MAC equals NO Virus...?????###%$&^%*&^(

i am really sick of ignorant people saying that the Mac OS is a more secured operating system because there are no or very few virus. Yes, granted most of these idiots who state such craps are non-techies and have no clue what they are talking about.just last week, we conducted a class in one of the countries in the neighbourhood. these was, obviously, a security class and the students in the class (should) obviously have basic technical (security) knowledge and yet they asked why does computer viruses not attack Mac machines. i have never seen Nagy put up such a diplomatic act of answering such questions.going back in time. 6 weeks ago, a scrawny looking and obviously brainless news anchor lady in the singapore morning news magazine show was bragging about how cool her new Mac laptop was . she told her co-host how she struggled between a Windows based OS laptop and a Mac laptop, and finally decided on the Mac because Mac will not be infected by any computer virus. this was on national TV. my entire day was messed up!and then, couple of hours ago, i was on an aircraft going to seoul to attend POC. i was reading Business Week article titled " Can Apple Spoil Microsoft's Day?" in that article, it was stated that to throw a wet blanket on Windows 7 launch, "Apple plans to hit those computer buyers with advertising aimed at luring them to Macs. It will make the case that Macs are less susceptible to viruses and are best suited to its popular iPods and iPhones."this is horrendous. all these marketing guys/gals who have no idea what they are talking about and yet many stupid enough people buy into all these mumbo jumbo.there are primarily 2 reasons why Windows based PCs are more prone to virus attacks. the very first computer virus was written on DOS (disk operating system) which Windows is based on and there is that legacy there. secondly Windows is found in over 90% of the PCs in this world and why would a virus writer want to create a virus that has no impact. duh....really this Mac is more secured bullshit needs to stop.

Gatekeeper and ProtectedView

I am in microsoft campus right now attending BlueHat v9 and had just finished the presentation by Tom Gallagher and David Conger. They just presented on microsoft's distributed fuzzing framework and mentioned about File Block, Gatekeeper and Protected View. Microsoft is really big on fuzzing now and has created this mammoth Distributed Fuzzing Framework (DFF) to help detect bugs, and it is producing good results. At the same time, they have now introduced File Block (which was originally introduced in office 2007), Gatekeeper and Protected View to make Microsoft Office a whole lot safer. For those of you who are aware about MOICE, Protected View is an updated version of MOICE, which is a sandbox for Microsoft Office. Protected View is cool in that it will open all documents originating from the Internet in a contained environment, allow user to read the document and decide if they can trust and edit that document. This is definitely a big step forward in subverting targetted attacks. If you are keen to find out more about Protected View, you should read more about it at Windows Seven Forum.

Finally..i'm blogging

after sitting on my butt for the longest of time, i have finally decided to start logging....just when blogging is no longer the cool thing to do anymore. it took me a lot of courage (and whiskey) to decide to blog as i really have no idea what this will lead to...and also because ben thinks blogging is so web 2.0 (his euphemism for lame).

as a start i'm just going to pen down my thoughts on some recent developments happening in singapore.

a couple of weeks ago, the singapore government announced the formation of SITSA (singapore infocomm technology security agency) as the authoritative government agency responsible for security regulations and enforcement in every sectors of the economy except for telcos and financial institutions. i will touch on these 2 other sectors next time.

i think sitsa is a wonderful idea but too late in the coming. for the longest of time, that three-letter named agency responsible for IT security matters in singapore has been doing absolutely NOTHING as far as real security is concerned. in fact, singapore is in a relatively sorry state of security awareness and culture (relative to the region within a 7 hours flight radius) because of them. according to these people, hacking is bad, a taboo....like masturbation....it should not happen and we should not talk about it at all. i shall not go on lest i break the keyboard.

i hope sitsa will change the whole security environment in singapore and have the other 2 agencies regulating telcos and financial institutions play catch-up. hopefully we will not be the estonia of southeast asia before people starts taking security seriously. like what my old man always said....its too late to start looking for the toilet after you have soiled your pants!

i'm off to lunch now...till then.