This is some incredible stuff. It’s harp; don’t be alarmed. And yes, I still love Lamb of God.

…it’s not Firefox. Other than that, it’s great.

Seriously, though, you can’t do Quick Searches in Camino like you can in Firefox. Until it can do at least that (not to mention extensions and plugins), I simply have no choice but to stay with the Fox.

I mean, don’t get me wrong — this new version of Camino looks really nice, but so does Safari. It, like Camino, simply lacks features — hence my loyalty to Firefox for the forseeable future.

And once Firefox looks as good as Camino or Safari, well…that’s game over.

This is top-notch, folks. Too funny:

Link: 10 Ways Dick Cheney Can Kill You

The time has come to dump Internet Explorer. I know, I know — you may have heard the same thing before from those that think it’s cool to hate Microsoft; but I’m not one of those guys. I’m actually an MCSE and I happen to like quite a few of Microsoft’s products.

Rather than lump me into the Microsoft-basher category, consider for a moment why you use the browser you use, and humor me by entertaining the notion, if even for a second, that switching to another might be worth your while…

Link: Why You Should Dump Internet Explorer

Weird. Germans are not having kids for a number of reasons. Many of them are the reasons I myself am not. And I’m German (American).

1. A child would be too much of a financial burden (47%)
2. I’m still too young for that (47%)
3. My career plans would be hard to fulfill with a child (37%)
4. I haven’t yet found the right partner (28%)
5. I want to have the maximum amount of freedom, not to have to limit myself (27%)
6. I have many interests that would be hard to reconcile with having a child (27%)
7. Children are hard to raise; I am not sure I have the strength and nerves for that (27%)
8. I want to be as independent as possible (26%)
9. I would then have less time for friends (19%)
10. I don’t know if my relationship will stay together (17%)
11. I or my partner would be at a career disadvantage if we had a child (16%)

Not all of those apply to me, but most of them do. Kind of interesting. I’ve been throwing around an idea for quite some time now about this whole issue of having children. I’ll save it for later, though.

Got a new camera; went with the Sony DSC-T7.

It’s über-thin so I am going to be carrying it with me most everywhere now — as opposed to my previous camera that, while it was a good camera, was bulky and had no battery life (using AAs). It was horrible — as in like 30 pictures and some downtime and I’d need another set of AAs. This one uses lithium-ion batteries and I got an extra one that I keep with the camera. I’ve had the thing for like two weeks now and am still on the first charge, so it’s already exceeded my old camera in the life category by multiples of ten.

Anyway, once I get my new Mac and get my photo collection sorted out I’m going to be uploading a ton of stuff to my Flikr account. I’ve still got Scotland pictures to post and a bunch of other miscelaneous stuff.

So here’s to hoping I can keep some momentum going with the photography thing. This new camera should help quite a bit on that front.

Many are debating the question of how vulnerable Apple’s OS X operating system is relative to Windows. You essentially have two sides — one saying that it’s inherently more secure (and hence less successfully attacked), and the other side saying that it’s only because of marketshare that there haven’t been more issues.

A Model

Well, I think I have a model for explaining the interaction between these two theories. Essentially, OS X has issues just like FreeBSD, Linux, Windows, or any other OS does; the issues just haven’t surfaced yet because of the lack of interest in exploiting such a small userbase. Where people go wrong, however, is assuming that it’s going to get as bad as Windows has been. It’s not.

Conceptualize this as if there are two ratings — one is the potential for attack, and the second is the degree to which the potential has been actualized.

Well, let us say that Windows has a 90% potential with an 80% actualized. In other words it’s highly vulnerable and has been and is being exploited nearly to that potential. OS X, on the other hand, has a much lower potential — say in the 50% range — but it’s seen virtually no exposure due to the lack of interest from attackers (due to limited marketshare). I’d say it’s actualized rating is around 5%.

The Future

What this means is that over the next year or so you’re going to see a massive increase in the flaws found in OS X due to the exponential increase in its popularity. Notice that using my model and numbers this means that OS X has 45% of its vulnerability potential untapped, whereas Windows only has 10%.

This doesn’t mean it’s more vulnerable — only that more of its vulnerability is yet undiscovered and unexploited.

So, all the Mac zealots who think their platform is invulnerable are in for a violent awakening. On the flip side, all the Microsoft disciples who think OS X is about to be rocked the same degree that Windows has been are equally off track.

As with most debates, the extremes seem to have major issues with their arguments. The truth always ends up incorporating elements from both sides and falling somewhere in the middle.

Fyodor, the author of Nmap, was just interviewed on SecurityFocus about the recent release of Nmap 4.00. He touched on a number of cool features that this major release has brought, and I thought it’d be worthwhile to make a list of the improvements.

These sorts of lists are helpful for me when trying to incorporate new functionality into how I currently use a tool. So, here’s the short overview:

• A rewritten scan engine makes it far faster and more memory efficient.
• Can now send raw ethernet frames — which allows it to attain full functionality on Windows XP SP2 systems that don’t have raw socket support.
• New ARP scanning and MAC spoofing capabilities.
• Far better documentation.
• Version detection vastly improved (including a threefold increase in the size of the signature database).
• You can now do runtime modification of scans, i.e. you can press enter during a scan to get an estimated time to finish, or press "v" to switch to verbose mode. Very cool.
• Major improvements in scanning multiple hosts and multiple ports on each host simultaneously.
• Parallel DNS queries.
• The addition of “port scan pings” that allow for improved performance vs. firewalled systems.

Overall, this release just looks incredible. I’m highly enthused about it (have already compiled it on my Mac), and look forward to using these new features. Oh, and for a complete list of changes, be sure to check out the changelog.:

There’s an interesting article over at SecurityFocus about a security guy running OS X who got cracked into at Shmoocon. The scary part is that he still doesn’t even know how the attacker got in.

So just a reminder — no OS is flawless…and being arrogant about your supposed invulnerability is precisely the worst thing one can possibly do.

And remember, I’m a big OSX fan. It’s not the fan part that gets people in trouble — it’s the fanboy part. People need to keep their perspective even when they love a particular product — as I do OS X.

Over the next few months, as OS X gets more and more popular, and as more and more attacks are found, I want to see how Apple reacts. I don’t much like their current approach to security; they’re too quiet about it. I’d like to see more of an open approach to the whole thing, and I hope that’s where they head as things start to heat up.

In other words I want to see a Mozilla approach rather than, say, an Oracle approach. As weird as it sounds, coming from a security guy, Microsoft’s current approach is a very good one. They are facing the problems head on, and I applaud that. Now if they could just stop the FUD campaigns agains Linux I’d have a lot more respect for them.

Hopefully Apple won’t go down that same path of throwing stones and calling names while being no better off themselves.

http://www.slate.com/id/2135499/