“Recently there has been a growth industry in pundits whining about the security of the Apple Mac OS X operating system. To read some of the coverage, you would think someone deciding to use OS X instead of Windows would have to be dumber than a fence post. Methinks the security worries are rather misplaced and may be the result of hyperventilating, nontechnical reporters and some gloating on the part of Windows users,” Scott Bradner writes for Network World. “One would have to be dumber than a fence post to assert any set of software as complex as a computer operating system and all of its application programs could ever be totally secure. Programs are created by programmers, most of whom are human and therefore unlikely to generate perfect, bug-free code. Bugs in software design or implementation are what lead to security vulnerabilities.”
“But that said, there is no reason to think most of OS X should be as subject to vulnerabilities as is most of Windows. Most of OS X, including most of its more than 1,000 Unix applications, are from open source BSD Unix and the GNU Project, both of which have been beaten on by researchers and hackers for years (and fixed when problems have been found). This process is more likely to result in secure code than any private, corporate process such as Microsoft uses, where the code has had nowhere near as many eyes reviewing it,” Bradner writes. “Sometimes public access to source code means a hacker finds something to exploit. It also means exploits can be quickly fixed.”
“Then why the increased buzz about OS X security? (Note that even though the buzz has increased, it is still a whisper compared with discussions about Windows security: A search on Google News, for example, returns 64 hits for OSX + security and 7,300 hits for Windows + security),” Bradner writes. “I expect a major reason is there is a lot of buzz about OS X and Apple these days; too many reporters feel just writing about good news is not good for their careers, so they feel they have to come up with something to complain about… OS X is not going to be vulnerability-free, but I do expect it to show significantly fewer vulnerabilities than Windows has. That does not mean OS X users can ignore security – at the very least, enable the built-in personal firewall – but it does mean you should not stay with Windows because you think it will be safer.”
[Bradner is a consultant with Harvard University’s University Information Systems.]
Full article here.
[Thanks to MacDailyNews Reader “Bob K.” for the heads up.]
MacDailyNews Take: An excellent article, with which we wholeheartedly agree. Email the link to anyone who seems really excited about any of the current “Mac OS X has viruses!” FUD pieces floating around right now. May Bradner’s common sense truth knock them back into reality.
Advertisements:
• Get the new iMac with Intel Core Duo for as low as $31 A MONTH with Free shipping!
• Get the MacBook Pro with Intel Core Duo for as low as $47 A MONTH with Free Shipping!
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
Related articles:
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
Minor security flaws found in Mac OS X – April 23, 2006
Microsoft: recovery from Windows malware becoming impossible; better to to wipe and rebuild – April 04, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Apple Mac remains ‘unhacked’ as University of Wisconsin’s Mac OS X Security Challenge ends – March 08, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Mac OS X clearly offers superior security over Microsoft Windows – March 02, 2006
Apple Mac OS X has a lot more vulnerabilities than Windows XP? – February 28, 2006
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
eWeek: Intel transition a ‘security non-issue’ for Apple Mac – January 30, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – January 26, 2006
IDC: Apple Mac 2005 U.S. market share 4% on 32% growth year over year – January 20, 2006
Analysts: Apple Mac’s 5% market share glass ceiling set to shatter in 2006 – January 09, 2006
ZDNet Australia publishes latest Mac OS X security FUD article – September 09, 2005
Joke of the month: Gartner warns of Mac OS X ‘spyware infestation’ potential – March 30, 2005
Symantec warns about Mac OS X security threat – March 21, 2005
Oh, were it only true from here on.
Apple machines of the future will be the same as today’s PCs, only more expensive.
OS X defaults with all ports closed to traffic and not listening. What will the firewall do if there is no traffic going through the ports?
Activate the firewall has a meaning only if you start opening ports around, otherwise it is just consuming CPU cycles for nothing, really.
And if OS X ports are not listening, how a virus could infect and spread?
hint.. hint..
I anyone surprised?
Bravo! Nice counter-balance to today’s FUD articles.
Follow these simple guidelines until the exploits are patched
Do not visit untrusted web sites, and do not open ZIP archives or images originating from untrusted sources. Do not click on suspicious links in emails and posts.
Driveby exploits can be run on your Mac.
1: Click on legitimate looking link.
2: Your browser is sent to a malicious site which runs exploit code in a flash.
3: Your then routed to the legitimate site.
What you should do is paste the legitimate url into your web browser instead. You can also squint at the true url at the bottom of your Safari window as you mouse over a link or image.
Stay away from porn sites and other questionable sites, even some forums as moderators and webmasters are having their fun rooting Mac’s.
and not even worth the effort of the attempt.
Apple’s Mac OS X is significantly more secure than Windows
It is, but that significant difference is closing very rapidly. At the current pace, Mac OS X will be as insecure as Windows within a few months.
Hackers are finding a wealth of inexperienced computers users on our platform to exploit.
Actually, MDN, I don’t think you do agree with the author. he says that all software in vulnerable to exploits, since it’s written by humans, and humans are flawed. He goes on to say that OS X is more secure because it’s been hammered by testers more often than Windows, but he does not say that it’s exploit-free.
I do believe that you guys think OS X really is exploit-free. Does that make you dumber than a fence-post? The day will come when OS X is hit with a serious exploit of one sort or another. It will (hopefully) never be as bad as Windows has been, but it will have its fair share of exposed vulnerabilities. After all, it’s updated all the time, and it’s written by mere mortals (yes, Apple is populated by mortals, not gods).
“closing very rapidly”. Good stuff you are smoking LOL
“current pace”… since when a pseudo-technical writer spouting nonsense about computer security means an OS is becoming vulnerable?
OS X is a FreeBSD derivation with Mach-O kernel. FreeBSD has stellar record vs security robustness, fine tuned since ages.
Al Quesadea: you deserve the TROLL of the month award.
but Windows is a one-of-a-kind. Some things are only possible on Windows. No OS share its *design*.
uppphhffffffffufffoffffoffffffufff DESIGN….
HUHHUHAHAHAHAHUEHHEEHUHAHUAHHAHAHAH
sorry… could not resist: design and Windows in one statement…
UHHAHHAHAHUHAHOAHHEHAHAHAHHE
hairbo,
Just because you want so badly for it to be so, doesn’t make it so: MDN never said anything like what you apparently wish they had been saying.
MDN just says it like it is, like they always have: Mac OS X is vastly more secure than Windows.
Even a moron in a hurry knows that fact.
I don’t get it, why are all the “news” sites circulating stories just now about trojans and vulnerabilities that are the exact same trojans and vulnerabilities that they got all frothy over in mid-February, and have since been fixed? There has to be a PR firm behind this.
Al Quesadea: OS X has a long, long, long way to go before there are hundreds of thousands of actively circulating viruses, trojans and spyware for the platform. At the current pace, assuming Windows is finally at this point in time secure and never has another virus, at its current pace of about one piece of malware every three months, OS X should catch up to Windows’ level of insecurity in about 300,000 years.
do you also not go out becuase you might get run over a pick elephant with a side car?
Yes, it is very interesting. I mean, what, with the Leopard sneak peek coming up and all. Just coincidence? It smells fishy to me, too.
MacDude, it’s really amusing watching you carry on a debate with yourself! lol!
9 out of 10 trolls say:
Windows is just as good as OS X, and OS X is just a bad as Windows.
There are novice drivers out on the streets every day — are you going to stay home and lock the doors?
Of course not — you go outside, but you take precautions like looking both ways before crossing the street, avoid jaywalking when possible, etc.
Same thing with the computer — you can either stay off the Internet (and frankly, there are some posters I wish would take that hint), or you take precautions; install basic anti-virus software (I have Intego Anti-Virus, designed by Mac users for Mac users), don’t visit questionable sites, don’t download files except from trusted sources, etc.
Why do many business have UNIX-based systems (and others now looking toward Linux)? It’s much more stable and secure than Windows — it can also cost more to maintain (IT staffing), so businesses going for low cost will usually go with Windows (with all the “helper” and “wizard” applications, almost anyone can learn the basics of NT or Win2K system maintenance). But they end up paying later when sloppy maintenance leads to system vulnerabilities. (I studied NT 4.0 for a couple of years; my instructor used to rail at the shoddy maintenance of most NT systems.)
And actually, I think viruses (or virii, depending on preference) are going to be less of a problem than “phishing” — anti-virus programs can block the random virus but can’t do anything about human stupidity.
MacDude, it’s really amusing watching you carry on a debate with yourself! lol!”
Let’s hope that’s all he’s doing.
I’ve got a huge can of industrial latex spray so that I can instantly cover my G5 at the first hint of a virus attack.
I love this bullsh!t Windows users are feeding us. That, look out, OSX will be as f’d up as Windows in less than a year.
Any Windblows folks out there care to wager on that?
And, fellow OSX users, have ANY of you EVER had a security issue? Ever? Do you know anyone that has? Anyone? Bueller? Fry? Voo-doo Economics?
m
…why are all the “news” sites circulating stories just now about trojans and vulnerabilities that are the exact same trojans and vulnerabilities that they got all frothy over in mid-February, and have since been fixed?
Uh perhaps there’s a nasty bunch of new ones just discovered perhaps?
http://secunia.com/product/96/
Lets chop some programmers toes off! – Evil Steve Jobs
In case you misunderstood:
Apple machines of the future will be the same as today’s PCs, only more expensive.
Al Jazzoo,
Yeah, but then take a look at the Windows XP Professional page over at Secunia: http://secunia.com/product/22/
20% UNPATCHED WINDOWS XP PRO CRITICAL ISSUES
OSX only has 2%
We can officially still be smug.
m
mudflapper:
Neither my Mac nor any of my friends’ Macs have ever been hit by any malware whatsoever. This Mac OS X vilification FUD machine is spewing out a huge crock of BS.
The new Apple ads are coming and the competition is trying a pre-emptive strike!