Windows has released their latest mobile operating system and it looks pretty promising. The native push technology (like Blackberry) was particularly nice. Good job, guys. You have to love anything that will inspire competition.

The following is a chart of the top ten operating systems used to view my site in 2006. As you can see, Linux and OS X are doing well, but not as nearly as well as Firefox is doing against Internet Explorer.

This is a ginormous electronic billboard right in the middle of Times Square.

Yeah, that’s a Windows error there — right in the middle of the rainbow. I don’t know for sure if the box is actually running Vista, but either way — it’s a Vista advertisement with a massive Windows error on it. They make me sad.

With the new release of Microsoft’s Vista operating system, many are considering their upgrade path. Is it time for a new PC? Should I wait for Vista? What’s this Mac stuff all about? In this article I’m going to put forth a very simple argument, which essentially boils down to this:

For anyone wanting to perform basic computer tasks such as browsing the Internet, checking mail, writing papers, and working with photos and movies, you should strongly consider what Apple’s OS X has to offer before making a move toward Vista.

When someone talks about how much they enjoy their “computer”, they’re mostly talking about how well their operating system handles these core activities. It’s also important not just be able to perform these functions, but to be able to do them in a consistent, worry-free fashion. In this article I’m going to give a few reasons why I believe OS X accomplishes this better than Vista.

** By the way, I am an MCSE and happen to respect and enjoy a number of Microsoft’s products.

1. Interface

While the Vista interface has definitely seen some improvements over XP, they are mostly in the realm of visual enhancements. They didn’t seem to focus on making things more intuitive — but rather more on making the same basic workflow in XP look better.

Apple’s approach to designing a desktop is very different. They take user interface quite seriously, and the focus with OS X is to create an experience that people instantly feel comfortable with. Have you noticed how passionate people are about OS X? They often can’t resist telling others about how much they love their computers, and this is in large part due to the intangible connection you develop with the OS itself.

Quite simply, OS X gets out of your way and lets you work. The difference between this and Windows is very hard to describe to someone who’s not experienced it, but trust me — you’ll love it.

2. Fewer Security Issues

Debates have raged on for years over why OS X hasn’t been attacked as successfully as Windows. The arguments basically break down into two categories: design, and marketshare. Those in the design camp feel that OS X is designed better, which provides a smaller attack surface to hackers. The marketshare group thinks it’s just because there are fewer Macs, which makes it a less desireable target.

Since I’m an information security consultant who uses both OS X and various flavors of Windows on a daily basis, I’ve dedicated a bit of thought to the matter. The answer in a nutshell is that both views are correct.

I believe OS X to be more secure overall for a number of design-oriented reasons (not the least of which is being based on FreeBSD), but an ever larger percentage of its excellent record comes from not being much of a target compared to Windows. The bottom line, however, is that it doesn’t matter what the reason is. As it stands now, if you use a Mac you’re simply not going to have to worry about being plagued by viruses and spyware like in Windows. This means you spend more time doing what you want to do and less time fixing your computer.

3. Stability

Stability is one of OS X’s absolute strengths. If you use Windows regularly, how often do you have to restart your computer? Quite often, I know. On a Mac you will hardly ever have to compared to on your Windows system, and this isn’t likely to change much with Vista (now with ~50 Million lines of code).

OS X is designed beautifully, with much of the system being protected from tampering by both malicious software and well-meaning but ill-informed users. Mac owners can go for months without needing to restart their systems. And this is with hundreds of applications being opened and closed, being put to sleep and awaken repeatedly, etc. Again, the credit here goes to the Unix core of OS X.

Conclusion

The time of the Mac and OS X is upon us. Vista took 5 years to make and ended up being little more than a collection of graphical enhancements to XP that require most to buy a whole new PC. In fact, many of Vista’s features were obvious copies of Apple’s ideas (watch the video). Even the current version of OS X is arguably more advanced than Vista, but the next version is going to be absolutely amazing. Here’s a short list of features coming soon in Leopard.

• Time Machine
• Mail 3
• iChat
• Spaces
• Dashboard
• Spotlight

(I also think Apple is about to reveal a number of secret features now that Vista has been released)

Seriously. I made the change to OS X two years ago, and I’ve never been happier with a computer. Plus, if you go buy one as a result of this article, I’ll give you some free email help to get you on your way.:

I know you don’t believe me, as we’ve had this conversation before. But there will come a time in your life when you will grow tired of fixing your tools. This will likely lead you to Windows or OS X — both of which, if you avoid tweaking, offer much more stability through updates and patches than Linux desktops do.

So again, let me restate my blasphemous claim:

Linux desktops are currently still for hobbyists and tweakers, i.e. those who enjoy tinkering constantly with the very platform that they work from. Those who wish to actually *work* — in an uninterrupted fashion through multiple, major updates — are left with the options of either installing an extremely stable, non-cutting-edge distribution and not updating any pivotal packages, or going with an alternative operating system. In short, I equate “fixing” my operating system with “repairing” a hammer: I might do it once, but the second time the head pops off while I’m trying to work — it’s getting replaced.

I know a number of Linux desktop fans that consider Windows and OS X to be the “dirty” options for a number of reasons, but virtually every time I speak with them I get another reinstall story. They’re constantly repairing this or that in order to get the experience they want. And again, if that’s what’s fun for them, and they enjoy hacking their system and making cool new features work, then that’s awesome. In that case I think Linux is the ultimate desktop.

But for those who just want to work, I find that even my friends who love the Linux desktop more than anything are constantly frustrated with it. You take something like Ubuntu — it’s designed from the ground up to be a stable desktop. I have a friend that uses it and complains constantly about the fact that if you update it enough it breaks. The solution, if you want stability from it, is to basically not touch the thing and wait for the next version to get new features.

So from me to you, I ask you to probe your own thoughts on the matter. Do you want to use your system as a transparent tool to accomplishing something, or do you want your system to be in the forefront — constantly requiring your attention because this feature isn’t working right, or that part just broke after an update? If the answer is the latter, I’ll just shut up, because that’s obviously perfectly legitimate. But if it’s the former I ask you to take another look at your OS choice on the desktop.

I know a guy who’s been doing hardcore C programming for 25 years, and is an absolute Unix GOD — but he uses Windows for his operating system. Why? Because he has work to do, and he doesn’t want his OS getting in the way.:

– Edit: I probably should have pointed out that I am an avid Linux advocate. I am a member of the Free Software Foundation and give to my distro regularly. The site you are looking at is running on Gentoo, actually — a distro I’ve been using since 2002. At work I use Ubuntu Linux as my primary operating system, and while I’m no super-guru, I’m decently versed in Linux in general. In short, my comments come from a familiarity and love for Linux, not from some random troll world.

…he was waiting for Microsoft to have their fun with Vista. Only then will they reveal what they’ve really been doing with Leopard. It’s like poker, you want to be the last one to act.

I expect a repeat of what happened with the iPod and the Zune:

Microsoft: And we present to you the Zune! Now with a wannabe iPod interface! Apple: LOL, we’re doing touch-screens, dumbass. Nice wheel, though…your idea?

So my thought is that Apple is waiting to spring another identical trap on Microsoft. Notice how quiet they’ve been about Leopard for all this time? Nothing at MacWorld — nothing since then. They’re letting Microsoft have its day because they know precisely what Vista has to offer. Steve has all the information and is basically setting them up for complete failure.

As soon as the buzz dies down from Vista, they’re doing to bust out with their equivalent of what the iPhone was to the Zune. In other words, something to make all the Microsoft fanboys who just bought Vista say, “Damn, I hate Apple…Why couldn’t Microsoft do that!?! I should have bought a Mac…”

I don’t know what Apple’s going to do with Leopard that’s going to make Vista look silly, but I have a very strong feeling it’s going to be something major in the UI arena. Hell, I just hope it involves replacing Finder.:

With Apple OS X’s surging popularity many are wondering how vulnerable Apple’s OS X operating system is relative to Windows. You essentially have two sides — one saying that it’s inherently more secure (and hence less successfully attacked), and the other side saying that it’s only because of marketshare that fewer issues have surfaced.

A Model

I think I have a model for explaining the interaction between these two theories. Essentially, OS X has issues just like FreeBSD, Linux, Windows, or any other OS does; the issues just haven’t surfaced yet because of the lack of interest in exploiting such a small user-base. Where people go wrong, however, is assuming that it’s going to get as bad as Windows has been. It won’t.

Conceptualize this as if there are two ratings — one is the potential for attack, and the second is the degree to which the potential has been actualized.

So let us say that Windows has a 100% potential with an 50% actualized. In other words it’s highly vulnerable and has been and is being exploited considerably within that potential. OS X, on the other hand, has a much lower potential — say in the 30% range — but it’s seen virtually no exposure due to the lack of interest from attackers (due to limited marketshare). I’d say it’s actualized rating is around 5%.

The Future

What this means is that over the next year or so you’re going to see a massive increase in the flaws found in OS X due to the exponential increase in its popularity. Notice that using my model and numbers this means that OS X has 25% of its vulnerability potential untapped, whereas Windows (XP, 2003 Server, Vista, Longhorn Server, etc) has a full 50%.

The key here is that we’ve seen 50 points of vulnerability and exploitation activity come from the Windows side, while we’ve only seen 5 points from OS X. But as OS X becomes increasingly popular it’s numbers are going to spike radically.

Notice that OS X’s numbers can triple and even quadruple and still remain within its vulnerability potential. To the public this will seem to indicate it’s just as vulnerable as Windows, but in reality it will simply indicate how few OS X flaws have been previously discovered.

So, all the Mac zealots who think their platform is invulnerable are in for a violent awakening. But at the same time, the loyal Windows disciples are equally wrong if they think OS X is going to end up in as bad of shape as 2000, XP, or even Vista.:

I’m back on Windows Mobile 5 on a Cingular 8125. If you guys know any “must have” apps, do let me know.

One of the most important concepts in computer security is “knowing thy system”. This essentially means that in order to be able to protect something you need to have some idea of what it’s doing and/or how it works.

Your computer’s connections to the outside world is among the most important information you can have about your system. In addition to what connections are currently established, you also want to know what ports your computer is “listening” on, or in other words, what ways other systems are able to interact with your computer.

Below I’ll cover how to see who your Windows or Linux computer is currently talking to, and the ways your computer is willing to talk through open, listening ports.

Ports

There is often some confusion about what network ports are, and what it means for them to be “open”. Think of network ports as spring-loaded windows on a house. So if someone doesn’t actively hold the window open, it’ll shut automatically and remain closed until it’s opened again.

If a port is open, it means there’s someone (an application) in the window waiting to speak with someone outside the house. Imagine that each open window has a midget in it, and each midget is waiting to have a certain type of conversation with an outsider. If it’s port 25 that’s open on your machine, then you’ve likely¹ got an email midget in the window waiting to process mail for you. If it’s port 445 that’s open, you’ve probably got a Windows Networking midget in there waiting to send and receive files, etc.

The important thing to remember is that when you see a port open on your system, it’s because something opened it. Remember, if there wasn’t a midget in the window it would just close by itself. The issue then becomes finding out what program opened the port, and whether or not it’s legitimate.

Windows

Windows has a built-in tool called netstat that can show a decent amount of information. If you just have a quick question about a certain port you can use it right from the command line and avoid using a third party application:

netstat -an | find "LISTENING"

TCP    0.0.0.0:135          0.0.0.0:0            LISTENING
TCP    0.0.0.0:445           0.0.0.0:0            LISTENING
TCP    0.0.0.0:1049          0.0.0.0:0            LISTENING
TCP    0.0.0.0:9000          0.0.0.0:0            LISTENING
TCP    0.0.0.0:33333         0.0.0.0:0            LISTENING

You want to take note of the red portions: those are the ports that your system is listening for connections on. You can do the same thing and search for established connections as well:

netstat -an | find "ESTABLISHED"

TCP    1.2.3.4:4095          66.102.7.99:80          ESTABLISHED
TCP    1.2.3.4:8324          209.73.177.115:25       ESTABLISHED

Here were seeing the systems we’re currently connected to, and which the ports the connections are using. Notice that the colon “:” is used to show an ip / port pair. So this is showing that we (1.2.3.4) are connected to Google (66.102.7.99) on port 80 — which means we are browsing the Google website.

Tcpview

For those that want more information about their network connections and/or are graphically inclined, there’s a free tool called Tcpview that’s a must for any serious Windows user.

Tcpview allows you to view, in real time, the connections that are open on your system. Not only does it update constantly as connections spawn or die off, but it also shows you what program is responsible for opening a given port on your system. [For those bent on command line kung-fu, you can get similar functionality from netstat -anb]

Linux

Being a Linux/OS X guy myself I would deserve a good pumelling if I didn’t show how to get similar information from a *nix system. The best way to do this is with the lsof command:

lsof -i

COMMAND  PID USER   FD   TYPE DEVICE SIZE NODE NAME
dhcpcd  6061 root    4u  IPv4   4510       UDP *:bootpc
sshd    7703 root    3u  IPv6   6499       TCP *:ssh (LISTEN)
sshd    7892 root    3u  IPv6   6757       TCP 10.10.1.5:ssh->
192.168.1.5:49901 (ESTABLISHED)

Using lsof you can ask to see only TCP or UDP connections, only connections to a certain host, only connections using a certain port, as well as a ton of other options. Here are a few examples:

lsof -iTCP // only TCP lsof -iUDP // only UDP lsof -i :22 // involving port 22 lsof -i :@attacker.com // connections with attacker.com lsof -i :1.2.3.4 // connections to 1.2.3.4 lsof -i :mail.com:25 // connections to mail.com on the SMTP port lsof -i | grep LISTEN // see what’s listening lsof -i | grep ESTABLISHED // see what’s established

Conclusion

Knowing who your system is talking to (and who it’s willing to talk to) is crucial to your overall computer security. Using the short guide above you can now gather this information in both Windows and *nix environments.:

– ¹ Not true in all cases.