“Millions of college students soon will arrive on campuses, armed with new personal computers. And while many will be reasonably computer-savvy, users should note that setting up a machine, downloading security patches and getting safely connected to the Internet all involve more than a few mouse clicks and typing a few passwords,” David Sharos reports for The Chicago Tribune.
Sharos reports, “Cupertino, Calif.-based Internet security company Symantec Corp. recently conducted tests of five PCs it purchased through various channels, including direct from the manufacturer, a national electronics retail store, a discount retailer, a national retail warehouse and a local made-to-order PC shop. Given the out-of-the-box experience most manufacturers promise, the results of Symantec’s tests may seem surprising.
Sharos reports, “We found that there were 49 mouse clicks needed to set up one of the machines, and a total setup time of 81 minutes,’ said Kraig Lane, group product manager for Symantec Consumer Products. ‘The point of our study was not about finding the easiest computer to use–it was to demonstrate these setup issues take more than 10 minutes. And if care isn’t taken, machines are going to be quickly compromised.’ Infestation by computer viruses occurs less than an hour out of the box. During a survivability study using ‘honeypots’–machines set up without any virus or spyware protection–Symantec found new machines were “infested” within 20 minutes after logging on to the Internet.”
Sharos reports that Tim Bajarin, principal analyst for Creative Strategies, “notes that until recently, Apple products were far less prone to virus attacks due to the company’s virtual control of hardware, software and patches. ‘With about 4 percent of the market, it’s foolish of the ‘bad guys’ to crack the Mac system when they’ve already done so much damage on the Windows’ side,’ he said.”
Full article here.
[Thanks to MacDailyNews Reader “Peter Tambroni” for the heads up.]
MacDailyNews Take: Bajarin must have been misquoted because there’s no way somebody would still believe the “Secuirty Via Obscurity” myth in today in August 2006, right? Sigh. It really is FUDday! Okay, so here we go again, once more for old time’s sake:
“Security via Obscurity” is a myth. Mac OS X has zero (0) viruses. For over five years and counting. No Mac OS X users affected outside of a lab with old, non-updated Mac OS versions that they intentionally infected.
The idea that Windows’ morass of security woes exists because more people use Windows and that Macs have no security problems because less people use Macs, is simply not true. Mac OS X is not more secure than Windows because less people use OS X, making it less of a target. By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.
Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.
There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
Still not convinced? Try this one on for size: according to Apple CEO Steve Jobs yesterday at WWDC, there are “19 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Contact info:
Tim Bajarin, Principal Analyst, Creative Strategies:
The Chicgao Tribune Business Editor:
Online Letter to the Editor here.
Related articles:
Oxymoron: Microsoft security – August 12, 2006
With exploits in wild, Microsoft Windows braces for yet another critical worm attack – August 11, 2006
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Ballmer analyzes Microsoft’s One Big Mistake, Vista… er, ‘One Big’ Vista Mistake – August 02, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
What Microsoft has chopped from Windows Vista, and when – June 27, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Man! MDN is right – it must be FUD-day. So much unresearched and ignorant rantings and ravings going on out there on our beloved “internets”. And I’m not even talking about us here in the MDN forums!
Seems like the Chicago Tribune is no better than it was many years ago when I ripped one of their tech writers apart, line by line — and cc’d all the editors above him — which led to a job offer writing for them (which I have not done for over eight years).
This “reporter/author” (to use the terms loosely) is doing no more research into his articles than for what I faulted previous previous writers.
Perhaps, Microsoft is feeling the pressure of Leopard’s debut at the WWDC and they have their FUD & Spin departments in full production spreading “anonymous” tips, stories and rumors.
This Security By Obscurity myth is fubar if for only one reason that the virus writers are ego-driven, not profit driven. What better way to stroke your own ego and be able to gloat to the hacker community than to put these smug, no-virus having Mac users in their place by creating a Mac doomsday scenario using trojans and viruses.
Yet they haven’t done it. Why not?
What’s this ahole’s email address. Let’s set him straight!!!!!
i really doubt that there is a linear relationship between the number of users of an operating system and the number of viruses. there is almost certainly an hysteresis effect involved. that said, 10% ought to be big enough to see some viruses and 16% is certainly enough. i think the bigger effect comes from the fact that unix was designed from the start to be a networked system and windows was not.
It’s like saying Criminals don’t try to rob Fort Knox because it only has one “Branch” and not because of the incredible security, compared to Bank of America which has many branches.
How many mouse clicks needed to get up and running with a Mac?
I’m guessing a dozen? Five minutes or less? That’s what I seem to remember.
Here we go again… It’s the ole “if Macs were as popular as Windows- then they would get viruses / spyware too” theory. I try to explain to these “knowledgeable” people that OSX is based on a UNIX kernel- UNIX was built with security from the BEGINNING. It wasn’t an afterthought / bolt-on.
A simple demonstration- have a Windows user make a user account with full administrator rights, Have the user change network settings, have the user edit the hosts file. In every case- not once is the user required to supply an administrator password. Now- try that with OSX. That’s just a very small example of what the differences are between the enviornments. Yes- Vista is trying to implement this now- but in a typical pain in the ass Microsoft “you’re stupid” way that bothers / harasses the user.
Did you ever try to run Windows software WITHOUT being an Administrator or having administratror rights? – most of the time- the software won’t run correctly. Not so with OSX. Unless it’s a system utility or system related app- the apps will run just fine- you DON’T need to be logged in as an Administrator- hence- the OS is better protected against malware.
Again- this is just the tip of the iceburg when explaining why OSX is so much more secure than Windows.
Note to college students: Get a Mac.
BTW- I’m not a Mac fanboy- I’m in IT- I use both and I’ve seen the light a long time ago.
I personally don’t believe in the “security via obscurity” myth, but MDN’s following argument isn’t valid:
“Still not convinced? Try this one on for size: according to Apple CEO Steve Jobs yesterday at WWDC, there are “19 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Even if Vista is beta, it is still Windows, and therefore part of the 90% user base which does not equal obscurity. And besides, beta testers are more likely to be virus writers than your average Joe.
I read the whole article. Its scary that a paper as big as the CT hires people who have NO idea what they are writting about.
“Hey, I use a pc,I get by, so I must be an expert. Ignore the guy behind that curtain, he’s an IT drone, they don’t really do anything. Its all me.” Al -la- wizard of OZ. lol
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
N.
The worst part of the article is this: ‘Infestation by computer viruses’ because it promotes the idea that all computers are vulnerable. It’s important to get these so-called journalists to recognize that there is no such thing as a computer virus. There are only viruses that target specific OSes and applications.
Animation of an owl:
“How many clicks does it take to get to the center of a Mac?
A one… two… <crunch!>”
NOtice how they excluded how long it takes to get
last line should read:
Notice how they excluded how long it takes to setup a Mac?
Trevor,
Vista is supposed to be an all new OS, with new ways of doing things. It’s supposed to be secure, precisely because it isn’t the same code. Because it’s different code, it can’t be part of the current user base.
Even if your argument about beta testers being more likely to write a virus is correct, 10,000 is just over one twentieth of a percent of 19 million. Put another way, if all 10,000 were actively trying to write a Vista virus, there would still be very few attempts compared to OS X if only 1% of Mac users were attempting to write a Mac virus. That would be aproximately 190,000 people attempting to write a Mac virus vs 10,000 on Vista! Why no Mac virus when Vista has already had one? It cannot be obscurity.
“Security via obscurity” is BS, of course. Nevertheless, I can’t let this comment by pass:
This Security By Obscurity myth is fubar if for only one reason that the virus writers are ego-driven, not profit driven.
Total Mac Global market share is about 3% as of april.
Oh and Security through obscurity is no myth dumbasses. Apple says they use it on there own f’ing website..Take your blinders off morons…
“Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.”
By definition of the term “security through obscurity (sometimes security by obscurity) is a controversial principle in security engineering, which attempts to use secrecy (of design, implementation, etc.) to ensure security. A system relying on security through obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that the flaws are not known, and that attackers are unlikely to find them”
So what is that? Its BS..Just like MDN’s typical “take” [er] {opinion}
On my school network it took me about 2 minutes to set up my mac. In constrast it took me 2 hours to get one dell online and over a day to get another one online. UCLA’s reuirements are pretty strict, and include a full virus scan, up to date windows patches, and mandatory school supplied antivirus software. Unless you have a mac. In which case you just have to click the button “I already have AV software”
off topic: is gmail down? I’ve tried getting on about 4 times in the past 2 hours and it keeps telling me the server is too busy.
Of course this makes sense — if only 10 people in the world use these useless and overpriced computers no one will break into them. We all know that OSX is the swiss cheese of operating systems as Mac people are stupid and don’t know how to lock them down. As soon as Apple starts selling real computers (make that Intel) then the fun will begin. These clueless boobs will be overwhelmed by viruses, malware and other goodies with no end in sight.
Apple support will give up and Steve Jobs will retire to the Bahamas. If you want a fast, reliable and secure computer it is time to purchase from Dell or HP and make sure you get Microsoft Windows.
Well – hell seems like all the more reason to get a Mac to me.
I say promote the hell out of it. IT’S MORE SECURE!
Who cares why.
Ah buddy, step back from that agressive attitude. (Maybe you are cranky because your computer is running slow & needs a “cleaning.”) The myth is that Apple security is no better than Msoft’s security and that the only reason that Macs are safer is that no one cares to write exploits for 3% of the world market.
That is a myth primarily in that OS X, being built on a Unix-like foundation, is inherently more secure.
Permissions based systems along with Apple’s implementation of that into the interface, makes for a more secure system. Every modern OS is permissions based and whenever Msoft gets around to releasing Vista, it too will have a permissions based OS.
So, my prickly little friend, I’m sorry that you are offened by all the Mac cheerleading going on here, but hey, it is a Mac site.
And while Macs may be more secure because of their smaller userbase… 0 – ZERO “in the wild” exploits in what, 5 years, proves that its UNIX foundation is solid & the envy of Msoft.
Smile buddy, it won’t hurt too much.
It certainly has been a big FUD-day.
They sound like FUDdy-duddies.
“Security by Obscurity” really is a factor in Mac’s virtuous security. My rough guesstimate is OS X systems should suffer about 0.25% as many attacks as Windows systems. that would be … (crunch)(crunch) … several hundred – wait … THAT can’t be right!
This “reporter/author” (to use the terms loosely) is doing no more research into his articles than for what I faulted previous previous writers.
This “reporter/author” (to use the terms loosely) is doing no more research into his articles than did those I had faulted previously.
Does this mean I’m hired?