.:Computer Defense:.

I know... you're thinking the same thing I thought when I read it... What the hell does that mean... Well Ross at nCircle provides the definition, "A clean slate; a blank or erased tablet." He also provides a short, but interesting post on the subject of backwards compatibility. The ultimate question of his post is summed up by the introduction:

Backwards Compatibility. I'm hardly a Mac user, but from what I've heard, they don't bother with it. Every Mac OS release is a clean slate (or close to it) and the end user just has to adjust. On the other side, Microsoft spends millions (billions?) making sure that you can still open that document you put together using Word 95 in Office 2007.

Which approach is better? Define better.

Give it a read and see if you agree.

I was reading through the latest round of blog posts and found an interesting tidbit via the VMWare Technology Network (VMTN) Blog.

It seems there's a video circulating the net (available in the VMTN blog post) that demonstrates 3D Graphics inside Fusion (The version of VMWare being developed for Mac). Apparently this feature is available in the current VMWare Workstation and has actually been available back to VMWare 5.0 (there's a chance that it's also available in VMWare Player)... Currently the support is only for DirectX 8.1, however Direct 9 and 10 support is in development.

More information on Direct3D in VMWare can be found here.
Information on enabling Direct3D support inside a VM can be found here.

I've blogged about this over on the nCircle blog... just wanted to direct people to the site.

Read about them here. 

I made this comment at the office today and I was greeted with agreement, disagreement and blank stares...

My thoughts are that more and more often OS X is becoming the so-called "cure to Windows"... A colleague put it best.. he said "A few years back if someone was talking about a Windows problem, the response was, "This link will fix all your Windows problems" and the link was to some Linux distribution... Now-a-days... you have the same question, however the link is to apple.ca or an OS X page... The zealots that once swarmed and promoted Linux as a viable alternative to Windows... as the solution to all problems... are now being over shadowed by OS X fanboys who are doing the same thing... The number of blogs dedicated to Microsoft bashing, that are entirely pro OS X (OS X can't do anything wrong), is astounding.. OS X has become a religion.... and these fanboys are blindly accepting it as their faith without having a clue... One of the more predominant of sites is DaringFireball.net, however I'm not going to touch it today... everyone has had enough of a laugh at Mr. Gruber's expense.

One site I came across this evening (as I was debating if I would blog on this subject) was tech.blorge.com and it's the primary reason that I decided to do this write-up... The crap that they spew is unbelievable. A great example of this is the "Microsoft slugs Mac users with Vista Tax" post. They go on and on about the fact that you can't install the "lower" editions of Vista in Virtual Machines... and you can't... Do I see an issue with this?? Nope... but Paralells... (a third party vendor of Virtualization Software for OS X) is going on and on about it. That is to be expected... it's their livelihood, the problem is that the "cult of mac" is accepting everything they say at face value... No one seems to realize that this doesn't only affect Mac users.. it also affects anyone wishing to run Vista under VMWare or Virtual PC (The Home versions anyways)... but home is the keyword here.. Virtualization isn't a "home" technology... It's a business / research technology.... and in the business world, it's generally limited to servers for the most part... So why should Microsoft license a home technology (Vista Home) to be used on non-home technology (Virtualization)... You can argue that there are enthusiasts that will do it... but many of them will ignore the EULA anyways...

Mac users (and all the people on the Paralells blog who stae they'll be switching to OS X because Microsoft has gone over the line) seem to have forgotten the wording in the OS X EULA.

A. This License allows you to install and use one copy of the Apple Software on a single Apple-labeled computer at a time. This
License does not allow the Apple Software to exist on more than one computer at a time, and you may not make the Apple Software
available over a network where it could be used by multiple computers at the same time. If you use Setup Assistant to transfer
software from one Apple-labeled computer to another Apple-labeled computer, please remember that continued use of the original
copy of the software may be prohibited once a copy has been transferred to another computer, unless you already have a licensed
copy of such software on both computers. You should check the relevant software license agreements for applicable terms and
conditions. You may make one copy of the Apple Software (excluding the Boot ROM code) in machine-readable form for backup
purposes only; provided that the backup copy must include all copyright or other proprietary notices contained on the original.

That says I can't install OS X on my PC, so why should we expect Microsoft to allow the opposite... In this case, I'd say that Apple hit first and that Microsoft is only responding in kind... so perhaps OS X users should blame their precious Apple (Yes... as usual, I'm typing this on OS X, so I can say what I want about the OS). For a decent explanation of the Vista licensing, check out this page.

Now these guys at blorge didn't stop with this... They are dedicated to Microsoft bashing... attacking the concept of OpenID and CardSpace... Going to the ultimate level of immaturity by making use of the infamous Bill Gates mug shot... I love their theory in this one as well... Smart Cards and Certificates can be beaten so it's better to just keep using passwords about sums up their (incorrect) theory...

Another good one was, "While I do enjoy Microsoft bashing (like any hack does)" which was taken from the only post where they defend Vista (and only because it's about the only thing on the internet than the drivel they are spouting..). First off... "like any hack does"... If that doesn't shout juvenile Linux user from 3-5 years ago, I don't know what does... the entire sentence does... It's disgusting and I feel insulted (as a partial OS X user) that they are this immature. I could go on and on... I could also point out other sites (such as Macalope and Artie MacStrawman’s Apple Orchard) but I’ll let you find the problems with them on your own… I’ll just leave you with this last bit of ignorance from the Artie MacStrawman blog, “I love Apple, Mac OS X is invulnerable and I’d jump off a cliff if Steve asked me to.” and “The Mac is utterly impregnable to attack. I’ll never switch to Windows or Ubuntu or something.” That sums up the thinking of most OS X users… a flawed sort of logic that really makes me believe that OS X is the new Linux… at least when it comes to cocky, arrogant, know-it-all users…. DaringFireball.net)
[Update] Page updated based on an error on my part... apparently OS X users can't let you live down a mistake... Now perhaps people will be willing to discuss the actual content instead of a silly mistake.... Unless they have no comment on the content.

[Update 2] I've added the text back in since it's apparently uncouth to remove it, and set it to strikethrough

So I recently posted my thoughts on the state of web application security over on the nCircle blog... I just wanted to share the post with everyone..

Over at Google Blogoscoped, they have a post with some interesting photos of the Googleplex. Take a few minutes and look through... or don't.. it's your time.

Over at 360 Security (Formerly The VERT Daily Post), Graver has been providing write-ups on the events at RSA... One of these posts is a true tribute... providing either a Tip of the Hat or a Wag of the Finger to various vendors present at RSA. He's also provided a theory on how hackers can out number security vendors.

So I was talking to a buddy earlier this evening and he asked me if I'd heard of Windows XP - Black Edition... After saying "Black Edition??" (needless to say, I hadn't heard of it), he directed me to a forum post on the subject. In essence, Windows XP - Black Edition is XP on DVD with plenty of other pirated software included... Software that covers every aspect of day to day computing and even some outside of it...

I made the comment about how I distrust items such as this (and not only because they're pirated and illegal)... but because I question the individual that created the DVD... the so called "Black Edition". These are people who are so unscrupulous that they're willing to pirate a plethora of software... who's to say they haven't also setup malware on the DVD... their own custom malware, undetected by any AV signatures, that makes the PC a part of a botnet... or opens a listening port... or creates a key logger that records keystrokes and then only transmits them (over HTTPS) when it sees that HTTP traffic is occuring....especially if these actions take place as they do in my last example... only during times of heavy network traffic..

This got me thinking about piracy in general... There's tons of software out there being pirated... So why don't the vendors get involved... Take your product, create a modified version of the software and place a small piece of malware, tucked away that transmits (via HTTPS or something else popular but not plaintext) the details of the users and their computer... Gathering email addresses, contact info, etc... Then use that information to go after the pirate... I realize that it isn't necessarily cost effective for the larger companies to battle piracy on an individual basis, but if some sort of relationship was setup between these vendors and law enforcement I'm sure it could be done easily... maybe information could be submitted directly to law enforcement officials...

Now I commented on this to my buddy, and he brought up Sony... He said the same thing would happen to any vendor that attempted this... I said it wouldn't... In this case it would only be affecting those willing to make use of pirated software... not individuals who are abiding the law... It's effectively an electronic string... It's like marking bills or putting a transponder on a car... He said that in North America, the public opinion would still be an outcry... that this wasn't fair and that it was wrong of the vendor to do it... I don't know that I agree... I for one would fully support any vendor that wanted to do this...

How about the rest of you??? Are we for or against?

A brief quote:

"Macs are glorified Fisher-Price activity centres for adults; computers for scaredy cats too nervous to learn how proper computers work; computers for people who earnestly believe in feng shui."

As I sit here, typing this on my Mac, I find humour in the truth of the article...  (Read the Rest)

These ads are good for a laugh but that's about it... In my eyes they're really starting to hurt Apple... This last ad, which takes a shot at UAC goes overboard... It's filled with hyperbole and exaggeration. Of course the Mac fanboys will all love it... It seems that Apple and it's fanboys have forgotten that OS X contains a variation of UAC... however instead of clicking allow they have to enter their password... I actually want to generate a small app that pop's up and asks for your password, since Mac users come to accept it. The application will then just pass the password back to me... hrm... Maybe I'll start writing that..