Now to get this out of my daily email…..
But it does point out the fact that all my normal patch managment tools that I’m used to are no longer of help to me on the Mac platform. Shavlik can’t patch it, nor can WSUS, and the Secunia inspector that looks for third party software vulnerabilities doesn’t run on it.
I hear you saying “But Susan, it doesn’t get viruses.” No, it’s not that it doesn’t get virsues or doesn’t have vulnerabilities, it’s not targeted at this time for viruses and vulnerabilities given the fact that the marketplace of the bad guys go after the 90% marketplace. It still has a browser. It still has a stupid user that can be tricked by social engineering. It still is running as an administrator with admin approval because even though the Apple documentation says to build a standard user account, I’ve been too lazy to figure out how to do that. Dan Geer once argued that monoculture is a bad thing. That the key was to watch nature and have genetic diversity. But at the same time, one cannot put a blind eye to the fact that diversity also means complexity. I’ve lost my control, my management because I don’t have the bandwidth (nor in some cases the budget) to have the tools needed to control. For one machine do I need it? Arguably not. But one needs to be aware that diversity has a price tag as well.
Branching out and supporting new things has a learning curve. Be prepared to crack open a book and not just expect the answers to be googlable.