More MacWarz: Apple Silliness

Mac OS X is soooo secure that Apple has designed the default setting in the Safari browser to allow “safe files” to download and execute automatically, making it super easy for the “MacGuard” successor to the “MacDefender” malware (that Apple has finally responded to) to install itself on OS X machines running in an admin account session… which an enormous number of Mac users–like Windows users–do.

I guess Apple bought into their own “OS X is secure” propaganda, because when Safari installs on Windows machines it, like all the other mature browsers–and even Internet Exploder *heh*–defaults to asking if the user is sure about downloading a file and warns it could be dangerous.

Oh, but that’s for Windows machines. Have to maintain the fiction of Mac invulnerability, so not gonna do that on OS X machines, no matter how it might endanger the users.

Dumb move, Apple. It’s already caught you with your pants down and until you admit your users need at least a warning, and get the word out widely in your user base, it’s gonna keep biting you on your bare ass.

It is going to be amusing to watch the slow awakening of folks who’ve accused anyone who pointed out the tiniest lil flaw in the Apple fantasy world of “hate speech” or worse when, little by little, their little fantasy world crumbles beneath their feet.

BTW, which OS was hacked first in the Pwn2Own meet recently? Hmmm? 😉 5 Seconds to fail.

On a most basic level the attack exploited Apple’s weak memory protections in OS X Snow Leopard. Microsoft, more popular and more commonly attacked, includes two critical types of memory protection — data execution prevention and robust address space layout optimization (ASLR) — both of which attempt to prevent memory injection attacks. By contrast, Snow Leopard only supports ASLR and the implementation is badly botched according to hackers.

The attack also exploited poor coding in Apple’s branch of WebKit, which features many bugs and security flaws. While Apple’s WebKit branch, which powers its Safari browser, shares a certain amount of code with Google’s WebKit browser Chrome, Google has added much more robust security layers and is less buggy.

Just sayin’.

In past years the contest has been dominated by OS X hacking/security pro Charlie Miller. So it was nice to see a fresh face for a change, though the MacBook was still the first to fall — as usual. Mr. Miller sums up OS X security the best, with his famous remark, “Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.”

Now, before anyone accuses me of “hating on Apple” please note that I’m just stating facts here, ‘K? Apple has deliberately misled folks for years about the security of OS X (not the “the MacBook was still the first to fall — as usual” comment above) and stonewalled AppleCare subscribers with, essentially, “Screw you” when asked for help with the “MacDefender” malware issue, so Apple deserves a swift kick in the ass, as far as I’m concerned. I’ve delivered a few M$’s way from time to time, and it’s only fair that when Apple acts evil that it gets some mud in its eye.

Hot-Cha-Cha!

Well, the (only) four habanero plants I put out this year are getting some great growth (all this rain, I suppose) but not yet flowering. OTOH, one (of the 28 *heh*) jalapeño plants has not only flowered but is bringing on peppers, already. Hot-cha-cha! (You really have to envision Jimmy Durante’s slightly different utterance for that to work properly. 🙂 OK, here…)

The tomato plants are just getting huge; no flowering or fruiting yet. But growing like gangbusters.

And my amaranth, sown from seed–the same seed I cook up for a “cereal”? REALLY growing, fast! Like it! We’ll just have to see how that stuff produces. I’ll likely have to thin the plants out quite a bit, but that just means greens and shoots (and stems to use sorta like rhubarb).

Not much of a garden, but it has things that please us. Oh, and mixed in are marigolds (also a lovely plant) and my Wonder Woman’s impatiens (and the morning glory she loves that I’m letting come back a little). Gone is almost all the mint and finally nearly all the Virginia Creeper. Sadly, our dandelion crop has been sparse this year. I don’t know why. Plenty of wild onion, though. Yum.

Now, how to make best use of all the “yard vine” in the back yard… hmmm… it’s said to make a nice topical analgesic, so…

About That “Scientific Consensus” Thingy…

There are many, many examples of “scientific consensus” being flat out wrong, from the scholastics who derided Galileo and compelled the Catholic church to place him in house arrest (as much to protect him from the Academia Nut Fruitcakes of the 17th Century as anything else… plus ça change and all that, I suppose… ) to the much trumpeted “consensus” about Anthropogenic Whatever-They’re-Calling-It-Today. Here’s Jacob Bronowski mentioning yet another “scientific consensus” in a snippet from his 1973 presentation, “The Ascent of Man”–

Of course, Bronowski was exaggerating a wee tad. After all, J.J. Thomson was working diligently at that time to prove the existence and properties of electrons, which he called “corpuscles”, and others were exploring and debating the existence and properties of atoms, but in general what Bronowski asserts is as true of the “scientific community” of the very early 1900s in regards to consensus on the existence of the atom as “scientific consensus” today regarding Anthropogenic Whatever-They’re-Calling-It-Today: the accepted dogma of those with the power of position, money and the public’s ear is just as anti-scientific today as the assertions from ignorance of the anti-atomic dogmatists of the early 1900s. And the real scientists are working today, just as out of the limelight as Thomson and his colleagues were in 1900.

But, of course, then Thomson was awarded a Nobel for his work in 1907 and the tide began to turn…

“Scientific consensus” has as often been wrong as right over the centuries, and we’d do well to learn the lesson that theory must bend to fact, and not the other way around as those who embrace the Cult of Anthropogenic Whatever-They’re-Calling-It-Today would have it with their always wrong (at least so far) computer models that “prove”–with faked data as often as not, it seems–the sky is falling (though no one has been hit by a chunk of sky yet, despite their predictions).