The A to Z of security

OS X

There are few tech rivalries that involve as much shameless mud-slinging as the Mac vs PC security show.

According to Apple, it goes a little something like this...

PC: Achoo!... I have that virus that's going around... You better stay back: this one's a doozey... Last year there were 114,000 known viruses for PCs...

Mac: For PCs, not Macs... I run Mac OS X so I don't have to worry about all your spyware and viruses...

Since 2001, Apple has been selling Mac OS X. OS X had its first official release in March 2001 (as 'Cheetah'), followed by four updates: 'Puma' in September 2001; 'Jaguar' in August 2002; 'Panther' in October 2003; and 'Tiger' in April 2005. The next big cat to leap out of CEO Steve Jobs' bag of tricks is 'Leopard', due around New Year.

Security from A to Z

Click on the links below to find out more...

A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day

Apple's marketing for the Mac relies on heavy boasting around its security credentials coupled with low-level sniping at Microsoft's expense. The blurb on Apple's website is typical of its message: "Mac OS X was designed with security in mind. Windows just wasn't built to bear the onslaught of attacks it suffers every day. A Mac offers a built-in firewall, doesn't advertise its existence on the net and isn't compromised within an hour of being turned on."

It adds that OS X has "a superior Unix foundation" - superior, that is, to Microsoft's glitch-ridden Windows operating system which when connected to the net "using factory settings is like leaving your front door wide open with your valuables out on the coffee table..." But Apple would say that right?

Yet Apple's marketing message has more than a grain of truth according to silicon.com columnist Seb Janacek. Writing about the state of OS X security last summer, he quoted a product manager from security company Sophos as saying: "The technical challenges of producing malware for the OS X operating system are more difficult than for Windows. Both Mac OS X and Linux are much more secure than Windows... You would have to be genuinely clever to write an OS X virus and most virus writers are not."

A more recent airing of this view came from the writer of a proof of concept piece of Mac malware - which reportedly contained the message: "so many problems for so little code".

Another feather in the OS X security cap is the fact that users are not logged on as the root user, effectively isolating the amount of damage an attacker can do. Meanwhile, says Janacek, the OS' Unix core has "been lovingly audited by the devoted open source community for years".

However, early this year the Mac community was rocked by the claim that the first virus to target OS X had been found in the wild. The malware, known as 'Leap.A', spread via Apple's iChat IM client. A proof of concept piece of OS X malware followed, along with the discovery of a serious flaw in the operating system. Predictions of the beginning of the end for Macs' security 'immunity' duly followed.

The argument frequently used as a stick to beat the Mac faithful - or more likely whip them up into a frenzy - is that as long as Macs are in the minority, virus writers can't be bothered to turn their firepower on them, instead targeting Windows PCs since they are so ubiquitous.

But as Apple grows market share in the personal computer market, the argument goes, Mac users should expect to see more malware.

Due to the strength of feeling on both sides, this is definitely a good debate to file under 'let's wait and see'.