Closing for a very short while...

Normal service will be resumed as soon as possible!

Basically, I'm currently doing the switch from Typepad to Wordpress for this blog. All the posts and comments are ported over, and the DNS is currently in the middle of changing from pointing to TypePad to pointing back to my own host.

If everything has been done right, you shouldn't notice the difference if you're coming in from a link to anything on technovia.co.uk, as I've managed to mangle Wordpress into creating TypePad-like permalinks using some MySQL foo. You'll still be able to access posts directly here, by going through technovia.typepad.com.

However, if I can work out how to do it, I'm going to close comments on all the posts here - that way, no comments should be lost in the move from one to the other.

Daring Fireball on commercial malware vs commercial non-malware

First, apologies for the hideous title the post, but I couldn't really think of a better way of putting it. Commenting on my previous post on Mac security, John Gruber asks:

"But, and I’ve argued this before, it doesn’t explain why the Mac has, effectively, none. If it’s true that malware developers who want to make money will only write software for the vastly larger Windows market, then why doesn’t the same logic apply to non-malware commercial developers? "

This is an interesting question, but the answer is fairly simple: distribution methods differ. Let's look at the differing scenarios.

You're a legitimate Mac developer, and create "Wongo!", a lovely little widget for the Mac. You create a web site, post about it in a blog, people come and buy it. You send out a few review copies, it gets reviewed, and lots more people buy it. Word of mouth spreads, more and more people come to your site and buy it. Eventually, you're the Bill Gates of Mac software.

Now, for malware. You write a nasty trojan for the Mac, disguised as, say, a codec required to view porn. You upload it to a dubious site, where a relatively small percentage of people in general go. Of the people who see it, only 5% will ever be able to run it. Of that 5%, most won't bother downloading it at all. You can't advertise, or send out review copies, or - in fact - promote your "product" in any way. No one who downloads it is going to write blog posts about how amazing it is, recommend it to their Mac-using friends, or write letters to Macworld urging them to review it.

Compared to commercial software, Mac malware is like a small niche product which few people will ever encounter, and which you're not allowed to promote. What's more, it will never get any word-of-mouth coverage, positive blog posts, or reviews.

links for 2008-01-18

• Don’t believe the low bit-rate ‘HD’ lie | George Ou | ZDNet.com
  George Ou points out that "HD" download services from Apple and Microsoft are nothing of the sort, delivering quality that's actually below DVD. He's not wrong.
  (tags: HD downloads video apple microsoft tv)

Uh huh, right, so there's no Mac malware...

Note that F-Secure do not sell a security product for the Mac - so forget about that "they're only trying to spread FUD so we'll buy their product" stuff.

More details on Trojan:OSX/DNSChanger, plus a blog post about its variants - over 60 variants of this have been found by F-Secure.

And finally, yes, this is a trojan not a virus, so it exploits the user's gullibility rather than a security hole in the OS. But as this is also true of the vast majority of Windows malware, I don't think that's something to get too cocky about. And given the number of people on the Mac who take no security precautions at all, and genuinely believe there is no malware around for the Mac...

Service interruption on Sunday

Depending on what time I get back from the weekend's visit, there may be a period of downtime for this blog on Sunday. I'm transferring Technovia from running on Typepad to my own hosted version of Wordpress. All permalinks should remain working, and no posts or comments will be lost, but while I move the domain over there will be a period when it's not available. The RSS feed will also be unaffected, thanks to the lovely people at FeedBurner.

Update: I've decided not to go ahead with the transfer this weekend - basically, I quickly realised that I just won't have time to do it, so I'm putting it off for now.

Fair use for the 21st century: if it adds value, it's fair; if it substitutes, it's not - Boing Boing

Link: Fair use for the 21st century: if it adds value, it's fair; if it substitutes, it's not - Boing Boing.

"Tim busts out a great working definition for fair use that simple enough to understand that it can be reliably followed by casual remixers and users of content, but not so simple as to be idiotic: if it adds new value, it's fair use; if it substitutes for the original, it's infringing."

The problem with this is what amounts to "adding new value" - and, more importantly, adding value to what? Does sampling a record and using it, uncredited, in a remix "add value" to the original? No, of course not. In fact, using it credited may well not add value either.

Does Gawker's use of the Tom Cruise scientology video "add value" to the original? Of course not - if anything, it removes value, both to Cruise personally and to the CoS. Of course, you can say that Gawker's using it is fair use as it's newsworthy - but that adds a second rule to what is and is not fair use.

If, of course, what Cory and Tim mean by "adding value" is simply "creating something of value from the copyright material" then that's a different matter - but it means that virtually any use of copyright material is permissible. If I take one of Cory's books, put it in an original cover, print it and sell it I've "added value" - so it's fair use, and I don't have to pay anyone. Right?

The day Steve Jobs got snubbed at his own show

The story about Violet Blue being snubbed by Steve Jobs reminded me of an incident that I witnessed a few years ago where Jobs was, himself, snubbed.

After keynotes, Jobs usually likes to head down to the show floor and look around the Apple booth, talking - mostly - to Apple employees. At one keynote, a few years ago, I found myself standing behind Jobs and his entourage on the escalators going down to the Moscone show floor.

Jobs got to the show entrance proper, where there is always a security guard checking passes. The guard, spotting that Jobs had no pass, stopped him and refused to let him in.

Steve himself looked amused, but his entourage, with the standard reaction of lackeys everywhere, were outraged on his behalf. "Don't you know who this is? You're going to be looking for another job!" one piped up.

"I don't care who he is. No pass, no entry. That's the rule" came back the answer. The guard was sticking to his guns.

Jobs smiled, something which managed to combine amusement with the look of a tiger about to eat something tasty. "I'll come back another time" he said, and turned and headed off... followed by his twittering entourage.

Technorati Tags:
Apple, Macworld Expo, Steve Jobs

Why engaging with the Mac community over security is a hopeless task

Rich Mogul talkes about his "Curious Relationship With Apple And Security" and what he wants to do in the future:

"Actively engage with the Apple community, give Apple credit for what they get right, and point out where they get things wrong while educating Mac users. This hopefully gains me enough credibility that they can’t simply dismiss me as anti-Apple and I can help the Mac community pressure Apple for needed change."

Good luck with that, Rich. The problem with talking to the Apple community at large is that there's far too many people - usually, ironically, people who haven't used the Mac for more than a handful of years - who believe that the fact that "there is no malware for the Mac" means it must be perfectly secure.

They simply refuse to believe the "security through obscurity" line which states that the Macs low market share helps it safe, by reducing the opportunities for malware to be effectively spread. As the Mac is a small target, it's simply not efficient to write a virus for it. This is largely because they have an outdated view of what malware is produced for - they simply don't understand that a lot of malware is produced not for kudos but for profit, and when you're going for profit it makes more sense to hit the biggest possible market (ie Windows.

Neither do they understand that a large chunk of modern malware exploits the least-secure part of any system: the user. Most malware which is successful over a longer term doesn't target a security loophole initially, but attempts to get access to a user's system via social engineering.

And the notion that Windows Vista's security model might be as secure as the Macs (if not more so) will be met with either blank, uncomprehending stares or outright hostility. It doesn't matter that it's true.

So Rich, my advice is simple: just don't bother. You're only going to get 1500 flaming comments whenever you dare to utter the "heresy" that the Mac might not be perfect.

UPDATE: Clarified my point about "security through obscurity", by which I mean the Mac's low market share reducing vectors for malware spreading, rather than the platform itself being "obscure" and unknown to malware writers.

UPDATE 2: I'm in the middle of transfering this blog from TypePad to Wordpress, which means that I've now exported all the posts and comments from here to the new place. As this post is still getting comments, I've decided to temporarily close comments while the DNS switches over, so nothing gets lost in the move. Once the DNS has switched, comments will be back. Sorry for the interruption - if you really want to comments desperately, you can find the Wordpress version of this post here.

First Rogue Cleaning Tool for Mac

F-Secure has turned up the first rogue application for the Mac. A rogue application is one which basically lies to you - it tells you that your system has a problem, and offers to fix it if you buy the paid-for version. They're common enough in the Windows world to be a pain. As F-Secure notes:

"Rogue/fake applications (scareware) such as this have been around for years on Windows (WinFixer, SpySheriff, et cetera). They're designed to trick people into thinking that they have security problems and that the only way to solve it is to buy the software. Up until now this has been a Windows only problem but that's not the case anymore.

So what does the first Mac rogue application really mean? It means that with Mac's growing popularity and growing user base comes certain problems that can't be ignored. Mac users will increasingly come under attack from bad guys and this new rogue application and the constant stream of new variants of DNSChanger is proof of that. It doesn't mean that Mac is becoming less secure in and of itself. But it does mean that Mac users will have to watch out for social engineering tricks just like Windows users have had to do for years."

Skyhook coverage in Europe

One little snippit from the keynote: the Maps application in the iPod touch is location aware, using the Skyhook WPS (Wi-Fi Positioning System). And, if you're in Europe, the news is good:

"WPS currently provides coverage to 70% of the American, Canadian, and Australian populations. By the end of March 2008, Skyhook will have coverage in the top 50 metropolitan areas of Europe as well as cities and towns representing 50% of the UK, French and German markets."