Are Mac's inherently safer?

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

I eagerly await the inevitable follow up article where Leo talks about how the Mac "Zealots" flamed him because he pointed out how Mac wasn't any better than Windows, and ignores the many facts in this talkback.

It's a lot easier just to try to portray Mac users as idiotic Zealots that have drunk the Kool Aid than actually respond to the facts that have been posted here.

In the meantime, for whatever reason that Mac OS X has 0 viruses and spyware compared to Windows, who cares? Given the choice between living in a leper colony and living somewhere with no leprously - which would you do? Leo clearly would stick around in the leper colony, becuase the other place "could just as easily get leprosy, its just a matter of time".

I really need to get my Macintosh Security and Maintenance presentation posted. There is so much ignorance on the part of so-called experts raised on the tits of Microsofts' breast that demonstrate over and over how clueless they are that someone has to save them from their foot-firmly-in mouth punditism, red-herringness and lead balloonism.

Leo, if you have never tasted salt, how do you describe it? It is not possible. You have to have tasted it first. Taste the Mac and then, just like all the other "Windows-only" folks, you too will begin singing the praises of that platform rather than excusing it out of hand or giving it backhanded grudging praise.

I was an MCSE back in the NT days. I have run the macCompanion magazine for over 3 years now because again, someone has to help the computer refugees through the underground railroad to escape the slavery of the non-Mac environments.

Drop by and read the back issue of macCompanion at http://www.maccompanion.com and read for yourself. We welcome you with open arms! We don't play the Fear, Uncertainty and Doubt game. Come on Leo, come give us a hug...

My Mac requires a password for programs to install. Ummm... more secure?

Well, I personally would like to throw in a good word for Leo. Although I disagree with some aspects of what he wrote. For instance the reason that no one has attacked the Mac is because it has a much smaller market share. I've been using macs since OS 6 and I must say that up until Mac Os X there were viruses for the mac. Infact I think about 50 or so. Still less than what you would get on Windows but enough to make anti virus software a good business for the mac. But after the release of Mac Os X there has not been a single virus while the Mac market share has infact increased. So It would seem that market share is not the driving issue for Mac Os X's security. However that said I really do think people are bashing poor Leo here. I for one was impressed with his very obvious attempt at objectivity and williness to admit that he didn't know everything. To me this seems like a very good trait in a columnest.
Alex

Aparently Macs are a smaller target than Windows....
However according to this article relating to an experiment done last year by USA Today
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
Quote
"Each PC was connected to the Internet via a broadband DSL connection and monitored for two weeks in September. Break-in attempts began immediately and continued at a constant and high level: an average of 341 per hour against the Windows XP machine with no firewall or recent security patches, 339 per hour against the Apple Macintosh and 61 per hour against the Windows Small Business Server. Each was sold without an activated firewall."

341 attacks per hour average for XP vs 339 per attacks per hour average for OS X, How can you say that OS X is a "smaller" Target?

10:52:08
Less than four minutes from start of the test, an intruder breaks into Windows XP SP1 through the vulnerability most famously exploited by last May's Sasser worm. Ensuing instructions get garbled.

11:03:30
Eleven minutes later another intruder breaks into XP SP1 through the security hole exploited by the July 2003 MS Blaster worm. Ensuing instructions get garbled.

11:04:04
While the previous break-in is still unfolding, another intruder, using a different attacking computer, breaks into XP SP1 through the Sasser hole. Ensuing instructions get garbled.

20:21:44
An intruder breaks into XP SP1 for the fourth time using the MS Blaster hole. Things go smoothly. He begins uploading commands. He confirms XP SP1 is connected to the Internet, then begins making repeated attempts to connect XP SP1 to a server running an Internet Relay Chat channel, the equivalent of a private Instant Messaging line.

20:22:49
The intruder successfully connects XP SP1 to the IRC channel, which is probably also running on a hijacked PC.

20:23:05
The intruder instructs XP SP1 to navigate to a designated Web site, likely running on yet another hijacked PC. XP SP1 downloads a program, called ie.exe, from the Web site.

20:23:11
XP SP1 begins scanning the Internet, poised to similarly hijack other PCs exhibiting the same unpatched security hole.

OS X was NOT compromised!

"Macs" is not possessive. It is plural. You should not use an apostrophe.

"Windows apologists have long argued that the only reason the Mac has been so strikingly free of security exploits is that it has such a smaller market share than Windows. This argument ignores numerous facts, such as that the Mac’s share of viruses is effectively zero; no matter how you peg the Mac’s overall market share, its share of viruses/worms/Trojans is significantly disproportionate. Or that the logical conclusion of this argument — that because of Windows’s monopoly market share, malfeasant hackers would logically only write software to attack Windows — would be to extend the argument to all software, malicious or not, and it’s quite easily disproven that “all software” is targeted only for Windows. Or that, despite the Mac’s relatively small market share, a successful virus/worm/Trojan attack against Mac OS X would likely garner significantly more notoriety and fame; considering the recent publicity given to non-exploited Mac OS X vulnerabilities, it’s reasonable to expect that an outright exploit would result in an avalanche of tech media hysteria."

Quoted from:
http://daringfireball.net/2004/06/broken_windows

This Daring Fireball article is very well written AND researched.

As a professional Network and Systems Administrator who has beein in this industry a while, I have to chuckle when yet another MicroSoft apologist chimes in with the "Security thru Obscurity" myth. It is like listening to "Talking Points" issued from Redmond. No study thats ever been done confirms this assumption, and that is all it is, an assumption.
A couple of examples of why this assumption is wrong... perhaps the best example is looking at an area where MicroSoft isn't the domant player: Internet HTTP servers. Apache dominates this market with 70% of the market vs. IIS at around 20%. Where this myth true, the vast majority of exploits would effect Apache. The exact opposite is true, however, Apache's security record is much better... just look to disasters like Nimbda or Code Red. Apache has never had an exploit like this. Another example, go to DefCon some year and plug a Windows and OS X machine into the network and see how long either lasts without being hacked. You'll see lots more OS X machines there than Windows, yet none have ever been hacked.
The danger with this myth being perpetuated is that it removes responsibility from MicroSoft to build a secure product. If you buy into the assumption, then it isn't MicroSoft's fault they are being attacked so much. You do your readership a dis-service passing on this FUD, which is not supported by any research, on your part or anyone elses.

I'll try to keep this short, because I'm sure you're wading through quite a bit of verbiage in terms of responses. The Mac is built on UNIX, which among other things, is known for being solid as a rock when it comes to security. Windows is built on, well, Windows. Nearly all the code is gone from the original Windows release, but it's still the same creaky child-like code that was designed long before anyone thought to connect two computers together.

If you talk with hackers, they'll tell you that at this point the Mac is considered THE prize, because everyone keeps claiming that it can't be done. Still, they don't succeed. So they continue to beat up on Windows because it's EASY to do so. Shoot me if you must for invoking the car analogy, but it fits perfectly here. Two cars sitting in a lot, either one of them could theoretically be stolen. But one has an alarm system, a microchip embedded in the key, a denver boot on the tire, and a lo-jack built in. The other car has the window rolled down, the keys on the seat, and a sign taped to the steering wheel that reads "Go ahead and steal it, I need the insurance money."

Which car do you think is going to get stolen each and every time? The point that so many of you guys miss is that the rampant, almost laughable spread of viruses, spyware, and associated crap is almost entirely a function of the near total lack of security built into, and child-like coding of, Windows. Hackers couldn't have one-tenth this much fun if the dominant operating system weren't such trash.

Come on, does the current state of malware seem like something that would be considered normal? It's an outrageously bad joke, and it simply would not be happening if the dominant operating system were as secure as the Macintosh is. When the Mac has thirty-four percent marketshare instead of four percent, and the hackers are still having one hundred percent of their breakthroughs on the Windows side, then we'll have proof that I'm right about this. Until then, the very fact that there hasn't bee a SINGLE virus successfully written for MacOS X should tell you something.

To think that I spent all that time and effort on an education to become a systems analyst when all I needed to do was stay an ignorant hick and become a tech writer.

I have worked (as in written apps) on everything from PCs (Mac & Wintel) through small mainframes and all their associated operating systems and languages.

In spite of that (probably because of that) I would not have the balls (or the lack of brains) to make a pronouncement that one system "appears" safer because it holds a smaller market share.

What you need to do next is apologise for your ignorance and complete lack of understanding as to what makes a Mac (and by extension any Unix-based operating system) so much less vulnerable than any flavour of Windows.

If you fail to do this don't be too surprised if Leo doesn't get asked to do anything other than sweep the floors in the future.

To post a comment on "Are Mac's inherently safer?", please return to that article's main page.