New York Times: Mac OS X ‘much more secure than Windows XP’

The New York Times’ David Pogue has recanted his recent propagation of the “security through obscurity” myth, writing today, “That, as it turns out, is a myth, no matter who repeats it… Mac OS X and Linux [are] much more secure than Windows XP. For example:”

– “Windows comes with five of its ports open; Mac OS X comes with all of them shut and locked… These ports are precisely what permitted viruses like Blaster to infiltrate millions of PCs. Microsoft says that it won’t have an opportunity to close these ports until the next version of Windows, which is a couple of years away.”

– “When a program tries to install itself in Mac OS X… a dialog box interrupts your work and asks you permission for that installation — in fact, requires your account password. Windows XP goes ahead and installs it, potentially without your awareness.”

– “Administrator accounts in Windows (and therefore viruses that exploit it) have access to all areas of the operating system. In Mac OS X, even an administrator can’t touch the files that drive the operating system itself. A Mac OS X virus (if there were such a thing) could theoretically wipe out all of your files, but wouldn’t be able to access anyone else’s stuff — and couldn’t touch the operating system itself.”

– “No Macintosh e-mail program automatically runs scripts that come attached to incoming messages, as Microsoft Outlook does.”

Pogue writes, “…the conclusion is clear: Linux and Mac OS X aren’t just more secure because fewer people use them. They’re also much harder to crack right out of the box.” Pogue also covers Windows virus programs and other reasons why Mac OS X is simply more secure than Windows. Full article here.

31 Comments

  1. “In Mac OS X, even an administrator can�t touch the files that drive the operating system itself. A Mac OS X virus (if there were such a thing) could theoretically wipe out all of your files, but wouldn�t be able to access anyone else�s stuff — and couldn�t touch the operating system itself.”

    Not necessarily. A couple of workarounds:

    1. Admin has access to /Library, where lots of drivers and other cool things are installed. For example, you could modify the StuffIt components so that as soon as you download a StuffIt file, bad things happen.
    2. Admin has access to /Applications, giving the ability to modify applications. Infect Mail so that, after two days, every user who launches Mail loses their files.

    That said, the exceptionally difficult part is getting the Macintosh to run the code to make those modifications.

    “No Macintosh e-mail program automatically runs scripts that come attached to incoming messages, as Microsoft Outlook does.”

    I’m just curious–does Microsoft Outlook for Mac (Mac OS 9) run scripts at all?

  2. Peter, you incidentally addressed one main reason why virii and worms are so successful in Windows.

    “the exceptionally difficult part is getting the Macintosh to run the code to make those modifications”

    Not only, AND do that *without* asking the user for permission. Windows accepts registry changes and spyware/virus/adware installation and replication even if it was asked by IE. No user involvment, all accesses granted. The dumbest character ot all in a WIntel machine is not the user (who might be so simpleton as to double-click furiously every attachment s/he gets), the dumbest of all is the Windows itself.

  3. Gates understands the situation very well. How else could he ALWAYS be saying the exact opposite to truth?

    If Gates says Linux and Mac OSX are vulnerable, then they both can relax in the certain knowledge that they are essentially, invulnerable. Microsoft is no doubt doing everything they can to develop viruses for both these operating systems and if they or their partners had had any success doing so the viruses would be out there. Duplicitous behavior is, after all vintage Microsoft, in fact it’s ALL they know. To the best of my knowledge OSX has NEVER had a virus and has been around for years. Linux smaller market share hasn’t been so invulnerable but their virus count is tiny compared to the 1970’s era sieve that Microsoft calls Windows.

    In Gates defense, he is in a very difficult position. Microsoft has an operating system that is absolutely obsolete and if they change it to something modern, useable and secure they will be just like all the other UNIX based operating systems and be unable to use their proprietary software monopoly to extort huge piles of cash from users. They also would have NO unique (proprietary) application base and therefor would be bankrupt in a matter of months. They simply have, NO LEGITIMATE options to maintain their monopoly. Even Microsoft knows their loosing customers so to address this, they will make another lame proprietary attempt to close some holes with Longhorn at the users expense of course by increasing Microsoft’s virtual access to everything on your computer. Nothing will be allowed to run without their blessing. Experts feel Longhorn may be USABLE by 2010 if it stays on schedule. Are we prepared for five more years in this hell we live in? Longhorn will of course will set up yet another round of forced upgrades to all applications and the money taps are once again wide open and flowing mountains of cash. History repeats and we all swallow the Microsoft LIE whole, one more time. If they were capable of anything superior to absolute crapware we would have seen it LONG ago. Look at Apple they made the operating system transition flawlessly by all accounts, in just a few years, this simply is outside Microsoft’s capability. In order to keep all current customers all software transitions must take decades or they risk loosing a customer to something that already works, not some fictional future date when all will, miraculously be wonderful and work too, this time, really.

    Continues on next post

  4. Currently Windows has nearly a virtual lock on viruses that cost us each the purchase cost of our computer each year and thats just down time. Add to that the virtual certainty that we will each loose all our data each year on average and have to reinstall everything once twice or more each year. One begins to question the sanity of using anything Microsoft. NO other operating system endures this sort of perpetual rape of the customer base, so why do we continually put up with it? Is the certainty of being screwed by Microsoft better than, the uncertainty of changing to something that actually works, is secure and respects people’s privacy? It seems insane doesn’t it? Microsoft spends BILLIONS of our extorted money each year on FUD to keep us in mortal fear of this change. Microsoft’s life literally depends on our stupidity, vulnerability and fear! Fortunately for humanity the shift from blind stupidity has started, so wake up a brother or two if you’ve come to your senses and if not, open your mind and realize that the years of FUD are simply lies to keep us a captive SLAVES to Microsoft!

  5. Good rant clue giver.

    I think M$’s faulty software costs us ALL one way or another due to the capitalist society we inhabit, so it doesn’t matter if you’re a Mac or Linux user or not, you’ll still pay for it one way or another. Businesses will always pass on the costs to their consumers.

    M$ always drag their past with them, as they did with DOS in the early days of Windows (hehe, until about 2002).

    People are sheep.

    Baaaa.

  6. Maybe Microsoft should start from scratch – using BSD as a basis for their next OS?

    (instead of ripping off just the tcp stack guys, rip the whole lot off… why should we expect anything better from you?)

  7. Back in the 1990s and early 2000s children, yes, a long time ago, there was a company called Microsoft. The man who ran Microsoft was William Gates III, or Bill Gates as he preferred to be called.

    He was the richest man [ No Johnnie, he didn’t build the Golden Gate Bridge! ] in the world for a long time, and his money helped to fund some of the worlds most sought after medical cures.

    What did Microsoft do? Well they wrote what’s called “computer software” children. Some of our helpers today have their heritage in computers. But they weren’t so smart like now. You had to use your hands to tell them what to do! Which isn’t really much help is it?

    So, Bill became a billionaire because of Microsoft, and lots of people hated him because he had so much money (which is why he put some of the money into medicine… so people wouldn’t hate him so much.)

    However, you know what? He was forced to close that business because, and this is the funny bit, he looked after people’s sicknesses so much that he didn’t help his computers from getting sick all of the time!! People couldn’t do their work properly with his computers anymore. So, they stopped buying his software, and by the end of the first decade of the 2000’s, Microsoft was closed down forever.

  8. Cindy writes: “People are starting to wonder how windows will bite them. For many of them the cost of switching … new software, finding support, new hardware … is too high.”

    This kind of thinking is pennywise and dollar-foolish. Yes, there is a cost to switching, but that cost is far, far less than the cost of scanning for viruses, and dealing with their aftermath. Those costs are measured in lost productivity, in the cost of anti-viral software, the cost of recovering data from backups, the cost of buying new hardware and installing it because your old hardware is “a lost cause,” hiring a consultant if you can’t do it yourself, etc. Probably the largest cost is lost productivity, but it’s also the hardest to quantify and measure.

    Seahawk: The plural of “virus” is viruses, not virii.

  9. The fraudulent ‘security by obscurity’ myth has an origin vortex. That origin is Symantec. They created the anti-Mac security FUD campaign in August of 2005. Their purpose: Sell Symantec Norton Whatever. Their anti-malware software remains to this day infamously buggy and a CPU hog. Rather than rewrite the monstrosity they consistently choose FUD instead.

    The ‘security by obscurity’ myth was put in the grave several years ago. You can read the tombstone I wrote for it over at my Mac-Security blog:

    mac-security.blogspot.com

    The myth is a quick and easy litmus test for whether any ‘security expert’ is a pretender or the real thing.

    Super hilarity: I recently read that one of the executive FUD mongers at Symantec had decided the turning point for no longer being ‘obscure’ was 15% market share. And where did he pull that number from? You don’t want to know. You don’t want to go there.

    There are two good things about anti-Mac security FUD:
    1) It gets a good laugh every time!
    2) It has motivated Apple to exponentially increase their attention to Mac OS X security, resulting in a very much safer operating system.

    One thing always accompanies FUD: Desperation. When honesty fails to sell your rubbish, go for the last resort: LYING.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.