lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-id: <472B076C.21067.33C4D32A@nick.virus-l.demon.co.uk>
Date: Fri, 02 Nov 2007 11:18:04 +1300
From: Nick FitzGerald <nick@...us-l.demon.co.uk>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: mac trojan in-the-wild

reepex to me:

> > Yes, today, the average level of clue among Mac users is probably a
> > shade higher than amongst Windows users,
> 
>   Is this a joke? The reason people switch to macs is because they cannot
> handle simple tasks. Isnt the main thing said by new mac users is 'it just
> works' meaning 'I couldnt figure out windows' . The main users of macs are
> liberal arts students and hippies .. and we all know the technical level of
> these people.

No, it's not a joke.

First, a lot of very clueful security folk, CompSci academics and so on 
will "only" (or, at least, "only for my real work") use Macs.  They may 
well just be heavy-duty-security-clueful enough to drag the average 
graphic artist, liberal arts, etc level above the Windows waterline.

Second, in fact, I don't even care if it is badly wrong.

I'm happy to concede to the Mac fanboyz that their buddies may, in 
fact, have a slight edge in the security clue arena _across the whole 
population of Mac users_.  I will quickly point out things just like 
what you said if they seriously try to claim they have a significant 
edge, but my point still holds up allowing them what they perceive as 
the "but we're smarter" high-ground.  The point is, as I thought I was 
making clear, even if it's true it doesn't actually help them because 
we are still talking about two seriously overlapping _population 
distributions_ (but if they continue to insist it does, all they do is 
show their "debate" is driven by ideology rather than facts and 
logic...).

You've just seen the redoubtable Dr Neal K messing this up big time, so 
even the seriously security clueful are not necessarily on top of this.


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ