I've used/programmed Macs on and off since about 1986 and have seen Apple's products come and go since then. Been running Windows since '95/'98 and WinNT 3.51. I've used/programmed/cursed at least a dozen other systems since 1976 as well - PDP-11's, VAX/VMS, VM/CMS on IBM mainframes, Wang/VS systems, HP's RTE on 2100/1000 mini's, then Interdata, Prime and Harris minicomputers (they were all crap), Unix (in umpteen different flavors on umpteen different architectures), microcomputers going back to the IMSAI 8080 system.

Blah, blah, blah. I have spent more than half my life on computers.

Just got a Macbook Pro. Running OS X 10.5 on it.

Am more impressed with the end result than any other machine I've worked on/with in 25+ years of dorking around with computers. Why? It is the first system in my entire experience of using/programming/cursing computers where I believe I'm getting more done with the least amount of time spent farting around making the system do what I want.

Apple's products always tried to be a cut above the commoditized PC market products - this is how they justified their higher profit margins. With the Intel-based Macs, Apple's product quality and versatility has left the rest of the market behind.  OS  X is a huge leap forward from the prior Mac software systems. From my perspective as both a systems hacker  and now as a guy who "just wants to get the stupid stuff done" on a computer, OS X gives me everything I want - a BSD-looking Unix-ish interface for hacking, and a really clean GUI and GUI applications for just getting the common stuff done, on hardware that is as fast as anything else out there in the market. But more to the point, they're really delivering products that "just get the job done" with less of your time than the PC-based products out there.

Example: backups. Recently Apple has put a backup facility called "Time Machine" into OS X (version 10.5 and later) and this month, they're releasing as slick a piece of work as I've ever seen, called "Time Capsule." The "Time Capsule" is a wireless router (802.11n), a four-port Gigabit Ethernet hub, network storage device for PC's and Macs as well as a Time Machine backup device. Oh, and it serves as a USB-2 connected print server too. All in one compact little package.

So with OS X 10.5 and later, you can use Time Machine+Time Capsule and your system backups "just work." If you have multiple Macs, all their backups "just work."  All for about $500 with a 1TB (!) disk. That's an example of smart product engineering across the product line - make backups easier, make the backup hardware cheap enough and do enough other jobs that the customer says "Hey, there's no excuse to not have this thing."

With VMWare on a Mac, you can run WinXP and Windows applications in a virtual machine to run any Windows applications that don't have Mac-based versions. Since the Mac Book Pro's are using the Core Duo chipsets, you actually have 2 CPU's in the machine; you can tell VMWare if you want it to use one or two of the CPU's. VMWare is the slickest thing I've seen since I played with VM/370 on mainframes in the early 80's. Installing VMWare and then installing WinXP inside it was as easy as falling down. It "just works."

The nicest thing about Apple's products is that because Apple is controlling both the hardware and the software, they can make things "just work" for the user without a ton of options, special hacks, settings, etc. Microsoft is forced to add a blizzard of configuration bits and settings to Windows because Microsoft doesn't control the hardware. 

The CFO, who has used Macs on/off almost as far back as I have, loves the new Mac. Takes a little getting used to, as you'd expect, but she's now of a mind to get her own Macbook Pro when she replaces her IBM Thinkpad, which has been a solid laptop for eight years. We both last used Macs about 1993/1994 or so and are both blown away by how much Apple has changed their idea of how to deliver value to the customer.

Within a year, I suspect our PC's (and we have about a half-dozen of them) will be shut down and put into cold storage. I probably won't even keep one around for BSD/Linux hacking any more. VMWare means that I can fool around with any OS I want on the Mac, and I spend less time configuring a hardware multi-OS boot and partitions to achieve the same result.

Apple's licensing for OS X within a household (5 machines for $200) seems to make a lot more sense too. Much cheaper than MS's licensing fees if you have a bunch of folks in the household running the same machine/OS. 

The one downside of the Mac (and this has been true going back to the late 80's) has been the business software application market tends to ignore the Mac. With VMWare+WinXP, this is no longer an issue. There are native versions of MS-Office for the Mac, but your farm s/w you'll likely need to run on WinXP as a guest inside VMWare.

If the machine does what you want, and you spend less time coaxing the machine into continuing to do what you want, then hey, run it. If the Mac doesn't do what you want, then stick with a PC. In the end, you're a practical guy with a practical need, and the choice should come down to this: "Which system will get more of what I want done in less of my time?" When I was young and stupid, spending 18 hours straight, buried in the bowels of some machine room, making a system do what I wanted was a badge of honor. Now that I'm getting older, I realize it was just stupid. My requirement is now for a system to do what I want, and do it now. I don't want to piss away hours of my time doing system rebuilds, or backups, or disinfections, etc. I have other things to do with my time, and the computer should be working for me, not the other way 'round.

All systems have and will have security issues unless they're Orange Book A-rated systems (ie, there are mathematical proofs of correctness in the design). 

OS X has seen security issues as well. The trouble is, claims by Windows advocates that OS X will have security issues are akin to someone with a sucking chest wound playing "neener-neener-nyah-nyah" while pointing at someone with a bad cut. There's a sense of proportion missing there.

Both the groups who:

a) think that OS X is impervious because it "isn't Windows"

b) think that OS X will suffer just as many security attacks as Windows

are simply not credible.

I've seen security problems in VAX/VMS, SunOS and other Orange-book C2-rated systems. Doo-doo happens. But the flipside of the issue is that there are B2-rated Unix/Unix-like systems out there (Trusted Solaris, for example) and B2 requires very rigorous security testing. Even when the developers don't submit to Orange Book levels of testing, there are some implementations out there that are huge improvements over anything Windows is delivering. OpenBSD, as a open source OS project, has very credible security for casual (ie, non-classified) use in that the number of stupid bugs found is very low, again because of rigorous security testing by the developers.

Microsoft's problem is that they don't do rigorous, serious security testing as one of the gating items for releasing Windows to the market. They issue releases with huge numbers of existing bugs in the s/w because they're driven by revenue projections and with a near monopoly, they don't need to care about security. They just need to ship.  

There is no "Trusted Windows" B-level product out there. Zip, nada, nothing. Microsoft's promises that there would be such a "Trusted Windows" have been heard for nearly 10 years, but with no results seen out of Redmond. There are "Trusted Mach" projects out there already, which means that should Apple want to deliver a "Trusted OS X," that the road is already being paved by  research at universities and the US military (esp. the USAF). For people who want secure Linux, there is a secured Linux project, which has substantial contributions from the folks at the NSA and IBM.

Because there are no easy source code licenses for Windows, and Microsoft keeps making huge changes in the OS source code base between versions, Microsoft is pretty much on their own, and the external evidence is that security simply isn't that important to Microsoft. They're interested in shipping features first and closing holes afterwards.

As long as Windows has

a) the registry

b) "active content"

c) Microsoft self-invented guns pointed at their own feet, such as ActiveX, and MS's own version of Java

d) a monolithic kernel with a huge amount of code running at an elevated privilege level within the same memory address space,

Windows is going to have more security holes than OS X, or just about anything else.

You're right, of course.

My point is that the situation on Windows has reached the point where it is because of deliberate design choices by MS. It isn't getting better and it isn't likely  to get better. My other point, without getting absurdly technical here, is that MS's big design choice of a huge amount of code running at elevated priv levels leaves more attack opportunities for really deep penetration than a system like OS X using a microkernel-type design.

The central problem comes back to your point: Even the most secure system in the world isn't worth jack if users do absurdly stupid things like write down their passwords or use easily guessed passwords. Or answer phishing e-mails, surf over to porn sites in Russia, etc. Or assume "Why, I can't have a security problem because of <fill in the blank with silly reason here>."

The password to your email server, the password to log onto your PC, the passwords to log onto any financial web site are important. Any password that allows you to manage/move/spend money is the most important type of password.

Passwords should not be the same - eg, your email password should not be the same as your online banking password, and this should not be the same password you use to log into Windows.

Passwords should not be something easily guessed by someone who knows only basic information about you (eg, your dog's name, your kid's name, your wife's name, etc). They should contain some numbers and/or special characters if the system allows it, they should be at least six characters long.

If you need to write down passwords, don't store them online someplace, and don't store the written copy near the computer.

When I had to remember passwords to 10+ systems, I created a system where every password was derived from something I alone knew, plus something about the system's network name, plus what time of year it was, and I had to change all my passwords once/quarter. This is more complicated than most people want to deal with, but that's an example of how you can create secure passwords that cannot be guessed, yet you can remember the password by remembering one method used to create many passwords.

The password to log onto NAT should be reasonably secure, but the downside to losing control of your account is limited. If someone grabbed your NAT account and started doing things in your name, the best recourse would be to flip EdB or one of the other admins an email, freeze/delete your existing account and go from there - changing your password immediately. Because there's limited hacker attraction to hackers for impersonating someone on a farm BBS, I don't think NAT is at big threat of that kind of attack.

Hackers would be after the NAT server more to use the server as a spam source, or to store stolen software, etc rather than attack individual accounts. Those sorts of attacks would be very limited in scope because NAT's admins are on top of the situation so quickly. 

I've noticed a difference in how some sites handle passwords too. My ISP can look and see what my password is if I tell them I've forgotten it. That password is different than others that I use. Other sites can't look at user passwords. If you forget it, they can only reset it to something and then tell you to change it to something you prefer. Many of those types of sites use the same password for me.

That's an absolutely sound policy. Any site that can tell you what your password is has insecure password management by definition. Passwords should not be retrievable from the password database/file. A good system has what is known as a "trap-door cryptographic hash function" - ie, when you are given the password as stored on the system, and you have complete knowledge of the hash function, you cannot reverse the algorithm and re-create the password. The hash function is "cryptographic" because the hash function has the ability to prevent differential attacks on the password (a bit complicated for this discussion, but when you're cracking banking passwords, it is worth learning all the tricks).

SHA-1 and MD-5 are examples of these sorts of algorithms. Not saying they're the last word in security, just that they're examples of trap-door crypto hash functions.

The systems that can give you your password back are vulnerable to having the password file stolen. Then all that is required is knowledge of the algorithm and wha-la! The hacker has every password that was stored on the system.

If you'd really like me to expound on both, I can.

Suffice to say, DECnet Phase IV was OK. Phase V (OSI) was a steaming pile, with the exception of the routing infrastructure.

The big thing that VMS had that most all modern micro-computer systems don't is a record-oriented file system. From MS-DOS forward, everything inside a file is as it is on Unix -- a stream of bytes.

When I talk to these youngsters today and mention "ISAM files" - they look at me as tho I just landed from Mars. 

The AS-400 is one of the best engineered systems out there. It not only replaced the System 34/36/38's, it gutted the 9370 product line, stopped the VAX/VMS intrusion into business apps, and killed the Wang/VS business.

A truly amazing piece of work, wholly atypical for IBM at that point in time.

Yes, they break. From what I've seen, it is usually the disk or power supply sub-system(s).

It would be a pretty rare thing to run across, but trust me on this: as funky as the AS-400 is, you should have seen the System 34/36/38's.

Gawd, it was like hitting yourself in the forehead with a hammer. All you could think about was "how good it will feel when I stop..."