“The Macintosh is no safer than Windows,” according to Leo Notenboom, writing for Ask Leo! “I firmly believe that the Macintosh operating system and Mac applications contain their share of vulnerabilities. More than Windows? Fewer than Windows? I don’t know, but it doesn’t really matter, because they are there. So why don’t we hear about Mac exploits like we do about Windows?”
Notenboom explains, “I do not own a Macintosh. I’ve come very close a time or two for various reasons, but have yet to do so. What follows is my opinion based on my understanding of the technologies involved, the state of the industry, and some assumptions about how hackers think.” Notenboom is primarily a software engineer concentrating on Microsoft’s Windows platform.
Notenboom writes, “The reason you don’t hear about massive vulnerabilities or spyware or any of that other stuff we’ve come to associate with Windows. Not because it couldn’t be done, but because no one’s bothered to do it. It’s not worth it. This is where we start trying to think like a hacker. If you wanted to cause trouble, would you write something that upset 1 out of every 25 computers? Or would you target the other 24? If you wanted to install spyware, would you write it such that it worked on 4% of computers or 96%? If you hated Microsoft, would you write a virus for the Mac? The answer for all of that should be fairly obvious. Apple and the Macintosh simply aren’t as big a target as Microsoft and Windows. As a result, you are inherently safer on a Mac, because almost no one is actively trying to cause you trouble.”
“The Mac is safer, albeit only because it’s not as big a target,” Notenboom writes. “That’s not to say that Apples aren’t worthwhile computers … in a nutshell, they rock, and I know it. Apple’s known for a superior and consistant user interface, as well as a fairly seamless hardware experience. But Windows wins market share on cost and flexibilty. And given that more market share makes you a bigger target … maybe Apple’s happy to let someone else take the bullets.”
Full article here.
Advertisements: The New iMac G5 – Built-in iSight camera and remote control with Front Row media experience. From $1299. Free shipping.
Get Microsoft Office for up to 50% off when you buy a new Mac at the Apple Store. For a limited time, you can load up your new Mac with a full version of Microsoft Office and save up to $250 after mail-in rebate.
MacDailyNews Take: Oh, alright, here we go again. First of all, 16% of computer users are unaffected by viruses and assorted malware because they use Apple Macs, not 4%. Wouldn’t a hacker gain the greatest glory by creating the world’s first virus for Mac OS X, instead of virus number 119,587 (or whatever it’s up to today) for Windows? Why not collect the $500 prize for proof of the first Mac OS X virus? There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 16% of the world’s viruses if platforms’ install bases dictated the numbers of viruses. The fact that Mac OS X has zero (0) viruses discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
The reason why some desperately (or ignorantly) cling to the “Mac is secure because it’s obscure” myth, is Stockholm Syndrome with a generous dollop of Cognitive Dissonance thrown in for good measure. It might make Windows sufferers feel better, but “Security Via Obscurity” is a myth. The continued repetition of the myth could also be borne of ignorance or a desire to spread fear, uncertainty, and doubt (FUD) to keep Windows users in the fold. Security concerns have become a major reason for people switching from Windows to Mac OS X. The New York Times’ David Pogue explained all about Mac OS X’s superior security versus Windows over two years ago when he admitted he’d fallen for the myth here.
Still not convinced? Try this one on for size: according to Apple, there are “close to 16 million Mac OS X users” in the world and there are still zero (0) viruses. For five years and counting. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Could Mac OS X have vulnerablities? Of course, it could. Would Mac OS X ever inflict even a tiny percentage of the damage Windows’ pervasive use has inflicted upon the world. No. Mac OS X is designed to protect the user. More info: Top 10 Mac Security Benefits (pdf).
Related MacDailyNews articles:
Security IT Hub: Apple’s Mac OS X ‘has made security a non-issue for users’ – November 21, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
Windows to Mac switchers: recommendations and Total Cost of Ownership analysis – September 29, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
Intel CEO Otellini: If you want security now, buy a Macintosh instead of a Wintel PC – May 25, 2005
Apple touts Mac OS X security advantages over Windows – April 13, 2005
97,467 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – April 05, 2005
Apple’s Mac OS X is virus-free – March 18, 2005
Cybersecurity advisor Clarke questions why anybody would buy from Microsoft – February 18, 2005
Security test: Windows XP system easily compromised while Apple’s Mac OS X stands safe and secure – November 30, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Information Security Investigator says switch from Windows to Mac OS X for security – September 24, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
This guy is an airhead pretty obviously but there IS a fact that often goes unmentioned or overlooked. Virus and worm writers have, in recent years, moved away from pure “glory” exploits and more toward monetary gain. These are crooks pure and simple, not ‘script kiddies’ out to prove their dubious manhood. Since most transactions are done using Windows machines they are the more desirable target. There is no question that the Mac OS is more secure (not perfect) but it’s not an obscurity thing. That’s ludicrous. It’s all about seeking the most vulnerable targets for the biggest potential monetary gain if you are a crook. If you saw any large organization doing a lot of business on the web insist that ONLY Macs using Safari would be allowed to buy from them…I would bet you that some kind of exploit would show up. The potential for the success of it would be low…but don’t doubt that hanging out bait will attract sharks.
You know, when the sarcasm is laid on so thick as Sputnik’s, it would seem obvious that ANYone could see it for what it is, but Sputnik has such a deadpan delivery that you can always depend on the knee-jerk “hey asshole” responses.
I’m not sure which is funnier, Sputnik’s out-of-this-world “Real IT guys” parody, or the self-parody of the people who respond to his joke posts as though their personal well-being were at stake.
I take it back, I do know which is funnier. Truth really is stranger than fiction. Nothing Sputnik invents could be as funny as the “real” responses of “real” Mac users with so much bile to spew.
Wow, guys. You know the joke is never as funny when you have to explain it. Lighten up a little, you’ll live longer.
eagerly awaiting (with a smile) the replies flaming me for dissing people’s posts dissing Sputnik. Man, I love this board. The entertainment just never stops.
®
Notenboom is an idiot, or is just very sheltered. I’m not a hacker, but at least I can think like one – as in, even though the “size” of the Mac market isn’t as big, but so what, I’d want to make a successful virus for the Mac for the CHALLENGE of it! Publicity may be part of the fun for a hacker, but the larger part is the ability to thumb your nose at everyone and say “See…….I did that!”. Don’t tell me that for the past 5 years that no one has tried either – unless your an Ostrich with your head in the sand, or your last name is Notenboom. At this point, given the length of time OS X has been available and there has been NOTHING in the way of a virus for it during that time, I’d say that there CAN’T be a virus that’s going to ever be “successful” on the OS X platform!
MDN Magic Word: may as in “My head MAY explode if I keep reading crap like this”
blucaso, as a Brit I can spot sarcasm a mile off. And I totally agree it is hilarious when people flame the fictional Sputnik.
®
Damn you virus writer, You destroyed my Logic Express project. I REALLY wish I hadn’t forwarded that email to my other account. I sure hope it doesn’t take down the iMovie project I have going on the other machine.
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Bluecaso/Sputnik:
Thats a really lame attempt to save yourself.
Well done Sputnik – back with a vengeance I see!
The writer Nettlebum, or whatever his ridiculous name is, is paid by Microsoft.
Expect more of this as the rats go up against the wall…
Time top let up oon poor Leo. He has (almost) admitted that his argument is erroneous, and he even linked back to this thread from his site.
He’s definitely showing more class than most other tech writers in similar situations. Please do the same. Otherwise, it provides more ammunition to those who consider us cult weirdos.
“If you hated Microsoft, would you write a virus for the Mac?”
….mmmmayybee, nobody who uses an Apple computer HATES the Mac platform like they HATE their stinking virus & spyware infested PC’s. You tend to hate things you own that turn against you.
“The answer there is that the Macintosh suffers from all the same vulnerabilities that Windows or any other computer on the internet does.”
….It does? It DUHz? When was that you duh-head. I don’t recall suffering in my 20 years of Mac use. I hope he uses Winduhz forever, can’t think of anyone more deserving of continued PC experience than this guy.
Hey, critic…
Real IT people already know we ARE a bunch of cult weirdos.
Sorry, couldn’t resist.
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
And no, I am not Sputnik, although I play one on TV. See, the sputman uses a ©, while I use the more classy ® to signify a response to the man.
every OS is vulnerable because there is no such thing as perfection. Whether it’s 16% (dubious) or 4% the perception is that Apple has a pretty low market share and if you are a hacker then you’re generally not going to bother but someone will eventually create one for the Mac and succeed. It’s only a matter of time.
I just want to remind everyone that when (if) the first virus, worm, etc is finally found for OS X, then the score will be at least 100,000 to 1.
Do you think that people will still be using the same obsurity arguments if we go another 5 years without a virus?
I love yous guys
Another reason to love my Mac!
If a virus appears for Mac OS X Apple can quickly and easily fix the whole. I don’t need anti-virus because I believe the frist virus created for OS X with be obsolete within a few weeks of it’s debut. Backing up to an external harddrive is more cost efficient and usful than spending $60 on useless software.
Here’s a re-post of mine from an earlier article today. It describes a factor I believe goes a long way to explaining the chronicly flawed assessments of Mac OS X coming from journalists everywhere who are not Mac users themselves. Does anyone agree with this?
—-RePost Follows—-
Windows users are not impressed when you tell them an Apple computer has no viruses, malware or other reliability problems. They’re not impressed for one simple reason: They don’t believe you. It is, for them, an intrinsic property of a complex computing system that it regularly has complicated problems. If it doesn’t have these problems then it must somehow be incomplete and not a real computer.
If someone proudly told you his 6-month old baby had never cried once since he was born you wouldn’t believe it, or you’d think something was wrong with the kid, right? If someone told you his 30-year-old car with 900,000 miles still runs great and has never had an oil change or needed any maintenance at all, what would you think? Now, what would you think of all this if you had a screaming baby at home and your car was in the shop?
Tell a windows user that your Mac never had a single virus, never had any spyware, never crashed, hasn’t rebooted in 8 months, never has internal resource conflicts between applications, is easier to use than Windows, and with a Mac your friend can still do everything he now does on his Windows computer. You know what he’d think?
I’ll tell you what he’d think: He’d be very suspicious.
On a broad scale, the disbelief coming from Windows users represents a significant marketing obstacle for Apple. Their central strength, and their most important message to new customers, is simply hard to swallow.
All you need to do to understand the difference between Windows security and Mac OS X (unix) security is read this page:
http://www.icefox.net/articles/why_microsoft_market_share_wont_grow.php
Apparently Leo hasn’t.
His site must be getting Hammered by MDN readers heh heh
“Update:
As I expected the Mac crowd has weighed in loudly. Perhaps the best “counter-argument” I’ve seen so far to my article is here: MacDailyNews: Apple Macs are inherently safer and more secure than Microsoft Windows. I put “counter-argument” in quotes, only because we arrive at the same conclusion – Mac’s are safer – we just get there through very different means.
I encourage you to read the many comments below. The furor is that I’ve come to the right conclusion – Mac’s are safer – for the wrong reasons. In between the “Leo’s an idiot” statements (which, of course, I hope you’ll ignore), is good information, and many more reasons Mac users love their Mac’s.”
What a DICK!! How about finding out some facts before writing an article about something?
Aparently Macs are a smaller target than Windows….
However according to this article relating to an experiment done last year by USA Today
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
Quote
“Each PC was connected to the Internet via a broadband DSL connection and monitored for two weeks in September. Break-in attempts began immediately and continued at a constant and high level: an average of 341 per hour against the Windows XP machine with no firewall or recent security patches, 339 per hour against the Apple Macintosh and 61 per hour against the Windows Small Business Server. Each was sold without an activated firewall.”
341 attacks per hour average for XP vs 339 per attacks per hour average for OS X, How can you say that OS X is a “smaller” Target?
10:52:08
Less than four minutes from start of the test, an intruder breaks into Windows XP SP1 through the vulnerability most famously exploited by last May’s Sasser worm. Ensuing instructions get garbled.
11:03:30
Eleven minutes later another intruder breaks into XP SP1 through the security hole exploited by the July 2003 MS Blaster worm. Ensuing instructions get garbled.
11:04:04
While the previous break-in is still unfolding, another intruder, using a different attacking computer, breaks into XP SP1 through the Sasser hole. Ensuing instructions get garbled.
20:21:44
An intruder breaks into XP SP1 for the fourth time using the MS Blaster hole. Things go smoothly. He begins uploading commands. He confirms XP SP1 is connected to the Internet, then begins making repeated attempts to connect XP SP1 to a server running an Internet Relay Chat channel, the equivalent of a private Instant Messaging line.
20:22:49
The intruder successfully connects XP SP1 to the IRC channel, which is probably also running on a hijacked PC.
20:23:05
The intruder instructs XP SP1 to navigate to a designated Web site, likely running on yet another hijacked PC. XP SP1 downloads a program, called ie.exe, from the Web site.
20:23:11
XP SP1 begins scanning the Internet, poised to similarly hijack other PCs exhibiting the same unpatched security hole.
To Davidlow:
Excellent observation! Thanks for that.
Hey Sputnik! Take a look at Microsoft Security Advisory 911302 just issued today 21 November 2005. While you’re reading it just remember that Windows Internet Explorer is an extension of the OS, not an app sitting on top of the password protected root filesystem of any unix including Apple OS X.
If you really think that Windows is more securable than OS X then I pity your customer base. They most likely have active exploits that they do not know about for it’s certain that you don’t know about them.
Frankly, the parade of vulnerabilities and announcements from MS wears me out. I wouldn’t trust any OS that has the frequency of exploits that Windows XP, 2K, 2K3, NT, or Vista Beta have. But you know, lots of people use Windows for mission critical stuff everyday,…and lots of people bought tickets on the Titanic too.
I agree with Sputnik. In the real PC world we know how to manage our viruses. You simply divide them into to different categories and match them up with the daily patches from Redmond. After that you can just sit back calmly and wait for the next virus to appear. Mac users on the other hand have no idea how to protect themselves becuase the mac is such a small and uninteresting target. Also they are more vulnerable because you can’t patch them with windows update.
“Also they are more vulnerable because you can’t patch them with windows update.”
Heh that’s a new one on me. How long before that becomes “fact”, like the old line of how Macs can’t be expanded because there’s no CONFIG.SYS file to edit…
Where the hell did Sputnik go?
Did he just run away with his tail between his legs?
” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
http://australianit.news.com.au/articles/0,7204,17338486^15331^^nbv^15306-15318,00.html