Apple Macs are far more secure than Windows PCs

“As part of its current ad campaign, Apple suggests that Macs aren’t vulnerable to the same Internet security problems PCs are,” Todd Spangler writes for Baseline Magazine.

“But according to a new study by security vendor Symantec, the number of vulnerabilities identified in Apple’s Safari browser in the first half of 2006 doubled over the prior six months—and it increased its window of exposure to Net-based exploits from zero days to five,” Spangler writes.

Spangler writes, “Microsoft’s Internet Explorer browser still has a longer window of exposure—the time between when code exploiting a vulnerability appears and when a fix is available—and a greater total number of security holes. But Apple ‘is headed in the opposite direction’ with respect to its browser’s vulnerability to Internet-based threats, says Dave Cole, director of Symantec’s Security Response team.”

Spangler writes, “Apple’s marketing campaign implies Macs are not vulnerable to the same kinds of Internet security threats that Windows PCs are. In a recent Apple TV ad, an actor playing the Mac character says to the PC character: ‘I run Mac OS X, so I don’t have to worry about your spyware and viruses.’

Spangler writes, “Symantec’s Cole says it’s a fallacy to claim that any Web browser is inherently safer than another. ‘The reality is, Apple has lower market share’ than Windows PC makers, he says. ‘Attackers are driven by money, so they go after the bigger market. If you have lower market share, you’re not more secure—you’re just less interesting [to a hacker].'”

Full article here.

[Thanks to MacDailyNews Reader “Stormy” for the heads up.]

MacDailyNews Take: Ooh, we’re shaking with fear. Let us know when Macs are hit with spyware or viruses in the wild, okay? Until then, we’re not buying what Symantec et al are peddling. While smaller market share is no doubt yet another advantage for Mac security, Mac OS X is inherently more secure than Windows. With 20+ million Macs in the world, why has there been no single successful Mac OS X virus in 5+ years? Shouldn’t there be a few or at least one?

Remember, do not download, authorize, and install things on your Mac from untrusted websites.

By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.

Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.

There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.

Still not convinced? Try this one on for size: according to Apple CEO Steve Jobs at WWDC, there are “19 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.

Related articles:
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Oxymoron: Microsoft security – August 12, 2006
With exploits in wild, Microsoft Windows braces for yet another critical worm attack – August 11, 2006
Microsoft’s oft-delayed, much-pared-down Windows Vista hacked at Black Hat – August 07, 2006
Ballmer analyzes Microsoft’s One Big Mistake, Vista… er, ‘One Big’ Vista Mistake – August 02, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
What Microsoft has chopped from Windows Vista, and when – June 27, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005

Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005

36 Comments

  1. Oh Lord, not “Symantec says…”, again. Haven’t we learned not to learn from Symantec yet?

    And, is anybody really saying that Macs are totally invulnerable, without any possibility of any viruses (in the future)? Is anybody really saying that? I don’t hear anyone saying that. If Macs are going to become targets by virtue of market share, then lets get there first, then start worrying about viruses that may or may not take advantage of vulnerabilities. And that’s assuming Apple, for some crazy reason, stops releasing security updates.

    No, I’ve got to believe that this kind of rhetoric is ulteriorally motivated.

  2. Symantec is shooting themselves in the foot. In a feeble attempt at spreading FUD – fear, uncertainty and doubt – they are proving themselves to be an unreliable source of real data. The “obscurity myth” is old, dead and buried, and for a company that should be actually looking to real vulnerabilities to spew rumors and falsehoods as facts totally underlies ANY credibility they may have.

    I also have issue with BaseLineMag.org for using an obviously biased company as a source of factual information.

    Aren’t there ANY REAL JOURNALISTS out there any more?!!!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.