“Is the Apple Macintosh and its OS X operating system an enterprise security contender — or should it be? ‘OS X is designed differently from the ground up — applications and user programs don’t get as ‘involved’ in the base OS as Windows, said author Richard Forno, the former chief security officer for Network Solutions,” Mathew Schwartz writes for SearchSecurity.com.
Schwartz writes, “Out of the box, only SSH is enabled on OS X and, upon starting, users must create an account and password. Root access for applications is discouraged. By comparison, Windows systems ship with most services enabled. ‘Deploying a Mac environment means you’re not running around with daily software updates or responding to incessant viruses and worms. That alone will save significant sums and staff headaches,’ said Forno… A study conducted in the mid-1990s at NASA compared support costs. The number of support people needed for Macintosh computers averaged one for every 250 computers, whereas for Windows, it was closer to one for every 30…”
Schwartz asks, “Should security administrators consider Macintosh? ‘OS X makes the Mac a serious contender throughout the enterprise,’ said Forno. ‘It seamlessly integrates with existing Wintel [Windows] environments, but in a more reliable and secure manner.'”
Full article here.
forget it.
IT managers love computer related problems. more virus attacks would make them more important to the enterprise
period.
all it takes is a few to get many to switch
which senator is it on capital hill (kennedy?) who’s office was the only one unaffected on a daily basis by the plethora of downtime everyone else expierenced due to numerous virus problems daily..that was a good read indeed
one guy starts with it and more will follow, this is all good press
IT managers don’t need the extra help of viruses to be “important.” They have enough trouble with users who can’t check their own e-mail.
…the winds of change are a blowin’
When I worked for my old newspaper (the biggest one in England) we had to use Windows cause the IT department was a bunch of stubborn old dinosaurs who were afraid of change so much that they simply ignored all the good press about OS X and instead installed the biggest waste of space I have ever seen – an OPI that cost so much I nearly fainted when I heard the price.
IT Departments are fools cause they think they know everything when they fail to realise that you never stop learning.
I work in Military security.
I am deploying G5s as Bastion Hosts.
They have proven themselves time and time again in our labs…
I echo webmaster’s apprentice’s sentiments….
Rock on Apple!!!!
installing macs means laying off IT people. Windows is job security even though it’s not network security.
It doesn’t take much more effort than doing some simple window shopping to see the differences. Go to Apple.com and then Dell.com and do a comparison shop of a dual, 2Ghz, 64-bit server with OS.
Then take a look at the OSs at Apple.com and Microsoft.com. It’s not easy to find at Microsoft, so I’ll give you some help. It’s at http://www.microsoft.com/windowsserver2003/64bit/ipf/default.mspx . Now, look closely at your choices…
“Windows Server 2003, Datacenter Edition, is built for mission-critical levels of reliability, availability, and scalability.” Does this mean that the one that most businesses use, Windows Server 2003 Enterprise Edition, isn’t as reliable? Granted, you’re not running a NASA space mission, but you really don’t want your staff sitting idle or risk a year’s worth of work to suddenly be trashed or compromised. Regardless, I couldn’t find a price at Microsoft or Dell for this version of the OS.
At the Apple website, I get the feeling that I could do it myself, having moderately good knowledge of computers and networks. At Microsoft’s site, I think I’d have to hire a whole IT staff just to figure out what I needed and how to put it together.
By the way, the closest in price and features to a XServe G5 ($4,599) is a 32-bit Dell PowerEdge 1750 ($5,960). But, this isn’t a good comparison. You should buy a Dell 64-bit PE3250 ($21,248) if you want comparable hardware and software. [Xserves come with an unlimited license, this is not an option at Microsoft, so I chose the maximum 25 user license as a comparison when calculating the Dell prices.]
4 times the price, 50 times the complexity, and STILL MUCH LESS SECURE! What level of insanity does someone need to have to actually recommend such a bloated disaster as a Microsoft server?
“Security” can be explained one of two ways….
When using Windows, security means as long as you use windows, your IT department has “job security”
When using Mac’s, security means never having to say “virus”, “worm”, “service pack”, etc.
Of course, as I type, my Outlook is probably locking up again on this old Dull workbox.
Gary
*Laughing at Metryq*
I’m betting mine are dumber than yours.
…With support for up to 64-Way Symmetric Multi-Processing (SMP) servers and 512 GB of memory…
Yes, 512 GB of memory a 64-bit OS and SMP!
Please, Apple doesn’t have any thing close to this “real IT world” technology.
The “real IT world” needs to deploy network applications and databases using the .NET framework. Apple is not even playing in the same game.
When the soon to be released Longhorn arrives and .NET controls the internet…
unless you are using a MS OS you will be unable to conduct any type of internet business.
So Apple users have some fun today, but the party is over we in the “real IT world” are not going to program web sites for an OS (10.x.x) that has a smaller base then Linux.
�
tell us more about the ‘real’ world, comrad.
Sputnik, did you read Reifman’s article? He pointed out that the Open Source community is working on software that will allow .NET programs to run on non-windoze operating systems. Since it will be a while before .NET is even close to being that dominant, the chances of it ever controlling the internet is pretty much zero. Though I suppose you’ll still be hanging around this site every chance you get in, what, 2007, 2008?
This article is pretty dopey:
“But OS X is far from headache free, judging from several security flaws announced by IT security firm Secunia in the past two weeks.”
Yeah, right…
Besides, M$ has a problem getting users to upgrade to new OS (corp & consumer).
Even after Longhorn is released, it will take a few years for the majority to upgrade.
By then most folks will be using open source Apps & OS (and OSX).
BZZZZZZZZ, .NET is multiplatform. No need to be on Windows. And this is the reason why MS is not *that* after it: does NOT lock users to Micros**t.
Micros**t will ditch .Net in no time as soon as becomes profitable for other OSes, so forget about it: it is dead already in Redmond’s mind.
But I just heard the next “service pack” to WinXP has this incredible new feature called a pop up blocker…. wheeeewwww thats impressive….
welcome to 2002 Internet Explorer
.NET has been officially changed to .NOT. MS isn’t even talking about this anymore. It was loosely defined in the first place, and never really took shape for anyone. It’s a joke son!
Adi makes a good point. IT managers would much prefer a Windows world than an Apple world, because otherwise 90% of them would be out of a job. It’s why tax preparers and the IRS lobby against the national sales tax, or the postage card tax return. The world is mired in mediocrity just for the sake of saving jobs.
Woe to the IT office when the CEO gets a Mac! (If the CEO is ever daring enough to try one in the first place after a healthy dose of FUD from their IT department in a desperate attempt to keep their jobs…)
hmmm who’s doing the reccomendations,… the guys PAYING the IT guys i hope?
Otherwise, the whole system is a freakin’ joke.. let the IT guys decide their own fate? Please..
Has no one thought of this..
Well, then.. why don’t the IT guys make their own viruses and unleash them on their own companies.. and then turn them off.. a few days later etc.
.NET to .NOT — hilarios, ndelc.
QUOTE
In 1996, for instance, 30 people were killed with handguns in Great Britain, 106 in Canada and 211 in Germany. In the U.S., 9,390 died this way. In Japan,15.
UNQUOTE
Does this make living in the US less secure than living in Japan or Great Britain?
QUOTE [out of context]
Determining that just isn’t possible today. “We don’t really measure apples to apples when it comes to security. Instead we count vulnerabilities, which is nothing more than an unpopularity contest at this point,” said Pete Lindstrom, research director at Spire Security.
I guess it all depends on who is paying Pete’s bills, eh? BTW — the link to Spire Security crashed my comp.
Well the bullshit is over folks, sure Mac OS X is more secure than Windows, but with these rash of URL handler exploits and a few “others” I’ve agreed with Apple not to mention.
Articles like this one is now complete and utter propoganda, full of you know what.
Mac OS X has been a complete security nightmare for Apple.
http://apple.slashdot.org/
Sure I rather use it than Windoze anyday, it’s reliable but no longer secure
In fact I’m wondering how long it will be reliable.
Why am I bitching? Because I told Apple several months ago, in secret, about the exploits and assumed it was taken care of via software update.
Turned out they didn’t do a f$king thing and we had to go “public” to force them to act.
To make the Mac community fix what Apple refused to fix themselves.
So the love affair is over for me. The “Reality Distortion” has been broken.
We talk up Apple so much, like it’s a frigging saint. But all it took was these extremely serious exploits to break the spell.
Thank God, now I won’t have to spend anymore money for something I don’t trust or believe in anymore.
Sorry Apple, I’m afraid you can’t snowball people anymore. Your Mac OS X is a security ridden piece of shit.
“Blow Chunks” you can blow all of the hype, FUD, and theories you want. But, security is based on real world incursions.
Your “logic” can be applied to a clam that the Earth is vulnerable to meteor attacks, and it’s just a matter of time before we are all destroyed. Yes, you’d be true that there is no defense for a 10 km meteor collision, and it can be said we are vulnerable. You can write to the leaders and warn them and then be upset that they have taken no action, just as you have done with Apple. Just as a government might do, Apple assesses the level of risks and applies the appropriate funds and time to repairing the problem. As both the Earth and Apple await their respective “Big One” to hit, there is no real danger in sight. No one is under a threat, and all we have in reality are a bunch of “Chicken Littles” claiming the sky is falling. As soon as it does, you will have the right to say “I told you so!”
Until then, I’ll stick with my Mac with its ONE theoritical, highly improbable, never actually seen, security flaw and you can play with your MS OS and wrestle with the 90,000+ EXISTING intrusions.
Actually Apple fixed two: the telnet and the help.
And nope, the *fix* the community did is not a fix at all: it disables the service. LOL, you truly thing THAT is a fix? If that is what was involved it would have been done in 5 minutes at Apple.
Buddy, all the applications (like the Help.app) need to be adjusted to deal with those weaknesses. So the actual fix from Apple will contain new version of quite few applications to deal with those.
The fix has to be a real one, not a bandaid as we have now.
LOL, “we had to go “public” to force them to act. To make the Mac community fix what Apple refused to fix themselves.”
If that is what you hoped for, a mac community fix, we are still in the waiting buddy.