Apple... is it going rotten..?

You can't see the relevance between my post and Podie's? I'm sorry if I dared to stray from the sacred, unshakable theme of his thread. I will await punishment.

Not following. You spend £600 on a new phone over a 2 year contract or so, but can't be bothered to spend £30 on Snow Leopard?

Face it, everyone has to cut off old kit and old OSes at some point. Backward compatibility is an ever decreasing circle.

I take your point, but it's still a bit odd that it supports much older versions of Windows than it does of OSX. Almost as though there's no benefit in Apple forcing Windows users to buy a new version of Windows.

In the same vein, my G5 iMac came with (I think) Panther, and a white plastic Apple keyboard which had volume keys that, unsurprisingly, controlled the volume.

That keyboard died and was replaced with a shiny new aluminium Apple keyboard, which also had volume keys. Except that the volume keys on the new keyboard didn't work with Panther, and required a new version of the OS. Not a firmware update, not a new driver, a new version of the Operating System. To provide the same functionality as the old keyboard already provided. Hmmm...

To all the people talking about passwords. This: http://agilewebsolutions.com/products/1Password
is the solution. Include password generation and vault capability. Sync's using dropbox between my 2 Macbooks and iPhone.

Works perfectly and is pretty secure, especially when your allowed 50 character passwords.

Punishment you say? Slap your own wrist and we'll call it even - that seems fair yes?

Would require a keylogger...not without the realms of possibility, but unlikely if you take care.

I take your point, but 'taking care' means not running as admin, registry/process protection so even if you do click on it it can't run/install. Script blockers for websites.

Do most people not run these things?

Again, yes. But then if someone has thought about it enough to start using a password program so they can use different 20-30+ character passwords for everything, does it not follow that they will also 'take care' when it comes to guarding themselves against keyloggers?

A non-techie is unlikely to use a program like this. Which is kind of the point. They are pretty much exclusive... hence someone who uses one is likely to understand defense in depth.

Hm. I suspect we're never going to agree.

There is a single point of failure in most setups. What matters is how you mitigate that by surrounding the single point of failure with layers of other security. Like an onion. A security onion. A big juicy, eye-watering security onion of delight.

More seriously, I prefer the single point of failure of a password program, as long as I'm aware of the possible attack vectors, I can try and guard against that. One will never be totally secure - if you are targeted for whatever reason, you will get done. The goal is simply to make you a harder target than the next person.

After all, you keeping your passwords in your head is still a point of failure if a keylogger is installed - we both become exposed to the same weakness. Your security controls that prevent your passwords from being stolen are essentially the same as mine - guarding your machine from unauthorised access to install a program. If those controls are bypassed, they get both our passwords.