Doug's Mailbag: Mac Attacks

Here's some thoughts on the state of security in Apple computers:

Macs and Windows have one thing in common: HUMANS. Humans make the OS and applications, and humans use them. Since we are still not perfect, there will be issues. Also, Doug, why do you hate on Microsoft so much? When it comes to security Microsoft has a much better track record than Apple, Adobe, Google, Sun, etc.

Macs are, in my opinion, more secure than Windows. Unix or Unix-like operating systems start with a more restrictive set of permissions for the average user than Windows. However, "more secure" doesn't mean they are secure. Any OS, be it Windows, Unix, Linux or Mac, is more vulnerable if standard security practices are not followed on a regular basis.

Being system agnostic in terms of support, but a Mac person in terms of personal purchases and preference, I take umbrage with the "decade behind" comment. I believe Macs are inherently more secure than Windows because of the Unix foundation, but simple popularity is the larger factor. With Apple's increasing popularity, it was only a matter of time until Mac users had to buy antivirus software. I don't think that day has arrived yet, but it may be as soon as some time this year.

I would add that there is probably a sizeable population of Macs that are not very secure, not because of what Apple has or has not done, but because of the flawed notion that if you just buy the right product, you won't have to do anything because it is a superior product. Security happens by the practices you follow day to day, and the processes you put in place. If you don't put any in place, then you're destined to discover the flaws of your assumptions sooner or later.

Share your thoughts with the editors of this newsletter! Write to Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 05/04/2012 at 1:19 PM2 comments

Office Patch Primed and Prepped

It may sounds scary when I tell you the fixes set for next Tuesday plug 23 holes, but you might feel better to learn there are only seven patches.

Even more calming is the news that only three of the fixes will be classified as "critical", while the other four are merely "important".

The high vulnerability-to-patch ratio is not an anomaly. It's been that way for the bulk of this year.

Perhaps the most pressing patch is for a remote code execution (RCE) flaw in Office. And, as usual, RCE leads the charge, accounting for no less than five of the seven bulletins. The last two are fixes for a popular problem: elevation of privilege vulnerabilities.

This is all starting to sound pretty boilerplate, but please don't become complacent. That's just what the hackers want. Unpatched computers are the devil's playground.

By the way, we recently looked at the last 10 years of Trustworthy Computing and concluded that Microsoft has been working plenty hard. Unfortunately, the bad guys are working just as feverishly.

Posted by Doug Barney on 05/04/2012 at 1:19 PM1 comments

Home Server Hardware Unbooted, Office 365 Booted

I've been writing a lot about Office 365 because it's a work in progress. I want to see how the software is coming along as Microsoft smoothes out some of the kinks. And as many are contemplating the cloud, I want to share as many user experience as possible to help guide your decision.

I've already written a cover story based on the views of over a dozen Redmond Report readers (this is a good-un). Greg Shields wrote on why Office 365 may miss the small biz mark. And Don Jones chronicled his transition to Office 365.

Now Redmond columnist Brien Posey is using Office 365 not just to replace a big batch of on-premise applications running on a big rack, but also a little, old Windows Home Server.

The motivation for the move all came out due to a little crisis: While travelling, Posey's couldn't get to his home network. Thanks, clumsy construction crew.

Hmm, Posey thought, which goes down more: electric power and Internet service in his Ohio neighborhood, or the Internet itself?  May be time to give that cloud a try.

Posey, a seven-time Microsoft MVP, found the migration "process to be extremely tedious."

Despite the grind of getting going, Posey is pretty happy – well, mostly happy. After the transition, he got a lot more spam as he trained Forefront to spot the bad stuff that GFI's MailEssentials knew by heart.

The best thing about Office 365, which is what I also learned from Redmond Report readers, is that all the management tools and techniques you learned for on-premise pretty much work in the cloud. Sweet.

Is this mixed (though generally positive) review spot on? You tell me at

Posted by Doug Barney on 05/02/2012 at 1:19 PM1 comments

Infinite Storage Possibilities

I've always been fascinated by storage. Not the confusing array of tools. Here's a test: Go to the EMC Web site and see if you understand how each and every tool fits in with each and every other tool. Mirroring, imaging, replication, backup (but not true restore), restore (but not true backup), file level vs. block, NAS vs. SAN. Talk about a confusing array of products -- and I haven't even gotten to the arrays.

What I like about storage is its exponential growth and the exponential possibilities. Nearly unlimited storage opens up a world (perhaps a universe) of possibilities. We could digitize our lives. It would be like a TiVo that records our every movement and sound.

But first we have to make the complex world of storage simple. Make saving simple and retrieving easier. Make finding what you find as easy as coming across what you don't.

For more on this subject, check out last month's Barney's Rubble.

Posted by Doug Barney on 05/02/2012 at 1:19 PM1 comments

Doug's Mailbag: 'Dune' Defense

Readers respond to Doug's bashing of science fiction classic "Dune":

I read "Dune" in one sitting when I was in college. Long story short, I had to vacate my dorm room one weekend when the college hosted a series of events at the student union, and I needed a place for a couple hundred co-eds to stay. I served in the security detail that weekend, and had a LOT of free time to kill. So, reading "Dune" was what I did.

That original book was OK. At least it was something different from a lot of the science fiction I had read up to that time.

The books that came after it, however, rapidly devolved into schlock (in my opinion). It became a regular franchise, with several sequels written by Frank Herbert himself, and others written by his son and a co-author. Frank Herbert died in 1986, but "Dune" and its children lives on.

Don't worry about "Ulysses" and its rep. Gibberish is gibberish, and sometimes the emperor doesn't have any clothes. A lot of modern "serious" music is like that as well.

At any rate, that's what I think...

Shame on you for dissing "Dune", one of the great and original sci-fi classics. True, the sequels and his other writing sucked, but Dune was a magnificently detailed work.

Please don't give up your day job to be a literary critic. So far you're two down.

I loved "Dune". I thought it was a more challenging and interesting than the accessible "Foundation" series. The worst book I had to slog through was "Moby Dick".

I agree with worms (or Shai-Hulud), but the whole "Dune" saga is a masterpiece. I read all 18 books at least once. It is just a matter of taste, like food. Happy reading.

Share your thoughts with the editors of this newsletter! Write to Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 05/02/2012 at 1:19 PM0 comments

Conficker Worm Won't Die

In high school, every hipster doofus had to read "Dune." Slogged my way through 504 pages. Threw it down with 40 pages to go out of pure disgust. I wouldn't give Frank Herbert the satisfaction of finishing this waste of good pine.

The thing I remember from 30-plus years ago is these "Dune" worms were seemingly unstoppable. Just like Conficker. This Windows worm, now nearing its fifth birthday, isn't just old. It also hasn't been seriously updated for two years. Despite the neglect, Conficker remains a major threat, Redmond warns. In the last three years infections have increased 225 percent, and it's on pace to infect 2 million systems in the coming months.

The biggest hole Conficker strolls through is weak passwords. Strengthen these and you're halfway there. Want to be almost all the way home? Keep your systems patched. It's almost that easy and that fundamental.

In general, Microsoft sees threats going down some 30 percent for high vulnerabilities in the half of the last year. I'll take that. Want more, but I'll take that.

I know this item will aggravate a bunch of "Dune" fans, many of whom swallowed all 14 volumes, and for that I apologize. Herbert clearly has more talent in his little find than I have in my entire Periproct. I also happen to hate "Ulysses," considered the best novel ever written. Bah!

Am I wrong to think that Dune is one of the most  overwritten books out there (let's try to keep religion out of it)? Fire up your keyboard and mail missives to

Posted by Doug Barney on 04/30/2012 at 1:19 PM8 comments

Doug's Mailbag: Online Storage Preferences

Readers share what they like and dislike with services provided by Dropbox and SkyDrive:

My mother is not one with whom you would typically relate as a tech-savvy person. She would always complain to me when one of my portable hard disks would not show up on her computer or when she had to connect the same drive to every single laptop to view the pictures of my marriage.

Though she is not technical, her requirements are indeed ones that would give Bill Gates a run for his money. She asked me whether there is some way by which she does not have to bother about connecting the portable hard disks to each and every laptop because that was too laborious. In addition, not really understanding, how hard disks worked, she connected the hard disk to the laptop and wondered why these pictures won't show up on my Galaxy Tab or iPhone.

With more than 200 GB of data, I knew that SkyDrive and Dropbox were not the solutions for me, therefore I ended up buying the Western Digital Live. It is a cloud storage service for home where you connect the HDD to your router. The HDD obtains an IP address and you are able to connect to the NAS from device on the network. WD also provides with an application that enables you to view pictures or data from your HDD to your tablets or smartphones. Also, I am able to share my HDD as a URL link with anyone on the network to connect to it remotely. Of course, it is password protected so not anyone can read information off the drive. I connect to the NAS from my work and from the library over the WAN, and the connectivity is very decent.

I've been using Dropbox for about a year now and through referrals I have been able to keep ahead of my storage space requirements pretty easily. I believe it recently increased the total amount of free space you can earn to 18 GB. The Windows client and iPhone client works well, so unless I have a big incentive to try something different, I will probably stick with Dropbox.

Check what happens with your billing when you finally do exceed your limit on dropbox, and then let me know which is the better deal.

Share your thoughts with the editors of this newsletter! Write to Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 04/30/2012 at 1:19 PM0 comments

Apple Security Myth Busted

Many of us are under the impression that Macs are inherently far more secure than Windows PCs, which is why I've bought no less than six Macs for my 4 kids -- even though they cost three times as much as an equivalent PC. I can't be bothered reinstalling Windows every six months, not to mention the time a horrid virus blasted my eight-year-old son with vile, unstoppable pop-ups -- pop-ups that would make Bob Guccione blush.

A theory on why Apple is safer is that there are fewer Macs to attack, so hackers don't bother. And the bad guys simply don't hate the Mac like they do Windows.

Eugene Kaspersky, founder of the security company that bears his name, apparently believes the latter. Now that hackers are taking aim at the Mac, these machines may be more vulnerable than their acolyte owners believe. They may even have to cough up for some security software unless Apple builds it and maintains it for them free like Microsoft now does with Security Essentials.

It may be that Kaspersky is trying to seed the market for Mac security software (his company does has a $40 antivirus package for the Mac), but I think that market will happen or not with or without Eugene's assistance.

First, he sees attacks on the rise and feels it's inevitable that the Mac become a major target.

While Apple does provide updates, it is over a decade behind what Microsoft does with Patch Tuesday, and here's a personal note: A decade ago, Microsoft chairman Bill Gates declared the Trustworthy Computing Initiative. If there's one thing Gates rarely or ever did, it was give lip service. And over the last 10 years, in my opinion, Microsoft has done anything but give lip service to security.

In fact, Kaspersky believes Apple needs to spend the kind of time Microsoft takes checking code for security problems. "Welcome to Microsoft's world, Mac. It's full of malware," Kaspersky says.

In my heart of hearts I've believed that Mac's OS, having been built on a Unix/Mach kernel, was more secure. Now I must rethink that notion. As usual, my ultimate conclusion may rely on the wise counsel of you, the Redmond Report reader. What say you? Spill it at

Posted by Doug Barney on 04/30/2012 at 1:19 PM9 comments

Security Essentials Turns 4

I have a lot of old computers laying around. If something works, I just can't throw it away. In fact I am still trying force myself to toss out a Win 95 laptop. It doesn't have wireless (and doesn't even have an Ethernet port) so this thing is a Internet-less block of plastic and silicon. But it works, and I'd have to pay a dump or find an electronics drive to get rid of it. And it's my only machine that reads a 3.5 inch floppy.

For this artifact, a new version of Microsoft Security Essentials is, as Dr. Evil might say, inconsequential. For the decade-old XP box my five-year-old Kiley uses to play Candy Land (which is already well-protected by Security Essentials), version 4 of the software is of no consequence to her.

Kiley is old enough to have mastered XP, the iPhone, iPod touch and Nintendo DS (and, of course, the Comcast DVR controller) but she may not fully appreciate the fact that the free Microsoft tool now has the Active Protection Service, which used to be called SpyNet (a far cooler name). This service alerts Microsoft the moment malware is found so researchers can be constantly apprised.

There is good news and bad news for Microsoft. Because it is free and from Redmond, Security Essentials is number 2 tool in the U.S. market.

The bad news? An anti-virus researcher says Microsoft came in last out of 15 tools tested, finding little more than 93 percent of all issues.

Do you use a free AV tool? What are the goods, the bads and the uglies? You tell me at

Posted by Doug Barney on 04/27/2012 at 1:19 PM2 comments

Next Win 8 Test Set for June

Wondering what to do this summer? Tired of fishing for stripers, writing the great American novel or spending time with the fam? Why not play with the release preview of Windows 8? What could be better than using your own time and expertise to help Microsoft debug this OS so it can make untold billions? And with the sorry state of laptop and tablet screens, you won't even have to worry about getting one of those pesky tans while doing Microsoft this favor.

Recently I complained about Microsoft willy-nilly attitude about changing product names. It isn't just products. This lunacy also extends to beta testing, which, as you know, is no longer as simple as just alpha and beta. In this case, Microsoft in June will deliver the release preview (which it used to call a release candidate).

Both terms, barely different, mean the same thing -- the features are essentially locked and will be fully loaded once all the bugs are fixed. In the case of Win 8 it should be late fall or thereabouts.

Meanwhile, to keep us all confused, Microsoft decided to formerly name Windows Server 8 Windows Server 2012. I'm starting to think it is  just messing with all of us!

Does Microsoft purposely make its product names hard to track so we have no time to even think of the competition? Send your best guesses to

Posted by Doug Barney on 04/27/2012 at 1:19 PM2 comments

Call for TechEd Stories

This June is the 20th edition of TechEd. The June issue of Redmond magazine will preview this year's show. We'd like to hear from you about your past experiences, and what you're looking for at this year's show.

Reach out to me directly at

Posted by Doug Barney on 04/25/2012 at 1:19 PM0 comments

The SkyDrive Is Falling

This week Microsoft made its SkyDrive cloud storage service better -- then made it way worse. First, the good part: You can now upload folders and bigger files, files as huge as 2GB. The bad news: New users can only upload three of these puppies, as the new limit for the free service is 7GB, down from the formerly generous 25GB.

Compared to Google Drive, SkyDrive is downright roomy. Google only offers 5GB on the house.

In both cases the vendors hope you'll fall in love, run out of room and pay for the premium service. And if you're an existing SkyDrive user, you can upgrade now and keep the original 25GB.

As for me, I'll stick with Carbonite for backup and DropBox for file sharing.

What do you use for remote file access, synchronization and so on, and are thumb drives as passé as Bartles and Jaymes wine coolers?

Answers welcome at

Posted by Doug Barney on 04/25/2012 at 1:19 PM6 comments

Office 365 Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.