“For years, Apple avoided advertising the fact that Mac OS X hasn’t come under a single virus attack ‘in the wild,'” David Pogue blogs for The New York Times.
Pogue writes, “But now Apple has changed its tune. Its new TV ads mention the Mac’s viruslessness, and a new marketing e-mail puts it very bluntly indeed: ‘PCs got 114,000 viruses last year. Macs got zero. Get a Mac.'”
“Several readers have written to express their concern that this new marketing tactic is just an invitation to hackers, and that soon the Mac will be just as overrun with viruses and spyware as Windows is,” Pogue writes. “I kind of doubt it, and I’ll tell you why.”
Pogue writes, “Now, I’m sure you’ve heard the old saw, ‘The only reason the Mac has no viruses is that its market share is so small; hackers don’t even bother.’ But since I’m on a myth-busting roll lately, let me bust another one: That’s bunk.”
“If the Mac’s market share is five percent, then shouldn’t it have five percent of the viruses? It ought to have seen 5,700 viruses last year, not zero. Clearly, there’s something else at work here, and I’ll tell you what it is: Mac OS X is simply harder to hack,” Pogue writes.
Full article here.
MacDailyNews Take: It’s nice to see reality reinforced (by someone other than ourselves) every once in a while. Interestingly, Pogue himself fell for the myth back in 2003, but recanted soon after. Our standard “Security Via Obscurity” myth-busting response – featuring David Pogue himself – follows:
Security via Obscurity” is a myth. Mac OS X has zero (0) viruses. For over five years and counting. No Mac OS X users affected outside of a lab with old, non-updated Mac OS versions that they intentionally infected.
The idea that Windows’ morass of security woes exists because more people use Windows and that Macs have no security problems because less people use Macs, is simply not true. Mac OS X is not more secure than Windows because less people use OS X, making it less of a target. By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.
Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.
There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
Still not convinced? Try this one on for size: according to Apple CEO Steve Jobs at WWDC 2006, there are “19 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
[UPDATE: 8/26, 10:29am EDT: Fixed beginning of take to read “once in a while.” Thanks, “Jerkstore.”]
Related articles:
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
USA Today calls iMac G5 ‘exquisite’ but implies Mac OS X more secure than Windows due to obscurity – September 30, 2004
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Q&A Columnist uses ‘security through obscurity’ myth to defend Windows vs. Mac on virus issue – October 04, 2003
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
Go look at the comments section of the article. There are a lot of Windows fan boys touting the security through obscurity myth over there. Go get ’em guys!
I’ll be even more blunt about the obscurity myth.
There has been kind of an X-Prize of notoriety for the first hacker to write a successful virus capable of infecting the Mac community. If you write a windows virus, who cares? If you can write one of the above for the Mac, you will get international headlines!
The Mac is safer because it is DESIGNED that way, period!
I’m on a PowerPC and well…if there was someone who was trying to write a virus for my puter…
they stopped about two weeks ago. Steve is a genius…there’s no way a virus will hit Mac for at least another year…
Reason?
Because 90% of online Macs right now are PowerPCs, which now has NO virus writers (they really stopped about a year ago…). And even if they come up with a Intel Mac virus…Macintels will not have a meaningful market share of Apples for at least another year…and Apple will not have a meaningful market share of computers on the internet for at least another 18 months to two years.
So basically saying…even if you could hack a virus, there is statistically no way to have it propagate in the wild.
Brilliant I tell you.
Gotta windows laptop. Have to run spybot and adaware every day on it, and i pick up spyware and adware even when i use opera or firefox for a couple of hours.
Gotta powermac at home that’s always on and connected to broadband. No problems with any of this crap whatsoever. Period, finito, nicht, nien, nichievo.
Better to be a smug ass mac user than another dumb ass wintel drone.
What about Linux? Have there been any successful viruses for it?
“smugassmacuser”
Sweeeeeeeet.
If Apple is so smug and confident with the security of OS X, it should put up a contest: Start with a $1,000,000 pot when Leopard is released and deduct $1,000 each day that it is virus-free. Whoever writes a successful virus gets what’s left in the pot.
Not by Apple but many others did that already. As high as $25,000 to prove a crack
Let the Windows fanboys keep their machines.
I actually read a post on digg where some idiot said he would rather put up with viruses and malware so he could also have all the hundreds of choices of software available for Win OS’s that were not available for Macs.
And then there were the posts where some fanboys who said they never have had any viruses or malware at all. But then they admit to having at least 5 or more different apps running and constantly scanning their PC’s and visited websites.
This is how a lot of them think. Or rather how they don’t think.
The holy grail for virus writers.
A Universal Binary Mac Virus that uses a Windows exploit to propagate in the wild but infects only Macs.
Actually, I don’t think that would work either.
Remember the guy last year who put his mini on the Web and dared anyone to hack it? He got a lot of takers, but NO ONE succeeded…
Actually someone did.
I’m not lying or trolling either. The “rm my mac” competition resulted in the Mini being compromised.
The “cover” was that Dave Schroder wasn’t “authorized” to perform such a experiment on the Universities computer network. But amongst security channels the exploit was circulated.
see news article here (long url)
site that was hacked:
http://rm-my-mac.wideopenbsd.org/
Notice he mispelled “Lessons”, not a very happy camper.
Actually someone did.
Um, no, Dave Schroder’s experiment, although it was shut down by his University, was not compromised. His out of the box Mac was not invaded or hacked.
The one that was compromised was one in Sweden that you linked… but the guy who posted it gave all challengers the equivalent of local access to the Mac Mini.
He literally opened the door and ushered them in. What the hacker accomplished was privilege escalation. The claim that it was easy to do was debunked (link to an Arstechnica article) about as fast as the hacking took to do.
As to his spelling ability… let’s see how well you spell in Swedish…
Windows free here for 7 years and LOVING IT!
I miss Pluto already.
Karr is just a freak nutcase.
Eggs are good!
“Um, no, Dave Schroder’s experiment, although it was shut down by his University, was not compromised. His out of the box Mac was not invaded or hacked.
Um, yes it was:
http://rm-my-mac.wideopenbsd.org/static_logs.html
I have no reason to believe this was faked as Dave himself presented the challenge himself. I suppose at this point I’m a bit confused and will attempt to contact him directly.
^^^ And yes this was the wisc.edu site NOT the Swedish site:
http://rm-my-mac.wideopenbsd.org/static_idiots.html
Uh, NO it wasn’t.
And NO Your link isn’t the University of Wisconsin website.
Perhaps you should do some research before posting erroneous information… Apparently you are a bit confused or perhaps you think that the University of Wisconsin is in Sweden?
@ the site links you are providing:
“http://rm-my-mac.wideopenbsd.org/static_idiots.html”
is indeed the Swedish site…
The Madison Wisconsin University of Wisconsin web site for the challenge was
“http://test.doit.wisc.edu”
which, unfortunately, is no longer available.
Proof:
U of Wisconsin’s Mac OS X Security Challenge
Badger Herald article -Hacking invite troubles DoIT
In addition your assertion that Dave Schroeder’s OS X Mac was hacked in less than 30 minutes is absolutely wrong. From the University of Wisconsin Badger Herald:
“Barford added that . . . there were no successful attempts over the 38-hour test period . . .”
More Proof:
Information Week article – Hack-My-Mac Challenge Leaves System Shipshape
“A university (of Wisconsin) systems engineer who said a Swedish hack-my-Mac contest was too easy closed down his own challenge Tuesday, saying that even after 4,000 log-in attempts and two denial-of-service attacks, his Mac mini remained untouched.”
Swordmaker – </i>”Perhaps you should do some research before posting erroneous information… Apparently you are a bit confused or perhaps you think that the University of Wisconsin is in Sweden?”</i>
Intentional erroneous information? NEVER. Confusion over sites – YES. I read your provided links and have been *duly* sorted out on the matter.
” width=”19″ height=”19″ alt=”zipper” style=”border:0;” />
Great… glad to be of service.
“At present Macs are free of viruses, principally because they have greater security in the operating system”
Apple certainly makes this claim, but that is not what the statistics show us. Apple OS X was the first OS hacked into two years running at CANSEC West and if you look at any of several security tracking sites Vista has had far less bugs/exploits than OS X. The first OS X virus was reported in January of 2006. Apple is also much slower to issue critical security patches to their users than Microsoft is. Again this is more a discussion of OSes and not one of Hardware it is possible to run BSD or Linux on a PC to gain greater security than OS X or Windows and avoid the higher ‘premium’ cost of Apple.