Doug White writes:
It would be nearly impossible for computer software makers to provide against any type of attack by those so inclined. The result is that they are reactive rather than pro-active.
That's not the point. The difference in degree of security between Windows and Mac OS X is so great as to be a difference in kind. It is possible for vendors to build, and customers to buy, sufficiently safe Internet client software. It is also possible to mitigate the spam problem (which started this whole thread, as you may recall :). From where I'm sitting, Apple Mail's spam detection feature, Spam Assassin, and similar products all do a sufficiently good job. I get obscene amounts of spam at this account, but I see very little of it (even though my version of Spam Assassin is old). Now, I know network operators have a different point of view (I have been one): that spam consumes expensive network resources. But even Hotmail (and who could have a worse spam problem than Hotmail?) only blackholes specific hosts or small subnets, and only then for 24-48 hours. This idea of cutting off entire ISPs/countries/operating systems/ethnicities from their access to certain or all services is very poor and reflects badly on those who propose it. The spam problem is as mitigatable as it is bad, and taking away or reducing the usefulness of the network in order to save a few bits or bucks is a bad trade. Freedom, openness and universal access are worth the trouble. Why is it that some people respond to the problem by breaking things rather than building things? In particular, something like Bastille (the Linux hardening kit) for Windows would be great. -- Chris Palmer Staff Technologist, Electronic Frontier Foundation 415 436 9333 x124 (desk), 415 305 5842 (cell)