[Person Man]

Originally Posted by goMac 

Right, but Mac OS X is correcting for these developers by automatically signing their apps with a self generated key.

For now.

But in the future, they may turn that feature off, too.

[goMac]

Originally Posted by Person Man 

For now.

But in the future, they may turn that feature off, too.

I doubt it. It would break any older application.

[Person Man]

Originally Posted by goMac 

I doubt it. It would break any older application.

It would be the last to go, of course, and it may take until 10.6, but they'll eventually do it.

[voodoo]

Originally Posted by CharlesS 

Not really:



Quick, what caused this to pop up? Was it a legit change, was it a virus, was it something mundane like prebinding, or was it something else? You don't know. As a result, 99.9% of users are just clicking "Change All" every time to make the dialog go away.

I know from experience that I've never seen one of those without knowing what the cause was. Updating of an application in all cases that I recall.

99.9% of users may think differently, but since 38% of all statistics are made up on the spot, who knows?

I won't grant that statistic the status of truth when it is not. Users are far smarter than that.

V

[goMac]

Originally Posted by voodoo 

I know from experience that I've never seen one of those without knowing what the cause was. Updating of an application in all cases that I recall.

As a side note, code signing means you will only see this dialog when an application has been modified. Updated versions of the application will no longer throw this dialog because they will be signed by the same author.

[CharlesS]

Originally Posted by voodoo 

I won't grant that statistic the status of truth when it is not. Users are far smarter than that.

Really now. How many users know what the Keychain is, or why it's not a good idea to give access to it to just any application? How many users are aware of the fact that it's possible to reverse-engineer an app and make changes to the code? Grandma doesn't think of those things. She just wants to check her mail, and is going to click away any annoying dialog box that she needs to get rid of for her mail to open.

Plus, you're completely overlooking the point that in Tiger, anyone can use in-memory code patching to bypass these dialogs entirely. Then, they can do whatever they want inside Mail (or any other app for that matter), and there's absolutely no way that you can even tell it is happening. The fact that this doesn't seem to concern you just backs up my point - users are generally ignorant when it comes to security.

[TheSpaz]

Originally Posted by CharlesS 

Really now. How many users know what the Keychain is, or why it's not a good idea to give access to it to just any application? How many users are aware of the fact that it's possible to reverse-engineer an app and make changes to the code? Grandma doesn't think of those things. She just wants to check her mail, and is going to click away any annoying dialog box that she needs to get rid of for her mail to open.

Plus, you're completely overlooking the point that in Tiger, anyone can use in-memory code patching to bypass these dialogs entirely. Then, they can do whatever they want inside Mail (or any other app for that matter), and there's absolutely no way that you can even tell it is happening. The fact that this doesn't seem to concern you just backs up my point - users are generally ignorant when it comes to security.

I'm all for security... but, when I MYSELF modify a file inside the Apps package contents, it shouldn't block my keychain passwords since I MYSELF obviously WANTED to modify the App and since I'm the owner of the App, then I should be able to modify it without problems.

How many people do you know who run OS X and had someone break into their system and steal their email and passwords? I've never heard of such a case and it's probably pretty unlikely. Why are Apple locking down OS X even tighter when nothing was really happening to it in the past?

[goMac]

Originally Posted by TheSpaz 

I'm all for security... but, when I MYSELF modify a file inside the Apps package contents, it shouldn't block my keychain passwords since I MYSELF obviously WANTED to modify the App and since I'm the owner of the App, then I should be able to modify it without problems.

How is OS X supposed to know that you yourself modified the application and not a virus acting as you?

Originally Posted by TheSpaz 

How many people do you know who run OS X and had someone break into their system and steal their email and passwords? I've never heard of such a case and it's probably pretty unlikely. Why are Apple locking down OS X even tighter when nothing was really happening to it in the past?

It's not unlikely, it just hasn't happened because of Apple's low marketshare. As I said earlier, these are security holes that have been prototyped and could have been deployed in a real virus. They're not simply speculation. Fortunately, no one actually built a virus or a trojan around them.

Edit: Actually, code signing fixes a security hole in parental controls which I have seen used in real life. So some stuff is even "in the wild."

[Kevin]

BTW People are still using input managers in 10.5. And they still work.

[analogika]

Originally Posted by voodoo 

I know from experience that I've never seen one of those without knowing what the cause was. Updating of an application in all cases that I recall.

99.9% of users may think differently, but since 38% of all statistics are made up on the spot, who knows?

I won't grant that statistic the status of truth when it is not. Users are far smarter than that.

I don't think I've ever had a support client who knew what that dialog meant.

Which is not to say that there are no users that know what to look for, but for people who use their computers like most people use their cars (which in my experience are the VAST majority), that dialog is a complete mystery.

[Kevin]

BTW it's also not so much what Apple is doing that is making devs mad, but their lack of communication with said developers. Something Apple COULD take a cue from MS on.

SourceForge.net: AppleJack project

[Person Man]

Originally Posted by Kevin 

BTW People are still using input managers in 10.5. And they still work.

Yes, they do. For 32-bit apps only. Which are the majority of apps out there at the moment. And developers have to jump through several hoops to use them. Hoops which are actually designed to discourage their use because they will be going away in the future.

Don't assume that what you see now is what you get for all of Leopard's existence. A lot can happen in two years, and Apple has said that the operating system will get less lenient about code signing over time. And they may take InputManagers away entirely for 32 bit apps. They almost did this time, but apparently changed their mind at the last minute.

[PaperNotes]

Originally Posted by goMac 

How is OS X supposed to know that you yourself modified the application and not a virus acting as you?

goMac and TheSpaz. I will enjoy this one.

[Kevin]

Yes they did. Lots of people complained. What I am saying is, they will get their apps to work regardless. Either by the Input, or some other way.

There will always be a work around.

[Person Man]

Originally Posted by Kevin 

Yes they did. Lots of people complained. What I am saying is, they will get their apps to work regardless. Either by the Input, or some other way.

There will always be a work around.

Yes, there will.

Developers need to start finding those work arounds now, so they won't be "caught with their pants down." Apple has told them what's going away, so they can't complain when it finally does go away.

[Kevin]

Until Apple blocks that way..

Again they need to be more supportive and communicative to their developers.

[Person Man]

Originally Posted by Kevin 

Until Apple blocks that way..

Again they need to be more supportive and communicative to their developers.

Yes. What they need is to provide an officially sanctioned way of accomplishing what you and others are attempting to do. Unfortunately, it doesn't look like that's going to happen any time soon.

From my perspective, code signing is causing headaches for an end user attempt to provide a decent localized version of the operating system in Greek. What the official Apple representative in Greece (Rainbow Computers) provides is crappy. They translate the Finder, Address Book, 90% of the System Preference panes, the menulets, give you about 10 more fonts with Greek characters, provide a few character encoding conversion tools, and call it localized. No other app is translated, and the system help files are still in English. That DEFINITELY fails CharlesS' "Grandma test," if she were Greek. Microsoft Windows, on the other hand, gets fully localized over there. Office for Windows gets translated too. Not even iLife or iWork get that.

However, we're attempting to figure out how to do it "properly," such that it doesn't break things when Apple starts getting tougher on signed code. It looks like it will be possible to do, without breaking signatures. But we'll have to be careful about it.

[Chuckit]

Originally Posted by Person Man 

A lot can happen in two years, and Apple has said that the operating system will get less lenient about code signing over time.

They did?

[CharlesS]

They implied it by saying that unsigned code will continue to work "for now."

[Person Man]

Originally Posted by Chuckit 

They did?

Well, if you look at this document, you'll see that they made statements that lead us to believe that they will make changes. Also, I believe I have read things from developers who attended WWDC sessions on code signing who said that Apple said so.

Originally Posted by Developer Technote

While Leopard GM accepts unsigned code for now, an increasing number of system facilities rely on code signatures to establish identity and privileges. If you have not yet made preparations to sign your Leopard code, it is high time.

Originally Posted by Developer Technote

Leopard GM is fairly lenient towards unsigned code. (It is less lenient towards code that is signed and has a broken signature.) In many circumstances, unsigned code will currently run undisturbed.

Emphasis mine. Note the phrases "for now," and "currently." That suggests to me that things will change in the future.

[goMac]

Originally Posted by Kevin 

Yes they did. Lots of people complained. What I am saying is, they will get their apps to work regardless. Either by the Input, or some other way.

There will always be a work around.

The difference is... now Apple will label any workaround as a security hole and deploy a patch to fix it. The TIFF exploit on the iPhone is a great example.

[goMac]

Originally Posted by Kevin 

Again they need to be more supportive and communicative to their developers.

They told us about Code Signing in 2006 and demoed how it works, and told us what we need to do. What more should they have done?

[Kevin]

Originally Posted by goMac 

The difference is... now Apple will label any workaround as a security hole and deploy a patch to fix it. The TIFF exploit on the iPhone is a great example.

People will just keep chasing each other's tails.

Originally Posted by goMac 

They told us about Code Signing in 2006 and demoed how it works, and told us what we need to do. What more should they have done?

Did you read the link I posted?

[TheSpaz]

I went back and decided to un-modify all my Apps because this is just too stupid. I don't want my Apps to suddenly break when Apple decides to make code-signing more strict.

[goMac]

Originally Posted by Kevin 

People will just keep chasing each other's tails.

I think code signing is enforced at the kernel level, which means if you want to stop code signing, you'd probably need to compile your own kernel. I doubt we'll ever see code signing hacked past that. If code signing is in kernel land it's really not possible to hack.

Originally Posted by Kevin 

Did you read the link I posted?

Yes. Stuff like that happens in every release of every major operating system on the planet. The Applejack people had 1.5 years to work with Apple on fixing that.

[Kevin]

Originally Posted by TheSpaz 

I went back and decided to un-modify all my Apps because this is just too stupid. I don't want my Apps to suddenly break when Apple decides to make code-signing more strict.

I think you are counting the chickens before the rooster crows. Or something.

I'd wait a bit.

[Kevin]

Originally Posted by goMac 

I think code signing is enforced at the kernel level, which means if you want to stop code signing, you'd probably need to compile your own kernel. I doubt we'll ever see code signing hacked past that. If code signing is in kernel land it's really not possible to hack.

I have yet to see something that wasn't hackable. Not yet. I've had lots of people tell me things where. This isn't me saying you are wrong, or I am right. This is just me pointing out history. And it often repeats itself. If Apple starts getting too anal, and less fun, people will look elsewhere for fun.

Yes. Stuff like that happens in every release of every major operating system on the planet. The Applejack people had 1.5 years to work with Apple on fixing that.

No. MS has better support with their developers, developers, developers, than Apple does.

It is not ready. Apple has removed the `id` utility from being able to execute in single user mode (of course with absolutely no documentation as to why). As far as I know, they might not even know it doesn't work any more.

Also, Apple has removed the /etc/rc file, which in one way is great progress, but on the other hand, since there's no documentation, there is no telling where Apple is now setting up its virtual memory etc.

As usual, Apple has seen fit to leave its developers in the dark. Every attempt at information is greeted with the message "This is not a supported scenario".

Not only that I recently had someone that develops for BOTh platform telling me MS sends them all kinds of info about developing and the OS and workarounds and barely gets any support by Apple. These seems like the common "story" I hear from devs.

Apple needs to treat it's devs better. It's almost like Apple doesn't want developers to know about OS X, and rather would make everything for it. They often get annoyed at the third party devs for things. Well atleast the ones they aren't stealing ideas from.

There are many things that I have liked about Apple since Steve took over. But there is also many things I haven't liked since he took over...

[Chuckit]

Originally Posted by Person Man 

Well, if you look at this document, you'll see that they made statements that lead us to believe that they will make changes. Also, I believe I have read things from developers who attended WWDC sessions on code signing who said that Apple said so.





Emphasis mine. Note the phrases "for now," and "currently." That suggests to me that things will change in the future.

It suggests to me that Apple doesn't want to make any promises. If they really have plans to change something, it's not uncommon for the docs just to come out and say something like "This will most likely go the way of the dodo in 10.6."

[goMac]

Originally Posted by Kevin 

I have yet to see something that wasn't hackable. Not yet. I've had lots of people tell me things where. This isn't me saying you are wrong, or I am right. This is just me pointing out history. And it often repeats itself. If Apple starts getting too anal, and less fun, people will look elsewhere for fun.

If this is kernel enforced, then it's not really hackable. We're not talking about jailbreaking an iPhone here. The security stuff in OS X is meant to be hacker proof, that's the whole point. If it's not hacker proof, it's pretty much worthless.

Linux and Windows have the same security setup, and it's yet to be broken on either system either. Console systems like the XBox that use code signing, again, require you to modify the kernel to get around. This is not something that can be done "nicely" by the user.

Apple is actually one of the last computer companies to implement code signing.

Originally Posted by Kevin 

No. MS has better support with their developers, developers, developers, than Apple does.

Again, the AppleJack people had a year and a half to deal with their issues. Apple has a Developer Technical Support email. I got one of my major issues with 10.5 sorted out with DTS. I don't see why the AppleJack developers could not do the same. It's not like they're trying to do nefarious things anyway.

Originally Posted by Kevin 

Not only that I recently had someone that develops for BOTh platform telling me MS sends them all kinds of info about developing and the OS and workarounds and barely gets any support by Apple. These seems like the common "story" I hear from devs.

Again, I've gotten plenty of support from Apple. DTS recently walked me through a issue with some 10.5 specific code I was having. The support from Apple is there.

Now OS X enterprise support on the other hand...

Originally Posted by Kevin 

Apple needs to treat it's devs better. It's almost like Apple doesn't want developers to know about OS X, and rather would make everything for it. They often get annoyed at the third party devs for things. Well atleast the ones they aren't stealing ideas from.

Why are we having this discussion? Code signing was a feature built for developers that developers requested. Nothing about code signing is bad for developers. In fact, code signing is a good thing for developers.

Originally Posted by Kevin 

There are many things that I have liked about Apple since Steve took over. But there is also many things I haven't liked since he took over...

Again, Apple is the last company in the industry to implement code signing. Linux and Windows have had it for a while.

[goMac]

Originally Posted by Chuckit 

It suggests to me that Apple doesn't want to make any promises. If they really have plans to change something, it's not uncommon for the docs just to come out and say something like "This will most likely go the way of the dodo in 10.6."

Well, we can only cite publicly available information. Apple doesn't often come out and talk about 10.6 features publicly.

[Gavin]

Originally Posted by TheSpaz

How many people do you know who run OS X and had someone break into their system and steal their email and passwords? I've never heard of such a case and it's probably pretty unlikely. Why are Apple locking down OS X even tighter when nothing was really happening to it in the past?

Originally Posted by goMac 

It's not unlikely, it just hasn't happened because of Apple's low marketshare.

Not true. It hasn't happened because OS X (like other unix systems) has tight security built into the whole system from the start, and Apple is proactive about closing any holes before they are exploited.

Protection due to market share is a myth. Back in '96 or so Linux had lots of viruses, and it's market-share was practically nothing. The Linux community tightened things up, turned off services, etc. and it's been practically virus free ever since.

And conversely windows has seen so many viruses and worms because MS writes crappy software. Security was a complete afterthought. You may have noticed it's been a while since we've heard of a huge virus on the news, it's not because windows suddenly lost market share, it's because MS actually plugged a lot of the holes with their updates.

So, to answer the first question, locking things down BEFORE something happens is WHY nothing happens. "locking the barn door after the horse has bolted" is always a bad strategy.

[goMac]

Originally Posted by Gavin 

Not true. It hasn't happened because OS X (like other unix systems) has tight security built into the whole system from the start, and Apple is proactive about closing any holes before they are exploited.

OS X has had very low protection against trojans and local attacks. The problem is that if code gets into your machine, it can make swiss cheese out of your personal data and your keychain. Apple has always done well at keeping malignant code away from infected OS X, but as the Month of Apple Bugs showed, nobody is perfect.

I think it's a mistake to assume that a system is unhackable. No code, no matter how much effort is put into it, is ever perfect. Code signing is a protection against a zero day attack. It assumes that the system has been infected, and that something is trying to get at your private data.

As I said, Code Signing already protects against known, and in the wild, local exploits on the machine. I work in a school district, and code signing already fixes one issue we were having with kids hacking our machines. Code signing already fixes real OS X security issues.

Originally Posted by Gavin 

Protection due to market share is a myth. Back in '96 or so Linux had lots of viruses, and it's market-share was practically nothing. The Linux community tightened things up, turned off services, etc. and it's been practically virus free ever since.

Again, no code is ever perfect. All Apple needs is one zero day exploit to ruin it's reputation. Adding code signing is a preventive measure to ensure that a virus or a trojan can't make of with your personal data. You're not going to tell me that OS X is trojan proof, are you?

(Not to mention, one of the things Linux added to make themselves more secure was code signing.)

Originally Posted by Gavin 

And conversely windows has seen so many viruses and worms because MS writes crappy software. Security was a complete afterthought. You may have noticed it's been a while since we've heard of a huge virus on the news, it's not because windows suddenly lost market share, it's because MS actually plugged a lot of the holes with their updates.

The moral of the story seems to be that Apple, unlike MS, should take security seriously and not as an afterthought. Hence code signing.

Originally Posted by Gavin 

So, to answer the first question, locking things down BEFORE something happens is WHY nothing happens. "locking the barn door after the horse has bolted" is always a bad strategy.

Exactly, which is why we have code signing. Code signing is there in case there is an exploit on OS X. Code signing is basically a firewall for your software on your machine.

[Kevin]

Like I've said. I've just heard too many developer complaints when it comes to communication with Apple to be "made up" or "non existent"

Lots of complaints from within as well. Imagine working on something and really putting your soul into it, only to be pulled off and put on something else. Rinse repeat.

I also think it's obvious OS X wasn't near their top priorities these past few years.

I am glad to see that Apple is venturing out to other things, while gaining popularity. But they also need to take care of us that have been there before they were a buzzword again.

I wont go into not letting devs have the GM till the end, or us basically beta testing 10.5 for them.

[goMac]

Originally Posted by Kevin 

Like I've said. I've just heard too many developer complaints when it comes to communication with Apple to be "made up" or "non existent"

Lots of complaints from within as well. Imagine working on something and really putting your soul into it, only to be pulled off and put on something else. Rinse repeat.

I also think it's obvious OS X wasn't near their top priorities these past few years.

I am glad to see that Apple is venturing out to other things, while gaining popularity. But they also need to take care of us that have been there before they were a buzzword again.

I wont go into not letting devs have the GM till the end, or us basically beta testing 10.5 for them.

Again, I'm not quite sure what this has to do with Code Signing. Code Signing was shipped for developers to use in keeping their software secure.

[Kevin]

I am talking about the way Apple deals with their developers. Code signing has really nothing to do with Leopard's menus either.

But they really don't want to bite the hands that support them. They DO need to cater at be nicer to them more often.

[goMac]

Originally Posted by Kevin 

I am talking about the way Apple deals with their developers. Code signing has really nothing to do with Leopard's menus either.

But they really don't want to bite the hands that support them. They DO need to cater at be nicer to them more often.

Again, I'm not quite following your reasoning. Apple just released Leopard with Objective C 2.0, 64 bit GUI applications, Core Animation, Code Signing, many additional Cocoa classes, self migrating CoreData stores, Interface Builder 3, XRay, the Python to Cocoa bridge, and many more technologies, and you're arguing that Apple simply doesn't do anything ever for 3rd party developers. I mean, Leopard is basically a 3rd party lovefest.

If your friend is having trouble, then again, he should contact developer technical support. If he did, and failed to get any help there, then I'd sympathize.

[Kevin]

I don't recall saying that Apple didn't make decent dev tools. But whatever.

And it's not really a friend.. more like just know each other over the net. . A few that work at Apple.

[Silky Voice of The Gorn]

I'm sitting here on a 2.4ghz IntelBook Pro, and for the life of me see no difference in menu selection highlight speed whatever between iTunes and any other app, including the Finder.

[Person Man]

Originally Posted by Silky Voice of The Gorn 

I'm sitting here on a 2.4ghz IntelBook Pro, and for the life of me see no difference in menu selection highlight speed whatever between iTunes and any other app, including the Finder.

You won't. The Spaz is apparently the only person here that seems to be able to detect a difference or even care about that issue.

[CharlesS]

Originally Posted by goMac 

Why are we having this discussion? Code signing was a feature built for developers that developers requested. Nothing about code signing is bad for developers. In fact, code signing is a good thing for developers.

I think he's referring to haxie and malware "developers."

Originally Posted by Gavin 

Not true. It hasn't happened because OS X (like other unix systems) has tight security built into the whole system from the start, and Apple is proactive about closing any holes before they are exploited.

Protection due to market share is a myth. Back in '96 or so Linux had lots of viruses, and it's market-share was practically nothing. The Linux community tightened things up, turned off services, etc. and it's been practically virus free ever since.

Dude, Apple's been turning ON services lately. And letting them through the firewall. Leopard right now is wide open, even if you turn the firewall on. If mDNSResponder turns out to have any exploits in it at all, hello Blaster/OS X. I'm serious. It's as if Apple is deliberately repeating the same mistakes Microsoft made five years ago, just to tempt fate. The state of OS X security right now is not very good. In some aspects, it's worse than Microsoft's right now, since Vista has a firewall that's on by default and that doesn't let crap through with the default settings.

[Gavin]

Yeah, that is weird. On the other hand more and more people are getting wireless routers with a firewall, so it comes out even.

[Gavin]

Originally Posted by goMac

OS X has had very low protection against trojans and local attacks.
.....
You're not going to tell me that OS X is trojan proof, are you?

Of course not - we were talking about viruses and worms, not trojans.

It's hard to protect someone against their own foolishness. I mean, "Click me for free porn", who can resist that? ;-)

However with code signing and reasonable pop up alerts I'd go so far as to say it's less likely someone will be tricked into running a trojan on OS X than on windows - with its annoying pop ups that people dismiss without reading. Marginally less likely...


Anyway my only point was not that OS X is perfect but that it's lack of viruses has more to so with the UNIX security model than obscurity. You have to know that the black hats are out there trying to find something to exploit. The first one to write a virus for the Mac will wet himself, and probably turn himself in to get the credit.


By the way, my menus haul A$$ in Leopard! This thread made me notice that I finally have OS 9 speeds for the menus! That's right - I'll say it - my menus are sn***y. ;-)

Maybe it's an Intel Vs. IBM thing.

[Don Pickett]

FWIW, I have Apple's firewall on. I also have ipfw running, and am behind a router. I went to Shields Up today and did a complete scan. Everything stealthed except for port 113.

[Big Mac]

I don't know if it comes out even because a lot of people probably connect directly to the broadband source. However, I don't think it's proper to say Leopard's security is poor, either, just because some ports are still open when the Firewall is supposedly on and leading the user to believe everything is blocked. It's a strange, head-scratching, ill-advised choice, but Apple apparently trusts the services that are running. If they were turned off, some of Leopard's network collaboration services apparently wouldn't work since mdnsresponder powers Bonjour.

But I don't think we're any worse off than in Tiger, which had ports open and the Firewall off by default (netinfo-local has 1033 open), and there is, after all, code signing that you laud, Charles. Should the Firewall settings be clearer and provide an option to block absolutely everything? Yes. Does the fact that this is not currently the case make OS X more vulnerable than before? No, I don't think so.

Originally Posted by Don Pickett 

FWIW, I have Apple's firewall on. I also have ipfw running, and am behind a router. I went to Shields Up today and did a complete scan. Everything stealthed except for port 113.

That's because of your router, not Leopard.

[TheSpaz]

Originally Posted by Person Man 

You won't. The Spaz is apparently the only person here that seems to be able to detect a difference or even care about that issue.

I know for a fact that there is a difference on ANY Mac running Tiger or Leopard. Panther's menus were all like iTunes as far as navigating through menus. If you navigate slowly, you won't see a difference, however if you quickly move your mouse through a menu, you won't see a highlight on each item, only on a few at a time... randomly skips some items... but, in iTunes, you'll notice that even when you move fast, you see a faint highlight zip across every single menu item, flickering on each one.

[MindFad]

It's not hard to spot, but it's hard to find a practical reason why it matters at all.

[Don Pickett]

Originally Posted by Big Mac 

That's because of your router, not Leopard.

Just unplugged the router and went straight from DSL modem to the back of the machine. Went to Shields Up and ran the full port scan: nada. Every port was stealthed.

[CharlesS]

ShieldsUP only tests TCP ports. The ports that the article from Heise reports as being open are all UDP ports.

[Don Pickett]

Originally Posted by CharlesS 

ShieldsUP only tests TCP ports. The ports that the article from Heise reports as being open are all UDP ports.

Not to get into a link war with you, because I'm pretty sure you know more about this than I do, but I have found some rebuttals of the Heise article which say it's not as bad as it all seems. One here, and this one which is a good rundown of what's happening.

I'm not saying Apple couldn't have done better, but it seems there is some hysteria out there about this.

[goMac]

Originally Posted by Gavin 

Anyway my only point was not that OS X is perfect but that it's lack of viruses has more to so with the UNIX security model than obscurity. You have to know that the black hats are out there trying to find something to exploit. The first one to write a virus for the Mac will wet himself, and probably turn himself in to get the credit.

Sure, OS X is more secure than Windows, but that doesn't look as good as it sounds when you realize that Windows has hundreds of thousands of viruses. Apple could "only" have a few thousand viruses for Mac OS X and they'd be more secure than Windows.

To further illustrate my point, Mac OS 9 was the least secure OS on the market, and it only had 80 viruses.