By silicon.com, 6 July 2006 16:50
A call from one antivirus vendor this week, encouraging users to ditch Windows PCs in favour of supposedly 'more secure' Macs, is a little at odds with perceived wisdom in the industry.
Nobody doubts Mac users fall victim to fewer attacks - let's take that as a given - but advising such a mass exodus, many believe, will undermine the very reason why Macs are perceived to be 'more secure': because they are less popular.
So while Sophos this week has been saying 'go Mac', certainly Symantec, another larger player in the industry which would normally not pass up a chance to slam Microsoft, admits the disparity is largely down to the size of the target.
In the past, John Thompson, CEO of Symantec, has likened virus writers and hackers to graffiti artists in the real world, and he likened Microsoft to the Tube train that goes through the centre of the city - everybody will see their work because everybody rides that train.
Why therefore would anybody turn their cyber spray cans on Apple, he argued, when relatively few people will see their work?
Thompson, speaking to silicon.com earlier this year, echoed his belief that Apple is more secure because it represents a smaller target. Or another analogy, if you can tolerate it - it's like telling people to move out of the cities and into the countryside because the countryside has less traffic and pollution.
But of course if everybody makes the switch, or if enough people do, then they will find problems such as pollution and traffic will follow them there.
You can certainly imagine that if the masses heed the advice of Sophos, Mac OS X will become a far more popular target for virus writers and hackers.
At this point the Mac zealots will be dismissing this line of discussion (or 'more f*cking pro-Microsoft bullsh*t' in their words, no doubt) as a tired old argument with no basis in truth but the fact of the matter is Apple's claims of greater robustness can only be tested when all things are equal - laboratory conditions aside.
It is certainly undeniable that the criminal fraternity have not turned their guns on Apple to anything like the extent to which they have targeted Microsoft to date.
If they do - in the unlikely event that Apple significantly increases its market share - then we will see which platform is indeed more secure.
And in case anybody does think this is pro-Microsoft propaganda (which would be a first for silicon.com), we hope that in such an event Apple would genuinely prove to be more reliable, more robust and more secure in the face of attacks because, for those users tied to a Microsoft environment for the foreseeable future, it will at least show their Seattle-based supplier how far short it is falling in its own offering. And will remove one more excuse, and one more hiding place, through a real and relevant unfavourable comparison.
Comments
There are 60 comments. Join the discussion
1. anonymous
Marketshare argument is irrelevant. Apache vs. IIS? Which has more security advisories? That would be IIS. Bottom line. No known viruses/trojans/malware in the wild for Mac OS X. Period. Ive lost count on Windows. Of course I eliminated all 100 Windows boxes in our business for Macs...so why would I care to keep track anymore.
2. rjv
The security vulnerabilities are dependent on the type of exploit.
I think any sweeping generalization regarding security weaknesses on one platform or the other is a disservice. If you consider phishing and other browser related exploits, its equal on both platforms. On the other hand application-specific vulnerabilities abound on Windows more than OS X because of the ill-designed VBA and ActiveX components (leading to the proliferation of "I love you" viruses). And that has nothing to do with the sheer number of users.
3. Steve Erickson
Where is the discussion about the technical issues that separate the PC and Mac regarding security? There are many differences, many discussions, and a wide concensus (not just among "Mac zealots") that Macs are more secure because of the technical underpinnings of the UNIX Mach kernel, along with the philosophies regarding system administrator privileges (among other things) that Apple has built into OS X. It is doubtless true that increased market share brings increased attempts at attacking any OS. What you fail to mention is that the technology in Macs make them inherently more resistant to those attacks. You don't need 50/50 market share and a hacker field test to recognize this fact. And your article should at least bring it up. Your contention that the lack of attacks is mostly due to market share is not supported.
4. anonymous
I just wish someone would write a credible analysis and leave the bias at the door. Mac or PC.
Here are a few points I wold like to see addressed:
1. The Mac OS is based upon Unix. Is there any doubt or argument that Unix is far more inherently secure by design than Windows?
2. If this isn't the case then why has Microsoft spent so much time and money moving Windows Vista to a similar user/permissions scheme and labeled it as the cure to the common Windows virus?
3. This whole argument of "security by obscurity" is really silly. Writers, such as this one, claim that virus, malware, and Trojan authors don't bother because as was said in this article "no one would see their work"! This ignores the fact that they will NEVER be famous for writing a virus for the PC, most people will never see their work, as the patches are too fast and furious. Unless of course you're good enough to write the next Code Red virus. While these same people would be world famous, on the CNN front page, on the cover of infoWorld if they were to be the one to actually write the FIRST out in the wild virus. A hacker can't pay to get that kind of publicity.
In short there are so many fallacies here in this article and elsewhere it kills me.
I'm so done with worrying about it and if you Windows users are happy living in your virus infested swamp and would rather do so because of some wacky notion that someday the mac may get a virus, that's FINE by me!
5. anonymous
Hi,
The problem with discussing this point is that it cannot be proved or disproved. This is simply opinion. An informed opinion, I'll grant you, but opinion nonetheless.
While the "tube train" analogy probably has validity, it's not as valid as you presume, in my opinion.
Let's face it: Hacking Windows is old hat. What is the bragging-rights value to a hacker these days when he/she declares "I wrote a Trojan for XP." Yawn. But hack the allegedly hard-to-break MacOS? Egg on the face of one of the most high-visibility tech leaders in the world? Wow! What is the pub value of that? Pretty darn high, I submit. Do you really believe that hackers aren't enticed by that? Sounds pretty enticing to me (not by me, however. I lack the chops.)
6. anonymous
Just flame bait here.
Nothing new, just the same, lame argument of market share being the reason for the lack of viruses of the Mac.
Nothing more needs to be said.
7. anonymous
If you take a mac and a pc, the pc will crash more, with or without viruses or hackers.
8. anonymous
I think there is a lot of truth to the argument from volume, bbut surely it cannot be all the truth. Now, to disappoint those who expect a "f* MS Propaganda" posting, i will try to stay reasonable. :-)
Macs have been popular in scientific environments and publishing, including film and bbraodcasting, surely strategic businesses where a hack or a serious piece of malware would make a very visible splash.
Arguing with statistics, then: If we presume (for the sake of argument) a market share of 3% for Apple, arguably a good deal stronger in core businesses like education, design & publishing, we would expect a statistical 3% of the malware. That translates into some 3,000 "titles" in the wild. Given the attraction of the larger market, let us allow a factor of ten down for Apple as an attractive hacking or malware platform; that results in 300. If we allow another order of magnitude, we should see 30.
The fact is there is AFAIK not one single malware title in the wild for the Mac OS X system, excluding generic Microsoft-based macro viruses and trojans.
My thinking then is that there must be something other than the laws of numbers alone that results in these figures.
9. anonymous
"[...] advising such a mass exodus, many believe, will undermine the very reason why Macs are perceived to be 'more secure': because they are less popular."
Why do on-line publications continue to attempt to propagate this myth?
Macs are 'more secure' than Windows for the same reason Linux is more secure than Windows - because the underpinnings are UNIX-based, and are therefore far less hackable in terms of the common Windows maladies such as Trojans, Worms and the like.
The notion that crackers haven't cracked Macs and Linux/UNIX boxen because of "lower market share" is absurd - crackers like a challenge as much as they like widespread notoriety.
While a sudden overnight reversal of Windows vs. Mac market share might result in a stampede of current Windows crackers to attempt to gain a foothold in the Mac Trojan/Virus sweepstakes, it doesn't mean they'll succeed - the OS simply makes it a lot tougher to do that sort of damage than it does on Windows.
What about the notion, completely inverted from your own theory, that the reason Windows is so plagued with virii, Trojans, SpyWare and the like is simply because *it's an easier platform to write them for* than any other?
10. Ron Evry
Fascinating, but flawed analysis. In the second half of 2005, there were over 11,000 new viruses for Windows. Comparing it to a Garphitti Artist trying to get attention, it would be like tagging a building so covered with Graphitti that it looked like a Jackson Pollock painting.
In other words, writing a Windows Virus is a good way to get lost in the hacker crowd.
Now imagine if you were the first hacker to write a successful Mac Virus (and no, there STILL aren't any in the wild yet). You would be famous!
Don't you think that thousands of hackers have already done that?
Think on this too -- any decent hacker worth his or her salt probably owns a Mac for their own personal use -- the more aware they are of the dangers of Windows, and hackers would be HIGHLY aware, the more likely they would want to personally protect themselves.
11. flintwall
Instead of reiterating the same old arguments - how about actually examining the facts behind the phenomenon..that there are no distructive virus' in the macosphere. Zero. You could draw parallels from the experience of the many users of unix and linux who also know about this from many years of hacker attacks. You could try explaining why, when there are around 16% of home users on macs why there are not also 16% of virus' trojans or whatever.
But instead you just trot out the same lame snide scepticism that it could actually be true. macs are better by design....discuss
12. DC
This is becoming a tired argument. Given there are several thousand PC viruses already in the wild, what kind of challenge is it - really - for any young kid to create their own Windows virus?
Don't you think that a "hacker" would get a much bigger ego boost and more "popularity" if he was able to write something for OS X? The OS has been available for 6 years now and not ONE person has really been able to crack it!
Yes, the market is small, but it still represents several *million* users.
To be honst, I think anyone from any of the anti-virus software vendors speak out on this subject strictly out of self-preservation. What would they do if PC users switched en masse and Mac OS continued to be virus free? Symantec and McAfee would disappear. Hmm...
13. Sir Josmould Herringpole
OK let's declare all interests up front: I manage a small, predominantly Mac network, we used to have more PCs but have replaced all but one laptop with Macs.
In terms of time spent just 'oiling the system' by applying patches, updates etc, I've gained some time, having less to do. So, replacing the PCs has paid off (literally) in those terms. On its own this says nothing about fundamental security of Macs.
I do think however that the Mac OS is generally built on sturdier foundations, so even if Macs become as popular as Windows machines (as if...), the incidence of successful targeting will be both less in sheer numbers and less severe in outcome.
Given that the trend is towards increasing numbers of trojans however, user idiocy would appear to provide an equally viable route in, irrespective of platform. I still maintain though that the effects will be less on a Mac generally, the OS is better walled off internally, putting limits on damage and propagation.
14. Mark Costa
Why does this article completely disregard that there are any planned or inherent differences in the architectures?
The current Windows platform was designed with the needs of IT professionals in mind and provides them with opportunites to remotely administer and manage large numbers of machines.
The current Mac platform builds on an UNIX foundation and has many services disabled by default.
I suspect that virus, worm, and trojan authors have simply grasped for the low hanging fruit and exploited opportunities presented to them by Microsoft.
I also suspect that Apple, in creating Mac OS X, deliberately sought to build an OS that minimized these opportunities.
Too bad the author does not give credit and blame where they are due: Microsoft and Apple.
15. John Konopka
This has been discussed quite a lot on the Mac forums. It is probably possible to write malware for Mac OS X, but for technical reasons it is much, much more difficult than writing malware for windows.
Recently, Dave Schroeder a the U of WI put a Mac mini on the net as a public target and invited hackers. It survived 30 hours without being breached.
In another vein, any computer will be susceptible to social viruses that prey upon the user to intervene and do some harm to themselves that could not be accomplished by software alone.
16. Jim Stead
There is no doubt and has been no argument by any sane person that Macs in particular or unix in general is impenetrable. But even a CS 103 level education plus a minimal look at the two systems can tell one which is the more secure, and it's not Windows.
Jim
17. Ignis Fatuusz
"At this point the Mac zealots will be dismissing this line of discussion (or 'more f*cking pro-Microsoft bullsh*t' in their words, no doubt)..."
Wow. Was that really necessary?
Given all the malware running rampant, don't you think that it's quite remarkable that nobody has managed to crack Mac OS X in the wild, if only just to silence those who would proclaim Mac OS X bulletproof?
It's not just Mac OS X, it's *nix-based OSes in general. They're designed to be multi-user, networkable OSes from the ground up, which as I understand it is what makes them "more secure" than Windows. It's also my understanding that the insistence on legacy compatibility (not to mention compatibility with a staggering number of components and peripherals) is the Achilles' Heel of Microsoft's OSes. The multi-user and networking aspects of Windows were integrated later, rather than built-in to begin with, which would seem to make it an inherently less secure environment.
Of course, unless there's an even playing field, we'll never know for sure. I find the "security by obscurity" argument to be a very weak one, yet it continues to be pushed again and again, despite a complete lack of supporting data.
18. anonymous
You are missing a vital point here. Anyone smart enough to use a Mac in the first place is less likely to be duped by malware. Windows users don't know the difference! It's sad, but true.
19. Jon Spratlin
Truly the only hole I can find in this logic is the "dare" factor.
Apple has been, by toting OSX as more secure, daring, even double dog daring the hacker community to break it.
Following the analogy to graffiti artists although Apple is a smaller target wouldn't hacking it make a bigger splash? Gardner even more of the attention that drives this community? Windows has been hacked thousands of times by thousands of people but OSX has yet to be significantly breached. Only time will tell.
20. Daniel
OS X is more secure by design. For example, a password is required to make system level changes. Yes OS X is less popular, but there are a lot of Mac only developers who make a living from it. If Mac OS X was really less secure, wouldn't there also be Mac hackers making a living from OS X too?
21. Mike Horstman
My only problem with this reasoning is that with 2-5% (depending on your source) of the market, if there were no inherent security difference, you should still expect the Mac platform to experience 2-5% of the viruses, or 2800-7000. I consider the difference between 0 (in the wild) and 2800+ to be significant. Yes, the numeric disparity can be expected to skew the difference somewhat, but 30,000,000+ Mac users still constitute a substantial basis for comparison. Most scientific sampling uses far smaller populations. This leads many of us to the conclusion that there is some reason other than "security through obscurity" for the for the obvious disparity, especially since the difference was nearly as stark before OSX (~70,000 v. ~70, if I recall correctly), which is substantially more secure than its predecessors by all accounts. (My own theory is that by the time would-be hackers learn enough about the MacOS to do any damage, they're "converted" by the fabled Reality Distortion Field, accept their arrival at personal computing Nirvana, and no longer harbor such antisocial attitudes, at least toward their Macs ;-p)
(just kidding about that last part)
mgh
22. enderg
The answer to this question is yes, Macs are more secure. Until real, out in the wild viruses, trojans or malware are created to exploit any weaknesses in OS X it will keep its impenetrable security record. The myth of protection through obscurity is in fact pro microsoft propaganda, FUD (Fear, Uncertainty, Doubt). An acceptable counter argument is how many viruses are there waiting in the wings for Vista? Its not even shipping, has a smaller user base than OS X and already is a larger target, even though it is the MOST secure Microsoft OS ever. To suggest that OS X is a lesser target is faulty logic. Think of the prestige associated with breaking into a known hard target versus a soft cardboard box. Its the same with OS X and XP, 2000 or Vista. Script kiddies anywhere and everywhere are continuously hammering Microsoft yet not one real (not a concept or in a lab) OS X virus? Please get a grip, put down the pipe and go get a Mac.
23. Frank L
The tube train argument makes absolutely no sense -- the truth is 180 degrees to that. If no one has been able to write a virus for the Mac, then that makes it the holy grail of targets. If there are 100,000 viruses for PCs in a year and 1 for the Mac, then that 1 for the Mac would get phenomenally more press than any 1 of the 100,000 for the PC.
Smaller targets are harder to hit and earn you more kudos for doing so. The difference is not in the size of the target; the difference is that the Mac is inherently a more secure OS than Windows. Hopefully Windows will fix that soon with Vista, but for right now it's the security in the OS that makes the difference.
This was an embarrassingly unbelievable article -- I've rarely seen anything that isn't directly and obviously sponsored by the company involved be so out of touch with reality.
24. Robert Jacobs
Yawn.
25. switchtoamac
Macs are more secure thanks in part to a isolation features such as system isolation, user isolation, and memory/application isolation.
The following is a great read on the above mentioned topics:
http://switchtoamac.com/site/key-isolation-features-in-mac-os-x.html
26. Jack Nichols
You say that "Mac users fall victim to fewer attacks". This is clearly not true. In reality, Mac users don't fall victim to attacks at all. In other words: Unless you can show me a single Mac user who had his machine infected and rendered unusable by malicious code picked up accidentally on the internet, I have to say that you are either shockingly ignorant of the facts, or deliberately spreading disinformation.
27. Roy Judd
I use Windows as a matter of necessity, OS X as a matter of choice. I'd say it's a given that OS X is more secure, for the reason you've cited, but also because Apple have learned from the MS experience and have prioritised security from the outset of their switch to Unix. But let's be reasonable here... no OS is beyond a determined attack and, paradoxically, there is now a sizable segment of the IT industry with a strong vested interest in the perpetuation of malware. Windows obliges, at least in the current flavours. It will be interesting to see how Vista fares... but I don't expect massive improvements.
28. Michael Scott
Just for reference. I have been using Macs since 1984 but am also very knowledgeable on PCs/Windows and I use to be the tech guy in a all windows office. Now to the good stuff.
While it is true that "Apple's claims of greater robustness can only be tested when all things are equal - laboratory conditions aside" and security through obscurity is an argument often made against OSX, you have to look at the numbers and let them speak. Let's take virus attacks as an example. Since switching to OSX from Mac OS 9 I have never had a virus. In fact I don't even know somebody who has ever had a virus on OSX. In fact I never even heard a first person account of somebody who knew somebody, who knew somebody who had a virus on OSX. Contrast this with the PC world were I don't know anybody who has never had a virus in the last 5 years of computer use (about when OSX came out). That's 0% of OS X users infected vs. nearly 100% Windows users infected. Sure there are more windows users in the worlds but this alone cannot explain the discrepancy. For starter windows users are far more likely to have virus protection I heard like 80%-90% do and yet they still get viruses.
Look lets look at the facts, Mac OS versions prior to OS X had a market share just as low but had viruses and lots of them. Not only that they were spread at a time before the internet was is widely used. So not only does Mac OSX not have viruses, it is operating during a time of internet and large intranet connections conducive to spreading virus that pre OS X Mac were not. What made OS 9 and prior Mac OS's attractive to virus writers and OS X not attractive even thought they both shared similar small user bases? One can only surmise that OSX is more secure and it is more difficult to write viruses for OSX. This does not mean it is impossible just more difficult. Now I don't know the exact active virus count for Mac OS X but I think it is zero or at the max one (there have been proof of concepts and viruses in Microsoft Office Products on OSX but none that effect OSX). One the windows side there are hundreds of thousands or millions of viruses (I mean on Symantec's site there were three discovered just today). Obscurity alone does not and cannot account for this amazing discrepancy. It would be rolling dice a million times and never hitting a six. Even the unpopular train in the suburbs will gets tagged someday.
Let's take your analogy and use it as a starting point. If the city is windows and Mac OSX 9 and prior is the suburbs and Mac OS X is the countryside. Let's say 91% of the people live in the city, 5% of the people live in the suburbs and 4% of the people live in the countryside. What if someone then told you the crime rate was such that 99% of the city's residents would be robbed within the next five years and 10% of the suburbs' residents would be robbed within the next five years and none of the countryside's residents would be robbed within the next five years. Wouldn't you be intrigued to check out what's up in the countryside too?
29. anonymous
So let me get this straight. You can keep using Windows and be likely suffer continued attacks, or you can switch to the Mac and enjoy virus free computing until such time as Apple's market share approches that of Windows.
Realistically, how long will that be? 5 years? 10 years? More likely, never! Windows is well entrenched. But for those that have the option to switch, and can afford the transition cost, OS-X seems like a reasonable safe alternative.
30. Jim Glidewell
It appears to me that you are stating that there is no meaningful way to evaluate the security of one operating system against another unless they have equal marketshare.
Given such reasoning, it appears that there is no way to ever say that one system is "more secure" than another.
In that case, the answer to the title question is simply "We don't have a clue."
Next weeks column: Are Unix systems really more secure?
Same answer.
Even if the *only* factor contributing to the Mac's relative freedom from malware was the fact that its marketshare is less than Windows, it still argues for moving to the Mac for security reasons until the Mac's market share reaches parity with Windows, which is unlikely to happen real soon now...
Remaining in a fetid swamp, because the pool full of clean water across the way might _eventually_ get just as foul if a whole bunch of other folks moved over from the swamp, might seem like a good strategy to you, but it doesn't to me.
Besides, after a while you can hardly even smell it...
31. anonymous
Yes, Macs are more secure.
Microsoft realizes this (finally) and Vista shows how the pendulum has swung to the opposite (exaggerated) end of the spectrum. It now takes about 7 clicks to delete a shortcut icon from the Vista desktop and empty the trash afterward.
Funny thing is, Microsoft still doesn't really get it though. Along those many clicks is what appears to be a passing attempt at security in Vista, you are warned you don't have authority to perform the function. Ironically, all one needs to do is click on "Yes" (I want to give myself authority) and you can easily complete the task.
The Mac version will stop you dead in your tracks and ask you to prove you know the administrator's user name and password to continue a risky task. This and this alone prevents viruses, trojans, etc. from automatically installing "behind your back" (as Windows readily allows).
Naturally, it's still up to the (hopefully watchful and informed) user to deny certain installations from taking hold in the first place. Sadly, as more Windows users migrate over, they will no doubt carry with them their knee-jerk habits of clicking on "Yes" whenever prompted and will continue to seek out and install whatever free, cutesy, barely useful software they can get their hands on.
32. Michael Noonan
This really does verge on FUD, unusual for Silicon.com.
Clearly, there is no totally secure operating system. Equally, it is obvious to anyone who looks at the default instals of the current iterations of Windows and the Mac OS that the Mac system is more secure, that it's been designed with security in mind from the outset, wheras Microsoft has put enormous efforts into trying to secure a system that was originally designed with more security holes than a seive.
Mac OSX is certainly not invulnerable, as its security patches indicate, and its comparatively small market share does add slightly to its security.
But most other operating systems with much, much smaller user bases have been afflicted with multiple viruses.
Yes, the Mac OS has had many security patches to keep it safe. Yes, there have been a handful of proof of concept viruses designed by security professionals. Yes, a 50 percent market share may increase the risk of viruses slightly.
But how many OSX users anywhere in the world have been infected by real viruses from the wild, that they have not actually installed themselves? Count them on the fingers of two hands.
And how many Windows users have been similarly infected in the life span of Mac OSX? Is it tens of millions? Hundreds of millions?
It's a bit early to be predicting the demise of Mac OSX security!
33. anonymous
There are a couple of problems with the logic behind this article. If the people who write viruses and the like are after publicity as you suggest then the blizzard of comment on the net surrounding the earlier exploits for the Mac should have encouraged them to believe that eternal fame awaits them if they can get a decent virus up and running. So the incentive is clearly there.
If OS X is in fact more secure then at what point will you concede that the flood of viruses is never going to arrive and that it is because of the superior security od the software. My point is that I am concerned that your hypothesis is untestable. It is not possible to outline success criteria for it.
To put it another way, how do you know that Mac OS X has not been the subject of a huge effort by a multitude of virus authors who have completely failed to make any impression?
The harm that your stance does and the reason why it is worth addressing it at all, is that it helps perpetuate the notion that there is no point switching to the Mac because viruses could arrive Real Soon Now. As a result, more potentially productive time is wasted maintaining hundreds of millions of Windows systems.
34. Jim the Mac Zealot Everson
Wow. This article is ridiculous. Frankly, it doesn't matter WHY Macs are more secure. I don't care if Macs are more secure because the Moon is in Gemini! The fact remains that if you want security RIGHT NOW, go with a Mac. What is the alternative? Will you continue to let yourself be vulnerable by using Windows because "in theory" Macs will be just as vulnerable just as soon as their market share reaches parity with Microsoft? Um, what year will that happen? Even in my wildest Mac zealot fantasies, that couldn't happen for at least 20 years. (how this could happen is another story, but use your imagination). Clearly, you could be free of major intrusions for A LONG TIME if you switched to the Mac today. Are you so paranoid as to believe that if only you switched to the Mac that all of the world's hackers would follow you? This article should never have been written.
35. H.D. Ley
Why is it so hard to believe that Mac OSX is indeed more robust and secure than Windows?
Any graffiti artist, doubling as a hacker, who could, and would actually write a virus for the Mac OSX, would no doubt feel like painting with the sisteen chapel as his canvas. It would not matter that the Mac has such a small market share; it would be the most famous computer virus of all time.
For the past four years, thousands of articles have continuously spouted the "security through obscurity" myth for the Mac. Let me tell you, there is nothing obscure about Apple computer. Nobody gets the press and exposure that Apple gets. I mean, how many of these "security through obscurity" articles do we need? It is like; there is this guy in the commentary window screaming his lungs out with a megaphone ... calling all hackers, calling all hackers: Here is another Mac security article - please, please, please -would you please write at least ONE virus for the Mac? Pathetic.
Here is a thought, there were supposedly about 50 or so Mac viruses for OS 9 - not that I ever saw one of those since 1985, but - what the heck. Yet, after 4+ years, there are zero for OSX. Now if you believe that OSX is more obscure than OS 9, I have some swamp land I would like to sell you. I am not saying that it is impossible to write a virus for OSX. All I am saying is that it is more difficult to rob Fort Knox than to rob the corner grocery. And so is with OSX. That is the reason why there are more than 114, 000 viruses for the PC and zero for the Mac.
C'mon, why did man go to the moon, climbed Mt. Everest, swam accross the English Channel, flew across the Atlantic, and so on, and so on? Why, because they could. And so far they - hackers - haven't been able to write one. I-t i-s m-o-r-e d-i-f-f-i-c-u-l-t to write one for the Mac, just like it is more difficult to rob Fort Knox, and that's why - there are zero viruses on the Mac.
... Now, is that so hard to understand?
36. Don Kraig
According to Apple, there are currently 16 million Mac OS X users. And there is still not one piece of malware for OS X in the wild. Are you really saying that not one cracker wouldn't want his or her name up in lights for being the first to produce such an attack?
The "security through obscurity" myth is just that--a myth. The fact that OS X begins with ports used for hacking closed and difficulty becoming a root user or allowing an application to simply install itself.
Could someone come up with malware for Mac OS X? Of course. Is it a problem? There are currently over 60,000 pieces of malware for Windows and 0 for the Mac. Which do you think is safer?
If a person drives a Lexus with numerous air bags are they safer than someone who drives a more popular SUV that has no air bags simply because there are fewer Lesus vehicles or because it is safer?
37. anonymous
more f*cking pro-Microsoft bullsh*t
38. anonymous
More B.S. from Silicon.com.
Notice first that this is an anonymous contribution. (Ed note. All our of our leader articles have been by-lined 'silicon.com' for the past 8 years, well done for noticing now.)
It is certainly NOT the first "pro Microsoft" one from Silicon.com, noted for Mac-bashing (always anonimously, of course) (Ed note, with the exception of our leaders, as mentioned above, all article are by-lined - we even have a regualr columnist, Seb Janacek, who writes a Mac column... where's the anonymity?) for quite some time.
The Mac installed base is large enough to be a target for virus coders (it is larger than the Windows installed base when the first Windows malware came to light). More importantly, a virus writer would do so just for the bragging rights. So, how come we haven't seen widespread infections on the Mac?
The number of users is one factor, but another is that Mac OS X is inherently more secure than Windows, largerly because of its more secure architecture.
39. Christopher J Smith
Yep Macs ARE more secure...... the article is definitely pro Microsoft BS...... and it is a first for silicon.com.......
The REAL truth people, is that Mac OS X is so much harder to hack that the hackers don't bother.
The REAL truth is that IF anyone COULD hack Mac OS X they would have SUCH hacker "cred" that they would be legends.
The REAL TRUTH is that any openings in Mac OS X are usually identified, sometimes by white hat hackers, and are patched promptly by Apple so they NEVER become and issue.
Silicon.com is full of crap. THAT'S a first!!!!
40. anonymous
So maybe, when Macs get to be 20% or 30% of the market, this will be relevant. In the meantime, it is a presently existing fact that Macs have less malware problems. (Ed note. Absolutely, that's indisputable.)
41. Fandyllic
What exactly is the point of this article? I don't see any useful information in it.
The article neglects to point out the number of attacks, viruses and vulnerabilities a Mac user is exposed to is not proportional to market share differences between the Mac and PC.
Whereas the PC has 100-to-1 marketshare advantage (okay maybe more like 50-to-1). The Mac has about a 100000+-to-1 advantage in lack of known malware/virus attacks (a conservative estimate is that 1000 new Windows virus variants appear each month and this does not count adware or other malware). This ratio cannot be explained by the tired pronouncement of "security through obscurity".
Also, asking anti-virus companies about Mac security is like asking tobacco companies about whether non-smoking is a good idea. They have no incentive to be honest.
42. Michael Edlund
Are you kidding? Is it April 1st? Not only is Mac more secure than Windows, so is each UNIX based OS. Windows old underpinnings that make it possible for malicious code affect the system doesn't exist in real operating systems.
43. Kris Resche
you must be out of your mind to print something so demonstrabably false. And to make things worse, the authority you site is a representative of the largest antivirus software on the market. That and a few weak analogies is your case...despite extensive studies by independant technology labs (who do thngs called tests).
Difficult it is, to imagine an article more brazenly ignorant and partisan, with an argument so weak. Silicon.com, does not deserve any credibility it had. This site is a rag written by flacks.
44. Jeff Axline
On one hand the author implies that it is simply the size of the user base that provides safety, and on the other he writes that no one would know about weaknesses until Apple market share goes up. These two ideas don't really mesh that well. The whole story seems to be written from the authors "common sense" with no checking of facts with knowledgeable people. Notice that I didn't swear? The characture of Apple crazed users is tired.
45. Ken Ho
Good Guess!
Yep more m$ bla bla... Consider this graffiti artists usually go for the easy target. M$ out of the box is less secure than a mac out of the box. OSX has and almost 10/1 security update vs M$. How about some unbiased reporting pls.
46. anonymous
As another Mac 'zealot', I find your article highly provocative! It might be correct, because both Mac and Windows (and Unix) are based on the same underlying C technology where buffer overruns provide many ways to undermine the system. However, it seems that Unix (and thus OS X) has lived with this problem for longer and has become more secure over a longer period of time. Maybe the most secure systems are Unisys Burroughs MCP-based systems, written in ALGOL where buffer overruns are impossible.
47. tony
Over the past two decades, there has been several occasions in which someone offered a cash reward for anyone to crack into a Mac, and if your logic was sound, then the results would have been a lot different.
I use Windows XP and a four year old kid can mess up my settings by simply installng new software into the guest account. That could never happen on a Mac!
48. anonymous
Oh how absurd. What are there, something like 24,000 PC virii out there in the wild, actually affecting machines, with new ones arriving daily, and still none successfully attacking OS X? Of course Macs are more secure. You don't think what a big huzzah would await the first punk out there that wrote a successfully spreading, documentable OS X virus? If you swallow the "security through obscurity" line, then just keep on drinkin' the MS Koolaid!
49. David Thomas
Incredible. The ONLY way for your argument to make ANY sense, is for the design, and architecture of OSX and Windows to be the SAME, or SIMILAR. They are not.
There is so much out there to support the fact that OSX is more secure than any Windows OS produced to date.
Your article also completely misses the point of successful hackers, the really good ones (not the script kiddies and cheap parlor tricks). They have an overall disdain for MS. In addition, hacking Windows also was a "hobby" because it was fun to stick your fingers in it's swiss-cheese design.
Millions of users is more than a large enough base for someone to try and hack, using your argument.
Let me ask you these questions. Do you have a computer science degree? Are you a programmer, who has knowledge in C/C++ and/or assembly code? Have you ever written an operating system, or even a shell that sits on top of one? If the answer to these questions is no to more than one of these questions, then you have no business even writing the article.
50. Nick Collingridge
I really don't want to be seen simply as a Mac apologist, although the article pre-judges me as such, but I really do think that silicon.com should examine the journalistic throughness of this piece. Basically it takes one theory and promotes it at the expense of any other without even attempting to examine the reality behind the situation.
What about the relative security of the two operating systems in discussion here? Shouldn't the article examine this aspect of the issue if it purports to have any integrity? Does the journalist who wrote the article have enough technical knowledge to appreciate the difference in security between the two operating systems to judge whether this might be a factor or not?
If NOT, then the article shouldn't have been written by this person. If they DO know enough at a technical level then they should also know that MacOS X has a fundamentally more secure architecture. I won't go into the detail of this here, but plenty of information is readily available about this if necessary.
So why ignore this possible reason for the fact that there is currently no malware for MacOS X? This is not a journalistically thorough treatment of this issue.
There is also a counterpoint to the argument that the larger installed base of Windows systems makes them more attractive to malware authors which should have been introduced into the article if it had any aspirations to thoroughness. If malware authors really are "graffiti artists" then surely the great kudos that would come to the FIRST person to produce malware for MacOS X would be an enormously attractive prize?
This comment is an attempt to bring some balance to this issue, something which I have to say I thought was sorely lacking in the original article. It is not a diatribe by a zealot - I support both Macs and PCs and I know the reality of the lax security inherent in Windows and the inherently stronger security model in MacOS X.
Either the author of the leader knew this too, and chose to ignore it because of some reason that only he is privy to, or he did not know and therefore shouldn't have written the article.
51. anonymous
Most Windows users (myself included) have to use the Administrator a/c. So if security is breeched it's more of an issue.
I don't think this is such a problem on Macs or Linux.
52. anonymous
Hmm This does seem to have woken up all the mac fanatics out there.
Why bother bitching and complaining when your beloved OS is compared to MS, surly it does the same job.
As for reliability, I have not had to reboot eather my work or home PC running MS since the day i got them. But where was this mentioned in the article, just another chance to try and have a cheep shot at MS because it is more popular (for now).
I have not had a virus on eather, although i do run AV software. Home PC has no fire wall eather.
All PC's regardless of OS, UNIX/LINUX, mac OS whatever and Windows all have 1 big security problem that no software can overcome - THE USER.
Why do we here of mac security updates if it is so secure?????
Have got 1 mac on our network and don't want any more - before anyone thinks i know nothing about them!
53. Martin Lukes
You missed the "sums" part of education then?
"the fact of the matter is Apple's claims of greater robustness can only be tested when all things are equal - laboratory conditions aside....."
Rubbish. That isn't a fact, it's an assertion. Out here where people have calculators, you use a weighting formula. Or maybe you can only measure two things of anything when they're exactly equal. Acid is more corrosive than water? I don't know, I haven't got exactly the same amount of acid as I have water, so I can't test it.
Utterly pathetic. This isn't even pseudo-science, it's just ignorance.
Thundered the Brigadier.
54. anonymous
John Thompson is not a good source
Do you think quoting the CEO of a company whose job it is to sell people virus and security software (for both PC and Mac) is objective? What you think he is going to say “ya the Mac’s pretty safe – you don’t need protection software like ours”
55. anonymous
It has always seemed simple to me, Buy a commodity PC and get your work done, or buy an extremely overpriced one, and spend your time ranting on about how much better / safer it is. why would anyone want to write viruses for machines used almost exclusively by the printing and design industries?
56. anonymous
Does anyone actually use a Mac? The other week I was at a client and saw A Mac with a large screen at reception. The first I have seen in a sales / support environment. When I asked what it was used for I was told it didn't work, It was just there as a Photographic Prop for Brochures etc.
57. Spliff
This website must need revenue. To make claims pointed out in this article without the authors own "technical research" is also stupid. Immediately he knows his article will be dismissed by "Mac zealots" since he has provided no real "technical proof". This also illustrates the bias of the article. Obviously he must need a hit count or else he will be fired. If popularity were the real motivation for making viruses, then it would be in the BEST interest of a virus writer to create the first REAL virus. Not a concept or a poorly written piece of code. You have my hit.
58. Kris Resche
you must be out of your mind to print something so demonstrabably false. And to make things worse, the authority you site is a representative of the largest antivirus software on the market. That and a few weak analogies is your case...despite extensive studies by independant technology labs (who do thngs called tests).
Difficult it is, to imagine an article more brazenly ignorant and partisan, with an argument so weak. Silicon.com, does not deserve any credibility it had. This site is a rag written by flacks.
59. Jeff Axline
On one hand the author implies that it is simply the size of the user base that provides safety, and on the other he writes that no one would know about weaknesses until Apple market share goes up. These two ideas don't really mesh that well. The whole story seems to be written from the authors "common sense" with no checking of facts with knowledgeable people. Notice that I didn't swear? The characture of Apple crazed users is tired.
60. Simon
Apart from the obvious 'kudos' of being the first to write an OS X virus, there is another factor that should make Macs even more attractive ...
Although it's changed a bit over the last few years with products like the Mac Mini, there's a tendency for Macs to be used at home (ie without the support of a dedicated IT team) which makes then a larger target than the raw figures should suggest. More importantly, there is a tendency for them to be used by people with a higher disposable income (partly due to the prices) and this should make them even more of a target to criminals.
So numerically, the Mac is more exposed than is suggested, and financially, Mac users are a much more attractive target to criminals - so that explains why there's no known exploit out in the wild !