnerable operating system and is easily hijacked by external users.
It’s also wrong, though, to pretend that OS-X or any other *nix operation system is immune from viruses, trojans, or other attacks. All are vulnerable and all need to be policed and maintained for their protection.
I’d argue that the traditional MAC user is among the least capable of perfoming this policing as it’s never been part of the culture and Apple seems to actively discourage peeking under the hood, so to speak.
OK - Rant over.
To answer the OP, in my opinion, if apple computers lived up to the hype, I’d have an orgasm every time my pinkie hit “enter”.
The author isn’t saying that OS X is immune, he’s listing reasons why it’s more secure than Windows, not just because of “security by obscurity”.
Does your $600 mac come with onsite setup and onsite warranty and an hour or so of instruction of desired?
You claim this huge list of inconveniences with Windows PC’s…amazingly I never hear about them from my customers, because its all done for them. Your preference is based on the inconvenience created by “Value Added Retailers” trying to impress you with a low up front price and backhand you with trialware. HP, Dell, Gateway, etc are not windows, what they add to an install should not be part of how you judge the effectiveness of a windows box, because windows does not come that way.
No, and I don’t want that either.
Like I said earlier… I’m not dumb. I know more about computers than most people, and I’m perfectly capable of setting them up and using them.
An hour of instruction? No thanks… I prefer just turning my Mac on and instinctively knowing how to use it.
Why do I need on site setup with my iMac? I just plug it into the wall and go.
Why do I have to schedule a stranger to come into my home and do something I’m capable of doing myself? I’d rather order online and set it up myself on my leisure rather than wait and pay for someone to do it for me.
Macs fit my life perfectly. I hope everyone sticks with their Windows boxes to be honest… I’m trying to answer the original posts question here: Yes, Mac are worth the hype (and every penny) to me.