Waiting for the Apple next shoe to drop!

September 8, 2009

With 10.6 out the focus in no longer on the operating system.
The focus is on the “way it all works together” – the operating is systems just one part of the platform – and Apple is for now the only one who does it all. Computer hardware, operating systems, major applications, cloud services, web-portal, hand held devices.
And there are many more parts that Apple has that are significant:
• WebObjects – the most mature framework for providing web-services
• Micropayment System – iTune music store is probably the biggest micropayment system on the web (maybe Amazon or Google Adsense are as big? but even Microsoft is not in the same league)
• Relationships with all the other players – wireless carriers, semi-conductors, major software developers, music industry, motion picture industry, and now the game industry.
OS X 10.6 Snow Leopard is just the first step of a what I believe to be Apple pulling all these together and laying the foundation for much more interesting and yes eye popping integrated products / features in the near future.

The 9/9/09 event will probably have a new iTunes, will it be a 64bit OSX 10.6 app? Will it (when run on 10.6 as it will still need to maintain compatibility with 10.5/ Win XP) have some new cool stuff built on the new capabilities of 10.6)?  You can be sure it will take more advantage of the cloud and extend their iTunes store franchise.

We still have iLife and IWorks (not to mention Logic and Final Cut) in their next versions that will take advantage of cool stuff made possible by the “cleaning up” done in 10.6 and they are much bigger income streams / product differentiators than the operating system these days.  Apple not only makes some money on these products but once they have you using them / knowing them / building your life-workflow around them, you are a Mac person as the friction to change to Linux or Windows go way up!

And then there is the the mobile device integration thing!  The iPod Touch / iPhone as a remote control for your computer or application or House is still in it’s infancy, the larger tablet will only move this further along.  Image your mobile device being the interface for things that have no controls a black box (or silver and silver in the case of Apple TV), now imagine then working through the cloud. This is where it’s all going. Apple and the rest of us only see the tip of the iceberg, this is the foundation of the future.

OSX obviously needed some re-architechting to lay the foundation of all this, remember OSX is the operating system of much more ethan the Mac now, it is the bases of the current and next generation of mobile devices and as such the bases for app fronted cloud services. Webobjects which is the bases for all of Apple innovation (the Apple Store, ITunes and mobile me are all built on webobjects) was done before anyone at Next or Apple full understood it’s significance, but it gave them the tools to build the future. OSX is the same they are building the basic architecture of the future.

Windows will never be as secure as Mac / Linux

August 26, 2009

Over and over again I read the mis-informed or simple minded mainstream press writing about Mac security based on tech industry myths (mostly created by “Security firms” that make their living on people being afraid and need a robust threat level of viruses, malware and trojans to build their biz on.

Their line goes something like this: The bad guys don’t target Mac’s because their market share is to small. for example here is a quote from a cnet story – Mac security not so much about the Mac:

“Even if Apple moved to 10 percent market share, why spend the time on the 10 percent when you can just nail 90 percent with one bug?” Miller points out. It’s far easier, and far more lucrative, for those shadowy figures in the hacking business to spend their time going after the other 90-plus percent of computers in the world than it is to try to exploit flaws in the Mac–even if there’s a shiny new computer involved.

There is truth in the fact that Windows is a larger target than the Mac. But in the last year or so the Mac has become a much bigger target with significant market share for some time now (6-8% overall and as much as 30 to 50% of the high end – above $1k – consumer laptop business).  Yet the Mac is still totally free of any known virus in the wild. And only a very few (in the single digits) trojans are out there (note these can not be spread from computer to computer and require the user to go to a “questionable” website and then explicitly “ok” the installation of software) .

The same article above clearly states:

No security researcher I spoke with could think of an instance of a Mac running Mac OS X that had been exploited in the wild. Not as part of a contest, or as part of a show-stopping demonstration, but through a malicious attack aimed at pwning a Mac. Few were even sure that any viruses or worms existed for the Mac; there was a Trojan horse type of exploit in the wild last year, but it was delivered through a porn site, and it required users to take several steps to infect themselves.

The reason Mac’s are safer than Windows machines is clearly more about basic multi-user aware underpinning, design philosophy, backwards code compatibility and plain old code quality.

Here is one of  the best ways I have seen it explained it: from the stroy FUD: On Snow Leopard Anti-Malware — Learning Curve.

A few salient facts before continuing.

  • Unix was developed as a research project at Bell Laboratories in Murray Hill New Jersey. The key researchers were Ken Thompson and Dennis Ritchie. Thompson and Ritchie won the 1999 Technology Award and Bill Clinton was present at the award ceremony in Washington.
  • MS-DOS was developed by Tim Paterson and his Seattle Computer Products. It’s won no awards.
  • Unix is a true multiuser system. MS-DOS is a hardware interface. The acronym itself stands for ‘disk operating system’. It’s not an operating system – it’s a disk operating system. It doesn’t deal in access control or ownership. It’s a hardware interface.
  • The Unix we use today is based on the original Unix from Bell Labs.
  • The Windows lusers use today is based on MS-DOS. Not the internal architecture to be sure – that architecture is based on the ‘VMS’ work of David Cutler – but the system’s security is based on (crippled by) good old MS-DOS.
  • Web servers everywhere run Linux and Apache Stronghold and practically speaking they’re impenetrable – this because Unix was built the right way from the start.
  • Windows will never be secure because it wasn’t built with security in mind (or much else for that matter). And that’s just a fact.

The quote above deals with the fact that OSX is built on Unix and as such has a strong, well tested, security system built in from the lowest levels protecting the system from actions by user accounts.  Windows on the other hand (as was Mac OS9) is built on a single user foundation – the assumption in the days of DOS through Win 32 was that the user had complete control of the computer and there is no separation between user accounts and the administrator account. Microsoft has spent the last 10 years trying to graft this type of structure into Windows without breaking too much backwards compatibility. It is a losing battle and is a fundamental difference that is why it will always be less secure than Unix and Mac OSX.

The size and age of the Windows code base makes it virtually impossible to eradicate the bugs and vulnerabilities, and it would appear that Microsoft’s design philosophy of feature bloat that continues to graft new networking and frameworks deep into each release of windows without removing the older ones will only make it worse as time goes on. Dating back to the early days of DOS and Windows Microsoft has let developers directly access the hardware bypassing the operating system, and while they have moved away from this for a long time bits of the old code are still lurking in the depths of their code base.

Apple on the other hand tends to build additional functionality by adding new core  functions to their operating system with a much more deliberate long term architecture perspective and well defined API’s (this dates back to the original Mac operating system which abstracted the actual hardware and made developers use the toolbox). Examples of this is coreaudio, coreanimation etc.

Lastly the way Apple historically  maintains backwards compatibility is much cleaner as they have done it through complete emulation as in the “OS9 Classic Mode” that was a fully sand-boxed environment. They do this on a transitional bases phasing it out completely over time so that they phase out legacy code with a smooth transition from the user perspective.

Microsoft as is typical is adopting some not all of the same concepts in their new Windows 7 but as usual they are still years behind OSX and they have not addressed much of their core issues.

All of this is simply security at the OS level, Microsoft also has many security related issues at the application level, and they build much of the application support for everything from Office apps to IE into the operating system which opens up many many more vulnerabilities.

In summary it is true that no complex software is bug free, and no operating system / application suite  is totally secure, but OSX is much more fundamentally secure than windows.  Everyday thousands (maybe more) of Windows users with or without added security software lose hours of productivity to dealing with infected computers, there are virtually no Mac users suffering the same fate. Millions of Windows machines the world over are acting as bots:

  • spreading viruses,
  • clogging the internet sending spam emails
  • Participating in denial of service attacks

Meanwhile Mac continue to secure and productive network citizens.