Home > Apple, Idiots > BREAKING: Gruber misses the point.

BREAKING: Gruber misses the point.

Gruber put up a post titled “Wolf!” the other day, wherein he quoted a bunch of folks, from 2004 onward, stating that Apple’s era of relative freedom from security threats would soon be over. The implication moptop’s going for is that people have been gleefully calling for the end of the Mac’s freedom for years, and been wrong, so they will continue to be wrong forever.

First, if you’ve read any of Gruber’s posting, him poking fun at someone else trying to rub a person’s nose in anything is ironic in the extreme; Daring Fireball is nothing if not an exercise in the cult member angrily trumpeting his superiority at having picked the one true faith. It’s an angry blog.

Second, Gruber’s wrong. Shockingly. SHOCKINGLY. Yes, the threat of Malware on Mac has been one that hasn’t, to date, materialized in a large way. But so what? The quotes he provides from these articles aren’t wrong; people ARE making more attempts to crack into the Mac as it gains popularity, and Malware IS becoming more of a threat for the thing. And Mac users DO act all superior about the fact that they don’t have to worry about viruses and other threats. And his own predictions about not just the continued marketshare increase for the Mac, but the continued decrease of marketshare and prominence of Windows means that now, more than ever, people will be using these mobile devices, and it’s not like these malware producers, whose livelihood is based on building malware for either themselves, or organized crime, are going to change their profession because iOS has such a wonderful polish to it.

The Mac isn’t some perfectly secure thing. Nor is Safari. Mac is easily hackable, and every year at the PwnToOwn contest, where hackers crack into browsers for money, Safari — used quite a lot on the Mac — is always the first to fall. And Safari’s on iOS. And is crackable. And Apple has sold 100 million of the devices. And hackers go where the money is. And Mac users are sold security as a benefit of the platform, meaning they’re less on the lookout for threats than PC users are.

Here’s the thing: Gruber is saying that these folks have been calling for the end of Mac safety for years and are wrong because they’ve been wrong so far. This is a logical fallacy, as past performance isn’t a guarantee of future performance, but what kind of Mac devotee — which is what Gruber is — can’t appreciate the value of being forward thinking? Gruber, like so many others, spent YEARS in the wilderness saying “The Mac is superior and one day, ONE DAY YOU WILL ALL SEE.” He’s spent a sizeable chunk of his life spreading that message, and is now able to say “SEE, I WAS RIGHT ALL ALONG, YOU PC-LOVING TWATS!” How, exactly, is that different from security experts saying “The Mac is insecure and one day, ONE DAY YOU WILL ALL SEE?”

Is Gruber too drunk on imagined power to see his own inconsistencies?

Shut up.

Advertisements
Categories: Apple, Idiots Tags: , , , ,
  1. Stu
    May 6, 2011 at 10:03 am

    Surely, by calling the post “Wolf!” Gruber is not saying he thinks that the warnings about Mac security “will continue to be wrong forever”, but that years of overblown speculation on the part of journalists will make Mac users less likely to recognise a genuine threat when it eventually arrives.

    The boy who cried wolf was right in the end, after all – the moral of the story was that nobody took him seriously when the actual threat came.

    • May 6, 2011 at 1:22 pm

      I get what you’re saying, but the way he’s stacked those quotes, he seems to be saying that since these previous issues turned out to be nothing, so too will this one.

      And while, yes, the boy was eventually right, I think Gruber’s referencing the period before that: where the boy keeps yelling wolf when everything’s safe, and we can ignore him.

  2. wolfman
    May 6, 2011 at 10:08 am

    Wolf!

    Seriously: Gruber doesn’t say anything what you are interpreting, he’s quoting. His piece seems to be more about the fact that while the question of making money from malware for the Mac platform is still open, making money from spreading FUD about the immediate apocalypse has been a viable business model for some time now.

    • May 6, 2011 at 1:20 pm

      So you know my interpretation is wrong because you think your interpretation is right?

      • wolfman
        May 6, 2011 at 1:39 pm

        I think my interpretation is right and your interpretation is wrong. Duh!

  3. Darwin
    May 6, 2011 at 10:29 am

    I don’t find his blog to be angry at all.

    I’m a security Architect for a very large global financial institution and developed security processes and architectures for some of the best known companies you might find. I’ve also been using Macs since 1984.

    The idea that Macs are secure through obscurity is ignorant. Prior to OS X there were plenty of virii for Macs. OS X is much more secure. The reason there is so much malware for Windows is because it is so easy to do. Thats why they call them script kiddies. A slight modification of an existing exploit and boom you got another virus or malware and it slips right through Windows wide open defenses. Like most Unices OS X is much harder to penetrate. Thats why there aren’t many exploits. Most of the people yammering about Mac security threats are either companies that sell security products, bloggers whoring page views, or snarky commentators.

    • Barney
      May 6, 2011 at 11:49 am

      You are correct. As for people yammering about Mac security, file this one under “clueless”.

    • Chlorus
      May 6, 2011 at 8:49 pm

      How the fuck does it ‘slip-through’? 90% of this malware is of the user-tricked-into-downloading variety. Does OS X have a magical capability where it outright forbids you from running downloaded software? And what wide-open defenses might those be? OS X ships with no firewall enabled by default, Apple is slow as hell patching holes(they had a PHP hole for the better part of a year), you can nuke applications without it even prompting for admin rights. Not to mention still no ASLR, or the fact its consistently the first OS to be compromised at pwn2own. And not many exploits? Do you even know what platform the original rootkit was for? I’m so fucking tired of this “UNIX is InherentlySecure™” bullshit.

      Whatever firm you work for, you’re overpaid.

  4. Lawrence Velazquez
    May 6, 2011 at 11:33 am

    Jeez, you and Arty McStrawman must be best friends, Walt.

    I see nothing in Gruber’s piece suggesting that he thinks that OS X is unhackable, or that security weenies at conferences in fact don’t crack OS X regularly, or that OS X users should feel free to use their computers recklessly. If you’d ever read any of his previous posts on the topic, you’d know this.

    The point of Gruber’s piece is that pundits have been crowing for years and years that the sky is falling for real-world OS X safety, and it hasn’t happened yet, so there’s no reason to panic because of the latest FUD. This doesn’t mean OS X will be safe forever; it means to come back when there’s some legit, in-the-wild malware going around that normal people actually have to worry about. Security people already know what could happen (it’s their job), but that doesn’t mean the rest of us have to flip out yet.

    And in a very real sense, all the cries of “Mac is gonna be hacked any day now” are incredibly counterproductive. Every time some security firm widely publishes a missive about theoretical security problems, it turns out to be overblown, increasingly spreading a feeling of invincibility. All the cries of “Wolf!” are leading people to take the warnings less and less seriously.

    But never mind the fact that there’s no real-world, in-the-wild OS X malware yet. I must just be another Apple fanboy.

    • May 6, 2011 at 1:11 pm

      The very first article Gruber quoted, which is by Ed Bott, speaks of Malware created for Mac OS. Did you not read the piece?

      • DLG
        May 6, 2011 at 3:11 pm

        Many of them stated credible threats in the articles. Not just the most recent one.

        Many of them also suggested that Apple users live in ignorance of virii.

        Well considering the very large bot net zombie armies of windows users, I would have to say that ALL users live in ignorance of virii. They put on their placebo of some Norton/Symantic solution , but then grandma downloads some program and its off to the races.

        The idea that Apple at 5-10% of the market is the easiest target is ridiculous. The easiest target for real abuse is the centralized storage and processing where entire companies rely on a single source for security support. Thats the ecosystem that is developing to attract hacking. Crack Amazon/Google/Sony/Microsoft. Why bother cracking someones PC. Their stuff isn’t ON their PC.

  5. May 7, 2011 at 7:43 am

    wolfman :

    I think my interpretation is right and your interpretation is wrong. Duh!

    My interpretation is more valid, because I’m Walt Mossberg, goddamn it!

  6. May 7, 2011 at 7:45 am

    DLG :

    Many of them stated credible threats in the articles. Not just the most recent one.

    Many of them also suggested that Apple users live in ignorance of virii.

    Well considering the very large bot net zombie armies of windows users, I would have to say that ALL users live in ignorance of virii. They put on their placebo of some Norton/Symantic solution , but then grandma downloads some program and its off to the races.

    The idea that Apple at 5-10% of the market is the easiest target is ridiculous. The easiest target for real abuse is the centralized storage and processing where entire companies rely on a single source for security support. Thats the ecosystem that is developing to attract hacking. Crack Amazon/Google/Sony/Microsoft. Why bother cracking someones PC. Their stuff isn’t ON their PC.

    A lot of Mac users live in prideful ignorance of their freedom from danger, clucking about every goddamn place that there’s never anything to worry about. In this week’s MacBreak Weekly, which Gruber was a guest on, they talked about the new malware threat, said it’s something to be concerned about, then immediately said it wasn’t anything to be concerned about.

  7. NoOneInParticular
    May 7, 2011 at 7:58 pm

    http://www.macstories.net/news/inside-apple-reveals-steve-jobs-anecdotes-apples-little-known-facts/

    You officially, on record got called a friend by Jobs.

    “Mossberg, our friend, is no longer writing good things about us.”

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: